Migrating from NS7 and IPFire to NS8 and NS8 Security with Let's Encrypt

Shadowfire · May 27, 2024, 9:13pm

NethServer Version: 7.9.2009 (final)
Module: Lets Encrypt

I have been testing out NS8 and now NS8 Security. I would like to make a move soon to NS8 Security and NS8.

To get a better idea on how to migrate my current setup of firewall - IPFire and NS7 with Lets Encrypt. I am interested in moving to NS8 Security from IPFire.

I am also going to move to NS8. Right now my Lets Encrypt is handle on NS7.

I have noticed that NS8 Security and NS8 both handle and have Let’s Encrypt baked in to them.

What is the best method for no interruption to move Let’s Encrypt with what I have running. (IPFire, Webtop, Website, MeshCentral, Nextcloud, and FreePBX)

Would Lets Encrypt run on both the NS8 and NS8 Security, or just NS8 Security that would cover NS8?

Does the Lets Encrypt running on NS8 Security and NS8 link the Let’s Encrypt or do their own things separate?

Do they have own separate functions on both platforms? How has it been made to work? How does it work? How should I be setting up Let’s Encrypt up with both NS8 Security and NS8.?

@giacomo @mrmarkuz @oneitonitram @Andy_Wismer @michelandre

Feel free to expand. I am all about hearing others experience and possibilities. Would love to hear from everyone who has input.

Thanks,
-SF-

oneitonitram · May 28, 2024, 5:41am

Hello @Shadowfire.
SInce Nethsecurity and Nethserver 8 are 2 separate systems on 2 separate boxes, each handling a different set of functions, Letsencrypt should not be an issue.

Your firewall will handle its own LE, for components required by it.
Equally NS8 will handle LE for what it requires.

Migrating Webtop, Nextcloud, will be possible easily. for Meshcentral, @mrmarkuz has mentioned he would be working on a migration, but if you’re not managing way too many agents, i would suggesting adding them afresh manually.

As with FreePBX > Nethvoice, I am not sure there is a direct Migration path for FreePbx from ns7 to Nethsecurity in NS8, I am aware there is a migration from Nethvoice in NS7 to Nethvoice in NS8. Nethvoice should be in Release candidate Now, and following the github projects, i think most headache functions that might, or would require manual works have been worked on, however, if you still have time, you can wait for RC2, but mainly if you will need moving /cloning NV instances

Though not yet Announced yet, there might be a user limit on the community edition of Nethvoice(am not sure which subscription would be required) just a thing to Note

For Web, I am not sure if there is a migration for that, However i believe as a Sy admin, it would be wise to do a fresh manual migration of the websites and the databases you are hosting on Ns7.

Once you have your migrations completed, you can then point the DNS records to the new servers and request SSL certs

Shadowfire · May 28, 2024, 6:43am

Another possibility is I could moving to NS8 Security first and stay with NS7 till I am comfortable to move it to NS8 as I get my migration for it adjusted a little better.

I believe migrating webtop, nextcloud will be simple. I will probably do the website manual. I have been looking at the website / wordpress posts for ns8 and I have not found the the walk though /directions on setup repo and/or installing from software center in ns8. Maybe you can point me posts for website / wordpress install for ns8. In the mean time I will keep searching the forums for ns8 website / wordpress install walk through.

I am hoping I can do a manual copy of meshcental to dock data folder. Unless @mrmarkuz gets the migration do before I migrate ns7. Either way… it should be interesting.

I believe your correct on point dns records and then doing a request for ssl certs.

Nethvoice limits? subscription??? Where can I find the specs, community limitations, and subscription for Nethvoice. Will there not be a alternative to Nethvoice? I don’t want to have it running on another setup, VM or box, but I guess I will if I have too.

Thank you for expanding on my questions and your rundown of this possible strategy and other thoughts. I appreciate it.

-SF-

oneitonitram · May 28, 2024, 7:36am

there is a wp app in the software center, also we have people who have deployed wp using the webserver module

Shadowfire · May 28, 2024, 9:10am

Interesting… I wasn’t able to see it in the list. I had to search for it. Then it showed up.