I messed up with the autoinstall script for Debian 11. I am planing to migrate from an old machine to a new machine. The old machine uses certbot and the migration tool documentation states that if the old machine uses certbot then the new machine needs to use certbot. When I did the autoinstall I left out --use-certbot. My bad. How to redo autoinstall on a machine that already has ispconfig. When I tried, got the following error that stops the autoinstall. Code: WARNING! This script will reconfigure your complete server! It should be run on a freshly installed server and all current configuration that you have done will most likely be lost! Type 'yes' if you really want to continue: yes [INFO] Starting perfect server setup for Debian GNU/Linux 11 (bullseye) [ERROR] The server already has ISPConfig installed. Aborting. (/lib/os/class.ISPConfigDebianOS.inc.php:1242) [INFO] Warning: Please delete the log files in /tmp/ispconfig-ai/var/log/setup-* once you don't need them anymore because they contain your passwords! Is there a force option?
If the installer ran with a failure during the install process / completed successfully and you want to run it again, you'll have to completely reinstall the OS. Another option is to manually purge acme.sh completely and install certbot manually. But this will require knowledge about all files involved.
Oh noooooo! It is a real hassle to install Debian 11 on raid 1. Oh nooooo! I am assuming acme.sh is a single bash script that can be deleted. I can install certbot manually using apt-get. Is there some other files that links certbot with ispconfig? Or there are much more files that I have to be concerned with? As you can see, I am really trying not to re-install debian. If this was centos or rocky then re-install would be so easy. Hope you can give some advice.
It's more than just deleting that one script. I'd recommend you to rethink your setup. Better to set up a virtualized server on top of your OS on that server with RAID1. Also, not sure why installing Debian 11 on RAID 1 was so much work, I never really had a trouble with it. Do you have a hardware RAID card?
is it really that difficult to re-run an autoinstall? surely most of the setup is (or should be) idempotent. if a wrong choice for something, like certbot and acme.sh, or amavisd and rspamd, is made. removing and purging the unwanted option, and re-running the auto-installer should really be an option. obviously, some things, like mysql already being installed, with root passwords configured for it, are going to be complications, but it should be reasonably simple to check / ask about that. all that should really block a re-install is removing (or overwriting) the dbispconfig database, and removing everything from /usr/local/ispconfig first.
What you can try to do is that you remove acme.sh incl. the acme.sh certificte, install certbot using snap as described on certbot website (but do not create a cert), then run an ispconfig update with --force option and let ISPConfig create a new SSL cert during update.
Not using hardware raid.. Using mdadm. Using uefi not bios. Here is the wiki at Debian that says it does not support that kind of installation. https://wiki.debian.org/UEFI#RAID_for_the_EFI_System_Partition But it could be an old wiki. Any I tried many times with the installer but all failed when set to raid. If not raid it will work. Here is the solution I used. https://unix.stackexchange.com/questions/644108/raid-1-of-boot-efi-partition-on-debian
debian on software raid shouldn't be difficult... it's simple enough to do on ubuntu... https://www.servers.com/support/kno...on/how-to-install-ubuntu-with-software-raid-1 i've not tried it on debian itself, but ubuntu is debian based, so there shouldn't be much difference, if any, to the process.
This looks like a bios boot and not uefi. The problem is with uefi on raid. Anyway I will try again and report back.
Just reporting back. I tried doing the install with Debian 11 with software raid 1 and it still does not work.
The above looks very complicated. Anyway I will do more testing with the following solution. https://unix.stackexchange.com/questions/644108/raid-1-of-boot-efi-partition-on-debian
This means that we need to check for every service if it has been configured or not and if so, skip the configuring. It will be very hard to implement that in a reliable way.
Reporting back on the Debian 11 on software raid 1. Used the above solution and did the following test. 1. After sync was done, shutdown server. 2. Remove /dev/sda drive. 3. Started computer and it boots up fine. 4. Shutdown computer and remove /dev/sdb drive 5. Started computer and it boots up fine. 6. Shutdown computer and insert back both drives. 7. Started computer and add drive back to the drive array. All good. 8. Installed another kernel to simulate an update of kernel. Used the following documentation. https://www.linuxcapable.com/how-to-install-latest-linux-kernel-on-debian-linux/ 9. Reboot computer and it boots up fine. 10. Did the same remove drive test and all good. So I am concluding the above solution works. Let me know if any other test should be done.
i don't think it would be that much... if the obvious either/or options, ie nginx/apache, certbot/acme.sh, amavisd/rspamd are left to the person choosing the install options... who would be responsible for ensuring any previously installed wrong choice is removed/purged, that should really only leave mysql to be dealt with.. which would be required since it wouldn't have access without the existing password. any other services, the installation/configuration really should be idempotent, so an attempt to re-install/reconfigure eg php, jailkit, postfix etc should really not leave it in any different state than it is already.
I have done quite some development for the autoinstaller and use it on a daily basis. Rerunning it causes all kinds of troubles because some configs are appended and get options set twice, some changes will fail, of course there is MySQL as well, and if you run it first for acme.sh and then for certbot, we would need to purge the first and install the latter... that goes for all applications. Even if we made an effort to build such a thing, it would not be reliable enough. Reinstalling the OS is usually done in minutes...
PS: @nhybgtvfr you would surely be able to purge the correct packages manually and then rerun it, but the tool needs to be fool proof
yeah, i know.. i've not looked at the code for the auto-installer.. so no idea how simple/complicated it already is.. just trying to think of ways to make it easier for newcomers... they're probably more inclined to try re-running the install script first before going with a wipe it all out and reinstall the os / create a new vps. was also just thinking maybe creating the installer as an ansible script might make it a bit more idempotent/re-usable, but then someone who can install and use ansible probably already knows enough to fix a broken install anyway...
