← 07. Operations Runbook09. Test Site: node20.v4.sohophp.app →返回首页
源文件:08-fast-migration-checklist.md

# 08. Fast Migration Checklist

This is the shortest practical checklist for moving the Node CI/CD toolkit to a new VPS.

# A. Install base packages


sudo dnf install -y nginx certbot rsync policycoreutils-python-utils curl jq git unzip tar

# B. Create users/groups

Adjust as needed for your host policy, but keep the same role model:

  • user: git
  • user: cicd
  • group: webread
  • group: webwrite

Make sure the runtime web server can read deployed code.

# C. Install fnm for git


sudo -u git bash -lc '


  export FNM_DIR="$HOME/.local/share/fnm"


  mkdir -p "$FNM_DIR"


  curl -fsSL https://github.com/Schniz/fnm/releases/download/v1.39.0/fnm-linux.zip -o /tmp/fnm-linux.zip


  rm -rf /tmp/fnm-unpack && mkdir -p /tmp/fnm-unpack


  unzip -oq /tmp/fnm-linux.zip -d /tmp/fnm-unpack


  install -m 0755 /tmp/fnm-unpack/fnm "$FNM_DIR/fnm"


  eval "$("$FNM_DIR/fnm" env --shell bash)"


  "$FNM_DIR/fnm" install 18


  "$FNM_DIR/fnm" install 20


  "$FNM_DIR/fnm" install 22


'

# D. Copy toolkit bundle and extract


scp node-cicd-toolkit.tar.gz root@NEW_HOST:/usr/local/share/


ssh root@NEW_HOST 'cd /usr/local/share && tar -xzf node-cicd-toolkit.tar.gz'

Or if the bundle is already on the target:


cd /usr/local/share


sudo tar -xzf /path/to/node-cicd-toolkit.tar.gz

# E. Install exported files into live paths


sudo install -o root -g root -m 0755 /usr/local/share/node-cicd/scripts/* /usr/local/bin/


sudo install -o root -g root -m 0644 /usr/local/share/node-cicd/templates/node-site@.service /etc/systemd/system/node-site@.service


sudo install -o root -g root -m 0644 /usr/local/share/node-cicd/templates/node-proxy-common.conf /etc/nginx/snippets/node-proxy-common.conf


sudo install -o root -g root -m 0440 /usr/local/share/node-cicd/templates/cicd-web-deploy.sudoers /etc/sudoers.d/cicd-web-deploy

# F. Validate installation


sudo bash -n /usr/local/bin/create-node-site


sudo bash -n /usr/local/bin/deploy-node-release


sudo bash -n /usr/local/bin/cicd-deploy-node-site


sudo bash -n /usr/local/bin/init-node-shared-env


sudo systemd-analyze verify /etc/systemd/system/node-site@.service


sudo nginx -t


sudo visudo -c

# G. Prepare one test repo and site


sudo mkdir -p /srv/git


sudo chown git:git /srv/git


sudo -u git git clone <repo-url> /srv/git/<domain>





sudo create-node-site --domain <domain> --node-version 22 --issue-cert --email ops@example.com


sudo init-node-shared-env --domain <domain> --file .env.local --set APP_SECRET=change-me


sudo cicd-deploy-node-site --domain <domain>

# H. Final smoke test


sudo systemctl status node-site@<domain>.service --no-pager


curl -fsS http://127.0.0.1:<port>/healthz


curl -fsS https://<domain>/healthz

# Stop conditions

Do not migrate production domains yet if any of these fail:

  • visudo -c
  • nginx -t
  • systemd-analyze verify
  • local healthz
  • public HTTPS healthz
目录