1

In my attempt to replace a Linux server that was set up a few years ago I realised that nobody knows exactly what was installed/configured since. The only thing I have in git is the nginx sites definitions.

What options do I have to compare a running server with a clean installation?

I'd like to use Ansible for versioned configuration management but before that I need to get information regarding services installed and their configuration files, firewall rules, users/groups, ssh keys, domains setup, etc, I don't even know what to think of. I can see a /data folder so this is simple but it holds www data, elasticsearch data, and nodejs apps, which means there is a node installed, pm2 and elasticsearch. I found traces of a Jenkins installation but it is not running. I can see a fail2ban service so this needs to be moved as well.

Is there a way to see in a glimpse what has changed since the initial setup? I'd like to replace this Ubuntu 14.04 with a clean 16.04 using Ansible playbooks to avoid this kind of chaos, maybe dockerize some services as well, while preserving current functionality.

bosch
  • 175
  • 6
  • 2
    As stated in the answer below start from a clean state. I would rather look with `ps` and `netstat` what is actually running on the system than trying to figure out what has been done on the system in the past. Otherwise you might just end up with a chaos translated to Ansible. – Henrik Pingel Jun 01 '17 at 08:23

2 Answers2

1

First and foremost: I recommend starting from a clean slate.

Identify the services still in use from the logs or from user interviews, isolate their configuration and set them up on a new box.

Don't waste your time on digging out this box's history.

Adressing your question in more detail:

You may gain some information about what was changed on your system from your logs, but the information is certainly incomplete.

Depending on how the box was set up, root's .bash_history, /var/log/apt.log, and /var/log/audit/audit.log might help, but they can only provide clues not give you complete insight.

dpkg -V will give you an idea which system packages' config files were changed.

fuero
  • 9,413
  • 1
  • 35
  • 40
1

If both old and new system use package managers, take their output and compare them. This way you will see what additional packages are on the old server.

However, if there are any software installed, which are not installed via package managers, then you need to do filesystem level compare of contents.

There you mount both the old filesystem and clean install filesystem on the same server and then run diff -b command to show the differences in directories. This will generate a lot of output.

Tero Kilkanen
  • 34,499
  • 3
  • 38
  • 58