3.3 KiB
3.3 KiB
Plan: Migrate LXC Containers to Incus (COMPLETED)
Summary
✅ All containers migrated from LXD (pragmatismo.com.br) to Incus (63.141.255.9) ✅ All data synced from host /opt/gbo/tenants/ to containers ✅ All binaries copied from source to containers ✅ All services configured and running
Container & Service Status
| Container | Service | Status |
|---|---|---|
| dns | coredns | ✅ RUNNING |
| stalwart-mail | ✅ RUNNING | |
| webmail | php built-in server (:5252) | ✅ RUNNING |
| alm | forgejo | ✅ RUNNING |
| drive | minio | ✅ RUNNING |
| tables | postgresql | ✅ RUNNING |
| system | botserver | ✅ RUNNING |
Service Files Location
All service files in /etc/systemd/system/ inside containers:
dns.service- coredns (User=root)email.service- stalwart-mail (User=root)alm.service- forgejo (User=alm, Group=alm)minio.service- minio (User=root)
Binary Locations
| Service | Binary Path |
|---|---|
| coredns | /opt/gbo/bin/coredns |
| stalwart | /opt/gbo/bin/stalwart |
| forgejo | /opt/gbo/bin/forgejo |
| minio | /usr/local/bin/minio |
Key Paths Inside Containers
- Binaries: /opt/gbo/bin/
- Data: /opt/gbo/data/
- Config: /opt/gbo/conf/
- Logs: /opt/gbo/logs/
IPS (Destination)
-
dns: 10.107.115.155
-
email: 10.107.115.200
-
webmail: 10.107.115.208
-
alm: 10.107.115.4
-
drive: 10.107.115.114
-
tables: 10.107.115.33
-
system: 10.107.115.229
-
alm-ci: 10.107.115.190
-
table-editor: 10.107.115.73
Port Forwarding (iptables NAT)
# DNS
sudo iptables -t nat -A PREROUTING -p tcp --dport 53 -j DNAT --to-destination 10.107.115.155:53
sudo iptables -t nat -A PREROUTING -p udp --dport 53 -j DNAT --to-destination 10.107.115.155:53
# Email
sudo iptables -t nat -A PREROUTING -p tcp --dport 25 -j DNAT --to-destination 10.107.115.200:25
sudo iptables -t nat -A PREROUTING -p tcp --dport 587 -j DNAT --to-destination 10.107.115.200:587
sudo iptables -t nat -A PREROUTING -p tcp --dport 465 -j DNAT --to-destination 10.107.115.200:465
sudo iptables -t nat -A PREROUTING -p tcp --dport 143 -j DNAT --to-destination 10.107.115.200:143
sudo iptables -t nat -A PREROUTING -p tcp --dport 993 -j DNAT --to-destination 10.107.115.200:993
sudo iptables -t nat -A PREROUTING -p tcp --dport 110 -j DNAT --to-destination 10.107.115.200:110
sudo iptables -t nat -A PREROUTING -p tcp --dport 995 -j DNAT --to-destination 10.107.115.200:995
sudo iptables -t nat -A PREROUTING -p tcp --dport 4190 -j DNAT --to-destination 10.107.115.200:4190
# Webmail
sudo iptables -t nat -A PREROUTING -p tcp --dport 5252 -j DNAT --to-destination 10.107.115.208:5252
# ALM (forgejo)
sudo iptables -t nat -A PREROUTING -p tcp --dport 4747 -j DNAT --to-destination 10.107.115.4:4747
# Caddy (80, 443) - already exists for proxy container
Workflow (PRODUCTION TESTED)
- Copy container:
incus copy --instance-only lxd-source:<source> <dest> - Add eth0 network:
incus config device add <c> eth0 nic name=eth0 network=PROD-GBO - Sync data:
incus file push --recursive /opt/gbo/tenants/pragmatismo/<container>/ <container>/opt/gbo/ - Copy binaries: from source via
lxc file pull→ scp to dest →incus file push - Create service file:
cat > /tmp/<svc>.service && incus file push <svc>.service <c>/etc/systemd/system/ - Enable/start:
incus exec <c> -- systemctl enable <svc> && systemctl start <svc>