Updates portal, patching, new customer

New Customer Setup Notes - GovCloud.md

@@ -612,12 +612,16 @@ and reapply 02-msoc_vpc. This should update salt master and repo. You can use --
 
 See any Cloudwatch REJECT logs?
 
-Ensure the eni is correct for PROD salt-master. 
+Ensure the eni is correct for PROD salt-master. Adjust src_ip for customer.
  ```
- index=* eni-017d2e433b9f821d8 REJECT sourcetype="aws:cloudwatchlogs:vpcflow" 4506 src_ip=52.*
+index=app_aws_flowlogs sourcetype="aws:cloudwatchlogs:vpcflow" vpcflow_action=REJECT eni-017d2e433b9f821d8 4506 src_ip=52.*
 |  timechart span=1d count by src_ip
 ```
 
+```
+index=app_aws_flowlogs eni-017d2e433b9f821d8 dest_port IN (4505,4506) |  timechart count by src_ip
+```
+
 
 ## Is there going to be POP/LCP nodes? 
 

Patching Notes.md

@@ -702,11 +702,17 @@ NGA had a hard time getting 3 checkmarks The CM was waiting on stuck buckets. Fo
 
 
 #### Verify you got everything
+
+Run this on legacy and GC salt master
+
 ```
 salt '*' cmd.run 'uptime | grep days'
-salt \* cmd.run 'uptime'
 ```
 
-##### :warning: *MAKE SURE the Sensu checks are not silenced. *
+:warning: *MAKE SURE the Sensu checks are not silenced. *
 
+Post in Slack
 
+```
+Patching is done for this month.
+```

Portal Notes.md

@@ -17,6 +17,7 @@ salt 'ip-10*' cmd.run 'docker restart portal'
 ## Deploy Process
 
 ```
+salt customer* cmd.run
 salt 'ip-10*' test.ping
 salt 'ip-10*' cmd.run 'docker images'
 salt 'ip-10*' cmd.run 'docker container ls'
@@ -95,10 +96,11 @@ curl --header "X-Vault-Token: $token" https://vault.pvt.xdrtest.accenturefederal
 ## Admin access
 
 After attempting to login to the site, run this command to get admin access.
+
 `python3 manage.py promote richard.t.page@accenturefederal.com`
 `python3 manage.py promote brad.poulton@accenturefederal.com`
 
-Your IP must be whitelisted!
+Your IP must be whitelisted to access the admin site!
 https://portal.xdrtest.accenturefederalcyber.com/admin
 
 TEST LB ACCESS
@@ -136,6 +138,8 @@ docker logs -f nginx
 Portal
 
 startup.log
+I assume the logs going to splunk are the stdout. 
+
 
 ```
 salt 'ip-10*' cmd.run 'docker container ls'
@@ -196,16 +200,59 @@ Changes to the parameters require restarting the container.
 # Migrating to GovCloud
 
 ## 2. Database Dump
-on legacy portal server
+on legacy portal server ip-10-81-8-205
+
+```
 curl https://s3.amazonaws.com/rds-downloads/rds-ca-2019-root.pem -o root.crt
 mkdir .postgresql
 mv root.crt .postgresql
-# Have to install pg11 from the official postgres repositories, but we'll remove it when we're done
-sudo yum install https://download.postgresql.org/pub/repos/yum/11/redhat/rhel-7-x86_64/pgdg-redhat-repo-latest.noarch.rpm
+# Have to install pg10 from the official postgres repositories, but we'll remove it when we're done
+sudo yum install https://download.postgresql.org/pub/repos/yum/10/redhat/rhel-7-x86_64/pgdg-redhat-repo-latest.noarch.rpm
 sudo yum install postgresql11
 # yes, yes, yes
-pg_dump postgresql://jira@jira2.csskgjc1suov.us-east-1.rds.amazonaws.com:5432/jira?sslmode=verify-full | gzip > backup.psql.gz
-# Enter password which you got from /opt/jira-data/jira/dbconfig.xml
+pg_dump postgresql://root-e26bbf10-ee24-2d05-97b7-47c54d9224a1@customerportal.csskgjc1suov.us-east-1.rds.amazonaws.com:5432/customerportal?sslmode=verify-full | gzip > backup.psql.gz
+# Enter password which you got from Vault - portal/env/POSTGRES_PASSWORD
+```
 
 ## Restore the database
 
+NOTE: New DB URL: customerportal.csqclvntmsrg.us-gov-east-1.rds.amazonaws.com
+
+```
+scp prod-ip-10-81-8-205:backup.psql.gz ./restore.psql.gz
+scp restore.psql.gz gc-prod-customer-portal-26a:
+ssh gc-prod-customer-portal-26a
+# NOTE: This url is different from above, as there's a differnet cert needed
+curl https://s3.us-gov-west-1.amazonaws.com/rds-downloads/rds-ca-us-gov-east-1-2017-root.pem -o root.crt
+mkdir .postgresql
+mv root.crt .postgresql
+# Have to install pg10 from the official postgres repositories, but we'll remove it when we're done
+sudo yum install https://download.postgresql.org/pub/repos/yum/10/redhat/rhel-7-x86_64/pgdg-redhat-repo-latest.noarch.rpm
+sudo yum install postgresql10
+# create user
+CREATE USER root-e26bbf10-ee24-2d05-97b7-47c54d9224a1 WITH PASSWORD '<see-vault>';
+GRANT ALL PRIVILEGES ON DATABASE customerportal TO root-e26bbf10-ee24-2d05-97b7-47c54d9224a1;
+zcat restore.psql.gz | psql --set ON_ERROR_STOP=on --single-transaction postgresql://portal@customerportal.csqclvntmsrg.us-gov-east-1.rds.amazonaws.com:5432/customerportal?sslmode=verify-full
+# No errors the first time, wtf?
+```
+
+To restore a second time:
+```
+echo 'DROP DATABASE customerportal;' | psql postgresql://portal@customerportal.csqclvntmsrg.us-gov-east-1.rds.amazonaws.com:5432/postgres?sslmode=verify-full
+echo 'CREATE DATABASE customerportal;' | psql postgresql://portal@customerportal.csqclvntmsrg.us-gov-east-1.rds.amazonaws.com:5432/postgres?sslmode=verify-full
+psql postgresql://portal@customerportal.csqclvntmsrg.us-gov-east-1.rds.amazonaws.com:5432/postgres?sslmode=verify-full
+CREATE ROLE "root-e26bbf10-ee24-2d05-97b7-47c54d9224a1";
+DROP ROLE "root-e26bbf10-ee24-2d05-97b7-47c54d9224a1";
+\du
+\q
+
+# the root-e26bbf10-ee24-2d05-97b7-47c54d9224a1 user is not really needed lets switch it to the portal user. 
+find and replace root-e26bbf10-ee24-2d05-97b7-47c54d9224a1 to portal
+
+
+
+
+echo 'DROP DATABASE jira' | psql postgresql://jira@jira2.csqclvntmsrg.us-gov-east-1.rds.amazonaws.com:5432/postgres?sslmode=verify-full
+echo 'CREATE DATABASE jira' | psql postgresql://jira@jira2.csqclvntmsrg.us-gov-east-1.rds.amazonaws.com:5432/postgres?sslmode=verify-full
+zcat restore.psql.gz | psql --set ON_ERROR_STOP=on --single-transaction postgresql://jira@jira2.csqclvntmsrg.us-gov-east-1.rds.amazonaws.com:5432/jira?sslmode=verify-full
+```