Delete a server

A server is deleted (decommissioned) either when a service is moving to a new server (create the new server, first), or when a service is being retired.

As with other deployment tasks, do the setup tasks before the steps below.

1. Notify relevant users of the change

2. If the server has PostgreSQL or MySQL backups, use pg_dump or mysqldump, and manually upload a final backup to the root of the S3 bucket

   Important

   Delete any lifecycle rule, otherwise the backup will be deleted!

3. Remove all occurrences of the server’s FQDN and IP address from this repository

4. Remove the DNS records whose names match the server’s FQDN (A, AAAA)

5. Remove the server’s root password from LastPass

6. Shutdown the server via the host’s interface

If the service is being retired:

1. Remove it from salt/prometheus/files/conf-prometheus.yml, and deploy the Prometheus service

2. Remove its configuration from this repository

3. Remove its DNS records

4. Remove its error monitor from Sentry, if used

5. Remove its web analytics from Fathom Analytics, if used

6. Remove its resources from Amazon Web Services, if used

7. Remove its project from Google Cloud Platform, if used

8. Archive its repository on GitHub, if any

9. Archive its row in the Health of software products and services spreadsheet

Finally (wait two weeks to be sure files were migrated):

1. Securely erase data:

   1. Activate the recovery system

   2. Connect to the server

   3. Open a session in tmux. Install tmux, if needed:

      apt install tmux
      

   4. Securely erase data from the relevant device(s), for example:

      shred -z -n 1 -v /dev/sda
      

2. Cancel the server via the host’s interface