Migrating home server

I recently got a Sun Ultra 10. Nice box; SPARC (of course), 333Mhz. 128MB RAM, IDE disk of (currently) 9G. I'm planning on using it to replace my server, currently a Pentium I at 133Mhz with 64MB RAM and about 3G of disk space, which is getting more and more resource-starved on all fronts (memory, hard disk space, CPU cycles).

I've installed sarge on it a few days ago. Noticed that you can't have too many ext3 partitions on sparc if you don't like too many Oopses, so it's all running on one partition now—and happily so. Right now, I'm slowly migrating services from folk (the old server) to western (the sparc). That isn't as easy as it used to be;on previous server upgrades, I just put the disk in the new box, compiled a new kernel, and let the damn thing do its job. Doing so obviously doesn't work when you're upgrading cross-architecture. Also, since the old box runs woody, I can't just copy configuration files over and be done with it; that will probably break.

Anyway. Have been migrated as of yet:

• LDAP. Which was (mostly) easy; copy some statements from one configuration file to another, create an LDIF file from the live data, import that on western. The hard part was when I noticed that Perl's NET::LDAP has issues on sparc, to the point where it didn't work for me; so my password-synchronization script broke. Rewrote the script in C, which gave me an opportunity to learn the C LDAP API (which is quite easy, actually).
• DNS. Even easier; add the zones to the new host's named.conf as slaves, add NS records for the new server, and let DNS synchronization magic do its job. There, done.
• Squid. That one was a bit harder; requires you to read a 100k+ file, and compare it to the one you already have configured. Happily not too many options changed significantly since woody was released, but reading the file takes time none the less.

Still to do are:

• Samba. There are a bunch of Windows boxen in this network, and the server runs as a domain controller for them. Need to refresh my knowledge about Samba; last time I wrote any decent smb.conf was when potato was still stable. That's ages, and I didn't touch its configuration since. Obviously, however, samba has changed a lot since, and as I'd like to plug it into LDAP and add some PAM magic to keep passwords synchronized a bit (don't have that right now), I'll have to read up on some documentation. The fact that I can't have two domain controllers on the same network (to have one for testing purposes, and a "live" one) doesn't really help either.
• Mail. Going to be a bitch, that one; my mail setup is fairly complex, so I'll need to be very careful not to lose stuff. Also, there are a few configuration changes which have been pending for a while (such as SMTP AUTH to the smarthost, and me wanting to move mailman to a host off my LAN and more onto the 'net, among some others). I'll also have to find a solution for the (non-free) f-prot I'm currently running on that box – there's no SPARC version. I assume clamav will do nicely, but it didn't exist yet when I first installed that f-prot.
• Firewalling. Should be fairly straighforward, since it's nothing more than a script I wrote myself, which calls iptables and tc directly, among some other stuff.
• moving IPv6 tunnels, radvd, and DHCP. This has problems similar to the Samba stuff; I don't want two servers to fight over who gets to give out IP addresses.
• Data migration. Can't happen before the new samba and mail are in place, and should ideally happen on the very last moment.
• Hardware. There's a ISA SCSI controller with a tape streamer in folk; and as it also functions as my gateway, it has two network interfaces, of which one is ISA, too. Need to move the PCI NIC to western, need to dig up my PCI SCSI controller (which is probably lying under a pile of junk), and put that one in western as well. With the tape streamer, of course. Ideally, I'd like to fix myself a third NIC, so that I can put the WiFi network on eth2 and firewall mostly everything away there. Will need to go by a shop for that one.

It's scary how many services have accumulated on folk over the years. Maybe I should also get myself a separate firewall, on a Mini-ITX or something similar. At least I think I can safely hope there's nothing missing in the migration plan... or is there? Hmm.