I am currently hosting on AWS on Debian 10 which is EOL next month. I am looking to see if there are any details I need to know before upgrading to Debian 13 Trixie. Can I run the Trixie upgrade on the server and then upgrade Virtualmin? Or is there another order or process I should follow.
Thank you for the amazing FOSS software. My server uptime has been over a year hosting several websites on wordpress, etc. and I have barely had to login.
Debian 10 has been EOL since June last year!
You’d need to upgrade through 11 and 12 (but wait a bit for 13 as it’s not supported by Virtualmin yet).
Also in Debian 13, Dovecot has some major changes that will need some manual intervention I assume.
The upgraded to 11 and 12 should be smooth though, but make sure to backup between upgrades.
Currently, there’s a bug in Debian 13 packaging that prevents the simultaneous installation of firewalld and cloud-init packages.
Running the Virtualmin installer on an EC2 instance will remove cloud-init. It isn’t our fault, and while this may not be a significant issue, it’s important to be aware of it.
I have a personal instance in AWS running Debian 13 without either firewalld or fail2ban at all. I opted for cloud-init, and just use SG instead.
For business purposes, I would currently choose the official Rocky 10 image in AWS. That said, note that the upcoming Virtualmin 8 will have proper support for Rocky 10, but right now it’s only supported in RC repositories.
From how I read it is not a Debian bug. They marked cloud-init as conflicting with firewalld, as it can cause a systemd loop problem. Debian bug report:
Where a firewalld can get killed at startup to proceed. I ran into it on Debian 11:
On Hetzner, where I am, I can just remove cloud-init as it is only used at first boot to install SSH keys, etc. From what I read AWS needs cloud-init installed and the best option is to use the Security Groups external firewall.