Changes

Page history
Update Restore instance with backup authored by Daniel Palomar's avatar Daniel Palomar
Hide whitespace changes
Inline Side-by-side
Restore-instance-with-backup.md
View page @ 571dac53
We are using the [`backups_role`](https://github.com/coopdevs/backups_role/) to manage the backups in the OC instances. This role use Backblaze (B2) and Restic to encrypt and upload the backup.
We are using the [`backups_role`](https://github.com/coopdevs/backups_role/) to manage the backups in the OC instances. This role uses Backblaze (B2) and Restic to encrypt and upload the backup.
We must follow the next steps to restore a backup:
## Keys and passwords
We need the keys of Backblaze and the Restic password. This secrets are saved in the [`opencell-provisioning`](https://gitlab.com/coopdevs/opencell-provisioning/) project. Show the decrypted secrets with:
```
$ ansible localhost -m debug -a var="<var_name>" -e "@inventory/host_vars/<host>/backups.yml" --ask-vault-pass
```
> In production:
> ```
> $ ansible localhost -m debug -a var="<var_name>" -e "@inventory/host_vars/opencell.coopdevs.org/secrets.yml" --ask-vault-pass
> ```
We need to list the next vars to use in the process:
* Backblaze Key: `backups_role_b2_app_key`
* Backblaze Key ID: `backups_role_b2_app_key_id`
* Restic password: `backups_role_restic_repo_password`
## Download backup from B2
To download the bucket we need to install and config the [`b2` command-line tool](https://www.backblaze.com/b2/docs/quick_command_line.html):
......@@ -22,45 +40,54 @@ $ pip install b2
$ b2 authorize-account [<applicationKeyId>] [<applicationKey>]
```
> You can find the `applicationKeyId` and the `applicationKey` in BW with the name `backblaze - <host>`.
3. With the
4. With the `b2` configured we can download the bucket. You can find the bucket name listing the buckets with `b2 list-buckets`:
Get our `applicationKeyId` and `applicationKe
```
$ b2 list-buckets
$ b2 sync --threads 25 b2://<bucket-name> <path-to-save-the-bucket>
```
## Extract the snapshot with Restic
We use the `restic` command-line tool to interact with the encrypted bucket.
## Restore backup
1. Install `restic`. If the server had installed the `backup_role`, `restic` was installed, else please follow the installation instructions: https://restic.readthedocs.io/en/stable/020_installation.html#installation
2. Browse snapshots with `restic snapshots` and select which snapshot you want to restore.
1. Copy the backup into the server.
3. Use the `restic` tool to decrypt the snapshot:
```
$ sudo restic -r <path-of-bucket> restore <snapshot-id> --target <path-to-restore-snapshot>
```
## Restore backup
2. Stop the OpenCell container:
1. Stop the OpenCell container:
```
$ docker stop opencell
```
3. Drop the OpenCell database:
2. Drop the OpenCell database:
```
$ docker exec -ti postgres dropdb -U opencell opencell
```
4. Create the new OpenCell DB:
3. Create the new OpenCell DB:
```
$ docker exec -ti postgres createdb -U opencell opencell
```
5. Restore the dump in the new DB:
4. Restore the dump in the new DB:
```
$ cat <DUMP_FILE> | docker exec -i postgres psql -U opencell opencell
```
6. Restore the filesystem from the backup overriding the `opencelldata` folder.
5. Restore the filesystem from the backup overriding the `opencelldata` folder.
7. Up the OC container:
6. Up the OC container:
```
$ docker-compose up -d
......
......