Changes

Page history
Update Restore instance with backup authored by Daniel Palomar's avatar Daniel Palomar
Show whitespace changes
Inline Side-by-side
Restore-instance-with-backup.md
View page @ e4dcbc00
We are using the [`backups_role`](https://github.com/coopdevs/backups_role/) to manage the backups in the OC instances. This role uses Backblaze (B2) and Restic to encrypt and upload the backup. We are using the [`backups_role`](https://github.com/coopdevs/backups_role/) to manage the backups in the OC instances. This role uses Backblaze (B2) and Restic to encrypt and upload the backup.
We must follow the next steps to restore a backup: ## Context
## Keys and passwords We are using the `backups_role` to create and save the snapshot in B2 with Restic.
In other projects with this backups strategy, we use the `restic` command-line tool to download and decrypt the snapshot from B2. This process take 10-30 mins. In this project, this strategy spends more than 5h and we need to change the strategy to download and decrypt a snapshot.
We need the keys of Backblaze and the Restic password. This secrets are saved in the [`opencell-provisioning`](https://gitlab.com/coopdevs/opencell-provisioning/) project. Show the decrypted secrets with: We must follow the next steps:
## Needed data
We need the keys of Backblaze and the Restic password. These secrets are saved in the [`opencell-provisioning`](https://gitlab.com/coopdevs/opencell-provisioning/) project. Show the decrypted secrets with:
``` ```
$ ansible localhost -m debug -a var="<var_name>" -e "@inventory/host_vars/<host>/backups.yml" --ask-vault-pass $ ansible localhost -m debug -a var="<var_name>" -e "@inventory/host_vars/<host>/backups.yml" --ask-vault-pass
...@@ -65,6 +69,13 @@ $ sudo restic -r <path-of-bucket> restore <snapshot-id> --target <path-to-restor ...@@ -65,6 +69,13 @@ $ sudo restic -r <path-of-bucket> restore <snapshot-id> --target <path-to-restor
## Restore backup ## Restore backup
0. Access to the server and change to the app user:
```
$ ssh <user>@<host>
$ sudo su - opencell
```
1. Stop the OpenCell container: 1. Stop the OpenCell container:
``` ```
...@@ -83,13 +94,18 @@ $ docker exec -ti postgres dropdb -U opencell opencell ...@@ -83,13 +94,18 @@ $ docker exec -ti postgres dropdb -U opencell opencell
$ docker exec -ti postgres createdb -U opencell opencell $ docker exec -ti postgres createdb -U opencell opencell
``` ```
4. Restore the dump in the new DB: 4. Restore the dump in the new DB. Inside the snapshot, we can find a dump of OpenCell, a dump of Keycloak and the OC filesystem with all the printed invoices:
``` ```
$ cat <DUMP_FILE> | docker exec -i postgres psql -U opencell opencell $ cat <DUMP_FILE> | docker exec -i postgres psql -U opencell opencell
``` ```
5. Restore the filesystem from the backup overriding the `opencelldata` folder. 5. Restore the filesystem from the backup overriding the `opencelldata` folder:
```
$ sudo cp
```
6. Up the OC container: 6. Up the OC container:
... ...
......