Add backup methodology
This commit is contained in:
parent
c50102bf3f
commit
44f2eecd87
GPG key ID:
90B5116E3542B28F
|
|
@ -5,6 +5,8 @@ Documentation and issue tracker about the ayb instance hosted by Sofía
|
|||
|
||||
## Table of contents
|
||||
|
||||
* Documentation
|
||||
* [Backup methodology](./docs/backups.md)
|
||||
* Legal
|
||||
* [Terms of Service](./legal/tos.md)
|
||||
* [Report abuse](./legal/abuse.md)
|
||||
|
|
|
|||
42
docs/backups.md
Normal file
42
docs/backups.md
Normal file
|
|
@ -0,0 +1,42 @@
|
|||
# Backup Methodology
|
||||
|
||||
ayb is working on improving persistence and database streaming, which means that this methodology will change in the future.
|
||||
|
||||
The current backup system has two parts:
|
||||
* Daily automatic backups of the hosted databases.
|
||||
* Monthly manual off-site backups of the ayb database and the hosted databases.
|
||||
|
||||
## Automatic backups
|
||||
|
||||
A shell script (TODO(sofia): release script) is executed five times a day, this shell script does the following:
|
||||
* Attempt to recursively backup hosted databases using a command like this: `sqlite3 username/database.db ".timeout 1000" ".backup bak/username/database-$(date +%s).db.bak"`.
|
||||
* Delete backups older than 7 days.
|
||||
* Delete backups older than 1 day and whose file size is bigger than 500MB.
|
||||
|
||||
## Off-site backups
|
||||
|
||||
Off-site backups include all of the hosted databases and the ayb database, which means that ayb needs to be taken down in order to close all of the connections.
|
||||
A notice will be up three days prior at:
|
||||
* [status.sofiaritz.com](https://status.sofiaritz.com)
|
||||
* [ayb.sofiaritz.com](https://ayb.sofiaritz.com)
|
||||
|
||||
This notice will contain:
|
||||
* The reason of the downtime (off-site backup).
|
||||
* The expected downtime (1 to 2 hours).
|
||||
* The time of the downtime in UTC.
|
||||
|
||||
When the time comes, the following is done:
|
||||
* The instance is taken down.
|
||||
* The `ayb_data` folder is tar-gzip-ed.
|
||||
* The `ayb_data.tar.gz` file is encrypted using a public key.
|
||||
* The encrypted backup is sent to my local machine.
|
||||
* The encrypted backup is stored inside an external hard-drive.
|
||||
* This hard-drive is stored inside a safe.
|
||||
* The private key is stored inside another hard-drive located at another physical location.
|
||||
* The encrypted backup in my local machine is deleted.
|
||||
* The encrypted backup in the server is deleted.
|
||||
* The tar-gzip-ed backup in the server is deleted.
|
||||
* The instance is started.
|
||||
* When everything is up and running, the notices are removed.
|
||||
|
||||
This will be partially automated in the future, right now this process is completely manual.
|
||||
Loading…
Reference in a new issue