Add backup methodology
This commit is contained in:
parent
c50102bf3f
commit
44f2eecd87
GPG key ID:
90B5116E3542B28F
2 changed files with 44 additions and 0 deletions
|
|
@ -5,6 +5,8 @@ Documentation and issue tracker about the ayb instance hosted by Sofía
|
||||||
|
|
||||||
## Table of contents
|
## Table of contents
|
||||||
|
|
||||||
|
* Documentation
|
||||||
|
* [Backup methodology](./docs/backups.md)
|
||||||
* Legal
|
* Legal
|
||||||
* [Terms of Service](./legal/tos.md)
|
* [Terms of Service](./legal/tos.md)
|
||||||
* [Report abuse](./legal/abuse.md)
|
* [Report abuse](./legal/abuse.md)
|
||||||
|
|
|
||||||
42
docs/backups.md
Normal file
42
docs/backups.md
Normal file
|
|
@ -0,0 +1,42 @@
|
||||||
|
# Backup Methodology
|
||||||
|
|
||||||
|
ayb is working on improving persistence and database streaming, which means that this methodology will change in the future.
|
||||||
|
|
||||||
|
The current backup system has two parts:
|
||||||
|
* Daily automatic backups of the hosted databases.
|
||||||
|
* Monthly manual off-site backups of the ayb database and the hosted databases.
|
||||||
|
|
||||||
|
## Automatic backups
|
||||||
|
|
||||||
|
A shell script (TODO(sofia): release script) is executed five times a day, this shell script does the following:
|
||||||
|
* Attempt to recursively backup hosted databases using a command like this: `sqlite3 username/database.db ".timeout 1000" ".backup bak/username/database-$(date +%s).db.bak"`.
|
||||||
|
* Delete backups older than 7 days.
|
||||||
|
* Delete backups older than 1 day and whose file size is bigger than 500MB.
|
||||||
|
|
||||||
|
## Off-site backups
|
||||||
|
|
||||||
|
Off-site backups include all of the hosted databases and the ayb database, which means that ayb needs to be taken down in order to close all of the connections.
|
||||||
|
A notice will be up three days prior at:
|
||||||
|
* [status.sofiaritz.com](https://status.sofiaritz.com)
|
||||||
|
* [ayb.sofiaritz.com](https://ayb.sofiaritz.com)
|
||||||
|
|
||||||
|
This notice will contain:
|
||||||
|
* The reason of the downtime (off-site backup).
|
||||||
|
* The expected downtime (1 to 2 hours).
|
||||||
|
* The time of the downtime in UTC.
|
||||||
|
|
||||||
|
When the time comes, the following is done:
|
||||||
|
* The instance is taken down.
|
||||||
|
* The `ayb_data` folder is tar-gzip-ed.
|
||||||
|
* The `ayb_data.tar.gz` file is encrypted using a public key.
|
||||||
|
* The encrypted backup is sent to my local machine.
|
||||||
|
* The encrypted backup is stored inside an external hard-drive.
|
||||||
|
* This hard-drive is stored inside a safe.
|
||||||
|
* The private key is stored inside another hard-drive located at another physical location.
|
||||||
|
* The encrypted backup in my local machine is deleted.
|
||||||
|
* The encrypted backup in the server is deleted.
|
||||||
|
* The tar-gzip-ed backup in the server is deleted.
|
||||||
|
* The instance is started.
|
||||||
|
* When everything is up and running, the notices are removed.
|
||||||
|
|
||||||
|
This will be partially automated in the future, right now this process is completely manual.
|
||||||
Loading…
Reference in a new issue