1.9 KiB
1.9 KiB
Backup Methodology
ayb is working on improving persistence and database streaming, which means that this methodology will change in the future.
The current backup system has two parts:
- Daily automatic backups of the hosted databases.
- Monthly manual off-site backups of the ayb database and the hosted databases.
Automatic backups
A shell script (TODO(sofia): release script) is executed five times a day, this shell script does the following:
- Attempt to recursively backup hosted databases using a command like this:
sqlite3 username/database.db ".timeout 1000" ".backup bak/username/database-$(date +%s).db.bak". - Delete backups older than 7 days.
- Delete backups older than 1 day and whose file size is bigger than 500MB.
Off-site backups
Off-site backups include all of the hosted databases and the ayb database, which means that ayb needs to be taken down in order to close all of the connections. A notice will be up three days prior at:
This notice will contain:
- The reason of the downtime (off-site backup).
- The expected downtime (1 to 2 hours).
- The time of the downtime in UTC.
When the time comes, the following is done:
- The instance is taken down.
- The
ayb_datafolder is tar-gzip-ed. - The
ayb_data.tar.gzfile is encrypted using a public key. - The encrypted backup is sent to my local machine.
- The encrypted backup is stored inside an external hard-drive.
- This hard-drive is stored inside a safe.
- The private key is stored inside another hard-drive located at another physical location.
- The encrypted backup in my local machine is deleted.
- The encrypted backup in the server is deleted.
- The tar-gzip-ed backup in the server is deleted.
- The instance is started.
- When everything is up and running, the notices are removed.
This will be partially automated in the future, right now this process is completely manual.