-
Notifications
You must be signed in to change notification settings - Fork 149
Backups
RatticWeb includes a command that makes it easy to make backups and restore. Backups are encrypted using GPG. Though it is possible to make backups without encryption it is not supported and is an exercise left to the reader.
Here is an example configuration:
[backup]
dir = /tmp
gpg_home = /home/rattic/.gnupg
recipients = 2E0A44E2
s3_bucket = demo.rattic.org-backup
The dir
config option specifies where the backup will be made. If you choose to enable S3 then this location is only used for temporary storage while the file is uploaded to S3. If you choose not to use S3 then this is the final location of the backup.
This specifies the location of the GPG config files and data. All the recipients public keys should be imported here, or GPG should be set to automatically import them when required.
This should be a comma separated list of key ids whose public keys should be used to encrypt the backups. Only these people will be able to decrypt the backup. RatticDB will ask GPG to automatically trust all the public keys it has been configured to use.
If you would like the backup uploaded to S3 you can give the bucket name here. Django uses the boto library so configuring the AWS secret key and access key will be taken from environment variables, the boto config file or a machine role like any other boto application. If you configure the backups to be sent to S3 they will not be stored locally after they are uploaded.
The first thing to do when running the RatticDB backup is to make sure you are in the RatticDB python environment. If you deployed with the Ansible scripts in docs/ansible
then simply do this:
source /opt/apps/RatticWeb.venv/bin/activate
Then all you need to do is run the backup script, assuming that you already have AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY in your environment or have configured your AWS credentials another way.
cd /opt/apps/RatticWeb
./manage.py backup