You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Sync: export/import/list — transfer apps between CIPI servers
cipi sync export [app ...] [--with-db] [--with-storage] — export all apps or specific ones to a portable .tar.gz archive including configs, SSH keys, deployer config, supervisor workers, and optionally database dumps and shared storage
cipi sync import <file> [app ...] [--deploy] [--yes] — import apps from an archive into the current server; recreates users, databases (with new credentials), nginx vhosts, PHP-FPM pools, supervisor workers, crontabs, and deployer configs; selectively import specific apps from a multi-app archive
cipi sync push [app ...] [--host=IP] [--port=22] [--with-db] [--with-storage] [--import] — export, transfer via rsync/scp to a remote server, and optionally run import on the remote; interactive prompts for SSH host/port with connectivity test and remote Cipi version check
cipi sync list <file> — inspect archive contents without importing (apps, PHP versions, DB/storage inclusion)
--update mode for import — when an app already exists on the target, incrementally syncs .env (preserving local DB credentials), database dump (drop + reimport), shared storage, supervisor workers, deployer config, nginx vhost (alias changes), and PHP version changes; new apps are created as before; push --import uses --update automatically
Pre-flight checks on import: warns about missing PHP versions, blocks import of apps that already exist (unless --update); domain conflict check — blocks import if domain or alias is already used by another app on target or by another app in the same import batch
.env DB credentials automatically updated on import with the new server's values
SSH deploy keys preserved from source (same key works with git provider)
Email notifications (optional) — receive alerts when backup or deploy fails
cipi smtp configure — interactive SMTP setup (host, port, user, password, from/to, TLS); supports Gmail, SendGrid, Mailgun, etc.; installs msmtp on first use
cipi smtp status — show if notifications are enabled and recipient
Notifications sent automatically on: backup errors (per-app or full run), deploy failures, system cron failures (self-update, SSL renewal)
cipi-cron-notify wrapper — runs system cron jobs and sends email alert on failure
Config stored in /etc/cipi/smtp.json; smtp.json included in sync export for migration
Vault: config encryption at rest — all JSON config files (server.json, apps.json, databases.json, backup.json, smtp.json, api.json) are encrypted on disk with AES-256-CBC using a per-server master key (/etc/cipi/.vault_key); transparent read/write with backward compatibility for existing plaintext configs; existing servers are automatically migrated on update
apps-public.json — plaintext projection of apps.json containing only non-sensitive fields (domain, aliases, php, branch, repository, user, created_at); automatically regenerated on every app change; the cipi-api group reads this file instead of the encrypted apps.json, so the vault key stays root-only with no privilege escalation
Encrypted sync export — cipi sync export now encrypts the archive with a user-provided passphrase (AES-256-CBC); cipi sync import and cipi sync list transparently detect and decrypt encrypted archives; protects SSH keys, .env files, database dumps, and credentials during transfer; all sync commands accept --passphrase=<secret> for non-interactive/automated usage (cron, scripts)
GDPR-compliant log rotation — automatic retention policies via logrotate:
