Skip to content

Restore From Backup

Jump to bottom Edit New page
John Rogerson edited this page Jan 19, 2018 · 4 revisions

  1. Procure a new VM and install Debian 7.

  2. Ensure that no public-facing services are exposed. You don’t want an MTA to send you mail while you’re in the middle of rebuilding your server. If this is a new VM with a new IP, then it’s not an issue. Just wait until the end of the procedure to switch the DNS over.

  3. Prep the server (https://github.com/al3x/sovereign#3-prep-the-server)

  4. Run the playbooks (assuming you still have a local repo with your certs, keys, and variables intact)

  5. Stop all services.

/etc/init.d/monit stop
/etc/init.d/dovecot stop
/etc/init.d/dspam stop
/etc/init.d/exim4 stop
/etc/init.d/opendkim stop
/etc/init.d/postfix stop
/etc/init.d/postgresql stop
/etc/init.d/postgrey stop
/etc/init.d/tomcat6 stop
/etc/init.d/znc stop
  1. Determine which archives to restore
root@vps3:~# tarsnap --list-archives | sort
  1. Restore each one in a screen window. It might take a while — I only got ~2Mbps on each tarsnap restore command. By running all of the restore commands simultaneously you can get a higher aggregate download rate.
tarsnap -x -v -C / -f 20140506-030001-daily-decrypted
tarsnap -x -v -C / -f 20140506-030001-daily-home
tarsnap -x -v -C / -f 20140506-030001-daily-root
rm -rf /var/lib/postgresql/9.1/main
tarsnap -x -v -C / -f 20140506-030001-daily-var/lib/postgresql/9.1/main
rm -rf /var/www
tarsnap -x -v -C / -f 20140506-030001-daily-var/www

  1. Switch the DNS over to your new server's IP

  2. Update your DKIM DNS records, since your new server will have generated new keys.

  3. Turn on the services

Add a custom footer
Add a custom sidebar
Clone this wiki locally