ct/bmc_hub
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
main
bmc_hub/docs/BACKUP_SYSTEM.md

233 lines
6.9 KiB
Markdown
Raw Permalink Normal View History

feat: Implement Email Workflow System with comprehensive documentation and migration scripts - Added Email Workflow System with automated actions based on email classification. - Created database schema with tables for workflows, executions, and actions. - Developed API endpoints for CRUD operations on workflows and execution history. - Included pre-configured workflows for invoice processing, time confirmation, and bankruptcy alerts. - Introduced user guide and workflow system improvements for better usability. - Implemented backup system for automated backup jobs and notifications. - Established email activity log to track all actions and events related to emails.
2025-12-15 12:28:12 +01:00
# BMC Hub Backup System - Environment Configuration Guide
## Quick Start
Add these lines to your `.env` file to enable the backup system:
```bash
# ===== BACKUP SYSTEM =====
# Safety switches (start with safe defaults)
BACKUP_ENABLED=true # Enable backup system (default: false)
BACKUP_DRY_RUN=false # Disable dry-run to actually perform backups (default: true)
BACKUP_READ_ONLY=false # Allow restore operations (default: true)
# Backup formats
DB_DAILY_FORMAT=dump # Compressed format for daily backups (default: dump)
DB_MONTHLY_FORMAT=sql # Plain SQL for monthly backups (default: sql)
# Backup scope
BACKUP_INCLUDE_UPLOADS=true # Include uploads/ directory (default: true)
BACKUP_INCLUDE_LOGS=true # Include logs/ directory (default: true)
BACKUP_INCLUDE_DATA=true # Include data/ directory (default: true)
# Storage configuration
BACKUP_STORAGE_PATH=/opt/backups # Production path (default: /opt/backups)
# BACKUP_STORAGE_PATH=./backups # Use this for local development
BACKUP_MAX_SIZE_GB=50 # Maximum storage size (default: 50)
STORAGE_WARNING_THRESHOLD_PCT=80 # Warn at 80% usage (default: 80)
# Retention policy
RETENTION_DAYS=30 # Keep daily backups for 30 days (default: 30)
MONTHLY_KEEP_MONTHS=12 # Keep monthly backups for 12 months (default: 12)
# Offsite uploads (SFTP/SSH)
OFFSITE_ENABLED=false # Disable until configured (default: false)
OFFSITE_WEEKLY_DAY=sunday # Day for weekly upload (default: sunday)
OFFSITE_RETRY_MAX_ATTEMPTS=3 # Max retry attempts (default: 3)
OFFSITE_RETRY_DELAY_HOURS=1 # Hours between retries (default: 1)
# SFTP/SSH connection (configure when enabling offsite)
SFTP_HOST=backup.example.com
SFTP_PORT=22
SFTP_USER=bmc_backup
SFTP_PASSWORD= # Leave empty if using SSH key
SSH_KEY_PATH=/path/to/id_rsa # Path to SSH private key (preferred)
SFTP_REMOTE_PATH=/backups/bmc_hub
# Mattermost notifications
MATTERMOST_ENABLED=false # Disable until webhook configured (default: false)
MATTERMOST_WEBHOOK_URL=https://mattermost.example.com/hooks/xxx
MATTERMOST_CHANNEL=backups
NOTIFY_ON_FAILURE=true # Send alerts on failures (default: true)
NOTIFY_ON_SUCCESS_OFFSITE=true # Send alerts on successful offsite uploads (default: true)
```
## Configuration Steps
### 1. Basic Setup (Local Development)
```bash
BACKUP_ENABLED=true
BACKUP_DRY_RUN=false
BACKUP_READ_ONLY=false
BACKUP_STORAGE_PATH=./backups
```
Restart the application:
```bash
docker-compose restart api
```
### 2. Enable Offsite Uploads
#### Using SSH Key (Recommended)
```bash
OFFSITE_ENABLED=true
SFTP_HOST=your-backup-server.com
SFTP_USER=backup_user
SSH_KEY_PATH=/path/to/id_rsa
SFTP_REMOTE_PATH=/backups/bmc_hub
```
#### Using Password
```bash
OFFSITE_ENABLED=true
SFTP_HOST=your-backup-server.com
SFTP_USER=backup_user
SFTP_PASSWORD=your_secure_password
SFTP_REMOTE_PATH=/backups/bmc_hub
```
### 3. Enable Mattermost Notifications
1. Create an incoming webhook in Mattermost
2. Copy the webhook URL
3. Add to `.env`:
```bash
MATTERMOST_ENABLED=true
MATTERMOST_WEBHOOK_URL=https://your-mattermost.com/hooks/xxxxxxxxxxxxx
MATTERMOST_CHANNEL=backups
```
## Scheduled Jobs
When `BACKUP_ENABLED=true`, the system automatically schedules:
- **Daily Backup**: 02:00 CET - Full backup (database + files) in compressed format
- **Monthly Backup**: 1st day at 02:00 CET - Full backup in plain SQL format
- **Weekly Offsite**: Sunday at 03:00 CET - Upload all pending backups to offsite
- **Backup Rotation**: Daily at 01:00 CET - Delete expired backups
- **Storage Check**: Daily at 01:30 CET - Check disk usage
## Manual Operations
### Via UI Dashboard
Visit: `http://localhost:8000/backups`
Features:
- Create manual backups (database, files, or full)
- View backup history with sizes and checksums
- Restore from backup (with confirmation)
- Manual offsite upload
- View notifications
- Monitor storage usage
### Via API
```bash
# Create manual backup
curl -X POST http://localhost:8000/api/v1/backups \
-H "Content-Type: application/json" \
-d '{"job_type": "full", "is_monthly": false}'
# List backups
curl http://localhost:8000/api/v1/backups/jobs
# Get backup details
curl http://localhost:8000/api/v1/backups/jobs/1
# Restore from backup (⚠️ DANGER - enters maintenance mode)
curl -X POST http://localhost:8000/api/v1/backups/restore/1 \
-H "Content-Type: application/json" \
-d '{"confirmation": true}'
# Upload to offsite
curl -X POST http://localhost:8000/api/v1/backups/offsite/1
# Check storage
curl http://localhost:8000/api/v1/backups/storage
# Check maintenance mode
curl http://localhost:8000/api/v1/backups/maintenance
```
## Database Migration
Migration has already been applied. If you need to re-run:
```bash
docker-compose exec -T postgres psql -U bmc_hub -d bmc_hub < migrations/024_backup_system.sql
```
## Troubleshooting
### Backup not running
- Check `BACKUP_ENABLED=true` in `.env`
- Check logs: `docker-compose logs api | grep backup`
- Verify scheduler status via API: `curl http://localhost:8000/api/v1/backups/scheduler/status`
### Offsite upload failing
- Verify SFTP credentials
- Test SSH connection: `ssh -i /path/to/key user@host`
- Check retry count in backup history
- Review notifications in dashboard
### Storage full
- Increase `BACKUP_MAX_SIZE_GB`
- Reduce `RETENTION_DAYS`
- Manually delete old backups via UI
- Enable offsite uploads to move backups off-server
### Restore not working
- Set `BACKUP_READ_ONLY=false` in `.env`
- Restart API: `docker-compose restart api`
- Verify backup file exists on disk
- Check maintenance mode overlay appears during restore
## Safety Features
The system includes multiple safety switches:
1. **BACKUP_ENABLED** - Master switch, disabled by default
2. **BACKUP_DRY_RUN** - Logs operations without executing
3. **BACKUP_READ_ONLY** - Blocks destructive restore operations
4. **OFFSITE_ENABLED** - Disables external uploads until configured
5. **MATTERMOST_ENABLED** - Prevents notification spam
Always test with `BACKUP_DRY_RUN=true` first!
## Production Checklist
- [ ] Set strong SFTP credentials
- [ ] Configure SSH key authentication
- [ ] Test restore procedure (on test system first!)
- [ ] Configure Mattermost notifications
- [ ] Set appropriate retention periods
- [ ] Verify backup storage capacity
- [ ] Document restore procedures
- [ ] Schedule restore drills (quarterly)
- [ ] Monitor backup success rate
- [ ] Test offsite download/restore
## Backup Storage Structure
```
/opt/backups/
├── database/
│ ├── db_20251213_020000_daily.dump
│ ├── db_20251201_020000_monthly.sql
│ └── ...
└── files/
├── files_20251213_020000.tar.gz
└── ...
```
## Support
For issues or questions, check:
- Logs: `/logs/app.log`
- API Docs: `http://localhost:8000/api/docs`
- Dashboard: `http://localhost:8000/backups`
Reference in New Issue Copy Permalink