Backup and restore

The docker setup of BlueRange comes with two scripts that ease saving the database content and server configuration into a single file. The backup script can be executed periodically using e.g. cron. The archive created then just needs to be moved to some permanent storage such as S3 or onto a network share.

Backup of BlueRange

To create a backup of your installation run bluerange-backup.sh as root:

$ ./bluerange-backup.sh
$ mysqldump --compress --single-transaction --all-databases >backup/bluerange-20210421_151330/mariadb.sql
$ mongodump --out=backup/bluerange-20210421_151330/mongodb
2021-04-21T15:13:36.927+0000	writing admin.system.users to backup/bluerange-20210421_151330/mongodb/admin/system.users.bson
2021-04-21T15:13:36.933+0000	done dumping admin.system.users (1 document)
2021-04-21T15:13:36.934+0000	writing admin.system.version to backup/bluerange-20210421_151330/mongodb/admin/system.version.bson
2021-04-21T15:13:36.935+0000	done dumping admin.system.version (2 documents)
2021-04-21T15:13:36.939+0000	writing deviceauth.migration_info to backup/bluerange-20210421_151330/mongodb/deviceauth/migration_info.bson
2021-04-21T15:13:36.941+0000	writing useradm.tokens to backup/bluerange-20210421_151330/mongodb/useradm/tokens.bson
2021-04-21T15:13:36.942+0000	done dumping deviceauth.migration_info (5 documents)
2021-04-21T15:13:36.943+0000	writing useradm.migration_info to backup/bluerange-20210421_151330/mongodb/useradm/migration_info.bson
2021-04-21T15:13:36.943+0000	done dumping useradm.tokens (1 document)
2021-04-21T15:13:36.944+0000	writing deviceauth.auth_sets to backup/bluerange-20210421_151330/mongodb/deviceauth/auth_sets.bson
2021-04-21T15:13:36.944+0000	done dumping useradm.migration_info (1 document)
2021-04-21T15:13:36.945+0000	writing deviceauth.devices to backup/bluerange-20210421_151330/mongodb/deviceauth/devices.bson
2021-04-21T15:13:36.946+0000	done dumping deviceauth.auth_sets (0 documents)
2021-04-21T15:13:36.948+0000	done dumping deviceauth.devices (0 documents)
2021-04-21T15:13:36.951+0000	writing useradm.users to backup/bluerange-20210421_151330/mongodb/useradm/users.bson
2021-04-21T15:13:36.951+0000	writing inventory.migration_info to backup/bluerange-20210421_151330/mongodb/inventory/migration_info.bson
2021-04-21T15:13:36.953+0000	done dumping useradm.users (1 document)
2021-04-21T15:13:36.953+0000	done dumping inventory.migration_info (1 document)
/opt/bluerange-setup/docker/backup/bluerange-20210421_151330 /opt/bluerange-setup/docker
mongodb/
mongodb/inventory/
mongodb/inventory/migration_info.metadata.json
mongodb/inventory/migration_info.bson
mongodb/useradm/
mongodb/useradm/tokens.metadata.json
mongodb/useradm/migration_info.metadata.json
mongodb/useradm/users.metadata.json
mongodb/useradm/tokens.bson
mongodb/useradm/migration_info.bson
mongodb/useradm/users.bson
mongodb/deviceauth/
mongodb/deviceauth/devices.metadata.json
mongodb/deviceauth/auth_sets.metadata.json
mongodb/deviceauth/migration_info.metadata.json
mongodb/deviceauth/migration_info.bson
mongodb/deviceauth/auth_sets.bson
mongodb/deviceauth/devices.bson
mongodb/admin/
mongodb/admin/system.users.metadata.json
mongodb/admin/system.version.metadata.json
mongodb/admin/system.users.bson
mongodb/admin/system.version.bson
/opt/bluerange-setup/docker
$ tar -cvf backup/bluerange-20210421_151330/server.tar server.* ca.* cert.* serial* newcerts/*
server.env
server.key
server.pem
server.rsa
ca.conf
ca.crt
ca.key
ca.pem
cert.conf
cert.crt
cert.csr
cert.key
cert.pem
serial
serial.old
newcerts/01.pem
$ cd backup && tar -gzip -cvf bluerange-20210421_151330.tar.gz bluerange-20210421_151330
/opt/bluerange-setup/docker/backup /opt/bluerange-setup/docker
bluerange-20210421_151330/
bluerange-20210421_151330/mariadb.sql
bluerange-20210421_151330/mongodb.tar
bluerange-20210421_151330/server.tar
/opt/bluerange-setup/docker
$ chmod go-r backup/bluerange-20210421_151330.tar.gz
* backup/bluerange-20210421_151330.tar.gz

The backup script assumes the server is up and running. As the process may take awhile to complete it is recommended to create backups during idle times.

In the example above the script created the file backup/bluerange-20210421_151330.tar.gz. At the simplest, the entire backup folder is synced elsewhere.

Restoring the installation

In the event of disaster the machine is recovered by cloning a fresh working copy of the docker setup. Then run bluerange-restore.sh passing the backup archive file as an argument:

$ ./bluerange-restore.sh backup/bluerange-20210421_151330.tar.gz
All existing BlueRange server data will be erased!
Are you sure to restore from bluerange-20210421_151330?
Type YES: YES
YES
$ cd backup/restore && tar --gunzip -xvf backup/bluerange-20210421_151330.tar.gz
/opt/bluerange-setup/docker/backup/restore /opt/bluerange-setup/docker
bluerange-20210421_151330/
bluerange-20210421_151330/mariadb.sql
bluerange-20210421_151330/mongodb.tar
bluerange-20210421_151330/server.tar
/opt/bluerange-setup/docker
Stopping bluerange_nginx_1              ... done
Stopping bluerange_mender-api-gateway_1 ... done
Stopping bluerange_mender-deployments_1 ... done
Stopping bluerange_nodered_1            ... done
Stopping bluerange_mosquitto_1          ... done
Stopping bluerange_storage-proxy_1      ... done
Stopping bluerange_kibana_1             ... done
Stopping bluerange_mender-conductor_1   ... done
Stopping bluerange_logagent_1           ... done
Stopping bluerange_bluerange_1          ... done
Stopping bluerange_mender-inventory_1   ... done
Stopping bluerange_mender-device-auth_1 ... done
Stopping bluerange_mender-useradm_1     ... done
Stopping bluerange_minio_1              ... done
Stopping bluerange_elasticsearch_1      ... done
Stopping bluerange_mender-gui_1         ... done
Stopping bluerange_mender-redis_1       ... done
Stopping bluerange_mongodb_1            ... done
Stopping bluerange_database_1           ... done
Removing bluerange_nginx_1              ... done
Removing bluerange_mender-api-gateway_1 ... done
Removing bluerange_mender-deployments_1 ... done
Removing bluerange_nodered_1            ... done
Removing bluerange_mosquitto_1          ... done
Removing bluerange_storage-proxy_1      ... done
Removing bluerange_kibana_1             ... done
Removing bluerange_mender-conductor_1   ... done
Removing bluerange_logagent_1           ... done
Removing bluerange_bluerange_1          ... done
Removing bluerange_mender-inventory_1   ... done
Removing bluerange_mender-device-auth_1 ... done
Removing bluerange_mender-useradm_1     ... done
Removing bluerange_minio_1              ... done
Removing bluerange_elasticsearch_1      ... done
Removing bluerange_mender-gui_1         ... done
Removing bluerange_mender-redis_1       ... done
Removing bluerange_mongodb_1            ... done
Removing bluerange_database_1           ... done
Removing network bluerange_default
bluerange_mysql
bluerange_mongodb
$ tar -xvf backup/restore/bluerange-20210421_151330/server.tar
server.env
server.key
server.pem
server.rsa
ca.conf
ca.crt
ca.key
ca.pem
cert.conf
cert.crt
cert.csr
cert.key
cert.pem
serial
serial.old
newcerts/01.pem
Creating network "bluerange_default" with the default driver
Creating volume "bluerange_mysql" with default driver
Creating volume "bluerange_mongodb" with default driver
Creating bluerange_database_1 ... done
Creating bluerange_mongodb_1  ... done
ERROR 1045 (28000): Access denied for user 'bluerange'@'localhost' (using password: YES)
ERROR 1045 (28000): Access denied for user 'bluerange'@'localhost' (using password: YES)
Database is ready now! (Please ignore afore errors.)
Database is ready now! (Please ignore afore errors.)
$ mongorestore --dir=backup/restore/bluerange-20210421_151330/mongodb
/opt/bluerange-setup/docker/backup/restore/bluerange-20210421_151330 /opt/bluerange-setup/docker
mongodb/
mongodb/inventory/
mongodb/inventory/migration_info.metadata.json
mongodb/inventory/migration_info.bson
mongodb/useradm/
mongodb/useradm/tokens.metadata.json
mongodb/useradm/migration_info.metadata.json
mongodb/useradm/users.metadata.json
mongodb/useradm/tokens.bson
mongodb/useradm/migration_info.bson
mongodb/useradm/users.bson
mongodb/deviceauth/
mongodb/deviceauth/devices.metadata.json
mongodb/deviceauth/auth_sets.metadata.json
mongodb/deviceauth/migration_info.metadata.json
mongodb/deviceauth/migration_info.bson
mongodb/deviceauth/auth_sets.bson
mongodb/deviceauth/devices.bson
mongodb/admin/
mongodb/admin/system.users.metadata.json
mongodb/admin/system.version.metadata.json
mongodb/admin/system.users.bson
mongodb/admin/system.version.bson
/opt/bluerange-setup/docker
2021-04-21T15:26:22.968+0000	preparing collections to restore from
2021-04-21T15:26:22.972+0000	reading metadata for deviceauth.migration_info from backup/restore/bluerange-20210421_151330/mongodb/deviceauth/migration_info.metadata.json
2021-04-21T15:26:22.978+0000	reading metadata for useradm.tokens from backup/restore/bluerange-20210421_151330/mongodb/useradm/tokens.metadata.json
2021-04-21T15:26:22.983+0000	reading metadata for inventory.migration_info from backup/restore/bluerange-20210421_151330/mongodb/inventory/migration_info.metadata.json
2021-04-21T15:26:22.987+0000	reading metadata for useradm.users from backup/restore/bluerange-20210421_151330/mongodb/useradm/users.metadata.json
2021-04-21T15:26:22.991+0000	restoring deviceauth.migration_info from backup/restore/bluerange-20210421_151330/mongodb/deviceauth/migration_info.bson
2021-04-21T15:26:23.005+0000	no indexes to restore
2021-04-21T15:26:23.005+0000	finished restoring deviceauth.migration_info (5 documents, 0 failures)
2021-04-21T15:26:23.005+0000	reading metadata for deviceauth.auth_sets from backup/restore/bluerange-20210421_151330/mongodb/deviceauth/auth_sets.metadata.json
2021-04-21T15:26:23.005+0000	restoring useradm.tokens from backup/restore/bluerange-20210421_151330/mongodb/useradm/tokens.bson
2021-04-21T15:26:23.015+0000	restoring useradm.users from backup/restore/bluerange-20210421_151330/mongodb/useradm/users.bson
2021-04-21T15:26:23.017+0000	no indexes to restore
2021-04-21T15:26:23.017+0000	finished restoring useradm.tokens (1 document, 0 failures)
2021-04-21T15:26:23.017+0000	reading metadata for useradm.migration_info from backup/restore/bluerange-20210421_151330/mongodb/useradm/migration_info.metadata.json
2021-04-21T15:26:23.026+0000	restoring deviceauth.auth_sets from backup/restore/bluerange-20210421_151330/mongodb/deviceauth/auth_sets.bson
2021-04-21T15:26:23.027+0000	restoring indexes for collection useradm.users from metadata
2021-04-21T15:26:23.037+0000	restoring useradm.migration_info from backup/restore/bluerange-20210421_151330/mongodb/useradm/migration_info.bson
2021-04-21T15:26:23.037+0000	restoring indexes for collection deviceauth.auth_sets from metadata
2021-04-21T15:26:23.047+0000	no indexes to restore
2021-04-21T15:26:23.047+0000	finished restoring useradm.migration_info (1 document, 0 failures)
2021-04-21T15:26:23.047+0000	reading metadata for deviceauth.devices from backup/restore/bluerange-20210421_151330/mongodb/deviceauth/devices.metadata.json
2021-04-21T15:26:23.054+0000	restoring inventory.migration_info from backup/restore/bluerange-20210421_151330/mongodb/inventory/migration_info.bson
2021-04-21T15:26:23.063+0000	restoring deviceauth.devices from backup/restore/bluerange-20210421_151330/mongodb/deviceauth/devices.bson
2021-04-21T15:26:23.065+0000	no indexes to restore
2021-04-21T15:26:23.065+0000	finished restoring inventory.migration_info (1 document, 0 failures)
2021-04-21T15:26:23.072+0000	finished restoring deviceauth.auth_sets (0 documents, 0 failures)
2021-04-21T15:26:23.075+0000	restoring indexes for collection deviceauth.devices from metadata
2021-04-21T15:26:23.079+0000	finished restoring useradm.users (1 document, 0 failures)
2021-04-21T15:26:23.079+0000	finished restoring deviceauth.devices (0 documents, 0 failures)
2021-04-21T15:26:23.079+0000	restoring users from backup/restore/bluerange-20210421_151330/mongodb/admin/system.users.bson
2021-04-21T15:26:23.095+0000	9 document(s) restored successfully. 0 document(s) failed to restore.
$ mysql <backup/restore/bluerange-20210421_151330/mariadb.sql
Backup bluerange-20210421_151330 restored.
* ./bluerange-compose.sh to start the server...

Once complete the database content and the configuration data incl. certificates is restored.

The restore tears down and erases all existing data! When reanimating a broken server it is strongly adviced to create a fresh backup even of the broken state.

To recover operation of the server the bluerange-compose.sh must be ran once. This returns services into operation and installs them such that they are restarted automatically on system reboots. Please notice that the entire BlueRange system resumes operation immediately which may have side-effects on IoT devices installed into the building.