2014-01-17 10:54:08 -08:00
|
|
|
@title Configuring Backups and Performing Migrations
|
2012-10-26 12:01:58 -07:00
|
|
|
@group config
|
|
|
|
|
|
2014-01-17 10:54:08 -08:00
|
|
|
Advice for backing up Phabricator, or migrating from one machine to another.
|
2012-10-26 12:01:58 -07:00
|
|
|
|
2016-01-05 13:42:16 -08:00
|
|
|
|
|
|
|
|
Overview
|
|
|
|
|
========
|
2012-10-26 12:01:58 -07:00
|
|
|
|
|
|
|
|
Phabricator does not currently have a comprehensive backup system, but creating
|
|
|
|
|
backups is not particularly difficult and Phabricator does have a few basic
|
|
|
|
|
tools which can help you set up a reasonable process. In particular, the things
|
|
|
|
|
which needs to be backed up are:
|
|
|
|
|
|
|
|
|
|
- the MySQL databases;
|
2016-01-05 13:42:16 -08:00
|
|
|
- hosted repositories;
|
2012-10-26 12:01:58 -07:00
|
|
|
- uploaded files; and
|
|
|
|
|
- your Phabricator configuration files.
|
|
|
|
|
|
|
|
|
|
This document discusses approaches for backing up this data.
|
|
|
|
|
|
2014-01-17 10:54:08 -08:00
|
|
|
If you are migrating from one machine to another, you can generally follow the
|
|
|
|
|
same steps you would if you were creating a backup and then restoring it, you
|
|
|
|
|
will just backup the old machine and then restore the data onto the new
|
|
|
|
|
machine.
|
|
|
|
|
|
2016-01-05 13:42:16 -08:00
|
|
|
|
|
|
|
|
Backup: MySQL Databases
|
|
|
|
|
=======================
|
2012-10-26 12:01:58 -07:00
|
|
|
|
|
|
|
|
Most of Phabricator's data is stored in MySQL, and it's the most important thing
|
|
|
|
|
to back up. You can run `bin/storage dump` to get a dump of all the MySQL
|
2014-01-17 10:54:08 -08:00
|
|
|
databases. This is a convenience script which just runs a normal `mysqldump`,
|
|
|
|
|
but will only dump databases Phabricator owns.
|
2012-10-26 12:01:58 -07:00
|
|
|
|
|
|
|
|
Since most of this data is compressible, it may be helpful to run it through
|
|
|
|
|
gzip prior to storage. For example:
|
|
|
|
|
|
|
|
|
|
phabricator/ $ ./bin/storage dump | gzip > backup.sql.gz
|
|
|
|
|
|
|
|
|
|
Then store the backup somewhere safe, like in a box buried under an old tree
|
|
|
|
|
stump. No one will ever think to look for it there.
|
|
|
|
|
|
2016-01-05 13:42:16 -08:00
|
|
|
Restore: MySQL
|
|
|
|
|
==============
|
2012-10-26 12:01:58 -07:00
|
|
|
|
|
|
|
|
To restore a MySQL dump, just pipe it to `mysql` on a clean host. (You may need
|
|
|
|
|
to uncompress it first, if you compressed it prior to storage.)
|
|
|
|
|
|
|
|
|
|
$ gunzip -c backup.sql.gz | mysql
|
|
|
|
|
|
2016-01-05 13:42:16 -08:00
|
|
|
|
|
|
|
|
Backup: Hosted Repositories
|
|
|
|
|
===========================
|
|
|
|
|
|
|
|
|
|
If you host repositories in Phabricator, you should back them up. You can use
|
|
|
|
|
`bin/repository list-paths` to show the local paths on disk for each
|
|
|
|
|
repository. To back them up, copy them elsewhere.
|
|
|
|
|
|
|
|
|
|
You can also just clone them and keep the clones up to date, or use
|
|
|
|
|
{nav Add Mirror} to have the mirror somewhere automatically.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Restore: Hosted Repositories
|
|
|
|
|
============================
|
|
|
|
|
|
|
|
|
|
To restore hosted repositories, copy them back into the correct locations
|
|
|
|
|
as shown by `bin/repository list-paths`.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Backup: Uploaded Files
|
|
|
|
|
======================
|
2012-10-26 12:01:58 -07:00
|
|
|
|
|
|
|
|
Uploaded files may be stored in several different locations. The backup
|
|
|
|
|
procedure depends on where files are stored:
|
|
|
|
|
|
|
|
|
|
**Default / MySQL**: Under the default configuration, uploaded files are stored
|
|
|
|
|
in MySQL, so the MySQL backup will include all files. In this case, you don't
|
|
|
|
|
need to do any additional work.
|
|
|
|
|
|
|
|
|
|
**Amazon S3**: If you use Amazon S3, redundancy and backups are built in to the
|
|
|
|
|
service. This is probably sufficient for most installs. If you trust Amazon with
|
|
|
|
|
your data //except not really//, you can backup your S3 bucket outside of
|
|
|
|
|
Phabricator.
|
|
|
|
|
|
|
|
|
|
**Local Disk**: If you use the local disk storage engine, you'll need to back up
|
|
|
|
|
files manually. You can do this by creating a copy of the root directory where
|
|
|
|
|
you told Phabricator to put files (the `storage.local-disk.path` configuration
|
|
|
|
|
setting).
|
|
|
|
|
|
|
|
|
|
For more information about configuring how files are stored, see
|
|
|
|
|
@{article:Configuring File Storage}.
|
|
|
|
|
|
2016-01-05 13:42:16 -08:00
|
|
|
|
|
|
|
|
Restore: Uploaded Files
|
|
|
|
|
=======================
|
2012-10-26 12:01:58 -07:00
|
|
|
|
|
|
|
|
To restore a backup of local disk storage, just copy the backup into place.
|
|
|
|
|
|
2016-01-05 13:42:16 -08:00
|
|
|
|
|
|
|
|
Backup: Configuration Files
|
|
|
|
|
===========================
|
2012-10-26 12:01:58 -07:00
|
|
|
|
|
|
|
|
You should also backup your configuration files, and any scripts you use to
|
|
|
|
|
deploy or administrate Phabricator (like a customized upgrade script). The best
|
|
|
|
|
way to do this is to check them into a private repository somewhere and just use
|
|
|
|
|
whatever backup process you already have in place for repositories. Just copying
|
|
|
|
|
them somewhere will work fine too, of course.
|
|
|
|
|
|
2015-03-27 09:20:51 -07:00
|
|
|
In particular, you should backup this configuration file which Phabricator
|
|
|
|
|
creates:
|
|
|
|
|
|
|
|
|
|
phabricator/conf/local/local.json
|
|
|
|
|
|
|
|
|
|
This file contains all of the configuration settings that have been adjusted
|
|
|
|
|
by using `bin/config set <key> <value>`.
|
|
|
|
|
|
2016-01-05 13:42:16 -08:00
|
|
|
|
|
|
|
|
Restore: Configuration Files
|
|
|
|
|
============================
|
2012-10-26 12:01:58 -07:00
|
|
|
|
2015-03-27 09:20:51 -07:00
|
|
|
To restore configuration files, just copy them into the right locations. Copy
|
|
|
|
|
your backup of `local.json` to `phabricator/conf/local/local.json`.
|
2012-10-26 12:01:58 -07:00
|
|
|
|
2016-01-05 13:42:16 -08:00
|
|
|
Security
|
|
|
|
|
========
|
2012-10-26 12:01:58 -07:00
|
|
|
|
|
|
|
|
MySQL dumps have no builtin encryption and most data in Phabricator is stored in
|
|
|
|
|
a raw, accessible form, so giving a user access to backups is a lot like giving
|
|
|
|
|
them shell access to the machine Phabricator runs on. In particular, a user who
|
|
|
|
|
has the backups can:
|
|
|
|
|
|
|
|
|
|
- read data that policies do not permit them to see;
|
|
|
|
|
- read email addresses and object secret keys; and
|
|
|
|
|
- read other users' session and conduit tokens and impersonate them.
|
|
|
|
|
|
|
|
|
|
Some of this information is durable, so disclosure of even a very old backup may
|
|
|
|
|
present a risk. If you restrict access to the Phabricator host or database, you
|
|
|
|
|
should also restrict access to the backups.
|
|
|
|
|
|
2016-01-05 13:42:16 -08:00
|
|
|
|
|
|
|
|
Next Steps
|
|
|
|
|
==========
|
2012-10-26 12:01:58 -07:00
|
|
|
|
|
|
|
|
Continue by:
|
|
|
|
|
|
|
|
|
|
- returning to the @{article:Configuration Guide}.
|
