To manually back up a PrivX server:
- Create a backup by running:
This creates a backup directory to:
Where <hostname> and <date> are the name of the host and the backup timestamp. A working example of a backup-directory path would be:
Note: By default, PrivX servers create daily backups. Automatic backups are created under:
If you have configured the server to store its certificates in non-default locations, or to use a non-default local database name. Check and adjust the Default options in backup.sh before running it.
By default backup.sh backs up:
PrivX keyvault at /opt/privx/keyvault
PrivX configurations under /opt/privx/etc
SSL certificate files located under /etc/pki/CA and /etc/nginx/ssl
PrivX-CA trust anchor: files matching privx-*.pem under /etc/pki/ca-trust/course/anchors/
Local PostgreSQL database named privx (only if using local databases).
- Copy the backup to a secure, external backup location.
To restore a PrivX server from a manual backup, reinstall PrivX and apply the backup files as follows:
- Uninstall PrivX-server software according to the instructions in the Administrator Manual.
- Install the PrivX version from which your backups were taken.
- Stop all PrivX services to prevent system changes during restore:
# systemctl stop privx
- Restore the PrivX local data. Do this by running (replace /path/to/backup with the path of the backup directory):
# /opt/privx/scripts/restore.sh /path/to/backup
- On all the PrivX servers, run the post-installation script to apply the restored configurations, and to restart the PrivX service: