Manual Backup

To manually back up a PrivX server:

  1. Create a backup by running:
    # /opt/privx/scripts/backup.sh
    This creates a backup directory to:
    /var/backups/privx/<hostname>_<date>

    Where <hostname> and <date> are the name of the host and the backup timestamp. A working example of a backup-directory path would be:
    /var/backups/privx/privx_2017-12-31-2350
    Note: By default, PrivX servers create daily backups. Automatic backups are created under:
    /var/backups/privx/
    If you have configured the server to store its certificates in non-default locations, or to use a non-default local database name. Check and adjust the Default options in backup.sh before running it.
    By default backup.sh backs up:
    PrivX keyvault at /opt/privx/keyvault
    PrivX configurations under /opt/privx/etc
    SSL certificate files located under /etc/pki/CA and /etc/nginx/ssl
    PrivX-CA trust anchor: files matching privx-*.pem under /etc/pki/ca-trust/course/anchors/
    Local PostgreSQL database named privx (only if using local databases).
  2. Copy the backup to a secure, external backup location.

Manual Restore

To restore a PrivX server from a manual backup, reinstall PrivX and apply the backup files as follows:

  1. Uninstall PrivX-server software according to the instructions in the Administrator Manual.
  2. Install the PrivX version from which your backups were taken.
  3. Stop all PrivX services to prevent system changes during restore:
    # systemctl stop privx
  4. Restore the PrivX local data. Do this by running (replace /path/to/backup with the path of the backup directory):
    # /opt/privx/scripts/restore.sh /path/to/backup
  5. On all the PrivX servers, run the post-installation script to apply the restored configurations, and to restart the PrivX service:
    # /opt/privx/scripts/postinstall.sh