Skip to main content

Backup & Restore

Database backup

The PostgreSQL database contains all telemetry data, policies, alerts, and settings.

Manual backup

# Create a backup (runs pg_dump inside the container)
docker compose -f deploy/docker-compose.community.yml exec edr-postgres \
  pg_dump -U sielum_app sielum > backup_$(date +%Y%m%d_%H%M%S).sql

Automated backup (cron example)

# /etc/cron.daily/sielum-backup
#!/bin/bash
BACKUP_DIR=/var/backups/sielum
mkdir -p "$BACKUP_DIR"

docker compose -f /opt/sielum/deploy/docker-compose.community.yml exec -T edr-postgres \
  pg_dump -U sielum_app sielum | gzip > "$BACKUP_DIR/db_$(date +%Y%m%d).sql.gz"

# Keep 30 days of backups
find "$BACKUP_DIR" -name "db_*.sql.gz" -mtime +30 -delete

Restore

# Stop the backend (to prevent writes during restore)
docker compose -f deploy/docker-compose.community.yml stop edr-backend

# Restore from backup
cat backup_20260308_100000.sql | docker compose -f deploy/docker-compose.community.yml exec -T edr-postgres \
  psql -U sielum_app sielum

# Restart backend
docker compose -f deploy/docker-compose.community.yml start edr-backend

Certificate backup

Always back up the CA private key separately from the database:

# Back up CA key (encrypt it!)
gpg --symmetric --cipher-algo AES256 deploy/certs/ca.key > ca.key.gpg
danger

Loss of ca.key means all existing agent certificates become unverifiable. A new CA must be generated and all agents re-enrolled.

What to back up

DataLocationCritical?
Application databasePostgreSQL sielum✅ Critical
CA private keydeploy/certs/ca.key✅ Critical
Server certificatesdeploy/certs/High
.env.community filedeploy/.env.communityHigh