website/docs: sys mgmt: document authentik backups/restoration (#12943)

* init Signed-off-by: Dominic R <dominic@sdko.org> * docs: sys mgmt: add backup documentation * adapt command as you're already as root in postgres from what I tested and this is the easiest no-config-change solution that works * Marc's comment * href continuous archiving for pg * add to sidebar * restore documentation * tana is gonna yell at me * start * static directories table fix my mess * Update website/docs/sys-mgmt/ops/backup-restore.md Signed-off-by: Dominic R <dominic@sdko.org> * Update website/docs/sys-mgmt/ops/backup-restore.md Signed-off-by: Dominic R <dominic@sdko.org> --------- Signed-off-by: Dominic R <dominic@sdko.org>
2025-03-07 16:16:40 -05:00
parent 9e0a9f4eee
commit 349f66e53c
2 changed files with 53 additions and 0 deletions
--- a/website/docs/sys-mgmt/ops/backup-restore.md
+++ b/website/docs/sys-mgmt/ops/backup-restore.md
@ -0,0 +1,52 @@
 ---
 title: Backup and restore your authentik instance
 sidebar_label: Backup & Restore
 ---
 This guide outlines the critical components to back up and restore in authentik.
 ## PostgreSQL database
 ### Backup
 - **Role:** Stores all persistent data (users, policies, configurations, etc.).
 - **Impact of Loss:** Complete data loss, requiring full restoration to recover functionality.
 - **Backup Guidance:**
    - Use PostgreSQL's native tools ([`pg_dump`](https://www.postgresql.org/docs/current/app-pgdump.html), [`pg_dumpall`](https://www.postgresql.org/docs/current/app-pg-dumpall.html), or [continuous archiving](https://www.postgresql.org/docs/current/continuous-archiving.html)).
    - Exclude system databases: `template0` and `template1`.
 - **Official Documentation:** [PostgreSQL Backup and Restore](https://www.postgresql.org/docs/current/backup.html)
 ### Restore
 - **Restoration Importance:** Essential for full recovery; authentik will not function without it.
 - **Restoration Guidance:**
    - Use PostgreSQL's [`pg_restore`](https://www.postgresql.org/docs/current/app-pgrestore.html) or other official methods.
 ## Redis database
 ### Backup
 - **Role:** Manages temporary data:
    - User sessions (lost data = users must reauthenticate).
    - Pending tasks (e.g., queued emails, outpost syncs).
 - **Impact of Loss:** Service interruptions (e.g., users logged out), but no permanent data loss.
 - **Backup Guidance:**
    - Use Redis' [`SAVE`](https://redis.io/commands/save) or [`BGSAVE`](https://redis.io/commands/bgsave).
 - **Official Documentation:** [Redis Persistence](https://redis.io/docs/management/persistence/)
 ### Restore
 - **Restoration Importance:** Service impact but no permanent data loss.
 - **Restoration Guidance:**
    - Follow [Redis' Import Data Guide](https://redis.io/learn/guides/import#restore-an-rdb-file) to restore an RDB file.
 ## Static directories
 These directories are mounted as volumes in containerized installations and must be restored if they were part of the backup to maintain authentik’s expected functionality.
 | Directory               | Purpose                                                         | Backup and Restore Notes                                                                                                                                                             |
 | ----------------------- | --------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
 | **`/media`**            | Stores application icons, flow backgrounds, and uploaded files. | Only required if not using S3 external storage. External storage should be backed up using the [AWS S3 Sync](https://docs.aws.amazon.com/cli/latest/reference/s3/sync.html) utility. |
 | **`/certs`**            | Stores TLS certificates in the filesystem.                      | Backup if you rely on these certificates present in the filesystem.. Not needed if authentik has already imported them, as certificates are stored in the database.                  |
 | **`/custom-templates`** | Stores custom changes to the authentik UI.                      | Required if you modified authentik's default appearance.                                                                                                                             |
 | **`/blueprints`**       | Stores blueprints.                                              | Optional but recommended if using custom blueprints.                                                                                                                                 |
--- a/website/sidebars.js
+++ b/website/sidebars.js
@ -590,6 +590,7 @@ export default {
                        "sys-mgmt/ops/monitoring",
                        "sys-mgmt/ops/storage-s3",
                        "sys-mgmt/ops/geoip",
                        "sys-mgmt/ops/backup-restore",
                    ],
                },
                {