habsi/authentik
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
1fc91b004b0f965b229e89de5501850953711cdd
authentik/website/docs/sys-mgmt/ops/backup-restore.md
Marc 'risson' Schmitt 593c953ecc website/docs: sessions in database (#13507) 
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
2025-04-29 20:33:48 +02:00

53 lines
3.6 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

---
title: Backup and restore your authentik instance
sidebar_label: Backup & Restore
---
This guide outlines the critical components to back up and restore in authentik.
## PostgreSQL database
### Backup
- **Role:** Stores all persistent data (users, policies, configurations, etc.).
- **Impact of Loss:** Complete data loss, requiring full restoration to recover functionality.
- **Backup Guidance:**
- Use PostgreSQL's native tools ([`pg_dump`](https://www.postgresql.org/docs/current/app-pgdump.html), [`pg_dumpall`](https://www.postgresql.org/docs/current/app-pg-dumpall.html), or [continuous archiving](https://www.postgresql.org/docs/current/continuous-archiving.html)).
- Exclude system databases: `template0` and `template1`.
- **Official Documentation:** [PostgreSQL Backup and Restore](https://www.postgresql.org/docs/current/backup.html)
### Restore
- **Restoration Importance:** Essential for full recovery; authentik will not function without it.
- **Restoration Guidance:**
- Use PostgreSQL's [`pg_restore`](https://www.postgresql.org/docs/current/app-pgrestore.html) or other official methods.
## Redis database
### Backup
- **Role:** Manages temporary data:
- Pending tasks (e.g., queued emails, outpost syncs).
- Cache
- **Impact of Loss:** Temporary performance loss (while cache gets rebuilt), and potential permanent data loss (e.g., queued emails).
- **Backup Guidance:**
- Use Redis' [`SAVE`](https://redis.io/commands/save) or [`BGSAVE`](https://redis.io/commands/bgsave).
- **Official Documentation:** [Redis Persistence](https://redis.io/docs/management/persistence/)
### Restore
- **Restoration Importance:** Service impact but no permanent data loss.
- **Restoration Guidance:**
- Follow [Redis' Import Data Guide](https://redis.io/learn/guides/import#restore-an-rdb-file) to restore an RDB file.
## Static directories
These directories are mounted as volumes in containerized installations and must be restored if they were part of the backup to maintain authentiks expected functionality.
| Directory | Purpose | Backup and Restore Notes |
| ----------------------- | --------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
| **`/media`** | Stores application icons, flow backgrounds, and uploaded files. | Only required if not using S3 external storage. External storage should be backed up using the [AWS S3 Sync](https://docs.aws.amazon.com/cli/latest/reference/s3/sync.html) utility. |
| **`/certs`** | Stores TLS certificates in the filesystem. | Backup if you rely on these certificates present in the filesystem. Not needed if authentik has already imported them, as certificates are stored in the database. |
| **`/custom-templates`** | Stores custom changes to the authentik UI. | Required if you modified authentik's default appearance. |
| **`/blueprints`** | Stores blueprints. | Optional but recommended if using custom blueprints. |
Reference in New Issue View Git Blame Copy Permalink