We have developed the following process for recovering SFTP Gateway users and configurations. This will be useful in the following cases:
- A region outage requires you to do a cold failover to another region
- You need to migrate or replicate to another region
- An SFTP Gateway instance is accidentally deleted
- You are upgrading from a single SFTP Gateway instance to a high availability stack
Note: The backup and recovery process captures the credentials for both password and SSH key based authentication.
Make sure you test this process thoroughly in your own environment.
Disclaimer: This backup and recovery strategy is intended for standard installations of SFTP Gateway. If you have customized your SFTP Gateway installation(s), please contact us at firstname.lastname@example.org to see if this solution will work for you.
Creating a backup
The SFTP Gateway backup script is a Python script that you install on your SFTP Gateway instance. The script backs up
the following data to a single flat YAML file (and later gets compressed as a
- user properties
- user passwords/keys
- global SFTP Gateway properties
This backup artifact can be imported into a new SFTP Gateway stack to restore settings and configuration.
backup.py script will create a backup file named
sftpgw-backup-YYYY-MM-DD-HH-MM-SS.tar.gz. By default,
this file is saved in the
/opt/sftpgw/backups directory (which gets created if it doesn't already exist).
Run a backup script to generate an artifact
SSH to the
2.000.04server as the
Download the backup script
cd /home/ec2-user/ wget http://www.sftpgateway.com/backup-and-recovery/backup.py
Run the backup script
sudo su python backup.py
Locate the backup artifact
cd /opt/sftpgw/backups/ ls -la
Look for a backup file in the format
This will later be used to recover SFTP Gateway users and configuration.
Move this backup artifact to your home directory
cp -a /opt/sftpgw/backups/sftpgw-*.tar.gz /home/ec2-user/
In a different terminal session, copy this file to your local machine
scp -i <private-key> ec2-user@<ip-address>:/home/ec2-user/sftpgw-*.tar.gz .
Transfer this artifact to the new VM and run a script to restore settings from the artifact
To import SFTP Gateway users and configuration:
Upload the backup artifact to the new server
scp -i <private-key> sftpgw-*.tar.gz ec2-user@<ip-address>:/home/ec2-user/
SSH to the server as the administrator user
ssh -i <private-key> ec2-user@<ip-address>
Download the recovery script:
Run the python recovery script
sudo python recovery.py sftpgw-YYYY-MM-DD-HH-MM-SS.tar.gz
If have the web admin UI open, make sure you hard-refresh the web browser to see the latest changes.
Your new instance will be in the same state as the original instance, including your users and SFTP Gateway configuration.