Backup & Restore
What to back up, how to restore it, and how to avoid losing encrypted data.
What to back up
| Data | Where it lives | Criticality |
|---|---|---|
| Playbooks, inventories, executions | PostgreSQL | High |
| SSH keys and vault passwords | PostgreSQL, encrypted | High |
| ENCRYPTION_KEY | Deployment secrets | Critical |
| AUTH_SECRET | Deployment secrets | High |
| Deployment config | Compose/Coolify/project settings | High |
Danger
A database backup without the matching
ENCRYPTION_KEY cannot recover encrypted credentials.Backing up PostgreSQL
Docker Compose
bash
docker compose exec postgres pg_dump -U postgres sculptops > backup.sqlExternal PostgreSQL
bash
pg_dump "$DATABASE_URL" > backup.sqlBacking up secrets
Store production secrets in a deployment secret manager. At minimum, preserve ENCRYPTION_KEY, AUTH_SECRET, and the database connection configuration.
Restoring
- Stop the application service.
- Restore the PostgreSQL backup.
- Restore the same deployment secrets, especially
ENCRYPTION_KEY. - Start the application service.
- Verify that playbooks, inventories, SSH key names, and execution history are visible.
Warning
Do not run two production instances against the same database unless you have planned the migration carefully.