Skip to content

SnapShooter Backups

Native Backups

SnapShooter 'native' backups are backups that happen through the cloud provider directly, in our case Digital Ocean. See Native Snapshots/Backups for more details.

While we use SnapShooter native backups, by themselves they are not sufficient to meet our requirements of: 1. Client data not leaving the UK 2. Backups being stored in a different physical location

This is because Digital Ocean only have one UK data centre.

Connect Digital Ocean Account to SnapShooter

This step shouldn't be necessary, as there is already a Digital Ocean account connected.

But if there isn't already a Digital Ocean account connected then in SnapShooter go to DigitalOcean > Accounts > Connect New DigitalOcean Account and follow the instructions.

This will bring the Droplets and Volumes from our Digital Ocean account into SnapShooter.

Droplet Backup

In SnapShooter, navigate to Digital Ocean > Droplets > Inactive.

Click Activate on the droplet.

Different servers may have different backup requirements, but these are our current settings: - Backup every 3 hours - Keep 21 'Every 3 Hours' backups - Keep 7 daily backups - Keep 2 weekly backups - Leave monthly backups blank - No replication (since there is only one UK Digital Ocean data centre)

Volume Backup

In SnapShooter, navigate to Digital Ocean > Volumes > Inactive.

Click Activate on the volume.

Different volumes may have different backup requirements, but these are our current settings: - Backup every 3 hours - Keep 21 'Every 3 Hours' backups - Keep 7 daily backups - Keep 2 weekly backups - Leave monthly backups blank - (There is no replication option for volumes)

S3 Backups

Create S3 Bucket & Connect to SnapShooter

Follow the instructions here to create an S3 bucket and add it as external storage to SnapShooter: How to Use Other Storage Providers with SnapShooter | DigitalOcean Documentation

Important settings to note: - Ensure that Block all public access and Encrypt bucket are checked when creating the S3 bucket - Ensure that the S3 bucket is in the eu-west-2, Europe (London) data centre

Add Server to SnapShooter

Allow SnapShooter firewall access to port 22

Find the SnapShooter IP addresses here: SnapShooter SSH IP Address Allowlist | DigitalOcean Documentation

In Digital Ocean, add an allow rule for incoming connections from these IP addresses to the server.

On the server

Before running the script given by SnapShooter, you must first create a new user on the server. The SnapShooter script adds its own key to the authorized_keys file of the user you run the script as. Do not run this script as root.

  1. Create new user for SnapShooter: useradd -m -d /home/snapshooter -s /bin/bash snapshooter
  2. Switch to SnapShooter user: sudo -i -u snapshooter
  3. In SnapShooter, navigate to My Resources > Servers > Connect Server
  4. As the snapshooter user, on the server run the curl -sSL "https://ingestor.snapshooter.com/api/server/add?..." given by SnapShooter
  5. SnapShooter should redirect you to the server page automatically

Create Backup Job

In SnapShooter:

  1. Navigate to Backups > Backup Jobs > Create New Job
  2. Select the type of backup
  3. Select Own Compute (SnapShooter's own servers are outside the UK)
  4. Select the server to be backed up
  5. Enter the relevant config settings to allow SnapShooter to connect to the server
  6. Select the connected S3 storage

Different servers may have different backup requirements, but these are our current settings: - Backup every 3 hours - Keep 21 'Every 3 Hours' backups - Keep 7 daily backups - Keep 2 weekly backups - Leave monthly backups blank

After the backup job is created, on the backup job page, select Enable Encryption.

Select the app-backup encryption key and confirm the statements.

Restoring From Backup

Restoring Using SnapShooter

Follow these instructions: How to Restore Backups | DigitalOcean Documentation

Restoring Manually

Each backup in S3 has an accompanying manual_restore.txt file containing instructions for manually restoring. The private key referenced in the instructions is on SharePoint in Operations > 02 Infrastructure, IT and Software > Infrastructure > App > Keys.

Last modified by: Unknown