Skip to content

Backup and restore the Nanitor Server

Introduction

In order to fully backup a Nanitor server both the database and data directories need to be backup and put into an NBA archive (Nanitor Backup Archive). This archive can then be stored anywhere for example in an encrypted S3 bucket. The Nanitor product both create a toolset to backup an installation into an NBA and also to restore the NBA to a fresh Nanitor server.

What is backed up?

  • PostgreSQL database
  • Data directory (/var/lib/nanitor/server)
  • /etc/nanitor

How do I backup a Nanitor server?

First we need to choose a directory where Nanitor writes the output, there has to be been space available on that partition to write the NBA. In this case we choose /var/lib because we know there is enough space there.

sudo mkdir -p /var/lib/nanitor/backups
sudo chown nanitor:nanitor /var/lib/nanitor/backups
sudo /usr/lib/nanitor-server/bin/nanitor-server-ctl backup --output_dir /var/lib/nanitor/backups

This can take a while, depending on how big the Nanitor installation is, for thousands of devices it can take a long time to complete as the pg_dump command will take a while to run. In our case according to the command output we have a file created /var/lib/nanitor/backups/nanitor-server_backup_20230109133804.tgz.

Restore process

In order to restore an NBA on a fresh Debian 11 server we need the following:

  • Sudo
  • Debian 11 (Bullseye)
  • PostgreSQL 13
  • Nanitor Server (latest stable version)
sudo apt update && sudo apt upgrade -y
sudo apt install -y sudo postgresql postgresql-contrib python2 nginx
curl -sL -o /tmp/nanitor-server.deb https://hub.nanitor.com/files/deb/nanitor-server.deb && sudo apt install -y /tmp/nanitor-server.deb

Upload /path/to/nanitor-server_backup_20230109133804.tgz to the restoration server, in this example we use /root/nanitor-server_backup_20230109133804.tgz

sudo /usr/lib/nanitor-server/bin/nanitor-server-ctl restore --path /root/nanitor-server_backup_20230109133804.tgz
sudo /usr/lib/nanitor-server/bin/nanitor-server-ctl systemctl_start
sudo /usr/lib/nanitor-server/bin/nanitor-server-ctl systemctl_enable
sudo cp -f /usr/lib/nanitor-server/share/nginx.conf /etc/nginx/conf.d/nanitor.conf
sudo systemctl enable nginx
sudo systemctl start nginx

Wipe out an existing Nanitor instance - Clean-up after previous restores

ALERT: This will wipe an existing Nanitor instance, so make sure you do not run this against a production machine, and that you have a backup of this server, only do this if you know what you are doing.

If you want to restore it again, after having unsuccessfully restored before and need to clean-up you can do the following:

sudo /usr/lib/nanitor-server/bin/nanitor-server-ctl systemctl_stop
sudo /usr/lib/nanitor-server/bin/nanitor-server-ctl systemctl_disable

cd /tmp/
sudo -u postgres -H dropdb nanitor 2>/dev/null || echo ""
sudo -u postgres -H dropuser nanitor 2>/dev/null || echo ""
sudo rm -rf /etc/ssl/local
sudo rm -rf /var/lib/nanitor/server