# Semaphore Backup Guide

### Introduction

The Semaphore backup process provides regular secure backups. In summary the playbook:

1. Manages retention based on your preferences, e.g. deletes backups older than 14 days old
2. Backs up and encrypts the `/netos/` directory, which contains many important things, such as: 
    1. Certificates (for NGINX)
    2. Past NetBox plugin ZIP file downloads
    3. Working directories for other applications and tools
    4. Backups (which are excluded from the backup)
3. Backs up the `/etc/nginx/` directory, which contains all the site configurations for different services deployed by Semaphore, such as Semaphore itself, NetBox, Airflow, etc.
4. Backs up and encrypts the `semaphore` MySQL database
5. Optionally SFTP's the backup files to a secure remote SFTP server

<p class="callout warning">The Semaphore process and MySQL database is NOT stopped during the backup.</p>

<p class="callout info">Semaphore uses MySQL and not PostgreSQL to ensure isolation from other applications running on the server. For example, NetBox and Airflow both use PostgreSQL, and if/when those databases are restarted, we don't want to impact the management wrapper, i.e. Semaphore.</p>

[![image.png](https://docs.netos.io/uploads/images/gallery/2024-09/scaled-1680-/BpmpEdNxToUlhzMq-image.png)](https://docs.netos.io/uploads/images/gallery/2024-09/BpmpEdNxToUlhzMq-image.png)

#### Cron Scheduling

The cron scheduler in Semaphore can be configured to backup the database at regular intervals, for example, at 02:30 every day. You can check the Dashboard page in the menu, or the task history to check the outcomes.

[![image.png](https://docs.netos.io/uploads/images/gallery/2024-09/scaled-1680-/DI7BGh1hXSbuRQV4-image.png)](https://docs.netos.io/uploads/images/gallery/2024-09/DI7BGh1hXSbuRQV4-image.png)

<p class="callout danger">Note that there is a [bug in Ansible Semaphore UI](https://github.com/semaphoreui/semaphore/issues/2294) that causes the same task to run many times. The solution is to toggle the "Show cron format' button and use UNIX formatting like [here](https://crontab.guru/examples.html).</p>

#### Backup File Rotation

You can set the retention period for backup files stored in `/netos/backups/semaphore` in the Environment / variables.

[![image.png](https://docs.netos.io/uploads/images/gallery/2024-09/scaled-1680-/I7qTqLeJUd1iBe97-image.png)](https://docs.netos.io/uploads/images/gallery/2024-09/I7qTqLeJUd1iBe97-image.png)

<p class="callout warning">Ensure you use the exact values of `days` or `weeks`, i.e. no capitals.</p>

#### Remote SFTP

To enable remote SFTP, change the `No` value in the `SFTP_ENABLED` variable to `Yes`, and set the `SFTP_HOST/USER/PASS` values accordingly.

[![image.png](https://docs.netos.io/uploads/images/gallery/2024-09/scaled-1680-/3awswy7kg8nXnZKA-image.png)](https://docs.netos.io/uploads/images/gallery/2024-09/3awswy7kg8nXnZKA-image.png)

An example of the encrypted backup folder contents is as follows:

[![image.png](https://docs.netos.io/uploads/images/gallery/2024-09/scaled-1680-/NM1VMW4eJ75DdGYM-image.png)](https://docs.netos.io/uploads/images/gallery/2024-09/NM1VMW4eJ75DdGYM-image.png)