SSH into you remote server and create a directory.
mkdir ~/passboltGo inside the directory
cd ~/passboltGo to your current server and make a copy of the database used by passbolt
mysqldump -u user -d database ./backup.sqlMake a copy of the public image folder.
sudo cp -r /var/www/passbolt/webroot/img/public ./imagesExport public gpg keys from the web user
sudo -s /bin/bash -c "gpg --export > ./gpg_keys.asc" www-dataExport private gpg keys from the web user
sudo -s /bin/bash -c "gpg --export-secret-keys > ./gpg_secret_keys.asc" www-dataCopy all the files we created on your local computer. Open a terminal on your machine and run:
scp -r <old-server-user>@<old-server-ip>:~/passbolt .If you plan on changing the domain name for your passbolt server you should replace all the references to the old one in the backup.sql file.
sed --in-place "s/old.domain.com/new.domain.com/" passbolt/backup.sqlNow you can copy the folder to the new server.
scp -r passbolt <new-server-user>@<new-server-ip>:~/Connect to new server with SSH.
ssh <new-server-user>@<new-server-ip>Install Passbolt Community Edition following one of the guides listed on this link. Once you have installed passbolt, create the database and setup GnuPG it's time to restore the backups we made.
First import the gpg keys on the web user:
sudo -s /bin/bash -c "gpg --import < ./passbolt/gpg_keys.asc" www-datasudo -s /bin/bash -c "gpg --import-secret-keys < ./passbolt/gpg_secret_keys.asc" www-dataList gpg keys to find out the email address of the server key.
In my case the email is [email protected], you can find out what is yours by executing this command.
sudo -s /bin/bash -c "gpg --list-secret-keys --fingerprint" www-dataThen you should copy the server key inside a file called serverkey_private.asc in the /config/gpg folder.
sudo -s /bin/bash -c "sudo gpg --armor --export-secret-keys [email protected] | sudo tee /var/www/passbolt/config/gpg/serverkey_private.asc" www-dataDo it also for the public key.
sudo -s /bin/bash -c "sudo gpg --armor --export [email protected] | sudo tee /var/www/passbolt/config/gpg/serverkey.asc" www-dataMake sure that the new key files belong to the web user.
sudo chown -R www-data:www-data /var/www/passbolt/config/gpgNow it's time to restore the database:
mysql -u passbolt -d passbolt -p < ./passbolt/backup.sqlOnce that's done you can check if everything is ok by running the passbolt healthcheck command.
sudo su -s /bin/bash -c "/var/www/passbolt/bin/cake passbolt healthcheck" www-dataIf passbolt says that there are some pending migrations you can run the following command.
sudo su -s /bin/bash -c "/var/www/passbolt/bin/cake passbolt migrate" www-dataYou can find out about more passbolt commands by passing the --help flag the passbolt cli tool.
sudo su -s /bin/bash -c "/var/www/passbolt/bin/cake passbolt --help" www-dataFinally you can copy the images from the old server inside /var/www/passbolt/webroot/img/public.
sudo cp -f -r ./passbolt/images/** /var/www/passbolt/webroot/img/public/Then change the owner of the public folder to the web user.
sudo chown -R www-data:www-data /var/www/passbolt/webroot/img/publicNow you should be able to connect to your new server at new.domain.com, login with your old credentials and see all the data.
Once you have verified that everything is good you should clean up all the temporary files we created along the way, especially the gpg keys.
Hi,
thanks for your tutorial. The tutorial has a small error: gpg import command's > has wrong direction (needs to be "<")