Management
#
Restart the applicationFrom the root directory of the application, run:
./manage.sh restart
#
Change from a Self Signed certificate to an authority signed certificateIf your start the installation with a self signed certificate and now you want to change it to a new one (signed by an authority), follow these steps:
- Copy your signed certificate here
/etc/gitguardian/nginx/tls/cert.pem
- Copy your associated private key file here
/etc/gitguardian/nginx/tls/cert.key
- Ensure that the permission on the key file are 600
chmod 600 /etc/gitguardian/nginx/tls/cert.key
Now, restart nginx to apply the change, run the command from the root directory of the application:
docker-compose restart nginx
Check the logs to catch any errors:
docker-compose logs -f --tail 20 nginx
If you encounter an issue, please contact our support team.
#
Upgrade the applicationNote: The application won't be available during the upgrade process to avoid database issues.
#
Online modeUse the following command to update the application (when a new version is available):
./manage.sh upgrade
You can choose to backup the application before the upgrade:
./manage.sh upgrade --backup
The application is now updated.
If you encounter an issue, please contact our support team.
#
Offline modeThis mode will only work with offline installation.
Download the latest version of the management CLI and the application:
- Management CLI: https://get.gitguardian.com/manage.sh
- Application tarball: https://get.gitguardian.com/GGC_CLIENT_ID/latest
Replace GGC_CLIENT_ID inside the URL with your value (sent during onboarding).
Upload the files:
- put
manage.sh
inside the root directory of the application - put
gitguardian.latest.enc
insidedownload/
Now you can upgrade the application:
./manage.sh upgrade
You can choose to not backup the application before the upgrade:
./manage.sh upgrade --no-backup
If you encounter an issue, please contact our support team.
#
Change application FQDNTODO
.app file up -d docker compose
#
Backup#
DatabaseWe take care of the database backup with a cron installed during the installation (with the user used for installation).
Backups are scheduled each day regarding the configuration available in /etc/gitguardian/.config
file.
Because backups are stored locally, we highly recommend that you backup with your internal solution the backup directory (${HOME}/gitguardian/backup/postgres/
by default) to an external system (to avoid loosing data in case of loosing the host used).
We also recommend that you backup the configuration directorie (/etc/gitguardian
) and Management audit logs (${HOME}/gitguardian/opslog
). Because this directory contain secrets, you must encrypt the backup to avoid leaking important data.
#
Backup the database manually./ggcli backup-postgres
You can also specify that you do not want to rotate backup file with this new backup:
./mange.sh backup-postgres --no-rotate
#
Restore a backupFirst, list the backup and choose the backup you want to restore:
ls -alh backup/postgrestotal 204Kdrwxr-xr-x 2 root root 246 Sep 4 14:27 .drwxrwxr-x 4 ec2-user ec2-user 36 Sep 2 12:15 ..-rw-r--r-- 1 root root 20 Sep 2 12:19 postgres.dump.20200902_121924.gz-rw-r--r-- 1 root root 39K Sep 2 12:20 postgres.dump.20200902_122035.gz-rw-r--r-- 1 root root 39K Sep 2 13:03 postgres.dump.20200902_130302.gz-rw-r--r-- 1 root root 39K Sep 2 14:29 postgres.dump.20200902_142929.gz-rw-r--r-- 1 root root 39K Sep 2 14:31 postgres.dump.20200902_143147.gz-rw-r--r-- 1 root root 39K Sep 2 14:35 postgres.dump.20200902_143507.gz
Then, launch the restoration by providing the filename:
./manage.sh restore-postgres postgres.dump.20200902_143507.gz
#
Message Broker#
Backup the broker manually./manage.sh backup-broker
You can also specify that you don't want to rotate backup file with this new backup:
./manage.sh backup-broker --no-rotate
#
Restore a backupFirst, list the backup and choose the backup you want to restore:
ls -alh backup/brokertotal 8.0Mdrwxr-xr-x 2 root root 132 Sep 2 12:36 .drwxrwxr-x 4 ec2-user ec2-user 36 Sep 2 12:15 ..-rw-r--r-- 1 root root 2.8M Sep 2 12:29 broker.dump.20200902_122945.tar.gz-rw-r--r-- 1 root root 2.6M Sep 2 12:30 broker.dump.20200902_123020.tar.gz-rw-r--r-- 1 root root 2.7M Sep 2 12:36 broker.dump.20200902_123642.tar.gz
Then, launch the restoration by providing the filename:
./manage.sh restore-broker broker.dump.20200902_123642.tar.gz
#
Management audit logAll management operations are logged in ${HOME}/gitguardian/ops-logs
directory.