Disaster recovery process

Depending on the nature of the disaster you may need to follow different processes. This section covers a few disaster recovery scenarios.

Loss of Bolt project

Use this process to recover a backed-up Bolt project.

  1. Restore the Bolt project from version control.
  2. Restore the private key from its separate secure storage.

Loss of Security Compliance Management installation

Use this process to restore the Security Compliance Management host from a backup file.

If you are restoring Security Compliance Management onto a new host, update the following items in your Bolt project before running the install plan:
  • Update all targets and the resolvable_hostname in data/common.yaml to the new hostname.
  • Update inventory.yaml to the new target host information.
  1. Create a new Security Compliance Management installation. From the Bolt project directory, run:
    bolt plan run complyadm::install

    Select "yes" when prompted to use the existing Hiera data.

  2. Copy the tarball of the most recent backup into /var/lib/puppetlabs/comply/backups on the new target host.
  3. Restore the backup using:
    bolt plan run complyadm::restore <backup_filename>
  4. Configure the TLS and MTLS certs for the new system by running the configure plan and selecting the relevant configuration items. From the root of your Security Compliance ManagementPuppet Bolt project run: 
    bolt plan run complyadm::configure