Disaster recovery process
Depending on the nature of the disaster you may need to follow different processes. This section covers a few disaster recovery scenarios.
Loss of Bolt project
Use this process to recover a backed-up Bolt project.
- Restore the Bolt project from version control.
- Restore the private key from its separate secure storage.
Loss of Security Compliance Management installation
Use this process to restore the Security Compliance Management host from a backup file.
If you are restoring Security Compliance Management onto a new host,
update the following items in your Bolt project before running the
install plan:
- Update all targets and the
resolvable_hostname
in data/common.yaml to the new hostname. - Update inventory.yaml to the new target host information.
- Create a new Security Compliance Management installation. From the
Bolt project directory, run:
bolt plan run complyadm::install
Select "yes" when prompted to use the existing Hiera data.
- Copy the tarball of the most recent backup into /var/lib/puppetlabs/comply/backups on the new target host.
- Restore the backup using:
bolt plan run complyadm::restore <backup_filename>
- Configure the TLS and MTLS certs for the new system by running the configure
plan and selecting the relevant configuration items. From the root of your
Security Compliance ManagementPuppet Bolt project run:
bolt plan run complyadm::configure