Complete guide for using the MCP SSH Manager backup and restore system.
The backup system provides automated backup and restore capabilities for:
- MySQL databases
- PostgreSQL databases
- MongoDB databases
- Files and directories
- Scheduled automatic backups
All backups are compressed by default, include metadata for easy management, and support automatic retention policies.
Create a one-time backup of a database or files.
Parameters:
server(string, required) - Server nametype(enum, required) - Backup type:mysql,postgresql,mongodb,filesname(string, required) - Backup name (e.g., "production", "app-data")database(string, optional*) - Database name (*required for db types)dbUser(string, optional) - Database usernamedbPassword(string, optional) - Database passworddbHost(string, optional) - Database host (default: localhost)dbPort(number, optional) - Database portpaths(array, optional*) - File paths to backup (*required for files type)exclude(array, optional) - Patterns to exclude from backupbackupDir(string, optional) - Backup directory (default:/var/backups/ssh-manager)retention(number, optional) - Retention period in days (default: 7)compress(boolean, optional) - Compress backup (default: true)
Returns:
{
"success": true,
"backup_id": "mysql_production_2025-10-01T10-30-45-000Z_abc123de",
"type": "mysql",
"size": 52428800,
"size_human": "50.00 MB",
"location": "/var/backups/ssh-manager/mysql_production_2025-10-01T10-30-45-000Z_abc123de.gz",
"metadata_path": "/var/backups/ssh-manager/mysql_production_2025-10-01T10-30-45-000Z_abc123de.meta.json",
"created_at": "2025-10-01T10:30:45.000Z",
"retention_days": 7
}List all available backups on a server.
Parameters:
server(string, required) - Server nametype(enum, optional) - Filter by type:mysql,postgresql,mongodb,filesbackupDir(string, optional) - Backup directory (default:/var/backups/ssh-manager)
Returns:
{
"success": true,
"count": 3,
"backups": [
{
"id": "mysql_production_2025-10-01T10-30-45-000Z_abc123de",
"type": "mysql",
"created_at": "2025-10-01T10:30:45.000Z",
"database": "myapp_prod",
"paths": [],
"size": 52428800,
"size_human": "50.00 MB",
"compressed": true,
"retention_days": 7,
"status": "completed"
}
]
}Restore from a previous backup.
Parameters:
server(string, required) - Server namebackupId(string, required) - Backup ID to restoredatabase(string, optional) - Target database name (overrides original)dbUser(string, optional) - Database usernamedbPassword(string, optional) - Database passworddbHost(string, optional) - Database hostdbPort(number, optional) - Database porttargetPath(string, optional) - Target path for files restore (default: /)backupDir(string, optional) - Backup directory
Returns:
{
"success": true,
"backup_id": "mysql_production_2025-10-01T10-30-45-000Z_abc123de",
"type": "mysql",
"restored_at": "2025-10-01T14:15:30.000Z",
"original_created": "2025-10-01T10:30:45.000Z",
"database": "myapp_prod",
"paths": []
}Schedule recurring backups using cron.
Parameters:
server(string, required) - Server nameschedule(string, required) - Cron schedule (e.g.,"0 2 * * *"for daily at 2 AM)type(enum, required) - Backup typename(string, required) - Backup namedatabase(string, optional) - Database name (for db types)paths(array, optional) - Paths to backup (for files type)retention(number, optional) - Retention in days (default: 7)
Returns:
{
"success": true,
"name": "production",
"schedule": "0 2 * * *",
"type": "mysql",
"database": "myapp_prod",
"paths": [],
"retention_days": 7,
"script_path": "/usr/local/bin/ssh-manager-backup-production.sh",
"next_run": "Use crontab -l to see next run time"
}"Create a MySQL backup of the production database"
The AI will use:
{
"server": "production",
"type": "mysql",
"name": "prod-db",
"database": "myapp_prod",
"dbUser": "backup_user",
"dbPassword": "secure_password"
}"Backup PostgreSQL database and keep it for 30 days"
{
"server": "staging",
"type": "postgresql",
"name": "staging-db",
"database": "myapp_staging",
"retention": 30
}"Backup the /var/www/html directory, excluding cache and logs"
{
"server": "web01",
"type": "files",
"name": "website-files",
"paths": ["/var/www/html"],
"exclude": ["cache/*", "*.log"]
}"List all MySQL backups on production server"
{
"server": "production",
"type": "mysql"
}"Restore backup mysql_production_2025-10-01T10-30-45-000Z_abc123de"
{
"server": "production",
"backupId": "mysql_production_2025-10-01T10-30-45-000Z_abc123de"
}"Schedule daily MySQL backup of production database at 2 AM"
{
"server": "production",
"schedule": "0 2 * * *",
"type": "mysql",
"name": "daily-prod",
"database": "myapp_prod",
"retention": 7
}Common cron schedule examples:
| Schedule | Description |
|---|---|
0 2 * * * |
Daily at 2:00 AM |
0 */6 * * * |
Every 6 hours |
0 0 * * 0 |
Weekly on Sunday at midnight |
0 3 1 * * |
Monthly on the 1st at 3:00 AM |
0 1 * * 1-5 |
Weekdays at 1:00 AM |
*/30 * * * * |
Every 30 minutes |
- Uses
mysqldumpwith--single-transactionfor consistent backups - Includes routines and triggers
- No table locking for InnoDB tables
- Compressed with gzip
Connection options:
- Default host:
localhost - Default port:
3306 - Supports password-based auth (not recommended for production)
- Tip: Use SSH keys for secure automation
- Uses
pg_dumpwith custom format - Includes
--cleanand--if-existsfor safe restores - Compressed with gzip
- Uses
PGPASSWORDenvironment variable
Connection options:
- Default host:
localhost - Default port:
5432 - Use
.pgpassfile for passwordless automation
- Uses
mongodumpfor database dumps - Creates directory structure, then archives with tar
- Compressed with gzip
- Supports authentication
Connection options:
- Default host:
localhost - Default port:
27017 - Tip: Use
--authenticationDatabaseif needed
- Uses
tarwith gzip compression - Supports multiple paths in single backup
- Exclude patterns use tar's
--excludesyntax - Preserves permissions and ownership
- Follows symlinks by default
Exclude pattern examples:
*.log- All log filescache/*- Everything in cache directoriesnode_modules/- Node modules directory*.tmp- All temporary files
The backup system integrates with the hooks system:
-
pre-backup - Before backup starts
// Context: { server, type, database, paths } -
post-backup - After backup completes
// Context: { server, backupId, type, size, success, error } -
pre-restore - Before restore starts
// Context: { server, backupId, type, database } -
post-restore - After restore completes
// Context: { server, backupId, type, success, error }
Create .ssh-manager/hooks/post-backup.sh:
#!/bin/bash
# Send Slack notification after backup
if [ "$HOOK_success" = "true" ]; then
curl -X POST -H 'Content-type: application/json' \
--data "{\"text\":\"✅ Backup completed: $HOOK_backupId ($HOOK_size_human)\"}" \
https://hooks.slack.com/services/YOUR/WEBHOOK/URL
fi- Never store passwords in code - Use environment variables or
.envfiles - Use SSH keys for automated backups instead of passwords
- Restrict backup directory permissions:
chmod 700 /var/backups/ssh-manager - Encrypt sensitive backups - Add GPG encryption for critical data
- Development: 3-7 days retention
- Staging: 7-14 days retention
- Production: 30+ days retention
- Compliance: Consider regulatory requirements (GDPR, HIPAA, etc.)
- Test restores regularly - Monthly restore tests minimum
- Verify backup integrity - Check file sizes and metadata
- Document restore procedures - Keep runbooks updated
- Monitor backup success - Set up alerts for failures
- Monitor disk space - Ensure adequate space for retention period
- Use compression - Saves 60-80% space typically
- Consider remote storage - Sync backups to S3/cloud storage
- Implement 3-2-1 rule - 3 copies, 2 different media, 1 offsite
- Avoid peak hours - Schedule during low-traffic periods
- Stagger backups - Don't backup all servers simultaneously
- Consider backup windows - Large databases may take hours
- Monitor backup duration - Track and optimize slow backups
Solution: Ensure backup directory exists and is writable
sudo mkdir -p /var/backups/ssh-manager
sudo chown $(whoami):$(whoami) /var/backups/ssh-manager
sudo chmod 700 /var/backups/ssh-managerSolution: Check user permissions
GRANT SELECT, LOCK TABLES, SHOW VIEW ON myapp_prod.* TO 'backup_user'@'localhost';
FLUSH PRIVILEGES;Solution: Create target database first
CREATE DATABASE myapp_restored CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;Solution: Check cron logs and permissions
# View cron logs
sudo tail -f /var/log/syslog | grep CRON
# Check if script is executable
ls -la /usr/local/bin/ssh-manager-backup-*.sh
# Test script manually
sudo /usr/local/bin/ssh-manager-backup-production.shSolutions:
- Verify compression is enabled (
compress: true) - Exclude unnecessary tables or files
- Consider incremental backups (manual implementation)
- Archive old data before backup
"List all backups on production server"
"Execute 'crontab -l' on production"
"Execute 'df -h /var/backups' on production"
"Execute 'du -sh /var/backups/ssh-manager' on production"
- Deployment Guide - Deployment workflows
- Aliases & Hooks - Automation and hooks
- Main README - Getting started
-
Create backup before deployment:
"Backup production MySQL database before deployment" -
Deploy changes:
"Deploy latest code to production" -
If rollback needed:
"List MySQL backups and restore the latest one"
-
List available backups:
"List all backups on production server" -
Restore most recent backup:
"Restore backup [backup-id-here]" -
Verify restoration:
"Run database integrity check on production"
Need help? Open an issue on GitHub