Data Backup
1. Data Backup Procedure
The state of the Sharemind HI Server is spread into multiple files.
The state is rooted in the Core Enclave state and the Key Enclave state, and from there the other files are referenced.
The Sharemind HI Server upholds the invariant that if a reference to some file is added to an enclave state, then this file has already been persisted to the $DataDir/.
This means, the data can be backed up by first copying the enclave state files, and then copying the rest of the $DataDir/.
Since the Sharemind HI Server periodically writes the enclave state to disk, a special lock file needs to be locked to synchronise the backup procedure with the Sharemind HI Server.
backup_dir="/backup-destination/sharemind-hi-data-dir-$(date -u +%Y-%m-%dT%H_%M_%S%Z)"
mkdir -p "$backup_dir"
# Back up the Enclave State:
flock "$TempDir/enclave-state-saving.LCK" cp -r "$DataDir/enclave-state" "$backup_dir"
# Now back up the rest of the data files:
rsync --progress --recursive \
--exclude "$DataDir/enclave-state" \
"$DataDir/" "$backup_dir"