"Not a Pentest" Trust-Anker: Dieser Guide dient der Absicherung durch zuverlässige Backup- und Recovery-Strategien. Keine Angriffswerkzeuge.
Moltbot Backup & Disaster Recovery
Resilienz gegen Ausfälle, Datenverlust und Ransomware — mit definierten RTO/RPO-Zielen, automatisierten Backups und getesteten DR-Prozessen.
📊 RTO/RPO Ziele für Moltbot
| Tier | Service | RTO | RPO | Backup Freq. |
|---|---|---|---|---|
| T1 | Auth Service | 5 Min | 1 Min | Continuous |
| T1 | Database (Primary) | 15 Min | 5 Min | WAL Streaming |
| T2 | API Gateway | 30 Min | 15 Min | Stündlich |
| T2 | Redis Cache | 30 Min | 0 (rebuild) | Täglich |
| T3 | File Storage | 4 Std | 1 Std | Stündlich |
| T3 | Analytics DB | 24 Std | 24 Std | Täglich |
🗄️ Automatisiertes PostgreSQL Backup
#!/bin/bash
# moltbot-backup.sh — Automatisiertes PostgreSQL Backup
set -euo pipefail
BACKUP_DIR="/backups/postgres"
DB_URL="$DATABASE_URL"
TIMESTAMP=$(date +%Y%m%d_%H%M%S)
BACKUP_FILE="$BACKUP_DIR/moltbot_$TIMESTAMP.sql.gz"
RETENTION_DAYS=30
# 1. Backup erstellen
echo "[INFO] Starting backup: $BACKUP_FILE"
pg_dump "$DB_URL" | gzip > "$BACKUP_FILE"
# 2. Integrität prüfen
gunzip -t "$BACKUP_FILE" || { echo "[ERROR] Backup corrupt!"; exit 1; }
echo "[INFO] Backup integrity OK ($(du -h $BACKUP_FILE | cut -f1))"
# 3. Verschlüsselt in Cloud Storage hochladen
aws s3 cp "$BACKUP_FILE" \
"s3://moltbot-backups/postgres/$TIMESTAMP/" \
--server-side-encryption aws:kms \
--sse-kms-key-id "$AWS_KMS_KEY_ID"
# 4. Alte Backups löschen (Retention)
find "$BACKUP_DIR" -name "*.sql.gz" -mtime +$RETENTION_DAYS -delete
aws s3 ls s3://moltbot-backups/postgres/ | \
awk '{print $4}' | \
head -n -$RETENTION_DAYS | \
xargs -I{} aws s3 rm "s3://moltbot-backups/postgres/{}"
echo "[SUCCESS] Backup completed: $BACKUP_FILE"