DO Server Config Backup & Restore

Weekly backup of the DigitalOcean production server (orbis, 165.22.1.228).
CyberPanel/OpenLiteSpeed, Ubuntu 24.04, 48GB disk.

---

What's Backed Up

Directory	Source	Contents
scripts/	/usr/local/bin/	jarvis-deploy, jarvis-watchdog, jarvis-backup, jarvis-agent, ttg-backup
systemd/	/etc/systemd/system/	jarvis-agent.service, fastapi_ssh_server.service
wireguard/	/etc/wireguard/	wg0.conf (VPN hub for home network), other WG profiles
network/	/etc/netplan/	50-cloud-init.yaml, hosts, hostname
cron/	crontab -l	root_custom (JARVIS lines), root_full (everything)
ssh/	/root/.ssh/	authorized_keys, id_rsa.pub (no private keys)
ols-vhosts/	/usr/local/lsws/conf/vhosts/	All 8 site OLS vhost configs
mysql/	/root/.my.cnf	MySQL root credentials, database list
infra/	/opt/infra/	DO infra repo snapshot
smtp-docs/	/opt/smtp-for-websites/	CyberMail SMTP config docs

Backup schedule: Every Sunday at 4:00 AM
Log: /var/log/do-server-backup.log
Manual trigger: /usr/local/bin/do-server-backup

---

Sites on This Server

Domain	GitHub Repo	DB
jarvis.orbishosting.com	myronblair/jarvis	jarvis_db
tomsjavajive.com	myronblair/tomsjavajive	toms_tjj_db
epictravelexpeditions.com	myronblair/epictravelexpeditions	epic_epic_db
parkerslingshot.epictravelexpeditions.com	myronblair/parkerslingshot	epic_parkersling
parkerslingshotrentals.com	myronblair/parkerslingshotrentals	parker_db
orbishosting.com	myronblair/orbishosting	—
orbis.orbishosting.com	myronblair/orbis-hosting-portal	—
tomtomgames.com	myronblair/tomtomgames	tomt_ttg_db

GitHub PAT: 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 (expires ~2026-08-20)

---

What Is NOT Backed Up Here

Item	Location / Notes
Website files	All in GitHub repos — git pull on restore
Databases	Backed up daily by jarvis-backup.sh → /var/backups/jarvis/
SSL certs	/etc/letsencrypt/ — re-issue via CyberPanel after restore
Gitignored configs	api/config.php files — must recreate manually (see DB creds below)
SSH private key	/root/.ssh/id_rsa — regenerate or restore from secure storage
CyberPanel itself	Reinstall via sh <(curl https://cyberpanel.net/install.sh)
composer binary	Reinstall: `curl -sS https://getcomposer.org/installer

---

Disaster Recovery — Full Server Rebuild

Estimated time: 60–90 minutes

Step 1 — Create new DigitalOcean Droplet

• Region: Same as original (NYC3 / SFO3 — check DO console)
• Image: Ubuntu 24.04 LTS
• Size: At minimum 4GB RAM, 80GB disk (original was 4vCPU/8GB/160GB)
• Add SSH key from your local machine

Step 2 — Clone this repo

apt update && apt install -y git
git clone https://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@github.com/myronblair/do-server-config.git /opt/do-server-config
bash /opt/do-server-config/restore.sh

The restore script is interactive — it walks you through each phase and asks before applying each section.

Step 3 — DNS Update (if IP changed)

If the new droplet has a different IP, update DNS before or immediately after:

• Cloudflare → DNS → Update A records for all domains
• Also update GitHub webhook URLs if they use IP directly (they don't — they use jarvis.orbishosting.com which is behind Cloudflare)

Step 4 — Database Restore

Databases are in daily backups at /var/backups/jarvis/. If restoring to a new server:

# Copy the latest backup from old server (if still accessible)
scp root@165.22.1.228:/var/backups/jarvis/jarvis_backup_YYYY-MM-DD_*.tar.gz /tmp/

# Extract and restore
cd /tmp && tar -xzf jarvis_backup_*.tar.gz
# Then for each database:
mysql -u root -p jarvis_db     < sql/jarvis_db.sql
mysql -u root -p toms_tjj_db   < sql/toms_tjj_db.sql
mysql -u root -p tomt_ttg_db   < sql/tomt_ttg_db.sql
mysql -u root -p epic_epic_db  < sql/epic_epic_db.sql
mysql -u root -p epic_parkersling < sql/epic_parkersling.sql
mysql -u root -p parker_db     < sql/parker_db.sql

You'll need to create the DB users first:

CREATE USER 'jarvis_user'@'localhost' IDENTIFIED BY 'J4rv1s_Pr0t0c0l_2026!';
GRANT ALL ON jarvis_db.* TO 'jarvis_user'@'localhost';
-- repeat for each DB user

Step 5 — Recreate Gitignored Configs

After pulling website code, create these manually:

/home/jarvis.orbishosting.com/api/config.php — Contains all JARVIS credentials (Groq API key, Ollama URL, GitHub PAT, JARVIS DB credentials, ElevenLabs key, etc.)

/home/tomsjavajive.com/config/database.php — TJJ DB credentials

/home/epictravelexpeditions.com/api/config.php — Epic/Parker credentials

Reference: api/config.php.example or config/database.php.example in each repo.

---

Key Credentials Quick Reference

Service	User	Password
Root SSH	root	Gonewalk1974!@#
CyberPanel admin	admin	(set during reinstall)
MySQL root	root	Z9Of4NVs6ji74x (see mysql/my.cnf)
jarvis_db	jarvis_user	J4rv1s_Pr0t0c0l_2026!
toms_tjj_db	toms_tjj_user	+60wlPc+55e@gFq4
tomt_ttg_db	tomt_ttg_user	q#q+mrOcozsa7I6J
epic_parkersling	epic_parkersling	Joker1974!!!

---

WireGuard VPN (wg0)

The DO server is the VPN hub for the home network tunnel:

• wg0 on DO: 10.201.0.1/24, ListenPort 51820
• Peer: Alpine LXC CT110 on home network → 10.201.0.2/32
• Traffic flows: CT110 → DO for MediaStack VPN exit

Config is in wireguard/wg0.conf. Keys are included (this is a private repo).

---

Architecture Notes

• CyberPanel/OLS manages PHP-FPM, virtual hosts, SSL, DNS (PowerDNS), mail (Postfix)
• Cloudflare is in front of all public sites — DNS proxy mode, Rocket Loader ON (breaks inline JS — Cache-Control: no-transform header is the fix)
• JARVIS webhooks at /home/jarvis.orbishosting.com/public_html/webhook.php handle auto-deploys for all 8+ GitHub repos
• Deploy queue /tmp/jarvis-deploy-queue.txt processed by jarvis-deploy.sh every minute
• Watchdog jarvis-watchdog.sh runs every 5 min — restarts lsws/mysql/redis if down, inserts alerts to DB
• Daily DB backup jarvis-backup.sh runs at 2am → /var/backups/jarvis/ (7-day retention)
• JARVIS agent registers this server with JARVIS monitoring dashboard

---

After Restore — Verify Services

systemctl status lsws mysql redis jarvis-agent
crontab -l
wg show
curl -sk https://jarvis.orbishosting.com/api.php?action=ping
tail -f /home/jarvis.orbishosting.com/logs/watchdog.log