Weave Code
Laravel Backup Server Laravel Package
spatie/laravel-backup-server
Securely store and manage backups from multiple Laravel apps on a dedicated backup server. Built on spatie/laravel-backup, it automatically receives and organizes incoming backups, with setup and docs tailored for Laravel deployments.
Technical Evaluation
Architecture Fit
- Centralized Backup Orchestration: The package excels as a dedicated backup server for Laravel applications, consolidating backups from multiple distributed sources (e.g., microservices, staging/production environments) into a single, secure repository. This aligns well with multi-tenant SaaS architectures or monolithic-to-microservices migrations where decentralized backups are problematic.
- Extensibility: Built on Laravel’s ecosystem, it integrates seamlessly with Laravel’s task scheduling, notifications, and event-driven workflows. The use of Eloquent models for
SourceandDestinationenables customization via migrations, policies, or observers. - Hybrid Backup Strategy: Combines file-level backups (rsync) with pre/post-command hooks (e.g., database dumps), making it suitable for hybrid architectures where some data is file-based (e.g., uploads) and other data requires DB backups (handled externally via hooks).
- Hard Link Deduplication: Reduces storage overhead by leveraging filesystem hard links, which is critical for cost-sensitive deployments (e.g., cloud storage tiers).
Integration Feasibility
- Laravel-Centric: Requires a Laravel backend (v8+) but can act as a centralized service for non-Laravel systems via SSH/rsync (though Laravel-specific features like notifications or events won’t apply).
- SSH Dependency: Sources must be SSH-accessible, which may require VPN, bastion hosts, or IAM roles for secure cross-cloud/on-prem backups.
- Storage Backend: Relies on Laravel’s
filesystemconfig (e.g., S3, local disks, NFS). Cloud storage compatibility (e.g., S3, GCS) is supported but may introduce latency or cost for frequent backups. - Database Backups: Does not natively backup databases—requires external tools (e.g.,
mysqldump,pg_dump) viapre_backup_commands. This is a critical gap for full-stack backups.
Technical Risk
| Risk Area | Mitigation Strategy |
|---|---|
| SSH Key Management | Use Laravel Forge, Envoyer, or HashiCorp Vault for secure key rotation. |
| Storage Costs | Monitor used_storage via backup-server:list and set retention policies. |
| Backup Corruption | Implement checksum validation (e.g., rsync --checksum) in post_backup_commands. |
| Performance Bottlenecks | Test with backup_size_calculation_timeout_in_seconds for large backups. |
| Vendor Lock-in | Abstract Source/Destination logic via interfaces for future migration. |
| Notification Spam | Use pause_notifications_until for non-critical failures (e.g., transient SSH issues). |
Key Questions
- Backup Scope:
- Are databases backed up separately (via hooks), or is this purely for file-level backups?
- How will binary data (e.g., Docker images, large files) be handled (rsync may not be optimal)?
- Disaster Recovery:
- What’s the restore process? The package doesn’t document this—will it require manual
rsyncor a custom script?
- What’s the restore process? The package doesn’t document this—will it require manual
- Compliance:
- Does the storage backend support immutable backups (e.g., S3 Object Lock) or encryption at rest?
- Scalability:
- How will thousands of sources impact the Laravel server’s CPU/memory during backup dispatch?
- Monitoring:
- Are there metrics/exporters (e.g., Prometheus) for backup health, or is it CLI-only?
- Multi-Region:
- Can destinations span multiple storage regions (e.g., S3 cross-region replication)?
Integration Approach
Stack Fit
- Core Stack:
- Backend: Laravel 8+ (PHP 8.0+).
- Storage: Local (NFS), S3, or other
filesystemdrivers (must uselocalfor hard links). - SSH: OpenSSH for source access (keys must be configured on the Laravel server).
- Scheduling: Laravel’s
schedule:run(cron) for automated backups.
- Extensions:
- Notifications: Slack, Email, or custom channels via Laravel Notifications.
- Database Backups: External tools (e.g.,
pg_dump,mysqldump) viapre_backup_commands. - Monitoring: Custom scripts or third-party tools (e.g., Datadog) for
backup-server:listdata.
Migration Path
- Pilot Phase:
- Start with 1–2 non-critical sources (e.g., staging environments).
- Test
rsyncperformance and storage growth.
- Phased Rollout:
- Phase 1: Migrate file-based backups (e.g., uploads, logs).
- Phase 2: Integrate database dumps via hooks.
- Phase 3: Replace legacy backup scripts with
backup-server:dispatch-backups.
- Cutover:
- Use
pause_notifications_untilto suppress alerts during transition. - Verify backups with
backup-server:find-filesand manual restores.
- Use
Compatibility
| Component | Compatibility Notes |
|---|---|
| Laravel Version | Tested on Laravel 8+. May require adjustments for Laravel 9+ (e.g., dependency updates). |
| PHP Version | PHP 8.0+ (hard links require PHP-FPM or CLI). |
| Storage Drivers | Only local driver supports hard links. S3/GCS will store full copies. |
| SSH Access | Sources must allow passwordless SSH from the Laravel server. |
| Existing Backups | No migration tool—backups must be manually copied to the new destination. |
Sequencing
- Infrastructure Setup:
- Configure Laravel server with sufficient disk space and SSH access to sources.
- Set up storage backend (e.g., S3 bucket or local disk).
- Configuration:
- Define
Sources(SSH details, includes/excludes, commands). - Define
Destinations(disk name, retention rules). - Configure notifications (Slack/email channels).
- Define
- Testing:
- Run
backup-server:backup <source>manually for each source. - Verify with
backup-server:listandfind-files.
- Run
- Automation:
- Schedule
backup-server:dispatch-backupsvia Laravel’s scheduler. - Set up cleanup jobs (e.g.,
backup-server:cleanup <source>).
- Schedule
- Monitoring:
- Integrate
backup-server:listinto dashboards (e.g., Grafana). - Alert on
UnhealthySourceFoundNotification.
- Integrate
Operational Impact
Maintenance
- Artisan Commands:
- Regularly run
backup-server:cleanupto manage retention. - Use
backup-server:list --sortBy=healthyto identify failing sources.
- Regularly run
- Configuration Drift:
- Monitor
config/backup-server.phpfor changes (e.g., notification channels). - Use Laravel’s config caching (
php artisan config:cache) for performance.
- Monitor
- Dependency Updates:
- Watch for updates to
spatie/laravel-backup(this package’s dependency). - Test new versions in staging before upgrading.
- Watch for updates to
Support
- Troubleshooting:
- Check Laravel logs (
storage/logs/laravel.log) for backup failures. - Use
backup-server:backup <source> --verbosefor debug output.
- Check Laravel logs (
- Common Issues:
- SSH Failures: Verify keys, firewalls, and
whoamiaccess. - Storage Permissions: Ensure the Laravel user has write access to the destination disk.
- Rsync Errors: Check
includes/excludespaths for typos.
- SSH Failures: Verify keys, firewalls, and
- Escalation Path:
- For critical failures, manually trigger backups via CLI.
- Maintain a runbook for restore procedures (not documented in the package).
Scaling
- Horizontal Scaling:
- Not natively supported—backups are single-threaded per source.
- Workaround: Use multiple Laravel instances with overlapping schedules (e.g., Instance A: even hours, Instance B: odd hours).
- Performance Tuning:
- Adjust
rsyncoptions (e.g.,--compress,--bwlimit) inpre_backup_commands. - Increase
backup_size_calculation_timeout_in_secondsfor large backups.
- Adjust
- Storage Growth:
- Set retention policies (e.g., keep 7 daily backups, 4 weekly).
- Monitor
used_storageand alert on thresholds (e.g., 80% capacity).
Failure Modes
| Failure Scenario | Impact | Mitigation | |--------------------------------
Weaver
How can I help you explore Laravel packages today?