Backup, restore, deployment — operations

Stack requirements

First-time install

1. Clone repo + composer install

   git clone ... && cd acwms-v5 && composer install --no-dev

2. Create database

   CREATE DATABASE acwms_v5 CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;

3. Apply migrations

   php bin/migrate.php

4. Create config files

   Copy .env.example → .env · fill DB credentials. Copy config/database.local.php.example → config/database.local.php + config/communication.local.php.example → config/communication.local.php. Set perms chmod 0600.

5. Apache vhost

   DocumentRoot must point to public/ only. Nothing above public/ should be web-accessible.

6. Verify

   Hit /health — expect HTTP 200 with status=ok in < 50ms.

7. Verify isolation

   Curl /composer.lock · /storage/sessions/ · /config/database.local.php — all should return 404 (proves DocumentRoot isolation).

8. Storage permissions

   Web user (e.g. www-data) needs write to storage/ tree (NOT to config/).

The 7 production crons

Linux crontab

# AuditPro Suite production crons
0 0 * * * /usr/bin/php /var/www/acwms-v5/bin/cron-backup.php > /var/log/acwms/backup.log 2>&1
30 0 * * * /var/www/acwms-v5/bin/cron-offsite-backup.sh > /var/log/acwms/offsite.log 2>&1
*/5 * * * * /usr/bin/php /var/www/acwms-v5/bin/cron-m17-email-queue.php > /var/log/acwms/email.log 2>&1
0 6 * * * /usr/bin/php /var/www/acwms-v5/bin/cron-m17-expiry-reminders.php > /var/log/acwms/expiry.log 2>&1
30 1 * * * /usr/bin/php /var/www/acwms-v5/bin/cron-m20-deadline-generator.php > /var/log/acwms/m20.log 2>&1
0 0 * * * /usr/bin/php /var/www/acwms-v5/bin/cron-m16-retention.php > /var/log/acwms/retention.log 2>&1
30 23 28-31 * * /usr/bin/php /var/www/acwms-v5/bin/cron-m13-eosb-accrual.php > /var/log/acwms/eosb.log 2>&1
0 2 1 1 * /usr/bin/php /var/www/acwms-v5/bin/cron-m13-leave-carry-forward.php > /var/log/acwms/leave.log 2>&1

Backup contents

Each nightly backup at storage/backups/{YYYY-MM-DD}/:

• db.sql.gz — gzip-compressed mysqldump --single-transaction --routines --triggers --events --hex-blob
• storage.tar.gz — PharData of clients/jobs/documents/company/employees/payments/quotes/expenses/bank-statements
• manifest.json — sha256 + size per file + app version

7-day local rotation. Cross-platform (Linux + Windows).

Off-site backup

cron-offsite-backup.sh wraps rclone:

• Targets: Backblaze B2 / AWS S3 / Wasabi / rsync
• Pre-flight checks before sync
• Stamped logging
• 3-2-1 rule: 3 copies, 2 media, 1 off-site

Setup is documented in docs/deployment/backup-and-security-plan.md.

Restore from backup

1. Pull from off-site

   rclone copy {remote}:backups/{YYYY-MM-DD}/ ./restore/

2. Verify SHA-256

   sha256sum *.gz · compare to manifest.json

3. Restore DB

   gunzip < db.sql.gz | mysql acwms_v5

4. Restore storage

   tar xzf storage.tar.gz -C ./ (after backup of current storage)

5. Verify

   Hit /health · open a known-good engagement · check archive integrity

Quarterly restore drill

Every quarter:

1. Pick a random backup from off-site
2. Restore to a sandbox environment
3. Verify SHA-256 matches manifest
4. Open the restored engagement · verify report PDF + workpapers + audit log
5. Log the drill result in backup_drills table

Backup that hasn't been tested = hope, not preparedness.

Health monitoring

Plug /health into:

• Datadog / Pingdom / Uptime Kuma — alerts on 503 + status ≠ ok
• Email alert thresholds:
  • Critical: status=fail or response > 5s
  • Warning: status=warning or email_queue_stale > 100
• Slack / WhatsApp / SMS for partner notifications

Hardening checklist

• HTTPS only · HSTS header
• Apache + PHP version disclosure off (ServerSignature Off, expose_php Off)
• file modes 0644 for files · 0755 for dirs · 0600 for *.local.php
• logrotate for /var/log/acwms/
• fail2ban for SSH
• UFW or iptables — open only 80, 443, 22
• SSH key auth only (disable password)
• DB user least privilege — no root
• Quarterly security review (chapter 23)