# Restore Outline

This is the high-level restore path for a new Hetzner Cloud host.

## 1. Prepare Host

Install Docker and Docker Compose plugin.

```bash
sudo apt update
sudo apt install -y docker.io docker-compose-plugin git tar gzip
sudo usermod -aG docker "$USER"
```

Log out and back in after adding the Docker group.

## 2. Clone Backup

```bash
git clone https://gitforge.kitestacks.com/kenpat/kitestacks-cloud.git
cd kitestacks-cloud
sha256sum -c SHA256SUMS
```

## 3. Restore Bind-Mounted Data

```bash
mkdir -p /home/kenpat
tar -xzf archives/docker-bind-data.tar.gz -C /home/kenpat
tar -xzf archives/syncthing-shared.tar.gz -C /home/kenpat
tar -xzf archives/kitestacks-scripts.tar.gz -C /home/kenpat
```

## 4. Restore Named Docker Volumes

Create the external network used by the stack:

```bash
docker network create kitestacks
```

For each file in `volume-exports`, create and restore the volume:

```bash
for archive in volume-exports/*.tar.gz; do
  volume="$(basename "$archive" .tar.gz)"
  docker volume create "$volume"
  docker run --rm \
    -v "$volume:/volume" \
    -v "$PWD/volume-exports:/backup:ro" \
    alpine \
    sh -c "tar -xzf /backup/$volume.tar.gz -C /volume"
done
```

## 5. Start Services

Start core services in dependency order. Example:

```bash
cd /home/kenpat/docker/authentik && docker compose up -d
cd /home/kenpat/docker/forgejo && docker compose up -d
cd /home/kenpat/docker/cloudflared && docker compose up -d
```

Then start the remaining service folders under `/home/kenpat/docker`.

## 6. DNS and Tunnel Cutover

Review:

- `inventory/docker-running.txt`
- `inventory/docker-networks.txt`
- `/home/kenpat/docker/cloudflared/docker-compose.yml`
- Cloudflare tunnel credentials under the restored cloudflared folder

Move DNS/tunnel targets to the Hetzner host after services are healthy.