mkdir -p /mnt/root
mount --bind / /mnt/root
tar czf /tmp/backup.tar.gz --ignored-failed-read --numeric-owner -P --one-file-system --exclude=./tmp -C /mnt/root .
This sequence will create a gzip compressed tar archive containing everything in your
/ filesystem; download this file, keep it safe. As long as you have this, you can recover from any mistakes you may make while restoring your forum. However, this backup will also contain the malicion software, so beware!
Moving Discourse is a bit easier. First, copy your
app.yml file and everything in the shared directory (
tar czf discourse-shared.tar.gz -C /var/discourse shared). Then provision a new droplet and follow the usual Discourse install instructions. Use your old
app.yml instead of creating a new one. After bootstrapping, instead of creating your admin user, stop the container and replace the new
shared folder with your backup (
rm -rf /var/discourse/shared && tar xzf discourse-shared.tar.gz -C /var/discourse), then restart the container.
If you haven’t updated your old instance in a while, you may need to manually migrate your database by SSHing into the container and running
rake db:migrate. Give the container one more restart and you should be good.
Lastly, would you share how your droplet got infected? Was some accident or other software installed on the host involved? Is there any evidence that Discourse may have been used to break into the system?