Session cookies are encrypted using a randomly generated secret key which, by default, is stored in redis. Redis data is not included in a backup so a new secret key is regenerated when you restore the site onto a new server.
You can manually set the secret key using an environment variable DISCOURSE_SECRET_KEY_BASE in your app.yml file. So you could try something like this to preserve sessions:
-
On your existing server, enter the console and find the secret key from redis
pry(main)> GlobalSetting.safe_secret_key_base => "5fb9dc98be368599e0a..." -
Add DISCOURSE_SECRET_KEY_BASE to the
env:section of your app.yml on the old server, using the value you found in (1), and rebuild the app. In theory, if everything went right, Discourse should now use the value from the app.yml, and user sessions will persist. You can check the env variable is being used by runningGlobalSetting.secret_key_base -
Make sure the app.yml on the new server has the same SECRET_KEY_BASE. When you restore the backup, the user sessions should persist
I haven’t tested that flow, so if you plan to use it for a production forum make sure to test it out first!
Side note: you absolutely should not share the secret key between multiple discourse instances. Possession of the secret key would allow someone to decrypt and modify their session cookie on a site, and could have very bad security consequences.