Restore backup to a local instance in a safe/anonymized way

Support
1

I want to experiment a bit with plugins, theme, etc. locally, to avoid the risk of breaking the real forum. But setting up everything to similar state as the real forum is difficult, so would be great to just restore the backup to the local instance.

But how should I do that to avoid the risks like sending emails to the real users from the local instance? Also maybe there are some other pitfalls that I am not aware of?

Is there any way to anonymize all user data in the backup (remove emails at least)? Or restore everything except the user data?

2

Run this from a rails console to anonymize all users except staff:

acting_user = User.find(-1)
User.all.each do |u|
  next if u.staff? 
  user = UserAnonymizer.new(u, acting_user).make_anonymous
end
4 Likes
3

Wouldn’t it be simpler to disable all outgoing mails? That’s a global site setting.

1 Like
4

Yeah, probably easier to set this setting. However as I understand the backup will overwrite all settings, so there is a chance that some email will be sent between restore completion and disabling mails, unless the source instance had it disabled too during backup.

btw I figured out that it probably would be better to just use a separate server and domain instead of local docker dev setup.

As I understand the backup restore does not affect app.yml, so if I do not enter SMTP config in app.yml on the test server, it will have no chance to send any emails?

5

Under many laws, including the CCPA, it is considered unlawful processing to use unanonymized production data in development and test environments. The chances of a data breach are higher in systems that might contain bugs, have databases on a laptop, or are accessed by non-authorized individuals.

No, because Sidekiq is being paused during a restore operation.

2 Likes
6

Yeah, but I meant not during, but after the restore is completed (as I understand after that all processes are immediately resumed?) and before I changed this setting to disable mails.

7

Sorry, my answer was indeed incomplete. When a Discourse backup is restored, outgoing emails are disabled automatically as part of the restore operation. They need to be enabled explicitly after the restore.

5 Likes
8

You still need to manually disable POP polling if it is configured, otherwise your test instance may start processing inbound email away from the real instance.

3 Likes
9

Thanks :slight_smile: I think I use some other polling mode, via Direct-delivery incoming email for self-hosted sites

Another setting that probably should be disabled is allow index in robots txt

And also added Restrict access to your Discourse site with HTTP Basic Authentication.

1 Like
10

Do Admins get a message reminding them to enable outgoing emails?

11

Yes, the warning at the top of the page.

2 Likes