Recipes

Back up anything

Backup Verified doesn’t care what you back up. The agent encrypts locally and sends your backup to Backup Verified Managed Storage. Below are proven command patterns you can drop into your config.

One rule: write to STDOUT

Your command must write the backup data to STDOUT. The agent reads from STDOUT, encrypts locally, and uploads the encrypted backup to Managed Storage.

  • tar should use -cf - or -czf - (the final - means “write to STDOUT”).
  • mysqldump / pg_dump write to STDOUT by default.

Common “gotcha”

In the config examples below, you’ll see backup_command: >. That > is YAML formatting (multi-line text) — it is not shell output redirection.

In most cases, don’t redirect output to a local file. Keep the backup data on STDOUT so the agent can read it.

MySQL (logical dump)

A safe default for most workloads.

mysqldump \
  --single-transaction \
  --quick \
  --skip-lock-tables \
  --no-tablespaces \
  --routines --triggers --events \
  --set-gtid-purged=OFF \
  -u USER \
  DB_NAME

Configure credentials using your database client’s recommended secure method.

PostgreSQL (logical dump)

Use custom format for faster restores.

pg_dump \
  -Fc \
  -Z 6 \
  -U USER \
  -d DB_NAME

Restore instructions are available on the Decrypt & Restore page.

Files & directories (tar)

Great for app servers, uploads, or configuration snapshots.

tar -cf - \
  --exclude='./tmp' \
  --exclude='./cache' \
  /var/www /etc

The trailing - after -cf is required — it tells tar to write the archive to STDOUT.

Docker volume snapshot

Snapshot a named volume to a tar archive written to STDOUT.

docker run --rm \
  -v my_volume:/data:ro \
  alpine \
  tar -cf - -C /data .

Putting it into a BV config (example)

Paste a proven STDOUT command into source.backup_command. The agent runs the command, encrypts locally, and uploads the encrypted result to Managed Storage. 

# bv-agent.yml (example)
bv:
  api_base: "https://backupverified.com"
  timeout_seconds: 30              # API calls
  work_timeout_seconds: 0          # 0 = no overall deadline (recommended)
  upload_timeout_seconds: 0        # 0 = no upload-only deadline

agent_key: "YOUR_AGENT_KEY"
client_encryption_key_b64: "YOUR_CLIENT_ENCRYPTION_KEY_B64"

backup:
  source_key: "dir_backup"
  name: "Directory Backup"
  description: "Archive current directory via tar"

source:
  type: "tar"
  backup_command: "tar -cf - ."
Read Documentation Decrypt & Restore