World Standing Together™
Library
Create Profile Support
WST • PRIVATE • AUDITABLE • HUMAN-FIRST

Treasury Layer Architecture

Modular Continuity Civilization Protocol Reader.

WST · Modular · Continuity · Human-First

Treasury Layer Architecture

Reserve to telemetry · Continuity Infrastructure

Continuity → Recognition → Stewardship → Execution → Settlement → Reconciliation → Verified Continuity
← Back to Canon Map Protocol Library Previous Next
026-backup-and-recovery-doctrine.md
/library/_docs/10-governance/026-backup-and-recovery-doctrine.md

CANONICAL — 026: Backup & Recovery Doctrine (v1.0)

Purpose

Define mandatory standards for safeguarding WST system state (files + database) and ensuring complete, auditable recovery capability.

Scope

Applies to:

  • Web system (C:\wst\wst)
  • API system (C:\wst\wst-api)
  • Azure PostgreSQL (wst_dev)
  • All environments (dev/test/prod unless explicitly exempted)

---

Definitions

  • Snapshot Backup: Point-in-time capture of files + database.
  • PITR (Point-in-Time Restore): Azure-managed WAL-based recovery to a specific time.
  • Backup Artifact: wst-backup-YYYYMMDD-HHMMSS.zip

---

Authority & Roles

  • L6 (Breakglass): Full restore authorization (destructive allowed).
  • L5 (Controller/Admin): Execute backups; authorize test restores.
  • Operators: Run backups; validate outputs; no destructive restore without L5+.

---

Requirements

R1 — Backup Frequency

  • Minimum: Daily
  • Recommended: Every 4 hours (production)

R2 — Backup Contents (MUST include)

  • wst/ (web)
  • wst-api/ (API)
  • wst_dev_database.backup (pg_dump custom format)

R3 — Storage Model (3-2-1)

  • Layer 1 (Cloud): Azure automatic backups (PITR enabled)
  • Layer 2 (Local C:): Latest backup artifacts
  • Layer 3 (External D:): Mirrored copy of artifacts
  • Optional: Offsite cloud copy (recommended)

R4 — Retention

  • Minimum retention: 7 days
  • Recommended: 7–14 artifacts (rolling)

R5 — Verification (MANDATORY)

Each run must verify:

  • ZIP created successfully
  • Contains required structure
  • DB backup file exists and > 0 KB

R6 — Security

  • C:\wst-control\db.key contains only DB password (no quotes/whitespace)
  • File permissions restricted to operator account
  • No credentials hardcoded in scripts

R7 — Recovery Capability

  • A tested restore path MUST exist
  • Weekly restore test to a non-production path is REQUIRED

---

Failure Modes & Controls

F1 — DB Authentication Failure

  • Action: Reset Azure PostgreSQL password
  • Update db.key
  • Re-test psql connectivity

F2 — Missing Source Paths

  • Verify:
  • C:\wst\wst
  • C:\wst\wst-api

F3 — Partial Backup (no DB)

  • Ensure .backup file present
  • Re-run after fixing auth

---

Audit & Logging

  • Each run logs timestamp and result (success/failure)
  • Weekly verification log retained

---

Compliance Statement

No environment is considered operationally compliant unless:

  • Backups run at required frequency
  • Artifacts are validated
  • Restore has been tested within last 7 days

---

Doctrine Summary

Backups MUST be:

  • Repeatable
  • Verifiable
  • Recoverable

This canon governs what must be true. Execution details are defined in Operations.

Desk Console Dashboard Create Trading Floor Store Library Sign out
Shell: wst_shell.v1.8a • 100% auditable