Cloud Migration Plan

Overview

This document outlines the migration plan for the Magic e-VERSE platform from the current local server (Intel i7-9700KF, 16 GB RAM) to a cloud-hosted setup using Netcup RS 4000 G12 as the primary server, Cloudflare R2 for product image storage, and Hetzner Storage Box for off-site backups.

Current vs New Infrastructure

Current Setup (Local Server)

Component	Spec
CPU	Intel Core i7-9700KF @ 3.60 GHz (8 cores)
RAM	16 GB DDR4 (18 GB in swap — critical)
System Disk	228 GB SSD (`/dev/sda2`) — 77% full
Data Disk	932 GB HDD (`/dev/sdb1` → `/mnt/data`) — 64% full
NVMe	1.8 TB (`/dev/nvme0n1p1` → `/mnt/nvme`) — 52% full
NAS Backup	3.5 TB + 2.7 TB (SMB mounts)
Docker Containers	53 running
Docker Images	697 GB (688 GB reclaimable)
Actual container RAM usage	~2.2 GB
Total platform data	~190 GB (excl. product images)
Product images	~220 GB (`/mnt/data/pim_data/`)

New Setup

Netcup RS 4000 G12

12 dedicated cores (AMD EPYC 9645, 2024)
32 GB DDR5 ECC RAM
1 TB NVMe SSD
2.5 Gbit/s network
€27.08/mo

Cloudflare R2

S3-compatible object storage
Zero egress fees (free CDN delivery)
~250 GB for product images
~€3.50/mo

Hetzner Storage Box BX11

1 TB backup storage
SFTP / rsync / WebDAV
Nightly automated backups
€3.20/mo

Total Monthly Cost

Server: €27.08
Images: ~€3.50
Backups: €3.20
Total: ~€33.78/mo

Why This Stack

Server: Netcup RS 4000 G12

Best price/performance ratio across all EU providers. Comparison at time of evaluation (March 2026):

Provider	Product	Cores	RAM	Storage	Network	Price/mo
Netcup	RS 4000 G12	12	32 GB DDR5	1 TB NVMe	2.5 Gbit/s	€27.08
Hetzner	CCX33 (Cloud)	8 vCPU	32 GB	240 GB	1 Gbit/s	€48.49
Hetzner	AX42 (Dedicated)	8	64 GB	1 TB	1 Gbit/s	€46.00
Contabo	VDS M	4	32 GB	240 GB	500 Mbit/s	€35.84
OVHcloud	Advance-1	6	32 GB	NVMe	1 Gbit/s	€110+

Images: Cloudflare R2

Feature	Cloudflare R2	Firebase Storage	Hetzner Object Storage
Free storage	10 GB	5 GB	0
Egress cost	Free	€0.12/GB	€1/TB
250 GB cost	~€3.50/mo	~€8-11/mo	€6.49/mo
CDN	Global edge	Google CDN	No CDN
S3 compatible	Yes	No (proprietary SDK)	Yes

Backups: Hetzner Storage Box

1 TB for €3.20/mo via SFTP/rsync
Different provider than server = true off-site backup
10 snapshots included
Automated via cron + rsync

What Moves Where

To Netcup Server

Service	Container(s)	Current RAM
8 Commerce Tenants	backend + storefront + redis + meilisearch (×8)	~1.6 GB
Magic PIM	backend + redis	~130 MB
Spranz	backend + storefront + redis + meilisearch	~60 MB
Master Magic	backend + redis	~40 MB
PostgreSQL (shared)	magic_pim_postgres_dev	~90 MB
MySQL	mysql	~10 MB
n8n (×3)	magic_n8n, magic_n8n_2, magic_n8n_3	~120 MB
Image Services	rembg-service, preflight-service	~15 MB
Sshwifty	magic_terminal_sshwifty	~4 MB
Vaultwarden	vaultwarden	~8 MB
Magic Portal	portal (Vite + React)	~30 MB
Dashboard	dashboard API	~20 MB
DevDocs	Starlight static site	~10 MB
Total	~48 containers	~2.2 GB

To Cloudflare R2

Data	Size	Bucket
`/mnt/data/pim_data/spranz/`	Product images	`magic-pim-images`
`/mnt/data/pim_data/langenberg/`	Product images	`magic-pim-images`
`/mnt/data/pim_data/svg/`	SVG logos	`magic-pim-images`
Total	~220 GB

Stays on Local Server

Service	Reason
Omada Controller (TP-Link)	Needs LAN access for network hardware
Nextcloud + OnlyOffice	Optional — can move later or use cloud alternative

Not Migrated

Item	Reason
Old Docker images (688 GB)	Reclaimable, rebuild fresh on new server
Windows SMB shares	Local storage, not platform-related
NAS backups	Replaced by Hetzner Storage Box

Complete Migration Guide

Phase 1: Order Infrastructure

1.1 Netcup RS 4000 G12

Order at netcup.com/en/server/root-server/rs-4000-g12-ip-iv-12m
Select: ip (IPv4) + iv (IPv6) + 12M (12-month contract)
Apply voucher code at checkout: 5161nc17735292121 (1 month free)
Wait for provisioning (usually 1-4 hours)

1.2 Cloudflare R2

Sign up at dash.cloudflare.com
Go to R2 → Create Bucket → Name: magic-pim-images
Create R2 API token: R2 → Manage API Tokens → Create Token
Note down: Account ID, Access Key ID, Secret Access Key
Optional: set up custom domain (e.g., images.magiceverse.online)

1.3 Hetzner Storage Box

Order BX11 (1 TB) at hetzner.com/storage/storage-box/bx11
After provisioning, note: username (uXXXXXX), host (uXXXXXX.your-storagebox.de)
Upload your SSH public key via Hetzner Robot panel

Phase 2: Prepare New Server

2.1 Initial Access & Setup

# SSH into new Netcup server (IP from Netcup SCP panel)
ssh root@<netcup-ip>

# Set hostname
hostnamectl set-hostname magic-cloud

# Update system
apt update && apt upgrade -y
apt install -y curl git htop rsync rclone unzip

# Set timezone
timedatectl set-timezone Europe/Amsterdam

2.2 Install Docker

# Install Docker Engine + Compose plugin
curl -fsSL https://get.docker.com | sh
apt install -y docker-compose-plugin

# Verify
docker --version
docker compose version

# Enable Docker on boot
systemctl enable docker

2.3 Configure Firewall

ufw default deny incoming
ufw default allow outgoing
ufw allow 22/tcp    # SSH
ufw allow 80/tcp    # HTTP
ufw allow 443/tcp   # HTTPS
ufw allow 8000/tcp  # Coolify dashboard
ufw enable

2.4 Create Directory Structure

# Match current server structure
mkdir -p /mnt/data/magic_omniverse/magic_commerce
mkdir -p /mnt/data/magic_pim
mkdir -p /mnt/data/vaultwarden
mkdir -p /opt/scripts
mkdir -p /opt/backups/databases

2.5 Configure SSH Key for Old Server Access

# Generate SSH key on new server
ssh-keygen -t ed25519 -C "magic-cloud"

# Copy to old server so we can pull data
ssh-copy-id adminmichiel1@<old-server-ip>

Phase 3: Upload Product Images to Cloudflare R2

3.1 Configure rclone on Current Server

# On the CURRENT (old) server
rclone config

# Enter these settings:
# name> r2
# Storage> s3
# provider> Cloudflare
# env_auth> false
# access_key_id> <your R2 access key>
# secret_access_key> <your R2 secret key>
# region> auto
# endpoint> https://<account-id>.r2.cloudflarestorage.com
# acl> (leave blank)
# Edit advanced config?> n

3.2 Sync Images

# Dry run first to verify
rclone sync /mnt/data/pim_data/ r2:magic-pim-images/ --dry-run --progress

# If looks good, do the real sync (run in tmux/screen!)
tmux new -s r2sync
rclone sync /mnt/data/pim_data/ r2:magic-pim-images/ --progress --transfers=8

# Verify file count
rclone size r2:magic-pim-images/

3.3 Set Up R2 Public Access

# In Cloudflare Dashboard:
# 1. Go to R2 → magic-pim-images → Settings
# 2. Enable "Public Access" via custom domain
# 3. Add domain: images.magiceverse.online
# 4. Cloudflare handles SSL automatically

# Test access:
curl -I https://images.magiceverse.online/spranz/5325-00.001.jpg

3.4 Update Image URL References in Code

Files to update (in magic_development, then sync to all tenants):

File / Area	Current	New
PIM backend image serving	`/mnt/data/pim_data/{supplier}/{file}`	`https://images.magiceverse.online/{supplier}/{file}`
Storefront `<Image>` components	Relative paths via backend proxy	Direct R2 URL
Spranz Designer SVG paths	`/mnt/data/pim_data/svg/spranz/`	`https://images.magiceverse.online/svg/spranz/`
APLT product thumbnails	Local file read	R2 URL
Docker volume mounts	`/mnt/data/pim_data:/mnt/data/pim_data:ro`	Remove (no longer needed)

Approach: Create an environment variable IMAGE_BASE_URL that defaults to the R2 URL. This way you can switch back to local paths if needed. Add to each tenant’s docker-compose environment:

IMAGE_BASE_URL=https://images.magiceverse.online

Phase 4: Migrate Data to New Server

4.1 Database Dumps (on current server)

# PostgreSQL — all tenant databases + PIM
docker exec magic_pim_postgres_dev pg_dumpall -U postgres > /tmp/postgres_full_$(date +%Y%m%d).sql

# Check size
ls -lh /tmp/postgres_full_*.sql

# MySQL — portal, workflow data
docker exec mysql mysqldump -uroot -p<your-db-password> --all-databases > /tmp/mysql_full_$(date +%Y%m%d).sql

4.2 Transfer Code (run in tmux — takes a while)

tmux new -s migration

# Replace <netcup-ip> with actual IP throughout

# 1. Commerce tenants (the big one)
rsync -avz --progress \
  --exclude='node_modules' \
  --exclude='.next' \
  --exclude='dist' \
  /mnt/data/magic_omniverse/ root@<netcup-ip>:/mnt/data/magic_omniverse/

# 2. PIM (code only — images are in R2 now)
rsync -avz --progress \
  --exclude='node_modules' \
  --exclude='.next' \
  --exclude='uploads' \
  /mnt/data/magic_pim/ root@<netcup-ip>:/mnt/data/magic_pim/

# 3. Vaultwarden data
rsync -avz --progress /mnt/data/vaultwarden/ root@<netcup-ip>:/mnt/data/vaultwarden/

# 4. rembg + preflight services
rsync -avz --progress /home/adminwayne/rembg-service/ root@<netcup-ip>:/opt/services/rembg-service/
rsync -avz --progress /home/adminwayne/preflight-service/ root@<netcup-ip>:/opt/services/preflight-service/

# 5. Database dumps
scp /tmp/postgres_full_*.sql root@<netcup-ip>:/tmp/
scp /tmp/mysql_full_*.sql root@<netcup-ip>:/tmp/

# Note: n8n dirs (magic_n8n, magic_n8n_2, magic_n8n_3) are included
# in step 1 since they live under /mnt/data/magic_omniverse/

4.3 Second Sync (just before DNS switch)

Right before you switch DNS, do a final delta sync to catch any changes:

# Quick delta sync — only transfers changed files
rsync -avz --progress --exclude='node_modules' --exclude='.next' --exclude='dist' \
  /mnt/data/magic_omniverse/ root@<netcup-ip>:/mnt/data/magic_omniverse/

# Fresh database dump
docker exec magic_pim_postgres_dev pg_dumpall -U postgres > /tmp/postgres_final_$(date +%Y%m%d_%H%M).sql
docker exec mysql mysqldump -uroot -p<your-db-password> --all-databases > /tmp/mysql_final_$(date +%Y%m%d_%H%M).sql
scp /tmp/postgres_final_*.sql /tmp/mysql_final_*.sql root@<netcup-ip>:/tmp/

Phase 5: Install & Configure Coolify

All commands below run on the new Netcup server.

5.1 Install Coolify

# One-line Coolify installer
curl -fsSL https://cdn.coollabs.io/coolify/install.sh | bash

# This installs:
# - Docker (if not already installed)
# - Traefik (reverse proxy + auto-SSL)
# - Coolify dashboard
# - PostgreSQL (for Coolify's own data)

# Coolify dashboard will be available at:
# http://<netcup-ip>:8000

5.2 Initial Coolify Setup

Open http://<netcup-ip>:8000 in your browser
Create admin account
Go to Settings → Servers → verify the local server is detected
Go to Settings → DNS/SSL → set wildcard domain: *.magiceverse.online

5.3 Connect GitHub (for Phase 5B later)

In Coolify: Sources → Add → GitHub App
Follow the OAuth flow to connect your GitHub account
Grant access to the magic-commerce repository (created in Phase 5B)

Phase 5A: Initial Migration (Current Setup via Coolify)

For the initial migration, we deploy using docker-compose through Coolify while keeping the current code structure.

5A.1 Set Up Shared Infrastructure in Coolify

In Coolify dashboard, create Project: “Shared Infrastructure”:

PostgreSQL:

Add Service → PostgreSQL 16
Set password: use a strong generated password
Expose port 5432 to the Coolify network
Domain: none (internal only)
Deploy

MySQL:

Add Service → MySQL 8
Set root password
Expose port 3306 to the Coolify network
Deploy

5A.2 Restore Databases

# Find the PostgreSQL container Coolify created
docker ps | grep postgres

# Restore PostgreSQL (use the actual container name)
docker exec -i <coolify-postgres-container> psql -U postgres < /tmp/postgres_final_*.sql

# Verify databases
docker exec <coolify-postgres-container> psql -U postgres -c "\l"

# Restore MySQL
docker exec -i <coolify-mysql-container> mysql -uroot -p<password> < /tmp/mysql_final_*.sql

Expected databases:

magic_pim
magic_b2b_development, magic_b2b_brinxx, magic_b2b_default
magic_b2b_logohorloge, magic_b2b_bovisales, magic_b2b_demo
magic_b2b_desluis, magic_b2b_jodasign

5A.3 Deploy Commerce Tenants via Coolify

For each tenant, create a Coolify Project:

Example: Project “Brinxx”

Add Service → Docker Compose
Point to the transferred code at /mnt/data/magic_omniverse/magic_commerce/magic_brinxx/
Set domains in Coolify:
- Backend: admin-brinxx.magiceverse.online
- Storefront: brinxx.magiceverse.online
Coolify auto-configures Traefik routing + SSL
Click Deploy

Repeat for all 8 tenants:

Coolify Project	Backend Domain	Storefront Domain
Development	admin-development.magiceverse.online	development.magiceverse.online
Brinxx	admin-brinxx.magiceverse.online	brinxx.magiceverse.online
Default	admin-default.magiceverse.online	default.magiceverse.online
Logohorloge	admin-logohorloge.magiceverse.online	logohorloge.magiceverse.online
Bovisales	admin-bovisales.magiceverse.online	bovisales.magiceverse.online
Demo	admin-demo.magiceverse.online	demo.magiceverse.online
De Sluis	admin-desluis.magiceverse.online	desluis.magiceverse.online
Jodasign	admin-jodasign.magiceverse.online	jodasign.magiceverse.online

5A.4 Deploy Supporting Services

PIM — Project: “Magic PIM”

Docker Compose from /mnt/data/magic_pim/
Domain: pim.magiceverse.online

Spranz — Project: “Spranz”

Docker Compose from /mnt/data/magic_omniverse/magic_commerce/magic_spranz/
Domains: backend + storefront

n8n — Project: “Automation”

Add 3 Docker Compose services from /mnt/data/magic_omniverse/magic_n8n/, magic_n8n_2/, magic_n8n_3/
Domains: n8n.magiceverse.online, n8n2.magiceverse.online, n8n3.magiceverse.online

Vaultwarden — Project: “Tools”

Add Service → Docker Image → vaultwarden/server:latest
Mount volume: /mnt/data/vaultwarden:/data/
Domain: vault.magiceverse.online

Sshwifty — same project “Tools”

Docker Compose from /mnt/data/magic_omniverse/magic_terminal/
Domain: terminal.magiceverse.online

rembg + preflight — same project “Tools”

Docker Compose from /opt/services/rembg-service/ and /opt/services/preflight-service/

Magic Portal — Project: “Portal”

Docker Compose from /mnt/data/magic_omniverse/magic_portal/
Domain: portal.magiceverse.online

Dashboard — same project “Portal”

Docker Compose from /mnt/data/magic_omniverse/magic_dashboard/
Domain: dashboard.magiceverse.online

DevDocs (Starlight) — same project “Portal”

Static site from /mnt/data/magic_omniverse/magic_docs/starlight/
Build command: npm run build → serve dist/ directory
Domain: devdocs.magiceverse.online

Nextcloud + OnlyOffice (optional) — Project: “Office”

Docker Compose (separate from docs — Nextcloud has its own compose config)
Domain: office.magiceverse.online

5A.5 Verify All Services in Coolify

In the Coolify dashboard, check that all services show green/healthy status:

Shared Infrastructure
  ├── PostgreSQL 16          ✅ Healthy
  └── MySQL 8                ✅ Healthy

Brinxx
  ├── Backend                ✅ Running → admin-brinxx.magiceverse.online
  ├── Storefront             ✅ Running → brinxx.magiceverse.online
  ├── Redis                  ✅ Healthy
  └── Meilisearch            ✅ Healthy

... (repeat for all tenants)

Magic PIM
  ├── Backend                ✅ Running → pim.magiceverse.online
  └── Redis                  ✅ Healthy

Automation
  ├── n8n                    ✅ Running → n8n.magiceverse.online
  ├── n8n_2                  ✅ Running → n8n2.magiceverse.online
  └── n8n_3                  ✅ Running → n8n3.magiceverse.online

Portal
  ├── Magic Portal           ✅ Running → portal.magiceverse.online
  ├── Dashboard API          ✅ Running → dashboard.magiceverse.online
  └── DevDocs (Starlight)    ✅ Running → devdocs.magiceverse.online

Tools
  ├── Vaultwarden            ✅ Running → vault.magiceverse.online
  ├── Sshwifty               ✅ Running → terminal.magiceverse.online
  ├── rembg-service          ✅ Running
  └── preflight-service      ✅ Running

Phase 5B: Transition to Monorepo + Auto-Deploy (After Migration)

Once Phase 5A is stable and DNS is switched, transition to the monorepo architecture for git-push deploys and preview environments.

5B.1 Create the Monorepo

# Create new GitHub repo: magic-commerce (private)
gh repo create magic-commerce --private

# Structure (see Monorepo + Coolify Plan for full details):
magic-commerce/
├── backend/           # Single Medusa codebase for all tenants
├── storefront/        # Single Next.js codebase for all tenants
├── tenants/           # Reference configs per tenant (tenant.json)
└── docker-compose.yml # Local development

5B.2 Refactor Code

Copy magic_development/backend/ as the single backend codebase
Replace hardcoded values with environment variables
Implement feature flag system (backend/src/features/)
Set up theme system for storefronts (storefront/src/themes/)
Push to main branch

5B.3 Reconfigure Coolify Projects

For each tenant, switch the source from local docker-compose to the GitHub monorepo:

In Coolify → Project: Brinxx → Backend
Change source: GitHub → magic-commerce repo → Build Path: /backend
Set environment variables:

TENANT_ID=brinxx
TENANT_TIER=enterprise
TENANT_FEATURES=technique_pricing,brand_wizard
DATABASE_URL=postgres://postgres:xxx@postgres:5432/magic_b2b_brinxx
MEDUSA_BACKEND_URL=https://admin-brinxx.magiceverse.online
IMAGE_BASE_URL=https://images.magiceverse.online

Enable Auto-deploy on push to main
Enable Preview deployments on pull requests

Repeat for all tenants — same repo, different env vars.

5B.4 Set Up Preview Environments

In Cloudflare DNS: add wildcard record *.preview.magiceverse.online → <netcup-ip>
In Coolify: enable PR previews per project
Flow:

Developer opens PR #42
        ↓
Coolify auto-builds preview
        ↓
Available at: pr-42.preview.magiceverse.online
        ↓
PR merged → preview auto-destroyed
PR closed → preview auto-destroyed

5B.5 Production Deploy Flow

Developer pushes to main
        ↓
Coolify detects push (GitHub webhook)
        ↓
Builds new Docker images for each tenant
        ↓
Zero-downtime container replacement
        ↓
Database migrations run automatically
        ↓
✅ Live on production domains

Phase 6: DNS Switch (The Actual Migration Moment)

6.1 Pre-Switch Testing via /etc/hosts

On your local machine, temporarily point domains to the new server:

# Add to /etc/hosts (your laptop/desktop)
<netcup-ip>  admin-development.magiceverse.online
<netcup-ip>  admin-brinxx.magiceverse.online
<netcup-ip>  brinxx.magiceverse.online
<netcup-ip>  pim.magiceverse.online

# Test in browser — verify everything works
# Remove /etc/hosts entries after testing

6.2 Lower DNS TTL (Do 1 Hour Before Switch)

In Cloudflare DNS dashboard:

Set TTL of all A records to 1 minute (60 seconds)
Wait 1 hour for old TTL to expire

6.3 Final Data Sync

# On old server — last sync before switch
docker exec magic_pim_postgres_dev pg_dumpall -U postgres > /tmp/postgres_final.sql
docker exec mysql mysqldump -uroot -p<your-db-password> --all-databases > /tmp/mysql_final.sql
scp /tmp/postgres_final.sql /tmp/mysql_final.sql root@<netcup-ip>:/tmp/

# Restore on new server (use actual Coolify container names from `docker ps`)
ssh root@<netcup-ip>
docker exec -i <coolify-postgres-container> psql -U postgres < /tmp/postgres_final.sql
docker exec -i <coolify-mysql-container> mysql -uroot -p<password> < /tmp/mysql_final.sql

6.4 Switch DNS

In Cloudflare DNS dashboard, update all A records:

Record	Old Value	New Value
`*.magiceverse.online`	`<old-server-ip>`	`<netcup-ip>`
`portal.magiceverse.online`	`<old-server-ip>`	`<netcup-ip>`
`pim.magiceverse.online`	`<old-server-ip>`	`<netcup-ip>`

6.5 Verify SSL Certificates

Coolify/Traefik automatically provisions Let’s Encrypt SSL certificates once DNS points to the server. Check the Coolify dashboard to confirm all domains show a valid certificate.

6.6 Raise DNS TTL

After confirming everything works (give it 1 hour):

Set TTL back to Auto or 3600 (1 hour)

Phase 7: Post-Migration Verification

7.1 Service Checklist

# Run this verification script on the new server
echo "=== Container Status ==="
docker ps --format "table {{.Names}}\t{{.Status}}" | sort

echo ""
echo "=== Memory Usage ==="
free -h

echo ""
echo "=== Disk Usage ==="
df -h /

echo ""
echo "=== Container Count ==="
echo "Running: $(docker ps -q | wc -l)"
echo "Stopped: $(docker ps -aq --filter 'status=exited' | wc -l)"

7.2 Test Every Service

Service	URL	What to Check
Development Admin	https://admin-development.magiceverse.online	Login works, products load
Brinxx Admin	https://admin-brinxx.magiceverse.online	Login, orders visible
Brinxx Storefront	https://brinxx.magiceverse.online	Products display, images load from R2
All other tenants	https://admin-{tenant}.magiceverse.online	Basic login test
PIM	https://pim.magiceverse.online	Product list loads
n8n	https://n8n.magiceverse.online	Workflows visible
Vaultwarden	https://vault.magiceverse.online	Login works
Terminal	https://terminal.magiceverse.online	SSH connection works
Portal	https://portal.magiceverse.online	Dashboard loads, tenant list visible
Dashboard	https://dashboard.magiceverse.online	API responds, dev projects accessible
DevDocs	https://devdocs.magiceverse.online	Pages load
Product images	https://images.magiceverse.online/spranz/5325-00.001.jpg	Image loads

7.3 Monitor for 24 Hours

# Install monitoring
apt install -y glances

# Watch live
glances

# Check Docker logs for errors
docker ps -q | xargs -I {} docker logs {} --tail=5 2>&1 | grep -i "error\|fatal\|crash"

Phase 8: Cleanup

8.1 Old Server

Keep running for 1 week as fallback
After 1 week with no issues, stop all Docker containers
Keep database dumps as archive
Repurpose server for local dev / Omada Controller only

8.2 New Server Optimization

# Clean up Docker build cache
docker builder prune -f

# Remove dangling images
docker image prune -f

# Check final disk usage
df -h /

8.3 Update SSH Config

On your local machine (~/.ssh/config):

Host magic-cloud
    HostName <netcup-ip>
    User root
    IdentityFile ~/.ssh/id_ed25519
    StrictHostKeyChecking no

8.4 Update CLAUDE.md

Update the server documentation to reflect the new infrastructure — IP addresses, paths, and connection details.

Backup Strategy

Local Backups (on Netcup server)

# Daily database backup script — /opt/scripts/backup-databases.sh
#!/bin/bash
BACKUP_DIR="/opt/backups/databases"
DATE=$(date +%Y%m%d_%H%M)
mkdir -p $BACKUP_DIR

# PostgreSQL
docker exec magic_pim_postgres_dev pg_dumpall -U postgres | gzip > $BACKUP_DIR/postgres_$DATE.sql.gz

# MySQL
docker exec mysql mysqldump -uroot -p<your-db-password> --all-databases | gzip > $BACKUP_DIR/mysql_$DATE.sql.gz

# Keep last 7 days
find $BACKUP_DIR -name "*.sql.gz" -mtime +7 -delete

echo "Backup completed: $DATE"

Remote Backups (to Hetzner Storage Box)

# Rsync to Hetzner Storage Box — /opt/scripts/backup-remote.sh
#!/bin/bash
STORAGEBOX="uXXXXXX@uXXXXXX.your-storagebox.de"

# Sync database backups
rsync -avz --delete /opt/backups/databases/ $STORAGEBOX:backups/databases/

# Sync docker-compose files and configs
rsync -avz --delete /mnt/data/magic_omniverse/magic_commerce/*/docker-compose*.yml $STORAGEBOX:backups/compose/
rsync -avz --delete /opt/coolify/ $STORAGEBOX:backups/coolify/

echo "Remote backup synced: $(date)"

Cron Schedule

# /etc/crontab additions
# Local DB backup — every 6 hours
0 */6 * * * root /opt/scripts/backup-databases.sh >> /var/log/backup.log 2>&1

# Remote sync — daily at 3 AM
0 3 * * * root /opt/scripts/backup-remote.sh >> /var/log/backup-remote.log 2>&1

R2 Image Backup

Product images in Cloudflare R2 are the source of truth. R2 has built-in durability (99.999999999%). For extra safety:

# Weekly sync of R2 to Hetzner Storage Box
0 4 * * 0 root rclone sync r2:magic-pim-images/ /tmp/r2-mirror/ && rsync -avz --delete /tmp/r2-mirror/ $STORAGEBOX:backups/images/ && rm -rf /tmp/r2-mirror/

Scaling Path

When	Action	New Specs	Price
Current	RS 4000 G12	12 cores, 32 GB, 1 TB	€27/mo
Need more disk	Add Netcup Block Storage	+500 GB NVMe	+€5.95/mo
Need more RAM/CPU	Migrate to RS 8000 G12	16 cores, 64 GB, 2 TB	€58/mo
High traffic	Add Cloudflare CDN (free)	Cache storefronts at edge	€0
Need HA/scaling	Migrate to Hetzner Cloud	CCX series + load balancer	Variable