Skip to main content

Advanced Topics

Here you'll find guides on various topics:

Database Setup (for your own PostgreSQL server)

Testiny Server officially supports PostgreSQL 14.

As described in the introduction, Testiny Server creates the needed databases during setup if the user has sufficient permissions. However, you can also initialize the database yourself.

Three databases are needed:

  • central - containing user information
  • tenant_main - containing data (tests, runs, ...) of the main organization
  • tenant_testing - containing data of the test organization (to use as a playground)

Also make sure, that the following configuration is set:

  • set ENCODING to UTF8 (default value for PostgreSQL)
  • set TABLESPACE to pg_default (default value for PostgreSQL)
  • If you use replication in your PostgreSQL database, set synchronous_commit to remote_apply.
  • Collation can be configured freely, as long as it's compatible with UTF8 encoding.

Example for database initialization

Here's an example script how to create the databases for PostgreSQL:

CREATE ROLE testiny LOGIN PASSWORD 'changeme'; /* make sure to set a custom password here or change it after */


CREATE DATABASE central WITH
  OWNER = 'testiny'
  ENCODING = 'UTF8'
  TABLESPACE = pg_default
  CONNECTION LIMIT = -1; /* restrict if required, should be 2 * PG_MAX_POOL */

ALTER DATABASE central SET synchronous_commit=remote_apply;
REVOKE CONNECT ON DATABASE central FROM PUBLIC;


CREATE DATABASE tenant_main WITH
  OWNER = 'testiny'
  ENCODING = 'UTF8'
  TABLESPACE = pg_default
  CONNECTION LIMIT = -1; /* restrict if required, should be 2 * PG_MAX_POOL */

ALTER DATABASE tenant_main SET synchronous_commit=remote_apply;
REVOKE CONNECT ON DATABASE tenant_main FROM PUBLIC;


CREATE DATABASE tenant_testing WITH
  OWNER = 'testiny'
  ENCODING = 'UTF8'
  TABLESPACE = pg_default
  CONNECTION LIMIT = -1; /* restrict if required, should be 2 * PG_MAX_POOL */

ALTER DATABASE tenant_testing SET synchronous_commit=remote_apply;
REVOKE CONNECT ON DATABASE tenant_testing FROM PUBLIC;

Create Backups

With Testiny Server, you are solely responsible for creating backups of your Testiny databases and BLOBs.

There are two ways to create backups:

Create a complete backup via the API

Testiny Server provides API routes to easily create backups:

  • SERVER_URL/api/v1/standalone/backup/central to create backups containing all central data (for example user accounts)
  • SERVER_URL/api/v1/standalone/backup/main to create backups of your main instance containing test cases, runs, BLOBs, etc.

For the API request, you need to provide the backup export token you received during setup in the header "x-export-token".

The tenant "testing" is not included in this API; it is intended to be a "sandbox" tenant and it should not include any production data.

Here is an example of how to create encrypted backups using curl for the central and main database. Replace SERVER_URL with your Testiny Server URL and EXPORT_TOKEN with the value of the backup export token you received during the setup:

curl "SERVER_URL/api/v1/standalone/backup/central" -H "x-export-token: EXPORT_TOKEN" --output central.zip.wfenc

The created backups (central.zip.wfenc and tenant_main.zip.wfenc) are encrypted and if needed, you can decrypt the backups with the private key and keyphrase you received during setup. Please contact us if you want to directly decrypt the backups.

Create native backups

Backup your Testiny PostgreSQL database

Testiny Server creates three databases in your PostgreSQL database:

  • central - containing user information
  • tenant_main - containing data (tests, runs, ...) of the main organization
  • tenant_testing - containing data of the test organization (to use as a playground)

Please refer to PostgreSQL's documentation on creating backups and restoring databases.

Important: Don't forget to backup the BLOBs (images, screenshots, attached files, ...) from the storage volume.

Backup your files and BLOBs

BLOBs (images, screenshots, files, ...) are stored in the storage volume of the Testiny Server docker container.
When creating backups for Testiny Server, please create a backup of all data in the storage volume.

Please refer to Docker's (and SQLite's) documentation on creating backups and restoring the data in the storage volume.

Backup your SQLite database

If you use SQLite as your database, the database files are also stored in the storage volume. In the process of creating a backup of your files and blobs, the SQLite database is also backed up.

Restore your data from a Backup

Restore the full Testiny Server

danger

Restoring backups is a DESTRUCTIVE OPERATION AND WILL DROP EXISTING DATABASES.

Testiny Server provides a CLI that can be used to restore the central and tenant databases.

Copy the (encrypted) backup files and the .pem key file to the Docker container. Connect to the Docker container running Testiny Server and start a shell (e.g. with docker exec -it CONTAINER /bin/bash). Have your private key passphrase ready that you received during setup, as you'll need it during the restore process to decrypt the backup files.

To restore the central database run the following command:

node standalone.js --restoreKey <PEM KEY FILE> --restoreCentral <CENTRAL .wfenc FILE>

To restore the main tenant database run the following command:

node standalone.js --restoreKey <PEM KEY FILE> --restoreTenants <MAIN TENANT .wfenc FILE>
info

Please note, that for restoring tenants the backup file must be named exactly like the organization name. For tenant "main", the backup file must be named "tenant_main.wfenc".

Use --noKey to restore unencrypted backups.
Use --confirmRestore and set TESTINY_IMPORTKEY_PASSPHRASE for non-interactive restore without prompts.

You can see all available CLI options by running node standalone.js --help.

info

When restoring data to a fresh Testiny Server instance, you must delete the file SECRETS_DELETE_ME.txt from the storage volume. Otherwise, the instance will suggest to setup a new organization instead of using the restored one.

Restore a tenant

If you only want to restore a tenant (and keep the central database as it is), you can also only restore the tenant database e.g. "tenant_main" database.

Note: Tenants need to exist in the central database before they can be restored.

Testiny Server CLI

Testiny Server provides a CLI that can be used to restore databases, reset passwords and set a new owner.

Connect to the Docker container running Testiny Server and start a shell (e.g. with docker exec -it CONTAINER /bin/bash).

Run the CLI with node standalone.js --help to see all available options.

Reset User Passwords

You can reset a user's password by running:

node standalone.js --resetUser <email>

The newly generated password is printed to the console.

Alternatively, you can also reset user passwords in the app in Settings > User Management > "..." > "Reset password".

Set the Testiny Server Owner

To set the owner of the organization with the Testiny Server CLI use:

node standalone.js --setOwner <email>

The given user will be the new owner.

Alternatively, you can also transfer ownership in the app in Settings > Organization > "Transfer ownership".

Use Custom CA Certificates

If you want to use custom Certificate Authorities (CA), place your custom CA certificates into a file located at storage/extra-ca-certificates.pem. After adding your certificates, you need to restart the Docker container with docker restart <container-name> to apply the changes.

How to combine various certificates into a single .pem

In case you need to provide multiple certificates to Testiny Server, simply combine them into one file.
To do this use any kind of text editor of your choice (Notepad++, VSCode, Vi, ...). Create a new file called extra-ca-certificates.pem. Then copy the content of the individual certificate files one after the other into the new file as shown below:
(the order does not matter)

-----BEGIN CERTIFICATE----- 
      (primary certificate: server.crt) 
-----END CERTIFICATE-----

-----BEGIN CERTIFICATE----- 
      (intermediate certificate: intermediate.crt) 
-----END CERTIFICATE-----

-----BEGIN CERTIFICATE----- 
      (root certificate: root.crt) 
-----END CERTIFICATE-----

Reverse Proxy SSL Termination Configuration

Testiny Server does not provide HTTPS. You need to set up your own HTTPS reverse proxy/gateway.

This is an exemplary SSL termination config using Nginx as a reverse proxy in front of Testiny Server.
Please replace the <ADD_..._HERE> sections with the respective values.

server {
    listen 443 ssl;
    listen [::]:443 ssl;
    http2  on;

    server_name <ADD_SERVER_NAME_HERE>;
    root /var/www/html;
    index index.html index.htm;

    # SSL config 
    add_header Strict-Transport-Security "max-age=63072000; includeSubDomains;" always;
    ssl_certificate         /<ADD_PATH_TO_SSL_CERTS_HERE>/fullchain.pem;
    ssl_certificate_key     /<ADD_PATH_TO_SSL_CERTS_HERE>/privkey.pem;
    ssl_trusted_certificate /<ADD_PATH_TO_SSL_CERTS_HERE>/fullchain.pem;

    ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
    ssl_prefer_server_ciphers off;
    ssl_protocols TLSv1.2 TLSv1.3;
    ssl_ecdh_curve X25519:prime256v1:secp384r1;
    ssl_stapling on;
    ssl_stapling_verify on;
    ssl_session_timeout 1d;
    ssl_session_cache shared:MozSSL:10m;
    ssl_session_tickets off;

    # When using Diffie-Hellman parameters (DH-params), please don't forget to create them first!
    # ssl_dhparam /etc/nginx/dhparams.pem;
    
    location / {
      sendfile on;
      send_timeout 150;
      client_max_body_size 1G;
      client_body_buffer_size 128k;

      proxy_redirect off;
      proxy_connect_timeout 150;
      proxy_send_timeout 150;
      proxy_read_timeout 150;
      
      proxy_headers_hash_max_size 512;
      proxy_headers_hash_bucket_size 128;

      proxy_http_version 1.1;
      proxy_set_header Upgrade $http_upgrade;
      proxy_set_header Connection "upgrade";

      proxy_set_header Host $host;
      proxy_set_header X-Real-IP $remote_addr;
      proxy_set_header X-Forwarded-For $remote_addr;
      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
      proxy_set_header X-Forwarded-Host $host;
      proxy_set_header X-Forwarded-Proto $scheme;
      
      proxy_pass http://<ADD_TESTINY_SERVER_IP:PORT_HERE>$request_uri;
      # example:
      # proxy_pass http://127.0.0.1:7700$request_uri;
    }
}

Migrate from Testiny Cloud to Testiny Server

Testiny offers a seamless migration of an existing Testiny Cloud account to Testiny Server.

Execute the Setup up to Step 3. Then request your cloud data backup in the "Migrate from cloud" tab. We'll provide you with an export bundle, optionally encrypted, which you can import into your Testiny Server instance.

Import the received data and provide a new password for the owner. Optionally you can also change the owner's email.

Please be aware that sensitive data will be deleted during the migration process:

  • All passwords from users have been randomized, please either:
    • Reset the passwords for your users in Settings > User Management > "..." > "Reset password" or use the Testiny Server CLI to reset passwords
    • Let the users reset their password themselves ("Forgot your password?" on the login page)
  • All Integration Secrets (e.g. for Jira) and SSO Secrets have been purged; please reconfigure your existing Integrations and SSO-Provider.
  • API-Keys need to be reissued