Self-hosting and data FAQ
Where does my data live?
In two places: the MariaDB database (all records — tickets, clients, invoices, settings, and so on) and the uploads volume for files. Uploads include avatars, ticket attachments, knowledge-base images, and branding/logos, organised under an uploads/ directory inside the app's data volume.
How do I back up?
Back up both the database and the uploads. A typical approach is a mysqldump (or mariadb-dump) of the database container plus a copy of the app data volume. Because everything is in the DB and the uploads volume, those two captures are a complete backup.
Where are my secrets stored?
In .env.docker in the install directory (default /opt/summitpsa), written with 600 permissions in a 700 directory. It holds the app secret key, database passwords (randomly generated at install), your base URL, allowed hosts, the super-admin email, and your license key. Treat this file as sensitive and include it in your backup of the install directory.
Are stored credentials encrypted?
Sensitive integration credentials, such as IMAP/SMTP passwords and Microsoft 365 client secrets, are stored encrypted in the database and decrypted only when needed at runtime.
How do I upgrade?
Pull the new image tag and recreate the app container. Migrations run automatically on the next start, so the database is brought up to date before the app serves traffic. Keep a fresh backup before upgrading.
How do I move my install to a new server?
Install SummitPSA on the new host, restore your database dump and uploads volume, and carry over .env.docker (so the app secret and license key match). Re-running the installer on a host that already has .env.docker preserves the existing secrets.
What database does it use?
MariaDB 10.11, run as its own container in the compose stack with its data on a dedicated Docker volume.