How to back up Strapi in Docker (2026)
A complete Strapi backup has three parts: dump its PostgreSQL, MySQL and SQLite databases the correct way, capture the 2 data volumes that hold files on disk, and save the compose file and .env. Dockstash detects all three automatically, dumps the database from the running container, and restics everything off-site.
What Strapi stores
| Compose services | strapi, postgres |
|---|---|
| Databases detected | postgres, mysql, sqlite |
| Data volumes | strapi_uploads (/opt/app/public/uploads), db_data (/var/lib/postgresql/data) |
| Config paths | docker-compose.yml, .env, config |
The backup plan
- Dump the database. Run pg_dumpall (or mysqldump --single-transaction, or sqlite3 ".backup") to capture content types, entries, users, and permissions consistently.
- Capture the uploads directory. Restic the public/uploads volume where Strapi’s media library stores files. The database holds metadata; the files live on disk.
- Capture compose, .env, and config. Restic docker-compose.yml, .env (APP_KEYS, JWT_SECRET, API_TOKEN_SALT), and the config directory so authentication and encryption survive restore.
Restoring Strapi
Restore the database and the uploads directory together so media references resolve. The APP_KEYS, JWT_SECRET, and API_TOKEN_SALT in .env must be preserved or tokens and admin sessions break.
Back up Strapi in one click All guides
Last updated: July 2026
Frequently asked questions
Does Strapi keep media in the database?
No — only file metadata. The actual media files live in public/uploads (or configured provider storage). Back up both the database dump and the uploads volume.
Which database does Strapi use?
PostgreSQL, MySQL/MariaDB, or SQLite. Dockstash detects the configured connection and dumps it the correct way for that engine.
What secrets must I preserve for Strapi?
APP_KEYS, JWT_SECRET, and API_TOKEN_SALT from .env. Without matching values, admin sessions and API tokens are invalidated after restore.