Skip to main content

Database-level backup and restore

Learn how to use the pvault-dump and pvault-restore command-line utilities

pg_dump and psql are command-line utilities that enable you to backup and restore PostgreSQL databases. Vault uses these utilities in pvault-dump and pvault-restore to enable you to back up and restore your Vault.

Both pvault-dump and pvault-restore are bundled with every Vault image and can be accessed using Docker run commands, as follows:

alias pvault-dump="docker run -i --entrypoint pvault-dump -v \$(pwd):/pwd -w /pwd [image]"
alias pvault-restore="docker run -i --entrypoint pvault-restore -v \$(pwd):/pwd -w /pwd [image]"


The pvault-dump utility wraps pg_dump and is used to create a backup of Vault. It creates a file that contains the instructions required to recreate the Vault. The backup file is compressed to save space and includes the schema and the data.


pvault-dump [connection string] > [output file]

To connect to a PostgreSQL database, you need to provide a connection string that includes the following parameters:

  • addr: the IP address or hostname of the server where the PostgreSQL database is running.
  • port: the port number on which the PostgreSQL server is listening.
  • dbname: the name of the database you want to connect to.
  • user: the username used to authenticate to the database.
  • password: the password associated with the user account.

Key/Value notation


host=%s port=%d dbname=%s user=%s password=%s


pvault-dump addr=<DB hostname> port=5432 dbname=mydb user=myuser password=mypassword > backup.gz

PostgreSQL URL notation

The connection string also supports PostgreSQL URL syntax:



pvault-dump postgresql://$user:$password@$addr:$port/$dbname > backup.gz


Where a parameter is not given in the connection string, the following default values are used:

  • addr: host.docker.internal
  • port: 5432
  • dbname: pvault
  • user: pvault
  • password: pvault


The pvault-restore utility uses psql to restore a backup from the Vault created by pvault-dump. It replaces the original database with the contents of the backup file.


pvault-restore [connection string] < [file name]


pvault-restore addr=<DB hostname> port=5432 dbname=pvault user=pvault password=pvault < backup.gz

After pg-restore restart all of your Vault instances


Ensure that the container is running and that the parameters match the settings in the container.