diff --git a/docs/docs/administer/backup.mdx b/docs/docs/administer/backup.mdx
new file mode 100644
index 000000000..ae9f1de8e
--- /dev/null
+++ b/docs/docs/administer/backup.mdx
@@ -0,0 +1,89 @@
+---
+title: Backup and Restore
+sidebar_position: 4
+---
+
+Firezone can be safely backed up and restored in a couple of minutes under
+most circumstances.
+
+:::info
+This guide is written for Firezone deployments using **Docker Engine** on **Linux** only.
+:::
+
+Unless your hosting provider supports taking live VM snapshots, you'll
+need to stop Firezone before backing it up. This ensures the Postgres data
+directory is in a consistent state when the backup is performed. Backing up a
+running Firezone instance will **most likely** result in data loss when restored;
+you have been warned.
+
+After stopping Firezone, backing up Firezone is mostly a matter of copying the relevant
+[files and directories](/reference/file-and-directory-locations/) to a location of your
+choosing.
+
+See the steps below for specific examples for Docker and Omnibus.
+
+
+
+
+### Backup
+
+For Docker-based deployments, this will consist of backing up the `$HOME/.firezone`
+directory along with the Postgres data directory, typically located at
+`/var/lib/docker/volumes/firezone_postgres-data` on Linux if you're using the default
+Docker compose template.
+
+1. Stop Firezone (warning: this **will** disconnect any users connected to the VPN):
+```
+docker compose -f $HOME/.firezone/docker-compose.yml down
+```
+2. Copy relevant files and folders. If your made any customizations to `/etc/docker/daemon.json`
+(for example, for IPv6 support), be sure to include that in the backup as well.
+```
+tar -zcvfp $HOME/firezone-back-$(date +'%F-%H-%M').tgz $HOME/.firezone /var/lib/docker/volumes/firezone_postgres-data
+```
+
+A backup file named `firezone-back-TIMESTAMP.tgz` will then be stored in `$HOME/`.
+
+### Restore
+
+1. Copy the files back to their original location:
+```
+tar -zxvfp /path/to/firezone-back.tgz -C / --numeric-owner
+```
+2. Optionally, enable Docker to boot on startup:
+```
+systemctl enable docker
+```
+
+
+
+
+### Backup
+
+1. Stop Firezone (warning: this **will** disconnect any users connected to the VPN):
+```
+firezone-ctl stop
+```
+2. Copy relevant files and folders:
+```
+tar -zcvfp $HOME/firezone-back-$(date +'%F-%H-%M').tgz /var/opt/firezone /opt/firezone /usr/bin/firezone-ctl /etc/systemd/system/firezone-runsvdir-start.service /etc/firezone
+```
+
+A backup file named `firezone-back-TIMESTAMP.tgz` will then be stored in `$HOME/`.
+
+### Restore
+
+1. Copy the files back to their original location:
+```
+tar -zxvfp /path/to/firezone-back.tgz -C / --numeric-owner
+```
+2. Reconfigure Firezone to ensure configuration is applied to the host system:
+```
+firezone-ctl reconfigure
+```
+
+
+
+
+import SupportOptions from '@site/src/partials/_support_options.mdx';
+
diff --git a/docs/docs/reference/file-and-directory-locations.mdx b/docs/docs/reference/file-and-directory-locations.mdx
index ba6708021..e1061b799 100644
--- a/docs/docs/reference/file-and-directory-locations.mdx
+++ b/docs/docs/reference/file-and-directory-locations.mdx
@@ -10,13 +10,13 @@ your installation.
-| Default path | Description |
-| --- | --- |
-| `$HOME/.firezone/.env` | Firezone secrets used for encryption, cookies, and sessions. **Losing this file will result in irrecoverable data loss**. |
-| `$HOME/.firezone/docker-compose.yml` | Docker Compose file used to manage Firezone services. |
-| `$HOME/.firezone/firezone` | Top-level directory containing Firezone-related persisted data |
-| `$HOME/.firezone/caddy` | Caddy persisted files. |
-| Default Docker volume location, typically `/var/lib/docker/volumes/firezone_postgres-data`. | Postgres DB files. |
+| Default path | Description |
+| --- | --- |
+| `$HOME/.firezone/.env` | Firezone secrets used for encryption, cookies, and sessions. **Losing this file will result in irrecoverable data loss**. |
+| `$HOME/.firezone/docker-compose.yml` | Docker Compose file used to manage Firezone services. |
+| `$HOME/.firezone/firezone` | Top-level directory containing Firezone-related persisted data |
+| `$HOME/.firezone/caddy` | Caddy persisted files. |
+| Default Docker named volume location, typically `/var/lib/docker/volumes/firezone_postgres-data` for Linux. | Postgres DB files. |
@@ -31,3 +31,7 @@ your installation.
+
+## Backup and restore
+
+See our [backup guide](/administer/backup).