diff --git a/src/apps.js b/src/apps.js
index 386bbfa60..278b50ee9 100644
--- a/src/apps.js
+++ b/src/apps.js
@@ -21,6 +21,7 @@ exports = module.exports = {
 
     // user actions
     install,
+    unarchive,
     uninstall,
     archive,
 
@@ -2468,6 +2469,36 @@ async function clone(app, data, user, auditSource) {
     return { id: newAppId, taskId };
 }
 
+async function unarchive(archive, data, auditSource) {
+    assert.strictEqual(typeof archive, 'object');
+    assert.strictEqual(typeof data, 'object');
+    assert(auditSource && typeof auditSource === 'object');
+
+    const appConfig = archive.appConfig;
+
+    const dolly = _.pick(appConfig, 'appStoreId', 'manifest', 'memoryLimit', 'cpuQuota', 'crontab', 'reverseProxyConfig', 'env', 'servicesConfig',
+        'tags', 'label', 'enableMailbox', 'mailboxDisplayName', 'mailboxName', 'mailboxDomain', 'enableInbox', 'inboxName', 'inboxDomain', 'devices',
+        'enableTurn', 'enableRedis', 'mounts', 'enableBackup', 'enableAutomaticUpdate', 'accessRestriction', 'operators', 'sso',
+        'notes', 'checklist');
+
+    // intentionally not filled up: redirectDomain, aliasDomains, mailboxDomain
+    const newAppData = Object.assign(dolly, {
+        // from request
+        subdomain: data.subdomain,
+        domain: data.domain,
+        secondaryDomains: data.secondaryDomains || {},
+        ports: data.ports || null,
+        overwriteDns: 'overwriteDns' in data ? data.overwriteDns : false,
+        mailboxDomain: data.domain, // archive's mailboxDomain may not exist
+
+        // from the archive
+        icon: archive.icon,
+        backupId: archive.backupId,
+    });
+
+    return await install(newAppData, auditSource);
+}
+
 async function uninstall(app, auditSource) {
     assert.strictEqual(typeof app, 'object');
     assert.strictEqual(typeof auditSource, 'object');
diff --git a/src/archives.js b/src/archives.js
index af86beb82..3575767e7 100644
--- a/src/archives.js
+++ b/src/archives.js
@@ -7,11 +7,9 @@ exports = module.exports = {
     list,
     listBackupIds,
     del,
-    unarchive
 };
 
-const apps = require('./apps.js'),
-    assert = require('assert'),
+const assert = require('assert'),
     BoxError = require('./boxerror.js'),
     database = require('./database.js'),
     eventlog = require('./eventlog.js'),
@@ -107,33 +105,3 @@ async function del(archive, auditSource) {
 
     await eventlog.add(eventlog.ACTION_ARCHIVES_DEL, auditSource, { id: archive.id, backupId: archive.backupId });
 }
-
-async function unarchive(archive, data, auditSource) {
-    assert.strictEqual(typeof archive, 'object');
-    assert.strictEqual(typeof data, 'object');
-    assert(auditSource && typeof auditSource === 'object');
-
-    const appConfig = archive.appConfig;
-
-    const dolly = _.pick(appConfig, 'appStoreId', 'manifest', 'memoryLimit', 'cpuQuota', 'crontab', 'reverseProxyConfig', 'env', 'servicesConfig',
-        'tags', 'label', 'enableMailbox', 'mailboxDisplayName', 'mailboxName', 'mailboxDomain', 'enableInbox', 'inboxName', 'inboxDomain', 'devices',
-        'enableTurn', 'enableRedis', 'mounts', 'enableBackup', 'enableAutomaticUpdate', 'accessRestriction', 'operators', 'sso',
-        'notes', 'checklist');
-
-    // intentionally not filled up: redirectDomain, aliasDomains, mailboxDomain
-    const newAppData = Object.assign(dolly, {
-        // from request
-        subdomain: data.subdomain,
-        domain: data.domain,
-        secondaryDomains: data.secondaryDomains || {},
-        ports: data.ports || null,
-        overwriteDns: 'overwriteDns' in data ? data.overwriteDns : false,
-        mailboxDomain: data.domain, // archive's mailboxDomain may not exist
-
-        // from the archive
-        icon: archive.icon,
-        backupId: archive.backupId,
-    });
-
-    return await apps.install(newAppData, auditSource);
-}
diff --git a/src/routes/archives.js b/src/routes/archives.js
index 83be05ef3..0b164bc9f 100644
--- a/src/routes/archives.js
+++ b/src/routes/archives.js
@@ -10,7 +10,8 @@ exports = module.exports = {
     unarchive
 };
 
-const assert = require('assert'),
+const apps = require('../apps.js'),
+    assert = require('assert'),
     archives = require('../archives.js'),
     AuditSource = require('../auditsource.js'),
     BoxError = require('../boxerror.js'),
@@ -88,7 +89,7 @@ async function unarchive(req, res, next) {
         if (Object.keys(data.secondaryDomains).some(function (key) { return typeof data.secondaryDomains[key].domain !== 'string' || typeof data.secondaryDomains[key].subdomain !== 'string'; })) return next(new HttpError(400, 'secondaryDomain object must contain domain and subdomain strings'));
     }
 
-    const [error, result] = await safe(archives.unarchive(req.resource, req.body, AuditSource.fromRequest(req)));
+    const [error, result] = await safe(apps.unarchive(req.resource, req.body, AuditSource.fromRequest(req)));
     if (error) return next(BoxError.toHttpError(error));
 
     next(new HttpSuccess(202, { id: result.id, taskId: result.taskId }));