3 # @param pool_name A token to be used in pool names
4 # @param db_address hostname of the postgres server for the catalog DB
5 # @param db_port port of the postgres server for the catalog DB
6 # @param db_name DB name for the catalog DB
7 # @param db_user username for the postgres server for the catalog DB
8 # @param db_password password for the postgres server for the catalog DB
9 # @param port_dir Port that the director should listen on
10 # @param db_sslca SSL CA store for DB access
11 # @param director_name bacula name of this dir instance
12 # @param director_address address of this dir instance that other instances should connect to (dns name)
13 class bacula::director(
16 String $db_name = 'bacula',
17 String $db_user = 'bacula',
18 String $db_password = hkdf('/etc/puppet/secret', "bacula-db-${::hostname}"),
19 String $pool_name = 'bacula',
20 Integer $port_dir = 9101,
21 Optional[String] $db_sslca = undef,
22 #String $director_name = "${::fqdn}-dir",
23 String $director_name = $bacula::bacula_director_name,
24 Stdlib::Host $director_address = $::fqdn,
27 # used by e.g. bconsole
28 $director_secret = hkdf('/etc/puppet/secret', "bacula-dir-${::fqdn}")
29 # the RestoreFiles Job needs a Pool and a client. Any valid pool and client.
30 $some_pool_name = "poolfull-${pool_name}-${director_address}"
31 $some_client_name = "${director_address}-fd"
33 # let the SD know we exist
34 @@bacula::storage::director{ $::fqdn:
35 tag => 'bacula::to-storage',
36 director_name => $director_name,
37 director_address => $director_address,
39 # let FDs know we exist
40 @@bacula::client::director{ $::fqdn:
41 tag => "bacula::to-fd::${director_address}",
42 director_name => $director_name,
43 director_address => $director_address,
47 'bacula-director-pgsql',
51 ensure => 'installed',
54 service { 'bacula-director':
58 require => Package['bacula-director-pgsql']
60 dsa_systemd::override { 'bacula-director':
67 exec { 'bacula-director reload':
68 path => '/usr/bin:/usr/sbin:/bin:/sbin',
69 command => 'service bacula-director reload',
73 file { '/etc/bacula/conf.d':
80 source => 'puppet:///files/empty/',
81 notify => Exec['bacula-director reload']
84 file { '/etc/bacula/bacula-dir.conf':
85 content => template('bacula/bacula-dir.conf.erb'),
88 require => Package['bacula-director-pgsql'],
89 notify => Exec['bacula-director reload']
92 file { '/etc/bacula/conf.d/empty.conf':
96 require => Package['bacula-director-pgsql'],
97 notify => Exec['bacula-director reload']
100 Bacula::Director::Client <<| tag == "bacula::to-director::${::fqdn}" |>>
101 Bacula::Director::Client_from_storage<<| tag == "bacula::to-director::${::fqdn}" |>>
103 package { 'bacula-console':
107 file { '/etc/bacula/bconsole.conf':
108 content => template('bacula/bconsole.conf.erb'),
111 require => Package['bacula-console']
114 package { 'python3-psycopg2': ensure => installed }
115 file { '/etc/bacula/scripts/volume-purge-action':
117 source => 'puppet:///modules/bacula/volume-purge-action',
120 file { '/etc/bacula/scripts/volumes-delete-old':
122 source => 'puppet:///modules/bacula/volumes-delete-old',
125 file { '/etc/bacula/storages-list.d':
132 source => 'puppet:///files/empty/',
134 file { '/usr/local/sbin/dsa-bacula-scheduler':
135 source => 'puppet:///modules/bacula/dsa-bacula-scheduler',
139 file { '/etc/cron.d/puppet-bacula-stuff': ensure => absent, }
140 concat::fragment { 'puppet-crontab--bacula-director':
141 target => '/etc/cron.d/puppet-crontab',
143 @daily root chronic /etc/bacula/scripts/volume-purge-action -v
144 @daily root chronic /etc/bacula/scripts/volumes-delete-old -v
145 */3 * * * * root sleep $(( $RANDOM \% 60 )); flock -w 0 -e /usr/local/sbin/dsa-bacula-scheduler /usr/local/sbin/dsa-bacula-scheduler
149 concat { $bacula::bacula_dsa_client_list:
151 concat::fragment { 'bacula-dsa-client-list::header' :
152 target => $bacula::bacula_dsa_client_list,
156 Concat::Fragment <<| tag == $bacula::tag_bacula_dsa_client_list |>>
158 @@ferm::rule::simple { "bacula::director-to-fd::${::fqdn}":
159 tag => "bacula::director-to-fd::${::fqdn}",
160 description => 'Allow bacula-fd from the bacula-director',
161 port => '7', # overridden on collecting
162 saddr => $bacula::public_addresses,
164 @@ferm::rule::simple { "bacula::director-to-storage::${::fqdn}":
165 tag => 'bacula::director-to-storage',
166 description => 'Allow bacula-storage access from the bacula-director',
167 chain => 'bacula-sd',
168 saddr => $bacula::public_addresses,