- @ferm::rule { 'dsa-bacula-fd':
- domain => '(ip ip6)',
- description => 'Allow bacula access from storage and director',
- rule => 'proto tcp mod state state (NEW) dport (bacula-fd) @subchain \'bacula\' { saddr ($bacula_director_address) ACCEPT; }',
- }
+ file { '/etc/bacula/bacula-fd.conf':
+ content => template('bacula/bacula-fd.conf.erb'),
+ mode => '0640',
+ owner => root,
+ group => bacula,
+ require => Package['bacula-fd'],
+ notify => Exec['bacula-fd restart-when-idle'],
+ }
+ file { '/usr/local/sbin/bacula-backup-dirs':
+ mode => '0775',
+ source => 'puppet:///modules/bacula/bacula-backup-dirs',
+ }
+ file { '/usr/local/sbin/postbaculajob':
+ mode => '0775',
+ source => 'puppet:///modules/bacula/postbaculajob',
+ }
+ file { '/etc/default/bacula-fd':
+ content => template('bacula/default.bacula-fd.erb'),
+ mode => '0400',
+ owner => root,
+ group => root,
+ require => Package['bacula-fd'],
+ notify => Service['bacula-fd'],
+ }
+ file { '/etc/systemd/system/bacula-fd.service.d/user.conf':
+ source => 'puppet:///modules/bacula/bacula-fd-systemd',
+ mode => '0400',
+ owner => root,
+ group => root,
+ notify => Service['bacula-fd'],
+ }
+
+ @ferm::rule { 'dsa-bacula-fd-v4':
+ domain => '(ip)',
+ description => 'Allow bacula access from storage and director',
+ rule => "proto tcp mod state state (NEW) dport (${bacula_client_port}) saddr (${bacula_director_ip}) ACCEPT",
+ }
+
+ #@ferm::rule { 'dsa-bacula-fd-v6':
+ # domain => '(ip6)',
+ # description => 'Allow bacula access from storage and director',
+ # rule => "proto tcp mod state state (NEW) dport (bacula-fd) saddr (${bacula_director_ip6}) ACCEPT",
+ #}