-class bacula::director inherits bacula {
-
- package {
- "bacula-director-pgsql": ensure => installed;
- "bacula-common": ensure => installed;
- "bacula-common-pgsql": ensure => installed;
- }
-
- service {
- "bacula-director":
- ensure => running,
- enable => true,
- hasstatus => true,
- require => Package["bacula-director-pgsql"];
- }
- file {
- "/etc/bacula/conf.d":
- ensure => directory,
- mode => 755,
- group => bacula,
- notify => Exec["bacula-director restart"]
- ;
- "/etc/bacula/bacula-dir.conf":
- content => template("bacula/bacula-dir.conf.erb"),
- mode => 440,
- group => bacula,
- require => Package["bacula-director-pgsql"],
- notify => Exec["bacula-director restart"]
- ;
- }
-
- exec {
- "bacula-director restart":
- path => "/etc/init.d:/usr/bin:/usr/sbin:/bin:/sbin",
- refreshonly => true;
- }
-
- define bacula_client() {
- # These must be kept in sync with the settings in bacula.pp
- $bacula_client_name = "${name}-fd"
- $bacula_client_secret = hmac("/etc/puppet/secret", "bacula-fd-${name}")
- $client = $name
-
- file {
- "/etc/bacula/conf.d/${name}.conf":
- content => template("bacula/per-client.conf.erb"),
- mode => 440,
- group => bacula,
- notify => Exec["bacula-director restart"]
- ;
- }
- }
- $allhosts = keys($site::allnodeinfo)
-
- bacula_client { $allhosts: }
-
- @ferm::rule { 'dsa-bacula-dir':
- domain => '(ip ip6)',
- description => 'Allow bacula access from localhost',
- rule => "proto tcp mod state state (NEW) dport (bacula-dir) saddr ($bacula_director_address localhost) ACCEPT",
+# our bacula director
+#
+# @param pool_name A token to be used in pool names
+# @param db_address hostname of the postgres server for the catalog DB
+# @param db_port port of the postgres server for the catalog DB
+# @param db_name DB name for the catalog DB
+# @param db_user username for the postgres server for the catalog DB
+# @param db_password password for the postgres server for the catalog DB
+# @param port_dir Port that the director should listen on
+# @param db_sslca SSL CA store for DB access
+# @param director_name bacula name of this dir instance
+# @param director_address address of this dir instance that other instances should connect to (dns name)
+# @param messages_name name of the Messages Resource
+class bacula::director(
+ String $db_address = 'localhost',
+ Integer $db_port = 5432,
+ String $db_name = 'bacula',
+ String $db_user = 'bacula',
+ String $db_password = hkdf('/etc/puppet/secret', "bacula-db-${::hostname}"),
+ String $pool_name = 'bacula',
+ Integer $port_dir = 9101,
+ Optional[String] $db_sslca = undef,
+ String $director_name = "${::fqdn}-dir",
+ Stdlib::Host $director_address = $::fqdn,
+ String $messages_name = "Msg-${::fqdn}",
+) inherits bacula {
+
+ # used by e.g. bconsole
+ $director_secret = hkdf('/etc/puppet/secret', "bacula-dir-${::fqdn}")
+ # the RestoreFiles Job needs a Pool and a client. Any valid pool and client.
+ $some_pool_name = "poolfull-${pool_name}-${director_address}"
+ $some_client_name = "${director_address}-fd"
+
+ $real_email_error = $bacula::email_error ? { true => $bacula::email_error , default => 'root@localhost' }
+ $real_email_operator = $bacula::email_operator ? { true => $bacula::email_operator, default => 'root@localhost' }
+ $real_email_daemon = $bacula::email_daemon ? { true => $bacula::email_daemon , default => 'root@localhost' }
+
+ # let the SD know we exist
+ @@bacula::storage::director{ $::fqdn:
+ tag => 'bacula::to-storage',
+ director_name => $director_name,
+ director_address => $director_address,
+ messages_name => $messages_name,
+ }
+ # let FDs know we exist
+ @@bacula::client::director{ $::fqdn:
+ tag => "bacula::to-fd::${director_address}",
+ director_name => $director_name,
+ director_address => $director_address,
+ messages_name => $messages_name,
+ }
+
+ ensure_packages ( [
+ 'bacula-director-pgsql',
+ 'bacula-common',
+ 'bacula-common-pgsql'
+ ], {
+ ensure => 'installed',
+ })
+
+ service { 'bacula-director':
+ ensure => running,
+ enable => true,
+ hasstatus => true,
+ require => Package['bacula-director-pgsql']
+ }
+ dsa_systemd::override { 'bacula-director':
+ content => @(EOT)
+ [Unit]
+ After=network-online.target unbound.service
+ | EOT
+ }
+
+ exec { 'bacula-director reload':
+ path => '/usr/bin:/usr/sbin:/bin:/sbin',
+ command => 'service bacula-director reload',
+ refreshonly => true,
+ }
+
+ file { '/etc/bacula/conf.d':
+ ensure => directory,
+ mode => '0755',
+ group => bacula,
+ purge => true,
+ force => true,
+ recurse => true,
+ notify => Exec['bacula-director reload']
+ }
+
+ file { '/etc/bacula/bacula-dir.conf':
+ content => template('bacula/bacula-dir.conf.erb'),
+ mode => '0440',
+ group => bacula,
+ require => Package['bacula-director-pgsql'],
+ notify => Exec['bacula-director reload']
+ }
+
+ file { '/etc/bacula/conf.d/empty.conf':
+ content => '',
+ mode => '0440',
+ group => bacula,
+ require => Package['bacula-director-pgsql'],
+ notify => Exec['bacula-director reload']