class bacula::client inherits bacula {
- @@bacula::storage-per-node { $::fqdn: }
+ @@bacula::storage_per_node { $::fqdn: }
if ! getfromhash($site::nodeinfo, 'not-bacula-client') {
- @@bacula::node { $::fqdn: }
+ @@bacula::node { $::fqdn:
+ bacula_client_port => $bacula::bacula_client_port,
+ }
+
+ @@concat::fragment { "bacula-dsa-client-list::$fqdn":
+ target => $bacula::bacula_dsa_client_list ,
+ content => @("EOF"),
+ ${fqdn}
+ | EOF
+ tag => $bacula::tag_bacula_dsa_client_list,
+ }
}
package { ['bacula-fd']:
require => Package['bacula-fd'],
notify => Service['bacula-fd'],
}
- if $::lsbmajdistrelease < 7 {
- file { '/etc/apt/preferences.d/dsa-bacula-client':
- content => template('bacula/apt.preferences.bacula-client.erb'),
- mode => '0444',
- owner => root,
- group => root,
+ if (versioncmp($::lsbmajdistrelease, '9') >= 0 and $systemd) {
+ # old name for the override content
+ file { '/etc/systemd/system/bacula-fd.service.d/user.conf':
+ ensure => absent,
+ }
+ dsa_systemd::override { 'bacula-fd':
+ content => @(EOT)
+ [Service]
+ ExecStart=
+ ExecStart=/usr/sbin/bacula-fd -c $CONFIG -f -u bacula -k
+ | EOT
}
} else {
- file { '/etc/apt/preferences.d/dsa-bacula-client':
- ensure => absent
+ file { '/etc/systemd/system/bacula-fd.service.d/user.conf':
+ ensure => absent,
+ }
+ dsa_systemd::override { 'bacula-fd':
+ ensure => absent,
}
}
- @ferm::rule { 'dsa-bacula-fd-v4':
- domain => '(ip)',
+ ferm::rule { 'dsa-bacula-fd':
+ domain => '(ip ip6)',
description => 'Allow bacula access from storage and director',
- rule => "proto tcp mod state state (NEW) dport (bacula-fd) saddr (${bacula_director_ip}) ACCEPT",
+ rule => "proto tcp mod state state (NEW) dport (${bacula_client_port}) saddr (${bacula_director_ip_addrs}) ACCEPT",
}
-
- #@ferm::rule { 'dsa-bacula-fd-v6':
- # domain => '(ip6)',
- # description => 'Allow bacula access from storage and director',
- # rule => "proto tcp mod state state (NEW) dport (bacula-fd) saddr (${bacula_director_ip6}) ACCEPT",
- #}
}
projects / mirror / dsa-puppet.git / blobdiff