class bacula::director inherits bacula {
- package {
- "bacula-director-pgsql": ensure => installed;
- "bacula-common": ensure => installed;
- "bacula-common-pgsql": ensure => installed;
- }
-
- service {
- "bacula-director":
- ensure => running,
- enable => true,
- hasstatus => true,
- require => Package["bacula-director-pgsql"];
- }
- file {
- "/etc/bacula/conf.d":
- ensure => directory,
- mode => 755,
- group => bacula,
- notify => Exec["bacula-director restart"]
- ;
- "/etc/bacula/bacula-dir.conf":
- content => template("bacula/bacula-dir.conf.erb"),
- mode => 440,
- group => bacula,
- require => Package["bacula-director-pgsql"],
- notify => Exec["bacula-director restart"]
- ;
- }
-
- exec {
- "bacula-director restart":
- path => "/etc/init.d:/usr/bin:/usr/sbin:/bin:/sbin",
- refreshonly => true;
- }
-
- define bacula_client() {
- # These must be kept in sync with the settings in bacula.pp
- $bacula_client_name = "${name}-fd"
- $bacula_client_secret = hmac("/etc/puppet/secret", "bacula-fd-${name}")
- $client = $name
-
- file {
- "/etc/bacula/conf.d/${name}.conf":
- content => template("bacula/per-client.conf.erb"),
- mode => 440,
- group => bacula,
- notify => Exec["bacula-director restart"]
- ;
- }
- }
- $allhosts = keys($site::allnodeinfo)
-
- bacula_client { $allhosts: }
-
- @ferm::rule { 'dsa-bacula-dir':
- domain => '(ip ip6)',
- description => 'Allow bacula access from localhost,
- rule => "proto tcp mod state state (NEW) dport (bacula-dir) saddr ($bacula_director_address localhost) ACCEPT",
- }
+ package { ['bacula-director-pgsql', 'bacula-common', 'bacula-common-pgsql']:
+ ensure => installed
+ }
+ service { 'bacula-director':
+ ensure => running,
+ enable => true,
+ hasstatus => true,
+ require => Package['bacula-director-pgsql']
+ }
+
+ exec { 'bacula-director reload':
+ path => '/usr/bin:/usr/sbin:/bin:/sbin',
+ command => 'service bacula-director reload',
+ refreshonly => true,
+ }
+
+ file { '/etc/bacula/conf.d':
+ ensure => directory,
+ mode => '0755',
+ group => bacula,
+ purge => true,
+ force => true,
+ recurse => true,
+ source => 'puppet:///files/empty/',
+ notify => Exec['bacula-director reload']
+ }
+
+ file { '/etc/bacula/bacula-dir.conf':
+ content => template('bacula/bacula-dir.conf.erb'),
+ mode => '0440',
+ group => bacula,
+ require => Package['bacula-director-pgsql'],
+ notify => Exec['bacula-director reload']
+ }
+
+ @ferm::rule { 'dsa-bacula-dir':
+ domain => '(ip)',
+ description => 'Allow bacula access from localhost',
+ rule => "proto tcp mod state state (NEW) dport (bacula-dir) saddr (${bacula_director_ip} localhost) ACCEPT",
+ }
+
+ file { '/etc/bacula/conf.d/empty.conf':
+ content => '',
+ mode => '0440',
+ group => bacula,
+ require => Package['bacula-director-pgsql'],
+ notify => Exec['bacula-director reload']
+ }
+
+ Bacula::Node<<| |>>
+
+ package { 'bacula-console':
+ ensure => installed;
+ }
+
+ file { '/etc/bacula/bconsole.conf':
+ content => template('bacula/bconsole.conf.erb'),
+ mode => '0640',
+ group => bacula,
+ require => Package['bacula-console']
+ }
+
+ file { '/etc/bacula/bacula-volume-purge-action':
+ mode => '0555',
+ source => 'puppet:///modules/bacula/bacula-volume-purge-action',
+ ;
+ }
+ file { '/etc/bacula/storages-list.d':
+ ensure => directory,
+ mode => '0755',
+ group => bacula,
+ purge => true,
+ force => true,
+ recurse => true,
+ source => 'puppet:///files/empty/',
+ }
+ file { "/etc/cron.d/tor-bacula-stuff":
+ content => "@daily root (cat /etc/bacula/storages-list.d/*.storage; echo '$bacula::bacula_filestor_name-catalog') | /etc/bacula/bacula-volume-purge-action\n";
+ }
}