# our bacula director
-class bacula::director inherits bacula {
+#
+# @param db_address hostname of the postgres server for the catalog DB
+# @param db_port port of the postgres server for the catalog DB
+# @param db_name DB name for the catalog DB
+# @param db_user username for the postgres server for the catalog DB
+# @param db_sslca SSL CA store for DB access
+class bacula::director(
+ String $db_address,
+ Integer $db_port,
+ String $db_name = 'bacula',
+ String $db_user = 'bacula',
+ Optional[String] $db_sslca = undef,
+) inherits bacula {
- package { ['bacula-director-pgsql', 'bacula-common', 'bacula-common-pgsql']:
- ensure => installed
- }
+ ensure_packages ( [
+ 'bacula-director-pgsql',
+ 'bacula-common',
+ 'bacula-common-pgsql'
+ ], {
+ ensure => 'installed',
+ })
service { 'bacula-director':
ensure => running,
notify => Exec['bacula-director reload']
}
- Bacula::Node<<| |>>
+ Bacula::Director::Client<<| tag == "bacula::to-director::${::fqdn}" |>>
package { 'bacula-console':
ensure => installed;
package { 'python3-psycopg2': ensure => installed }
file { '/etc/bacula/scripts/volume-purge-action':
- mode => '0555',
- source => 'puppet:///modules/bacula/volume-purge-action',
+ mode => '0555',
+ source => 'puppet:///modules/bacula/volume-purge-action',
;
}
file { '/etc/bacula/scripts/volumes-delete-old':
- mode => '0555',
- source => 'puppet:///modules/bacula/volumes-delete-old',
+ mode => '0555',
+ source => 'puppet:///modules/bacula/volumes-delete-old',
;
}
file { '/etc/bacula/storages-list.d':
source => 'puppet:///files/empty/',
}
file { '/usr/local/sbin/dsa-bacula-scheduler':
- source => 'puppet:///modules/bacula/dsa-bacula-scheduler',
- mode => '0555',
+ source => 'puppet:///modules/bacula/dsa-bacula-scheduler',
+ mode => '0555',
}
- file { "/etc/cron.d/puppet-bacula-stuff": ensure => absent, }
- concat::fragment { 'dsa-puppet-stuff--bacula-director':
- target => '/etc/cron.d/dsa-puppet-stuff',
- content => @(EOF)
+ file { '/etc/cron.d/puppet-bacula-stuff': ensure => absent, }
+ concat::fragment { 'puppet-crontab--bacula-director':
+ target => '/etc/cron.d/puppet-crontab',
+ content => @(EOF)
@daily root chronic /etc/bacula/scripts/volume-purge-action -v
@daily root chronic /etc/bacula/scripts/volumes-delete-old -v
*/3 * * * * root sleep $(( $RANDOM \% 60 )); flock -w 0 -e /usr/local/sbin/dsa-bacula-scheduler /usr/local/sbin/dsa-bacula-scheduler
concat { $bacula::bacula_dsa_client_list:
}
concat::fragment { 'bacula-dsa-client-list::header' :
- target => $bacula::bacula_dsa_client_list,
- content => "",
- order => '00',
+ target => $bacula::bacula_dsa_client_list,
+ content => '',
+ order => '00',
}
Concat::Fragment <<| tag == $bacula::tag_bacula_dsa_client_list |>>
+
+ @@ferm::rule::simple { "bacula::director-to-fd::${::fqdn}":
+ tag => "bacula::director-to-fd::${::fqdn}",
+ description => 'Allow bacula-fd from the bacula-director',
+ port => '7', # overridden on collecting
+ saddr => $bacula::public_addresses,
+ }
+ @@ferm::rule::simple { "bacula::director-to-storage::${::fqdn}":
+ tag => "bacula::director-to-storage::${::fqdn}",
+ description => 'Allow bacula-storage access from the bacula-director',
+ chain => 'bacula-sd',
+ saddr => $bacula::public_addresses,
+ }
}
projects / mirror / dsa-puppet.git / blobdiff