# our bacula director
#
-# @param pool_name A string to be used in pool names
-# @param db_address hostname of the postgres server for the catalog DB
-# @param db_port port of the postgres server for the catalog DB
-# @param db_name DB name for the catalog DB
-# @param db_user username for the postgres server for the catalog DB
-# @param db_sslca SSL CA store for DB access
+# @param pool_name A token to be used in pool names
+# @param db_address hostname of the postgres server for the catalog DB
+# @param db_port port of the postgres server for the catalog DB
+# @param db_name DB name for the catalog DB
+# @param db_user username for the postgres server for the catalog DB
+# @param db_password password for the postgres server for the catalog DB
+# @param port_dir Port that the director should listen on
+# @param db_sslca SSL CA store for DB access
+# @param director_name bacula name of this dir instance
+# @param director_address address of this dir instance that other instances should connect to (dns name)
+# @param messages_name name of the Messages Resource
class bacula::director(
- String $db_address,
- Integer $db_port,
+ String $db_address = 'localhost',
+ Integer $db_port = 5432,
String $db_name = 'bacula',
String $db_user = 'bacula',
+ String $db_password = hkdf('/etc/puppet/secret', "bacula-db-${::hostname}"),
String $pool_name = 'bacula',
+ Integer $port_dir = 9101,
Optional[String] $db_sslca = undef,
+ String $director_name = "${::fqdn}-dir",
+ Stdlib::Host $director_address = $::fqdn,
+ String $messages_name = "Msg-${::fqdn}",
) inherits bacula {
+ # used by e.g. bconsole
+ $director_secret = hkdf('/etc/puppet/secret', "bacula-dir-${::fqdn}")
+ # the RestoreFiles Job needs a Pool and a client. Any valid pool and client.
+ $some_pool_name = "poolfull-${pool_name}-${director_address}"
+ $some_client_name = "${director_address}-fd"
+
+ # let the SD know we exist
+ @@bacula::storage::director{ $::fqdn:
+ tag => 'bacula::to-storage',
+ director_name => $director_name,
+ director_address => $director_address,
+ messages_name => $messages_name,
+ }
+ # let FDs know we exist
+ @@bacula::client::director{ $::fqdn:
+ tag => "bacula::to-fd::${director_address}",
+ director_name => $director_name,
+ director_address => $director_address,
+ messages_name => $messages_name,
+ }
+
ensure_packages ( [
'bacula-director-pgsql',
'bacula-common',
dsa_systemd::override { 'bacula-director':
content => @(EOT)
[Unit]
- After=unbound.service
+ After=network-online.target unbound.service
| EOT
}
purge => true,
force => true,
recurse => true,
- source => 'puppet:///files/empty/',
notify => Exec['bacula-director reload']
}
notify => Exec['bacula-director reload']
}
+ Bacula::Director::Client_from_storage<<| tag == "bacula::to-director::${::fqdn}" |>>
Bacula::Director::Client <<| tag == "bacula::to-director::${::fqdn}" |>>
- Bacula::Director::Client_from_stroage<<| tag == "bacula::to-director::${::fqdn}" |>>
package { 'bacula-console':
ensure => installed;
purge => true,
force => true,
recurse => true,
- source => 'puppet:///files/empty/',
}
file { '/usr/local/sbin/dsa-bacula-scheduler':
source => 'puppet:///modules/bacula/dsa-bacula-scheduler',
file { '/etc/cron.d/puppet-bacula-stuff': ensure => absent, }
concat::fragment { 'puppet-crontab--bacula-director':
target => '/etc/cron.d/puppet-crontab',
- content => @(EOF)
+ content => @("EOF"/$)
@daily root chronic /etc/bacula/scripts/volume-purge-action -v
- @daily root chronic /etc/bacula/scripts/volumes-delete-old -v
- */3 * * * * root sleep $(( $RANDOM \% 60 )); flock -w 0 -e /usr/local/sbin/dsa-bacula-scheduler /usr/local/sbin/dsa-bacula-scheduler
+ @daily root chronic /etc/bacula/scripts/volumes-delete-old -v --token '${pool_name}'
+ */3 * * * * root sleep $(( \$RANDOM \\% 60 )); flock -w 0 -e /usr/local/sbin/dsa-bacula-scheduler /usr/local/sbin/dsa-bacula-scheduler
| EOF
}
concat { $bacula::bacula_dsa_client_list:
- }
- concat::fragment { 'bacula-dsa-client-list::header' :
- target => $bacula::bacula_dsa_client_list,
- content => '',
- order => '00',
+ ensure_newline => true,
}
Concat::Fragment <<| tag == $bacula::tag_bacula_dsa_client_list |>>
saddr => $bacula::public_addresses,
}
@@ferm::rule::simple { "bacula::director-to-storage::${::fqdn}":
- tag => "bacula::director-to-storage::${::fqdn}",
+ tag => 'bacula::director-to-storage',
description => 'Allow bacula-storage access from the bacula-director',
chain => 'bacula-sd',
saddr => $bacula::public_addresses,