Qualify tags with director name. Maybe we will support more than one in the future

[mirror/dsa-puppet.git] / modules / bacula / manifests / storage.pp

diff --git a/modules/bacula/manifests/storage.pp b/modules/bacula/manifests/storage.pp
index 39e619d..f581d04 100644 (file)
--- a/modules/bacula/manifests/storage.pp
+++ b/modules/bacula/manifests/storage.pp
@@ -21,7 +21,7 @@ class bacula::storage inherits bacula {
     path        => '/usr/bin:/usr/sbin:/bin:/sbin',
     command     => 'sh -c "setsid /usr/local/sbin/bacula-idle-restart sd &"',
     refreshonly => true,
-    subscribe   => File[$bacula_ssl_server_cert],
+    subscribe   => File[$bacula::bacula_ssl_server_cert],
     require     => File['/usr/local/sbin/bacula-idle-restart'],
   }
 
@@ -50,6 +50,10 @@ class bacula::storage inherits bacula {
     rule        => 'proto tcp mod state state (NEW) dport (bacula-sd) @subchain \'bacula-sd\' { saddr ($HOST_DEBIAN) ACCEPT; }',
     notarule    => true,
   }
+  # allow access from director
+  Ferm::Rule::Simple <<| tag == "bacula::director-to-storage::${bacula::bacula_director_address}" |>> {
+    port => $bacula::bacula_storage_port,
+  }
 
   file { '/etc/bacula/storage-conf.d/empty.conf':
     content => '',
@@ -58,23 +62,23 @@ class bacula::storage inherits bacula {
     notify  => Exec['bacula-sd restart-when-idle']
   }
 
-  file { "${bacula_backup_path}/Catalog":
-    ensure  => directory,
-    mode    => '0755',
-    owner   => bacula,
-    group   => bacula,
+  file { "${bacula::bacula_backup_path}/Catalog":
+    ensure => directory,
+    mode   => '0755',
+    owner  => bacula,
+    group  => bacula,
     ;
   }
 
   package { 'python3-psycopg2': ensure => installed }
   file { '/usr/local/bin/bacula-unlink-removed-volumes':
-    source  => 'puppet:///modules/bacula/bacula-unlink-removed-volumes',
-    mode    => '0555',
+    source => 'puppet:///modules/bacula/bacula-unlink-removed-volumes',
+    mode   => '0555',
   }
-  file { "/etc/cron.d/puppet-bacula-storage-stuff": ensure => absent, }
+  file { '/etc/cron.d/puppet-bacula-storage-stuff': ensure => absent, }
   concat::fragment { 'puppet-crontab--bacula-storage':
-    target => '/etc/cron.d/puppet-crontab',
-    content  => @(EOF)
+    target  => '/etc/cron.d/puppet-crontab',
+    content => @(EOF)
       @daily bacula chronic /usr/local/bin/bacula-unlink-removed-volumes -v
       | EOF
   }