Move bacula::bacula_ssl_ca_path to hiera

[mirror/dsa-puppet.git] / modules / bacula / templates / bacula-sd.conf.erb

diff --git a/modules/bacula/templates/bacula-sd.conf.erb b/modules/bacula/templates/bacula-sd.conf.erb
index ec17f56..d232bd9 100644 (file)
--- a/modules/bacula/templates/bacula-sd.conf.erb
+++ b/modules/bacula/templates/bacula-sd.conf.erb
@@ -5,45 +5,39 @@
 #  For Bacula release 5.0.1 (24 February 2010) -- debian 5.0.4
 
 Storage {
-  Name = <%= bacula_storage_name %>
-  SDPort = <%= bacula_storage_port %>
+  Name = <%= @storage_name %>
+  SDAddresses = {
+    # bacula, on Debian 9 (stretch), does not resolve a single name
+    # to both v4 and v6 addresses.  Se we can't just say
+    # ip = { addr = <hostname> }.  Boo.
+    <%- if @has_ipv4 -%>
+    ipv4 = {
+      # use the hostname rather than the IP address from LDAP,
+      # as /etc/hosts might have a better answer in case of natted hosts.
+      addr = <%= @storage_address %>
+      port = <%= @port_sd %>
+    }
+    <%- end -%>
+    <%- if @has_ipv6 -%>
+    ipv6 = {
+      addr = <%= @storage_address %>
+      port = <%= @port_sd %>
+    }
+    <%- end -%>
+  }
   WorkingDirectory = "/var/lib/bacula"
-  Pid Directory = "/var/run/bacula"
+  Pid Directory = "/run/bacula"
+  Plugin Directory = "/usr/lib/bacula"
   Maximum Concurrent Jobs = 21
-  SDAddress = <%= bacula_storage_address %>
-  Heartbeat Interval = 180
-}
+  Heartbeat Interval = 60
 
-# List Directors who are permitted to contact Storage daemon
-#
-Director {
-  Name = <%= bacula_director_name %>
-  Password = "<%= bacula_storage_secret %>"
+  TLS Enable = yes
+  TLS Require = yes
+  TLS Verify Peer = yes
+  <%= scope['bacula::bacula_tls_ca_certificate_file'] %>
+  # This is a server certificate, used for incoming connections.
+  TLS Certificate = "<%= @bacula_ssl_server_cert %>"
+  TLS Key = "<%= @bacula_ssl_server_key %>"
 }
 
-
-# To connect, the Director's bacula-dir.conf must have the
-#  same Name and MediaType.
-#
-Device {
-  Name = <%= bacula_filestor_device %>
-  Media Type = <%= bacula_filestor_name %>
-  Archive Device = <%= bacula_backup_path %>
-  LabelMedia = yes;
-  Random Access = Yes;
-  AutomaticMount = yes;
-  RemovableMedia = no;
-  AlwaysOpen = no;
-  Maximum Network Buffer Size = 4194304
-  Maximum Spool Size = 250G
-  Maximum Job Spool Size = 50G
-  Spool Directory = <%= bacula_backup_path %>/spool
-}
-
-# Send all messages to the Director,
-# mount messages also are sent to the email address
-#
-Messages {
-  Name = Standard
-  director = <%= bacula_director_name %> = all
-}
+@|"sh -c 'for f in /etc/bacula/storage-conf.d/*.conf ; do echo @${f} ; done'"