X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Fbacula%2Fmanifests%2Finit.pp;h=dfbc9ce33dfa1f803168f9c0c41fd8452d0dc636;hb=33d8a6c91f60158a8d6aeaa5f911c000f0bcc280;hp=740ba7f7b5f742441d5f5299cbb2d0f339db1736;hpb=8d6d2e6c2143d19a529e5f5e98b60945a5980e24;p=mirror%2Fdsa-puppet.git diff --git a/modules/bacula/manifests/init.pp b/modules/bacula/manifests/init.pp index 740ba7f7b..dfbc9ce33 100644 --- a/modules/bacula/manifests/init.pp +++ b/modules/bacula/manifests/init.pp @@ -1,41 +1,38 @@ -class bacula { +# bacula class -- defines all the variables we care about in our bacula deployment +# +# @param ssl_ca_path full path and filename specifying a PEM encoded TLS CA certificate(s) +# @param ssl_client_cert path to TLS client certificate +# @param ssl_client_key path to TLS client certificate key +# @param ssl_server_cert path to TLS server certificate +# @param ssl_server_key path to TLS server certificate key +# @param operator_email email address for reports +# @param public_addresses this host's public IP addresses. The ones it connects out from and is reachable from outsite. +# @param has_ipv4 daemons should listen on ipv4 +# @param has_ipv6 daemons should listen on ipv6 +class bacula ( + String $ssl_ca_path, + String $ssl_client_cert, + String $ssl_client_key, + String $ssl_server_cert, + String $ssl_server_key, - $bacula_operator_email = 'debian-admin@debian.org' + String $operator_email = 'root@localhost', + Array[Stdlib::IP::Address] $public_addresses = $base::public_addresses, + Boolean $has_ipv4 = $bacula::public_addresses.any |$addr| { $addr =~ Stdlib::IP::Address::V4 }, + Boolean $has_ipv6 = $bacula::public_addresses.any |$addr| { $addr =~ Stdlib::IP::Address::V6 }, +) { + # This file is used by our helper scripts on the director + $bacula_dsa_client_list = '/etc/bacula/dsa-clients' + $tag_bacula_dsa_client_list = 'bacula::dsa::clientlist' - $bacula_director_name = 'debian-dir' - $bacula_storage_name = 'debian-sd' - $bacula_client_name = "${::fqdn}-fd" - $bacula_monitor_name = 'debian-mon' - $bacula_filestor_name = 'File' - $bacula_filestor_device = 'FileStorage' - $bacula_pool_name = 'debian' + $bacula_tls_ca_certificate_file = "TLS CA Certificate File = \"${ssl_ca_path}\"" + $bacula_tls_client_certificate = "TLS Certificate = \"${ssl_client_cert}\"" + $bacula_tls_client_key = "TLS Key = \"${ssl_client_key}\"" + $bacula_tls_server_certificate = "TLS Certificate = \"${ssl_server_cert}\"" + $bacula_tls_server_key = "TLS Key = \"${ssl_server_key}\"" - # $bacula_director_address = 'dinis.debian.org' - # use IP address for ferm. - $bacula_director_address = '206.12.19.139' - $bacula_director_port = 9101 - $bacula_storage_address = 'beethoven.debian.org' - $bacula_storage_port = 9103 - $bacula_client_port = 9102 - $bacula_db_address = 'danzi.debian.org' - $bacula_db_port = 5433 - - $bacula_backup_path = '/srv/bacula' - - $bacula_director_secret = hmac('/etc/puppet/secret', "bacula-dir-${::hostname}") - $bacula_db_secret = hmac('/etc/puppet/secret', "bacula-db-${::hostname}") - $bacula_storage_secret = hmac('/etc/puppet/secret', "bacula-sd-${bacula_storage_name}") - $bacula_client_secret = hmac('/etc/puppet/secret', "bacula-fd-${::fqdn}") - $bacula_monitor_secret = hmac('/etc/puppet/secret', "bacula-monitor-${bacula_director_name}") - - package { 'bacula-console': - ensure => installed; - } - - file { '/etc/bacula/bconsole.conf': - content => template('bacula/bconsole.conf.erb'), - mode => '0640', - group => bacula, - require => Package['bacula-console'] - } + file { '/usr/local/sbin/bacula-idle-restart': + mode => '0555', + source => 'puppet:///modules/bacula/bacula-idle-restart', + } }