X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Fbacula%2Ftemplates%2Fbacula-dir.conf.erb;h=1026d97ad0a10030a2e28dbc4c04c72a2e13e338;hb=adbc32579addc7260ba6cbd55c9895269f26e120;hp=34d6c99d40d60390db96c68a5959a62ec8f03939;hpb=a0ae58f07e1d5e2ed987ef4c50e559534796e300;p=mirror%2Fdsa-puppet.git

diff --git a/modules/bacula/templates/bacula-dir.conf.erb b/modules/bacula/templates/bacula-dir.conf.erb
index 34d6c99d4..1026d97ad 100644
--- a/modules/bacula/templates/bacula-dir.conf.erb
+++ b/modules/bacula/templates/bacula-dir.conf.erb
@@ -23,6 +23,15 @@ Director {
      ip = { addr = 127.0.0.1; port = 9101 }
 	 ip = { addr = <%=bacula_director_address%>; port = <%=bacula_director_port%> }
   }
+
+  TLS Enable = yes
+  TLS Require = yes
+  TLS Verify Peer = yes
+  TLS Allowed CN = "clientcerts/<%= bacula_director_address %>"
+  TLS CA Certificate File = "<%= bacula_ca_path %>"
+  # This is a server certificate, used for incoming console connections.
+  TLS Certificate = "<%= bacula_ssl_server_cert %>"
+  TLS Key = "<%= bacula_ssl_server_key %>"
 }
 
 ########################################################################
@@ -35,7 +44,7 @@ FileSet {
       signature = SHA1
       compression = GZIP9
     }
-    File = "\\|bash -c \"df -Pkl -x tmpfs | tail -n +2 | awk '{print \$NF}' \""
+    File = "\\|/usr/local/sbin/bacula-backup-dirs"
     # Dont backup directories that contain .nobackup files
     Exclude Dir Containing = .nobackup
   }
@@ -44,6 +53,7 @@ FileSet {
     File = /var/lib/bacula
     File = /var/cache/apt/
     File = /nonexistant
+    File = /swapfile
     File = /proc
     File = /tmp
     File = /.journal
@@ -97,9 +107,9 @@ Schedule {
 ########################################################################
 Catalog {
   Name = MyCatalog
-  dbname = bacula;
-  DB Address = "<%= bacula_db_address %>";
-  DB Port = <%= bacula_db_port %>;
+  dbname = "service = bacula";
+  #DB Address = "<%= bacula_db_address %>";
+  #DB Port = <%= bacula_db_port %>;
   dbuser = "bacula";
   dbpassword = "<%= bacula_db_secret %>"
 }
@@ -111,10 +121,11 @@ Messages {
   Name = Standard
   mailcommand = "/usr/lib/bacula/bsmtp -h localhost -f \"\(Bacula\) %r\" -s \"Bacula: %t %e of %c %l\" %r"
   operatorcommand = "/usr/lib/bacula/bsmtp -h localhost -f \"\(Bacula\) %r\" -s \"Bacula: Intervention needed for %j\" %r"
-  mail on error = <%= bacula_operator_email %> = all, !skipped
+  #mail on error = <%= bacula_operator_email %> = all, !skipped
+  mail = <%= bacula_operator_email %> = all
   operator = <%= bacula_operator_email %> = mount
   console = all, !skipped, !saved
-  append = "/var/lib/bacula/log" = all, !skipped
+  append = "/var/lib/bacula/log" = all
   catalog = all
 }
 
@@ -122,23 +133,9 @@ Messages {
 Messages {
   Name = Daemon
   mailcommand = "/usr/lib/bacula/bsmtp -h localhost -f \"\(Bacula\) %r\" -s \"Bacula daemon message\" %r"
-  mail = <%= bacula_operator_email %> = all, !skipped
+  mail = <%= bacula_operator_email %> = all
   console = all, !skipped, !saved
-  append = "/var/lib/bacula/log" = all, !skipped
-}
-
-########################################################################
-# Storage config                                                       #
-########################################################################
-
-Storage {
-  Name = <%= bacula_filestor_name %>
-  Address = <%= bacula_storage_address %>
-  SDPort = <%= bacula_storage_port %>
-  Password = "<%= bacula_storage_secret %>"
-  Device = <%= bacula_filestor_device %>
-  Media Type = <%= bacula_filestor_name %>
-  Maximum Concurrent Jobs = 10
+  append = "/var/lib/bacula/log" = all
 }
 
 ########################################################################
@@ -159,89 +156,94 @@ JobDefs {
   Level = Incremental
   FileSet = "Standard Set"
   Schedule = "WeeklyCycle"
-  Storage = <%=bacula_filestor_name%>
   Messages = Standard
-  Pool = <%=bacula_pool_name%>
-  Differential Backup Pool = <%=bacula_pool_name%>diff
-  Incremental Backup Pool = <%=bacula_pool_name%>inc
   Max Full Interval = 1 month
   Priority = 10
   Write Bootstrap = "/var/lib/bacula/%c.bsr"
   Maximum Concurrent Jobs = 20
+  Client Run After Job = "/usr/local/sbin/postbaculajob -c \"%c\" -d \"%d\" -i \"%i\" -l \"%l\" -n \"%n\" -o /var/log/bacula/client-after.state"
 }
 
 ########################################################################
-# Pool definition                                                      #
+# Standard Restore template, to be changed by Console program          #
+#  Only one such job is needed for all Jobs/Clients/Storage ...        #
 ########################################################################
-Pool {
-  Name = <%= bacula_pool_name %>
-  Pool Type = Backup
-  Recycle = no
-  AutoPrune = yes
-  Volume Retention = 1 year
-  Label Format = "${Client}-${Year}-${Month:p/2/0/r}-${Day:p/2/0/r}_${Hour:p/2/0/r}:${Minute:p/2/0/r}"
-  Volume Use Duration = 23h
-  Maximum Volume Jobs = 1
-  Maximum Volume Bytes = 50G
-  Action On Purge = Truncate
+Job {
+  Name = "RestoreFiles"
+  Type = Restore
+  Client = <%=bacula_director_address%>-fd
+  FileSet = "Standard Set"
+  Pool = poolfull-<%=bacula_pool_name%>-<%=bacula_director_address%>
+  Messages = Standard
+  Where = /var/tmp/bacula-restores
 }
 
+
+# Scratch pool definition
 Pool {
-  Name = <%= bacula_pool_name %>diff
+  Name = Scratch
   Pool Type = Backup
-  Recycle = no
-  AutoPrune = yes
-  Volume Retention = 1 year
-  Label Format = "${Client}-${Year}-${Month:p/2/0/r}-${Day:p/2/0/r}_${Hour:p/2/0/r}:${Minute:p/2/0/r}"
-  Volume Use Duration = 23h
-  Maximum Volume Jobs = 1
-  Maximum Volume Bytes = 50G
-  Action On Purge = Truncate
 }
 
+########################################################################
+# Generic jobs                                                         #
+########################################################################
+# Backup the catalog database (after the nightly save)
+Storage {
+  Name = "<%= bacula_filestor_name %>-catalog"
+  Address = <%= bacula_storage_address %>
+  SDPort = <%= bacula_storage_port %>
+  Password = "<%= bacula_storage_secret %>"
+  Device = "<%= bacula_filestor_device %>-catalog"
+  Media Type = "<%= bacula_filestor_name %>-catalog"
+  Maximum Concurrent Jobs = 10
+
+  TLS Enable = yes
+  TLS Require = yes
+  TLS CA Certificate File = "<%= bacula_ca_path %>"
+  # This is a client certificate, used by the director to connect to the storage daemon
+  TLS Certificate = "<%= bacula_ssl_client_cert %>"
+  TLS Key = "<%= bacula_ssl_client_key %>"
+}
 Pool {
-  Name = <%= bacula_pool_name %>inc
+  Name = "poolcatalog-<%=bacula_pool_name%>"
   Pool Type = Backup
-  Recycle = no
+  Storage = "<%=bacula_filestor_name%>-catalog"
   AutoPrune = yes
-  Volume Retention = 1 year
-  Label Format = "${Client}-${Year}-${Month:p/2/0/r}-${Day:p/2/0/r}_${Hour:p/2/0/r}:${Minute:p/2/0/r}"
+  Volume Retention = 2 months
+  Label Format = "<%= bacula_pool_name %>-catalog.${Year}-${Month:p/2/0/r}-${Day:p/2/0/r}_${Hour:p/2/0/r}:${Minute:p/2/0/r}"
   Volume Use Duration = 23h
   Maximum Volume Jobs = 1
   Maximum Volume Bytes = 50G
   Action On Purge = Truncate
+  Recycle = yes
+  RecyclePool = "poolcataloggraveyard-<%=bacula_pool_name%>"
 }
-
-# Scratch pool definition
 Pool {
-  Name = Scratch
+  Name = "poolcataloggraveyard-<%=bacula_pool_name%>"
   Pool Type = Backup
+  Storage = "<%=bacula_filestor_name%>-catalog"
+  Recycle = yes
+  RecyclePool = "poolcataloggraveyard-<%=bacula_pool_name%>"
 }
 
-########################################################################
-# Generic jobs                                                         #
-########################################################################
-# Backup the catalog database (after the nightly save)
-#Job {
-#  Name = "BackupCatalog"
-#  JobDefs = "Standardbackup"
-#  Level = Full
-#  FileSet="Catalog"
-#  Schedule = "WeeklyCycleAfterBackup"
+Job {
+  Name = "BackupCatalog"
+  JobDefs = "Standardbackup"
+  Client = <%=bacula_director_address%>-fd
+  Level = Full
+  FileSet = "Catalog"
+  Schedule = "WeeklyCycleAfterBackup"
 #  # This creates an ASCII copy of the catalog
 #  # Arguments to make_catalog_backup.pl are:
 #  #  make_catalog_backup.pl <catalog-name>
-#  RunBeforeJob = "/etc/bacula/scripts/make_catalog_backup.pl MyCatalog"
+  RunBeforeJob = "/etc/bacula/scripts/make_catalog_backup.pl MyCatalog"
 #  # This deletes the copy of the catalog
-#  RunAfterJob  = "/etc/bacula/scripts/delete_catalog_backup"
-#  Write Bootstrap = "/var/lib/bacula/%n.bsr"
-#  Priority = 15    # run after main backup
-#  RunScript {
-#        RunsWhen=After
-#	    RunsOnClient=No
-#	    Console = "purge volume action=all allpools storage=File"
-#  }
-#}
+  RunAfterJob  = "/etc/bacula/scripts/delete_catalog_backup"
+  Write Bootstrap = "/var/lib/bacula/%n.bsr"
+  Priority = 15    # run after main backup
+  Pool = "poolcatalog-<%=bacula_pool_name%>"
+}
 
 ########################################################################
 # And now include all the generated configs                            #