X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Fbacula%2Ftemplates%2Fbacula-dir.conf.erb;h=3ceb660bfa13803ec843c2e3e8d4910bccac0bb3;hb=76646956da694b823088a432d649824702b18fb1;hp=d444de6a9f72f4787a2f107c9f0a8a1c53997785;hpb=da4bf70031b8093490a51469a79ff07cc71f78f4;p=mirror%2Fdsa-puppet.git diff --git a/modules/bacula/templates/bacula-dir.conf.erb b/modules/bacula/templates/bacula-dir.conf.erb index d444de6a9..3ceb660bf 100644 --- a/modules/bacula/templates/bacula-dir.conf.erb +++ b/modules/bacula/templates/bacula-dir.conf.erb @@ -23,6 +23,15 @@ Director { ip = { addr = 127.0.0.1; port = 9101 } ip = { addr = <%=bacula_director_address%>; port = <%=bacula_director_port%> } } + + TLS Enable = yes + TLS Require = yes + TLS Verify Peer = yes + TLS Allowed CN = "clientcerts/<%= bacula_director_address %>" + TLS CA Certificate File = "<%= bacula_ca_path %>" + # This is a server certificate, used for incoming console connections. + TLS Certificate = "<%= bacula_ssl_server_cert %>" + TLS Key = "<%= bacula_ssl_server_key %>" } ######################################################################## @@ -35,7 +44,7 @@ FileSet { signature = SHA1 compression = GZIP9 } - File = "\\|bash -c \"df -Pkl -x tmpfs | tail -n +2 | awk '{print \$NF}' \"" + File = "\\|bash -c \"df -Pkl -x tmpfs -x iso9660 | tail -n +2 | awk '{print \$NF}' \"" # Dont backup directories that contain .nobackup files Exclude Dir Containing = .nobackup } @@ -53,6 +62,8 @@ FileSet { File = /var/run File = /var/lock File = /dev + File = /srv/chroot + File = /home/buildd/build-trees } } @@ -95,7 +106,11 @@ Schedule { ######################################################################## Catalog { Name = MyCatalog - dbname = bacula; DB Address = ""; dbuser = "bacula"; dbpassword = "s3kr1t" + dbname = "service = bacula"; + #DB Address = "<%= bacula_db_address %>"; + #DB Port = <%= bacula_db_port %>; + dbuser = "bacula"; + dbpassword = "<%= bacula_db_secret %>" } ######################################################################## @@ -105,10 +120,11 @@ Messages { Name = Standard mailcommand = "/usr/lib/bacula/bsmtp -h localhost -f \"\(Bacula\) %r\" -s \"Bacula: %t %e of %c %l\" %r" operatorcommand = "/usr/lib/bacula/bsmtp -h localhost -f \"\(Bacula\) %r\" -s \"Bacula: Intervention needed for %j\" %r" - mail = <%= bacula_operator_email %> = all, !skipped + #mail on error = <%= bacula_operator_email %> = all, !skipped + mail = <%= bacula_operator_email %> = all operator = <%= bacula_operator_email %> = mount console = all, !skipped, !saved - append = "/var/lib/bacula/log" = all, !skipped + append = "/var/lib/bacula/log" = all catalog = all } @@ -116,23 +132,9 @@ Messages { Messages { Name = Daemon mailcommand = "/usr/lib/bacula/bsmtp -h localhost -f \"\(Bacula\) %r\" -s \"Bacula daemon message\" %r" - mail = <%= bacula_operator_email %> = all, !skipped + mail = <%= bacula_operator_email %> = all console = all, !skipped, !saved - append = "/var/lib/bacula/log" = all, !skipped -} - -######################################################################## -# Storage config # -######################################################################## - -Storage { - Name = <%= bacula_filestor_name %> - Address = <%= bacula_storage_address %> - SDPort = <%= bacula_storage_port %> - Password = "<%= bacula_storage_secret %>" - Device = <%= bacula_filestor_device %> - Media Type = <%= bacula_filestor_name %> - Maximum Concurrent Jobs = 10 + append = "/var/lib/bacula/log" = all } ######################################################################## @@ -153,88 +155,93 @@ JobDefs { Level = Incremental FileSet = "Standard Set" Schedule = "WeeklyCycle" - Storage = <%=bacula_filestor_name%> Messages = Standard - Pool = <%=bacula_pool_name%> - Differential Backup Pool = <%=bacula_pool_name%>diff - Incremental Backup Pool = <%=bacula_pool_name%>inc Max Full Interval = 1 month Priority = 10 Write Bootstrap = "/var/lib/bacula/%c.bsr" Maximum Concurrent Jobs = 20 + Client Run After Job = "/usr/local/sbin/postbaculajob -c \"%c\" -d \"%d\" -i \"%i\" -l \"%l\" -n \"%n\" -o /var/log/bacula-main.log" } ######################################################################## -# Pool definition # +# Standard Restore template, to be changed by Console program # +# Only one such job is needed for all Jobs/Clients/Storage ... # ######################################################################## -Pool { - Name = <%= bacula_pool_name %> - Pool Type = Backup - Recycle = no - AutoPrune = yes - Volume Retention = 1 year - Label Format = "${Client}-${Year}-${Month:p/2/0/r}-${Day:p/2/0/r}_${Hour:p/2/0/r}:${Minute:p/2/0/r}" - Volume Use Duration = 23h - Maximum Volume Jobs = 1 - Maximum Volume Bytes = 50G - Action On Purge = Truncate +Job { + Name = "RestoreFiles" + Type = Restore + Client = <%=bacula_director_address%>-fd + FileSet = "Standard Set" + Pool = poolfull-<%=bacula_pool_name%>-<%=bacula_director_address%> + Messages = Standard + Where = /var/tmp/bacula-restores } + +# Scratch pool definition Pool { - Name = <%= bacula_pool_name %>diff + Name = Scratch Pool Type = Backup - Recycle = no - AutoPrune = yes - Volume Retention = 1 year - Label Format = "${Client}-${Year}-${Month:p/2/0/r}-${Day:p/2/0/r}_${Hour:p/2/0/r}:${Minute:p/2/0/r}" - Volume Use Duration = 23h - Maximum Volume Jobs = 1 - Maximum Volume Bytes = 50G - Action On Purge = Truncate } +######################################################################## +# Generic jobs # +######################################################################## +# Backup the catalog database (after the nightly save) +Storage { + Name = "<%= bacula_filestor_name %>-catalog" + Address = <%= bacula_storage_address %> + SDPort = <%= bacula_storage_port %> + Password = "<%= bacula_storage_secret %>" + Device = "<%= bacula_filestor_device %>-catalog" + Media Type = "<%= bacula_filestor_name %>-catalog" + Maximum Concurrent Jobs = 10 + + TLS Enable = yes + TLS Require = yes + TLS CA Certificate File = "<%= bacula_ca_path %>" + # This is a client certificate, used by the director to connect to the storage daemon + TLS Certificate = "<%= bacula_ssl_client_cert %>" + TLS Key = "<%= bacula_ssl_client_key %>" +} Pool { - Name = <%= bacula_pool_name %>inc + Name = "poolcatalog-<%=bacula_pool_name%>" Pool Type = Backup - Recycle = no + Storage = "<%=bacula_filestor_name%>-catalog" AutoPrune = yes - Volume Retention = 1 year - Label Format = "${Client}-${Year}-${Month:p/2/0/r}-${Day:p/2/0/r}_${Hour:p/2/0/r}:${Minute:p/2/0/r}" + Volume Retention = 2 months + Label Format = "<%= bacula_pool_name %>-catalog.${Year}-${Month:p/2/0/r}-${Day:p/2/0/r}_${Hour:p/2/0/r}:${Minute:p/2/0/r}" Volume Use Duration = 23h Maximum Volume Jobs = 1 Maximum Volume Bytes = 50G Action On Purge = Truncate + Recycle = yes + RecyclePool = "poolcataloggraveyard-<%=bacula_pool_name%>" } - -# Scratch pool definition Pool { - Name = Scratch + Name = "poolcataloggraveyard-<%=bacula_pool_name%>" Pool Type = Backup + Storage = "<%=bacula_filestor_name%>-catalog" + Recycle = yes + RecyclePool = "poolcataloggraveyard-<%=bacula_pool_name%>" } -######################################################################## -# Generic jobs # -######################################################################## -# Backup the catalog database (after the nightly save) Job { Name = "BackupCatalog" JobDefs = "Standardbackup" + Client = <%=bacula_director_address%>-fd Level = Full - FileSet="Catalog" + FileSet = "Catalog" Schedule = "WeeklyCycleAfterBackup" - # This creates an ASCII copy of the catalog - # Arguments to make_catalog_backup.pl are: - # make_catalog_backup.pl +# # This creates an ASCII copy of the catalog +# # Arguments to make_catalog_backup.pl are: +# # make_catalog_backup.pl RunBeforeJob = "/etc/bacula/scripts/make_catalog_backup.pl MyCatalog" - # This deletes the copy of the catalog +# # This deletes the copy of the catalog RunAfterJob = "/etc/bacula/scripts/delete_catalog_backup" Write Bootstrap = "/var/lib/bacula/%n.bsr" Priority = 15 # run after main backup - RunScript { - RunsWhen=After - RunsOnClient=No - Console = "purge volume action=all allpools storage=File" - } + Pool = "poolcatalog-<%=bacula_pool_name%>" } ########################################################################