X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Fbacula%2Ftemplates%2Fbacula-dir.conf.erb;h=4a4c52d852e1c7ba255e0e747aabf4cba71361a6;hb=388707f3641e2d1fec30a9ba60ac930bf721ea3f;hp=66ff569f9d4600bd98ef6cec4b0256b0c3b6d0da;hpb=c9dbb5ad7fcb9acefa4fb5ca887fd0082ccfc034;p=mirror%2Fdsa-puppet.git

diff --git a/modules/bacula/templates/bacula-dir.conf.erb b/modules/bacula/templates/bacula-dir.conf.erb
index 66ff569f9..4a4c52d85 100644
--- a/modules/bacula/templates/bacula-dir.conf.erb
+++ b/modules/bacula/templates/bacula-dir.conf.erb
@@ -23,6 +23,15 @@ Director {
      ip = { addr = 127.0.0.1; port = 9101 }
 	 ip = { addr = <%=bacula_director_address%>; port = <%=bacula_director_port%> }
   }
+
+  TLS Enable = yes
+  TLS Require = yes
+  TLS Verify Peer = yes
+  TLS Allowed CN = "clientcerts/<%= bacula_director_address %>"
+  TLS CA Certificate File = "<%= bacula_ca_path %>"
+  # This is a server certificate, used for incoming console connections.
+  TLS Certificate = "<%= bacula_ssl_server_cert %>"
+  TLS Key = "<%= bacula_ssl_server_key %>"
 }
 
 ########################################################################
@@ -139,6 +148,13 @@ Storage {
   Device = <%= bacula_filestor_device %>
   Media Type = <%= bacula_filestor_name %>
   Maximum Concurrent Jobs = 10
+
+  TLS Enable = yes
+  TLS Require = yes
+  TLS CA Certificate File = "<%= bacula_ca_path %>"
+  # This is a client certificate, used by the director to connect to the storage daemon
+  TLS Certificate = "<%= bacula_ssl_client_cert %>"
+  TLS Key = "<%= bacula_ssl_client_key %>"
 }
 
 ########################################################################