X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Fbacula%2Ftemplates%2Fbacula-dir.conf.erb;h=ccbbc8ca19429e534c9c4d4a56a5ecfc6c388991;hb=376e06de22397db5d0c13b0d7561a84f177ac365;hp=95ab8584dacbe74066a7e139391edd07880f9c70;hpb=5b5fb50250f554ae2c9fa6eda0dc59282cd39264;p=mirror%2Fdsa-puppet.git diff --git a/modules/bacula/templates/bacula-dir.conf.erb b/modules/bacula/templates/bacula-dir.conf.erb index 95ab8584d..ccbbc8ca1 100644 --- a/modules/bacula/templates/bacula-dir.conf.erb +++ b/modules/bacula/templates/bacula-dir.conf.erb @@ -23,6 +23,15 @@ Director { ip = { addr = 127.0.0.1; port = 9101 } ip = { addr = <%=bacula_director_address%>; port = <%=bacula_director_port%> } } + + TLS Enable = yes + TLS Require = yes + TLS Verify Peer = yes + TLS Allowed CN = "clientcerts/<%= bacula_director_address %>" + TLS CA Certificate File = "<%= bacula_ca_path %>" + # This is a server certificate, used for incoming console connections. + TLS Certificate = "<%= bacula_ssl_server_cert %>" + TLS Key = "<%= bacula_ssl_server_key %>" } ######################################################################## @@ -30,31 +39,39 @@ Director { ######################################################################## FileSet { Name = "Standard Set" + Ignore FileSet Changes = yes Include { Options { signature = SHA1 compression = GZIP9 + aclsupport = yes + xattrsupport = yes + } + Options { + wild = "/swapfile*" + exclude = yes } - File = "\\|bash -c \"df -Pkl -x tmpfs | tail -n +2 | awk '{print \$NF}' \"" + File = "\\|/usr/local/sbin/bacula-backup-dirs" # Dont backup directories that contain .nobackup files Exclude Dir Containing = .nobackup } Exclude { - File = /var/lib/bacula - File = /var/cache/apt/ + File = /.fsck + File = /.journal + File = /dev + File = /home/buildd/build-trees + File = /lib/init/rw File = /nonexistant File = /proc - File = /tmp - File = /.journal - File = /.fsck + File = /srv/chroot File = /sys - File = /lib/init/rw - File = /var/run + File = /tmp + File = /var/cache/apt + File = /var/lib/bacula File = /var/lock - File = /dev - File = /srv/chroot - File = /home/buildd/build-trees + File = /var/run + File = "\\|bash -c 'grep -s -v ^# /etc/bacula/local-exclude || true'" } } @@ -66,9 +83,9 @@ FileSet { Include { Options { signature = SHA1 - compression = GZIP9 + #compression = GZIP9 } - File = "/var/lib/bacula/bacula.sql" + File = "/var/lib/bacula/bacula.sql.gz" } } @@ -81,8 +98,10 @@ FileSet { # and incremental backups other days Schedule { Name = "WeeklyCycle" - Run = Full 1st sat at 00:35 - Run = Differential 2nd-5th sat at 00:35 + # fulls are automatically run if the last full backup was 40 days ago + # for the current value of 40 look for "Max Full Interval" in this file. + # Run = Full 1st sat at 00:35 + Run = Differential sat at 00:35 Run = Incremental sun-fri at 00:35 } @@ -111,10 +130,11 @@ Messages { Name = Standard mailcommand = "/usr/lib/bacula/bsmtp -h localhost -f \"\(Bacula\) %r\" -s \"Bacula: %t %e of %c %l\" %r" operatorcommand = "/usr/lib/bacula/bsmtp -h localhost -f \"\(Bacula\) %r\" -s \"Bacula: Intervention needed for %j\" %r" - mail on error = <%= bacula_operator_email %> = all, !skipped + #mail on error = <%= bacula_operator_email %> = all, !skipped + mail = <%= bacula_operator_email %> = all operator = <%= bacula_operator_email %> = mount console = all, !skipped, !saved - append = "/var/lib/bacula/log" = all, !skipped + append = "/var/lib/bacula/log" = all catalog = all } @@ -122,23 +142,9 @@ Messages { Messages { Name = Daemon mailcommand = "/usr/lib/bacula/bsmtp -h localhost -f \"\(Bacula\) %r\" -s \"Bacula daemon message\" %r" - mail = <%= bacula_operator_email %> = all, !skipped + mail = <%= bacula_operator_email %> = all console = all, !skipped, !saved - append = "/var/lib/bacula/log" = all, !skipped -} - -######################################################################## -# Storage config # -######################################################################## - -Storage { - Name = <%= bacula_filestor_name %> - Address = <%= bacula_storage_address %> - SDPort = <%= bacula_storage_port %> - Password = "<%= bacula_storage_secret %>" - Device = <%= bacula_filestor_device %> - Media Type = <%= bacula_filestor_name %> - Maximum Concurrent Jobs = 10 + append = "/var/lib/bacula/log" = all } ######################################################################## @@ -158,17 +164,14 @@ JobDefs { Type = Backup Level = Incremental FileSet = "Standard Set" + Accurate = yes Schedule = "WeeklyCycle" Messages = Standard - Pool = <%=bacula_pool_name%> - Differential Backup Pool = <%=bacula_pool_name%>diff - Incremental Backup Pool = <%=bacula_pool_name%>inc - Max Full Interval = 1 month + Max Full Interval = 40 days Priority = 10 Write Bootstrap = "/var/lib/bacula/%c.bsr" Maximum Concurrent Jobs = 20 - Client Run After Job = "/usr/local/sbin/postbaculajob -c \"%c\" -d \"%d\" -i \"%i\" -l \"%l\" -n \"%n\" -o /var/log/bacula-main.log" - SpoolData = yes + Client Run After Job = "/usr/local/sbin/postbaculajob -c \"%c\" -d \"%d\" -i \"%i\" -l \"%l\" -n \"%n\" -o /var/log/bacula/client-after.state" } ######################################################################## @@ -178,88 +181,79 @@ JobDefs { Job { Name = "RestoreFiles" Type = Restore - Client = draghi.debian.org-fd + Client = <%=bacula_director_address%>-fd FileSet = "Standard Set" - Pool = <%=bacula_pool_name%> + Pool = poolfull-<%=bacula_pool_name%>-<%=bacula_director_address%> Messages = Standard Where = /var/tmp/bacula-restores } -######################################################################## -# Pool definition # -######################################################################## -Pool { - Name = <%= bacula_pool_name %> - Pool Type = Backup - Storage = <%=bacula_filestor_name%> - Recycle = no - AutoPrune = yes - Volume Retention = 1 year - Label Format = "<%= bacula_pool_name %>.${Year}-${Month:p/2/0/r}-${Day:p/2/0/r}_${Hour:p/2/0/r}:${Minute:p/2/0/r}" - Volume Use Duration = 23h - #Maximum Volume Jobs = 1 - Maximum Volume Bytes = 50G - Action On Purge = Truncate -} +# Scratch pool definition Pool { - Name = <%= bacula_pool_name %>diff + Name = Scratch Pool Type = Backup - Storage = <%=bacula_filestor_name%> - Recycle = no - AutoPrune = yes - Volume Retention = 1 year - Label Format = "<%= bacula_pool_name %>diff.${Year}-${Month:p/2/0/r}-${Day:p/2/0/r}_${Hour:p/2/0/r}:${Minute:p/2/0/r}" - Volume Use Duration = 23h - #Maximum Volume Jobs = 1 - Maximum Volume Bytes = 50G - Action On Purge = Truncate } +######################################################################## +# Generic jobs # +######################################################################## +# Backup the catalog database (after the nightly save) +Storage { + Name = "<%= bacula_filestor_name %>-catalog" + Address = <%= bacula_storage_address %> + SDPort = <%= bacula_storage_port %> + Password = "<%= bacula_storage_secret %>" + Device = "<%= bacula_filestor_device %>-catalog" + Media Type = "<%= bacula_filestor_name %>-catalog" + Maximum Concurrent Jobs = 10 + + TLS Enable = yes + TLS Require = yes + TLS CA Certificate File = "<%= bacula_ca_path %>" + # This is a client certificate, used by the director to connect to the storage daemon + TLS Certificate = "<%= bacula_ssl_client_cert %>" + TLS Key = "<%= bacula_ssl_client_key %>" +} Pool { - Name = <%= bacula_pool_name %>inc + Name = "poolcatalog-<%=bacula_pool_name%>" Pool Type = Backup - Storage = <%=bacula_filestor_name%> - Recycle = no + Storage = "<%=bacula_filestor_name%>-catalog" AutoPrune = yes - Volume Retention = 1 year - Label Format = "<%= bacula_pool_name %>inc.${Year}-${Month:p/2/0/r}-${Day:p/2/0/r}_${Hour:p/2/0/r}:${Minute:p/2/0/r}" + Volume Retention = 2 months + Label Format = "<%= bacula_pool_name %>-catalog.${Year}-${Month:p/2/0/r}-${Day:p/2/0/r}_${Hour:p/2/0/r}:${Minute:p/2/0/r}" Volume Use Duration = 23h - #Maximum Volume Jobs = 1 + Maximum Volume Jobs = 1 Maximum Volume Bytes = 50G Action On Purge = Truncate + Recycle = yes + RecyclePool = "poolcataloggraveyard-<%=bacula_pool_name%>" } - -# Scratch pool definition Pool { - Name = Scratch + Name = "poolcataloggraveyard-<%=bacula_pool_name%>" Pool Type = Backup + Storage = "<%=bacula_filestor_name%>-catalog" + Recycle = yes + RecyclePool = "poolcataloggraveyard-<%=bacula_pool_name%>" } -######################################################################## -# Generic jobs # -######################################################################## -# Backup the catalog database (after the nightly save) -#Job { -# Name = "BackupCatalog" -# JobDefs = "Standardbackup" -# Level = Full -# FileSet="Catalog" -# Schedule = "WeeklyCycleAfterBackup" +Job { + Name = "BackupCatalog" + JobDefs = "Standardbackup" + Client = <%=bacula_director_address%>-fd + Level = Full + FileSet = "Catalog" + Schedule = "WeeklyCycleAfterBackup" # # This creates an ASCII copy of the catalog # # Arguments to make_catalog_backup.pl are: # # make_catalog_backup.pl -# RunBeforeJob = "/etc/bacula/scripts/make_catalog_backup.pl MyCatalog" + RunBeforeJob = "/etc/bacula/scripts/make_catalog_backup.pl MyCatalog" # # This deletes the copy of the catalog -# RunAfterJob = "/etc/bacula/scripts/delete_catalog_backup" -# Write Bootstrap = "/var/lib/bacula/%n.bsr" -# Priority = 15 # run after main backup -# RunScript { -# RunsWhen=After -# RunsOnClient=No -# Console = "purge volume action=all allpools storage=File" -# } -#} + RunAfterJob = "/etc/bacula/scripts/delete_catalog_backup" + Write Bootstrap = "/var/lib/bacula/%n.bsr" + Priority = 15 # run after main backup + Pool = "poolcatalog-<%=bacula_pool_name%>" +} ######################################################################## # And now include all the generated configs #