X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Fbacula%2Ftemplates%2Fbacula-fd.conf.erb;h=6f930d56979dd13866c9c24c2d4d955ed2715dbe;hb=11c5ee4c16d5782ce590995baabe054b969ce5a8;hp=83174065b34e410546d2db89999010995f172ed0;hpb=c9dbb5ad7fcb9acefa4fb5ca887fd0082ccfc034;p=mirror%2Fdsa-puppet.git diff --git a/modules/bacula/templates/bacula-fd.conf.erb b/modules/bacula/templates/bacula-fd.conf.erb index 83174065b..6f930d569 100644 --- a/modules/bacula/templates/bacula-fd.conf.erb +++ b/modules/bacula/templates/bacula-fd.conf.erb @@ -4,25 +4,44 @@ ## # For Bacula release 5.0.1 (24 February 2010) -- debian 5.0.4 -# List Directors who are permitted to contact this File daemon -Director { - Name = <%= bacula_director_name %> - Password = "<%= bacula_client_secret %>" -} - # "Global" File daemon configuration specifications FileDaemon { - Name = <%= bacula_client_name %> - FDport = <%= bacula_client_port %> + Name = <%= @client_name %> + FDAddresses = { + # bacula, on Debian 9 (stretch), does not resolve a single name + # to both v4 and v6 addresses. Se we can't just say + # ip = { addr = }. Boo. + <%- if @has_ipv4 -%> + ipv4 = { + # use the hostname rather than the IP address from LDAP, + # as /etc/hosts might have a better answer in case of natted hosts. + addr = <%= @client %> + port = <%= @port_fd %> + } + <%- end -%> + <%- if @has_ipv6 -%> + ipv6 = { + addr = <%= @client %> + port = <%= @port_fd %> + } + <%- end -%> + } WorkingDirectory = /var/lib/bacula +<%- if scope.call_function('versioncmp', [@lsbmajdistrelease, '8']) <= 0 -%> Pid Directory = /var/run/bacula +<%- else -%> + Pid Directory = /run/bacula + Plugin Directory = /usr/lib/bacula +<%- end -%> Maximum Concurrent Jobs = 20 - FDAddress = <%= fqdn %> - Maximum Network Buffer Size = 524288 -} -# Send all messages except skipped files back to Director -Messages { - Name = Standard - director = <%=bacula_director_name%> = all, !skipped, !restored + TLS Enable = yes + TLS Require = yes + <%= scope['bacula::bacula_tls_ca_certificate_file'] %> + <%= scope['bacula::bacula_tls_client_certificate'] %> + <%= scope['bacula::bacula_tls_client_key'] %> + + Heartbeat Interval = 60 } + +@|"sh -c 'for f in /etc/bacula/fd-conf.d/*.conf ; do echo @${f} ; done'"