X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Fbacula%2Ftemplates%2Fbacula-fd.conf.erb;h=6f930d56979dd13866c9c24c2d4d955ed2715dbe;hb=7c9bd33ae8dbe2f7a0ef783ccb3e1828285180ce;hp=29521958d9ed5d97996b672834db1a9d35cb7eb1;hpb=d0c098685b92334a611a0c596a35f538b95ead47;p=mirror%2Fdsa-puppet.git diff --git a/modules/bacula/templates/bacula-fd.conf.erb b/modules/bacula/templates/bacula-fd.conf.erb index 29521958d..6f930d569 100644 --- a/modules/bacula/templates/bacula-fd.conf.erb +++ b/modules/bacula/templates/bacula-fd.conf.erb @@ -4,40 +4,25 @@ ## # For Bacula release 5.0.1 (24 February 2010) -- debian 5.0.4 -# List Directors who are permitted to contact this File daemon -Director { - Name = <%= @bacula_director_name %> - Password = "<%= @bacula_client_secret %>" - - TLS Enable = yes - TLS Require = yes - TLS Verify Peer = yes - TLS Allowed CN = "clientcerts/<%= @bacula_director_address %>" - TLS CA Certificate File = "<%= @bacula_ca_path %>" - # This is a server certificate, used for incoming director connections. - TLS Certificate = "<%= @bacula_ssl_server_cert %>" - TLS Key = "<%= @bacula_ssl_server_key %>" -} - # "Global" File daemon configuration specifications FileDaemon { - Name = <%= @bacula_client_name %> + Name = <%= @client_name %> FDAddresses = { # bacula, on Debian 9 (stretch), does not resolve a single name # to both v4 and v6 addresses. Se we can't just say # ip = { addr = }. Boo. - <%- if scope.lookupvar('deprecated::nodeinfo')['misc']['has_v4_ldap'] -%> + <%- if @has_ipv4 -%> ipv4 = { # use the hostname rather than the IP address from LDAP, # as /etc/hosts might have a better answer in case of natted hosts. - addr = <%= @fqdn %> - port = <%= @bacula_client_port %> + addr = <%= @client %> + port = <%= @port_fd %> } <%- end -%> - <%- scope.lookupvar('deprecated::nodeinfo')['misc']['v6_ldap'].each do |addr| -%> + <%- if @has_ipv6 -%> ipv6 = { - addr = <%= addr %> - port = <%= @bacula_client_port %> + addr = <%= @client %> + port = <%= @port_fd %> } <%- end -%> } @@ -49,23 +34,14 @@ FileDaemon { Plugin Directory = /usr/lib/bacula <%- end -%> Maximum Concurrent Jobs = 20 - #Maximum Network Buffer Size = 524288 TLS Enable = yes TLS Require = yes - TLS CA Certificate File = "<%= @bacula_ca_path %>" - # This is a client certificate, used by the client to connect to the storage daemon - TLS Certificate = "<%= @bacula_ssl_client_cert %>" - TLS Key = "<%= @bacula_ssl_client_key %>" + <%= scope['bacula::bacula_tls_ca_certificate_file'] %> + <%= scope['bacula::bacula_tls_client_certificate'] %> + <%= scope['bacula::bacula_tls_client_key'] %> -<%- if scope.lookupvar('deprecated::nodeinfo')['hoster']['name'] == "brown" -%> - # broken firewall Heartbeat Interval = 60 -<%- end -%> } -# Send all messages except skipped files back to Director -Messages { - Name = Standard - director = <%= @bacula_director_name %> = all, !skipped, !restored -} +@|"sh -c 'for f in /etc/bacula/fd-conf.d/*.conf ; do echo @${f} ; done'"