X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Fbacula%2Ftemplates%2Fbacula-sd.conf.erb;h=12b45aa5d5d1f23f5a4a057051ac0abe001b27a2;hb=42e20fefad3765c8635a9144dda741c23fff4b81;hp=376a883e4dde83a483d34975e4b6b70a4c9ea70d;hpb=dfe971b9964020f8a61e9d9e5513cb83e13728c0;p=mirror%2Fdsa-puppet.git diff --git a/modules/bacula/templates/bacula-sd.conf.erb b/modules/bacula/templates/bacula-sd.conf.erb index 376a883e4..12b45aa5d 100644 --- a/modules/bacula/templates/bacula-sd.conf.erb +++ b/modules/bacula/templates/bacula-sd.conf.erb @@ -5,57 +5,39 @@ # For Bacula release 5.0.1 (24 February 2010) -- debian 5.0.4 Storage { - Name = <%= bacula_storage_name %> - SDPort = <%= bacula_storage_port %> + Name = <%= @storage_name %> + SDAddresses = { + # bacula, on Debian 9 (stretch), does not resolve a single name + # to both v4 and v6 addresses. Se we can't just say + # ip = { addr = }. Boo. + <%- if @has_ipv4 -%> + ipv4 = { + # use the hostname rather than the IP address from LDAP, + # as /etc/hosts might have a better answer in case of natted hosts. + addr = <%= @storage_address %> + port = <%= @port_sd %> + } + <%- end -%> + <%- if @has_ipv6 -%> + ipv6 = { + addr = <%= @storage_address %> + port = <%= @port_sd %> + } + <%- end -%> + } WorkingDirectory = "/var/lib/bacula" - Pid Directory = "/var/run/bacula" + Pid Directory = "/run/bacula" + Plugin Directory = "/usr/lib/bacula" Maximum Concurrent Jobs = 21 - SDAddress = <%= bacula_storage_address %> - Heartbeat Interval = 180 + Heartbeat Interval = 60 TLS Enable = yes TLS Require = yes TLS Verify Peer = yes - # TLS Allowed CN = "clientcerts/<%= bacula_director_address %>" - TLS CA Certificate File = "<%= bacula_ca_path %>" + TLS CA Certificate File = "<%= @bacula_ca_path %>" # This is a server certificate, used for incoming connections. - TLS Certificate = "<%= bacula_ssl_server_cert %>" - TLS Key = "<%= bacula_ssl_server_key %>" -} - -# List Directors who are permitted to contact Storage daemon -# -Director { - Name = <%= bacula_director_name %> - Password = "<%= bacula_storage_secret %>" - - TLS Enable = yes - TLS Require = yes - TLS Verify Peer = yes - TLS Allowed CN = "clientcerts/<%= bacula_director_address %>" - TLS CA Certificate File = "<%= bacula_ca_path %>" - # This is a server certificate, used for incoming director connections. - TLS Certificate = "<%= bacula_ssl_server_cert %>" - TLS Key = "<%= bacula_ssl_server_key %>" -} - -# Send all messages to the Director, -# mount messages also are sent to the email address -# -Messages { - Name = Standard - director = <%= bacula_director_name %> = all -} - -Device { - Name = "<%= bacula_filestor_device %>-catalog" - Media Type = "<%= bacula_filestor_name %>-catalog" - Archive Device = "<%= bacula_backup_path %>/Catalog" - LabelMedia = yes; - Random Access = Yes; - AutomaticMount = yes; - RemovableMedia = no; - AlwaysOpen = no; + TLS Certificate = "<%= @bacula_ssl_server_cert %>" + TLS Key = "<%= @bacula_ssl_server_key %>" } @|"sh -c 'for f in /etc/bacula/storage-conf.d/*.conf ; do echo @${f} ; done'"