X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Fbacula%2Ftemplates%2Fbacula-sd.conf.erb;h=376a883e4dde83a483d34975e4b6b70a4c9ea70d;hb=23b7b6241cf5fbe119eaa14a54fa1514be63feb6;hp=ccf27cedd4a87422bf0961f8f277cf3b4b5c2eb2;hpb=5b5fb50250f554ae2c9fa6eda0dc59282cd39264;p=mirror%2Fdsa-puppet.git

diff --git a/modules/bacula/templates/bacula-sd.conf.erb b/modules/bacula/templates/bacula-sd.conf.erb
index ccf27cedd..376a883e4 100644
--- a/modules/bacula/templates/bacula-sd.conf.erb
+++ b/modules/bacula/templates/bacula-sd.conf.erb
@@ -12,6 +12,15 @@ Storage {
   Maximum Concurrent Jobs = 21
   SDAddress = <%= bacula_storage_address %>
   Heartbeat Interval = 180
+
+  TLS Enable = yes
+  TLS Require = yes
+  TLS Verify Peer = yes
+  # TLS Allowed CN = "clientcerts/<%= bacula_director_address %>"
+  TLS CA Certificate File = "<%= bacula_ca_path %>"
+  # This is a server certificate, used for incoming connections.
+  TLS Certificate = "<%= bacula_ssl_server_cert %>"
+  TLS Key = "<%= bacula_ssl_server_key %>"
 }
 
 # List Directors who are permitted to contact Storage daemon
@@ -19,31 +28,34 @@ Storage {
 Director {
   Name = <%= bacula_director_name %>
   Password = "<%= bacula_storage_secret %>"
-}
 
+  TLS Enable = yes
+  TLS Require = yes
+  TLS Verify Peer = yes
+  TLS Allowed CN = "clientcerts/<%= bacula_director_address %>"
+  TLS CA Certificate File = "<%= bacula_ca_path %>"
+  # This is a server certificate, used for incoming director connections.
+  TLS Certificate = "<%= bacula_ssl_server_cert %>"
+  TLS Key = "<%= bacula_ssl_server_key %>"
+}
 
-# To connect, the Director's bacula-dir.conf must have the
-#  same Name and MediaType.
+# Send all messages to the Director,
+# mount messages also are sent to the email address
 #
+Messages {
+  Name = Standard
+  director = <%= bacula_director_name %> = all
+}
+
 Device {
-  Name = <%= bacula_filestor_device %>
-  Media Type = <%= bacula_filestor_name %>
-  Archive Device = <%= bacula_backup_path %>
+  Name = "<%= bacula_filestor_device %>-catalog"
+  Media Type = "<%= bacula_filestor_name %>-catalog"
+  Archive Device = "<%= bacula_backup_path %>/Catalog"
   LabelMedia = yes;
   Random Access = Yes;
   AutomaticMount = yes;
   RemovableMedia = no;
   AlwaysOpen = no;
-  Maximum Network Buffer Size = 65536
-  Maximum Spool Size = 250G
-  Maximum Job Spool Size = 50G
-  Spool Directory = <%= bacula_backup_path %>/spool
 }
 
-# Send all messages to the Director,
-# mount messages also are sent to the email address
-#
-Messages {
-  Name = Standard
-  director = <%= bacula_director_name %> = all
-}
+@|"sh -c 'for f in /etc/bacula/storage-conf.d/*.conf ; do echo @${f} ; done'"