X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Fbacula%2Ftemplates%2Fbacula-sd.conf.erb;h=376a883e4dde83a483d34975e4b6b70a4c9ea70d;hb=f0fe31ec5496fe75fced127a80aa5989a5edbced;hp=28e883dd5038e752b7da7eb83dca8cc61e9ee064;hpb=176461aa7cca59f5a33c1a58953886f52f11630b;p=mirror%2Fdsa-puppet.git diff --git a/modules/bacula/templates/bacula-sd.conf.erb b/modules/bacula/templates/bacula-sd.conf.erb index 28e883dd5..376a883e4 100644 --- a/modules/bacula/templates/bacula-sd.conf.erb +++ b/modules/bacula/templates/bacula-sd.conf.erb @@ -12,6 +12,15 @@ Storage { Maximum Concurrent Jobs = 21 SDAddress = <%= bacula_storage_address %> Heartbeat Interval = 180 + + TLS Enable = yes + TLS Require = yes + TLS Verify Peer = yes + # TLS Allowed CN = "clientcerts/<%= bacula_director_address %>" + TLS CA Certificate File = "<%= bacula_ca_path %>" + # This is a server certificate, used for incoming connections. + TLS Certificate = "<%= bacula_ssl_server_cert %>" + TLS Key = "<%= bacula_ssl_server_key %>" } # List Directors who are permitted to contact Storage daemon @@ -19,28 +28,34 @@ Storage { Director { Name = <%= bacula_director_name %> Password = "<%= bacula_storage_secret %>" -} + TLS Enable = yes + TLS Require = yes + TLS Verify Peer = yes + TLS Allowed CN = "clientcerts/<%= bacula_director_address %>" + TLS CA Certificate File = "<%= bacula_ca_path %>" + # This is a server certificate, used for incoming director connections. + TLS Certificate = "<%= bacula_ssl_server_cert %>" + TLS Key = "<%= bacula_ssl_server_key %>" +} -# To connect, the Director's bacula-dir.conf must have the -# same Name and MediaType. +# Send all messages to the Director, +# mount messages also are sent to the email address # +Messages { + Name = Standard + director = <%= bacula_director_name %> = all +} + Device { - Name = <%= bacula_filestor_device %> - Media Type = <%= bacula_filestor_name %> - Archive Device = <%= bacula_backup_path %> + Name = "<%= bacula_filestor_device %>-catalog" + Media Type = "<%= bacula_filestor_name %>-catalog" + Archive Device = "<%= bacula_backup_path %>/Catalog" LabelMedia = yes; Random Access = Yes; AutomaticMount = yes; RemovableMedia = no; AlwaysOpen = no; - Maximum Network Buffer Size = 65536 } -# Send all messages to the Director, -# mount messages also are sent to the email address -# -Messages { - Name = Standard - director = <%= bacula_director_name %> = all -} +@|"sh -c 'for f in /etc/bacula/storage-conf.d/*.conf ; do echo @${f} ; done'"