X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Fbacula%2Ftemplates%2Fbacula-sd.conf.erb;h=b048f8e5fa84e05cf6822e576f5c07746853c2f7;hb=6e22738574b0e389499218e47c66794020bd7ee3;hp=ee1dd1cda46a87357b350a9033b089f952b4826c;hpb=0b542d43d901e68c421958d59642a67f5ebbbd53;p=mirror%2Fdsa-puppet.git diff --git a/modules/bacula/templates/bacula-sd.conf.erb b/modules/bacula/templates/bacula-sd.conf.erb index ee1dd1cda..b048f8e5f 100644 --- a/modules/bacula/templates/bacula-sd.conf.erb +++ b/modules/bacula/templates/bacula-sd.conf.erb @@ -11,6 +11,16 @@ Storage { Pid Directory = "/var/run/bacula" Maximum Concurrent Jobs = 21 SDAddress = <%= bacula_storage_address %> + Heartbeat Interval = 180 + + TLS Enable = yes + TLS Require = yes + TLS Verify Peer = yes + # TLS Allowed CN = "clientcerts/<%= bacula_director_address %>" + TLS CA Certificate File = "<%= bacula_ca_path %>" + # This is a server certificate, used for incoming connections. + TLS Certificate = "<%= bacula_ssl_server_cert %>" + TLS Key = "<%= bacula_ssl_server_key %>" } # List Directors who are permitted to contact Storage daemon @@ -18,22 +28,15 @@ Storage { Director { Name = <%= bacula_director_name %> Password = "<%= bacula_storage_secret %>" -} - -# To connect, the Director's bacula-dir.conf must have the -# same Name and MediaType. -# -Device { - Name = <%= bacula_filestor_device %> - Media Type = <%= bacula_filestor_name %> - Archive Device = <%= bacula_backup_path %> - LabelMedia = yes; - Random Access = Yes; - AutomaticMount = yes; - RemovableMedia = no; - AlwaysOpen = no; - Maximum Network Buffer Size = 65536 + TLS Enable = yes + TLS Require = yes + TLS Verify Peer = yes + TLS Allowed CN = "clientcerts/<%= bacula_director_address %>" + TLS CA Certificate File = "<%= bacula_ca_path %>" + # This is a server certificate, used for incoming director connections. + TLS Certificate = "<%= bacula_ssl_server_cert %>" + TLS Key = "<%= bacula_ssl_server_key %>" } # Send all messages to the Director, @@ -43,3 +46,4 @@ Messages { Name = Standard director = <%= bacula_director_name %> = all } +@|"sh -c 'for f in /etc/bacula/storage-conf.d/*.conf ; do echo @${f} ; done'"