X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Fbacula%2Ftemplates%2Fbacula-sd.conf.erb;h=b048f8e5fa84e05cf6822e576f5c07746853c2f7;hb=ee0a41e4209bd047294cadfb1d387e2265ce14f3;hp=ec17f56e45dbb09d3249cbe728062c19311d494b;hpb=1842c3466ee92bb4f17654fda73f182f8b2fe12a;p=mirror%2Fdsa-puppet.git diff --git a/modules/bacula/templates/bacula-sd.conf.erb b/modules/bacula/templates/bacula-sd.conf.erb index ec17f56e4..b048f8e5f 100644 --- a/modules/bacula/templates/bacula-sd.conf.erb +++ b/modules/bacula/templates/bacula-sd.conf.erb @@ -12,6 +12,15 @@ Storage { Maximum Concurrent Jobs = 21 SDAddress = <%= bacula_storage_address %> Heartbeat Interval = 180 + + TLS Enable = yes + TLS Require = yes + TLS Verify Peer = yes + # TLS Allowed CN = "clientcerts/<%= bacula_director_address %>" + TLS CA Certificate File = "<%= bacula_ca_path %>" + # This is a server certificate, used for incoming connections. + TLS Certificate = "<%= bacula_ssl_server_cert %>" + TLS Key = "<%= bacula_ssl_server_key %>" } # List Directors who are permitted to contact Storage daemon @@ -19,25 +28,15 @@ Storage { Director { Name = <%= bacula_director_name %> Password = "<%= bacula_storage_secret %>" -} - -# To connect, the Director's bacula-dir.conf must have the -# same Name and MediaType. -# -Device { - Name = <%= bacula_filestor_device %> - Media Type = <%= bacula_filestor_name %> - Archive Device = <%= bacula_backup_path %> - LabelMedia = yes; - Random Access = Yes; - AutomaticMount = yes; - RemovableMedia = no; - AlwaysOpen = no; - Maximum Network Buffer Size = 4194304 - Maximum Spool Size = 250G - Maximum Job Spool Size = 50G - Spool Directory = <%= bacula_backup_path %>/spool + TLS Enable = yes + TLS Require = yes + TLS Verify Peer = yes + TLS Allowed CN = "clientcerts/<%= bacula_director_address %>" + TLS CA Certificate File = "<%= bacula_ca_path %>" + # This is a server certificate, used for incoming director connections. + TLS Certificate = "<%= bacula_ssl_server_cert %>" + TLS Key = "<%= bacula_ssl_server_key %>" } # Send all messages to the Director, @@ -47,3 +46,4 @@ Messages { Name = Standard director = <%= bacula_director_name %> = all } +@|"sh -c 'for f in /etc/bacula/storage-conf.d/*.conf ; do echo @${f} ; done'"