projects
/
mirror
/
dsa-puppet.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (from parent 1:
b691cea
)
continue with moving director name/address to a more local thing
author
Peter Palfrader
<peter@palfrader.org>
Tue, 24 Sep 2019 22:08:25 +0000
(
00:08
+0200)
committer
Peter Palfrader
<peter@palfrader.org>
Tue, 24 Sep 2019 22:08:25 +0000
(
00:08
+0200)
modules/bacula/manifests/director.pp
patch
|
blob
|
history
modules/bacula/manifests/storage.pp
patch
|
blob
|
history
modules/bacula/templates/bacula-dir.conf.erb
patch
|
blob
|
history
modules/bacula/templates/bconsole.conf.erb
patch
|
blob
|
history
diff --git
a/modules/bacula/manifests/director.pp
b/modules/bacula/manifests/director.pp
index
5c522c5
..
ca065c7
100644
(file)
--- a/
modules/bacula/manifests/director.pp
+++ b/
modules/bacula/manifests/director.pp
@@
-8,6
+8,7
@@
# @param port_dir Port that the director should listen on
# @param db_sslca SSL CA store for DB access
# @param director_name bacula name of this dir instance
# @param port_dir Port that the director should listen on
# @param db_sslca SSL CA store for DB access
# @param director_name bacula name of this dir instance
+# @param director_address address of this sd instance that other instances should connect to (dns name)
class bacula::director(
String $db_address,
Integer $db_port,
class bacula::director(
String $db_address,
Integer $db_port,
@@
-18,12
+19,14
@@
class bacula::director(
Optional[String] $db_sslca = undef,
#String $director_name = "${::fqdn}-dir",
String $director_name = $bacula::bacula_director_name,
Optional[String] $db_sslca = undef,
#String $director_name = "${::fqdn}-dir",
String $director_name = $bacula::bacula_director_name,
+ Stdlib::Host $director_address = $::fqdn,
) inherits bacula {
# used by e.g. bconsole
$director_secret = hkdf('/etc/puppet/secret', "bacula-dir-${::fqdn}")
) inherits bacula {
# used by e.g. bconsole
$director_secret = hkdf('/etc/puppet/secret', "bacula-dir-${::fqdn}")
- # the RestoreFiles Job needs a Pool. Any valid pool.
- $some_pool_name = "poolfull-${pool_name}-${bacula::bacula_director_address}"
+ # the RestoreFiles Job needs a Pool and a client. Any valid pool and client.
+ $some_pool_name = "poolfull-${pool_name}-${director_address}"
+ $some_client_name = "${director_address}-fd"
ensure_packages ( [
'bacula-director-pgsql',
ensure_packages ( [
'bacula-director-pgsql',
@@
-144,7
+147,7
@@
class bacula::director(
saddr => $bacula::public_addresses,
}
@@ferm::rule::simple { "bacula::director-to-storage::${::fqdn}":
saddr => $bacula::public_addresses,
}
@@ferm::rule::simple { "bacula::director-to-storage::${::fqdn}":
- tag =>
"bacula::director-to-storage::${::fqdn}"
,
+ tag =>
'bacula::director-to-storage'
,
description => 'Allow bacula-storage access from the bacula-director',
chain => 'bacula-sd',
saddr => $bacula::public_addresses,
description => 'Allow bacula-storage access from the bacula-director',
chain => 'bacula-sd',
saddr => $bacula::public_addresses,
diff --git
a/modules/bacula/manifests/storage.pp
b/modules/bacula/manifests/storage.pp
index
2b8ed3f
..
ffa80e3
100644
(file)
--- a/
modules/bacula/manifests/storage.pp
+++ b/
modules/bacula/manifests/storage.pp
@@
-70,7
+70,7
@@
class bacula::storage (
port => $port_sd,
target => 'bacula-sd',
}
port => $port_sd,
target => 'bacula-sd',
}
- Ferm::Rule::Simple <<| tag ==
"bacula::director-to-storage::${bacula::bacula_director_address}"
|>>;
+ Ferm::Rule::Simple <<| tag ==
'bacula::director-to-storage'
|>>;
Ferm::Rule::Simple <<| tag == "bacula::fd-to-storage::${::fqdn}" |>>;
file { '/etc/bacula/storage-conf.d/empty.conf':
Ferm::Rule::Simple <<| tag == "bacula::fd-to-storage::${::fqdn}" |>>;
file { '/etc/bacula/storage-conf.d/empty.conf':
diff --git
a/modules/bacula/templates/bacula-dir.conf.erb
b/modules/bacula/templates/bacula-dir.conf.erb
index
58b9c85
..
84a7bbf
100644
(file)
--- a/
modules/bacula/templates/bacula-dir.conf.erb
+++ b/
modules/bacula/templates/bacula-dir.conf.erb
@@
-21,13
+21,13
@@
Director {
DirAddresses = {
# Always have localhost in, then the configured IP
ip = { addr = 127.0.0.1; port = <%= @port_dir %> }
DirAddresses = {
# Always have localhost in, then the configured IP
ip = { addr = 127.0.0.1; port = <%= @port_dir %> }
- ip = { addr = <%=
@bacula_director_address
%>; port = <%= @port_dir %> }
+ ip = { addr = <%=
@director_address
%>; port = <%= @port_dir %> }
}
TLS Enable = yes
TLS Require = yes
TLS Verify Peer = yes
}
TLS Enable = yes
TLS Require = yes
TLS Verify Peer = yes
- TLS Allowed CN = "clientcerts/<%= @
bacula_
director_address %>"
+ TLS Allowed CN = "clientcerts/<%= @director_address %>"
TLS CA Certificate File = "<%= @bacula_ca_path %>"
# This is a server certificate, used for incoming console connections.
TLS Certificate = "<%= @bacula_ssl_server_cert %>"
TLS CA Certificate File = "<%= @bacula_ca_path %>"
# This is a server certificate, used for incoming console connections.
TLS Certificate = "<%= @bacula_ssl_server_cert %>"
@@
-149,8
+149,8
@@
JobDefs {
Job {
Name = "RestoreFiles"
Type = Restore
Job {
Name = "RestoreFiles"
Type = Restore
- Client = <%=@bacula_director_address%>-fd
FileSet = "Standard Set"
FileSet = "Standard Set"
+ Client = <%= @some_client_name%>
Pool = <%= @some_pool_name %>
Messages = Standard
Where = /var/tmp/bacula-restores
Pool = <%= @some_pool_name %>
Messages = Standard
Where = /var/tmp/bacula-restores
diff --git
a/modules/bacula/templates/bconsole.conf.erb
b/modules/bacula/templates/bconsole.conf.erb
index
74f9706
..
de675d4
100644
(file)
--- a/
modules/bacula/templates/bconsole.conf.erb
+++ b/
modules/bacula/templates/bconsole.conf.erb
@@
-9,7
+9,7
@@
Director {
Name = <%= @director_name %>
DIRport = <%= @port_dir %>
Director {
Name = <%= @director_name %>
DIRport = <%= @port_dir %>
- address = <%= @
bacula_
director_address %>
+ address = <%= @director_address %>
Password = "<%= @director_secret %>"
TLS Enable = yes
Password = "<%= @director_secret %>"
TLS Enable = yes