From: Julien Cristau <jcristau@debian.org>
Date: Thu, 26 Sep 2019 12:14:16 +0000 (+0200)
Subject: Merge branch 'fordsa' of https://git.adam-barratt.org.uk/git/mirror/dsa-puppet
X-Git-Url: https://git.adam-barratt.org.uk/?a=commitdiff_plain;h=f7c9903f6973f508ee93f04f55d0f505a1d78709;hp=0545df227d982d51078e4f18c5edad45a9814f6b;p=mirror%2Fdsa-puppet.git

Merge branch 'fordsa' of https://git.adam-barratt.org.uk/git/mirror/dsa-puppet
---

diff --git a/data/common.yaml b/data/common.yaml
index 970397ae8..06f0d036d 100644
--- a/data/common.yaml
+++ b/data/common.yaml
@@ -32,7 +32,7 @@ roles::dns_primary::allow_access:
   - '2a01:3f0:0:28::25'
 # bacula
 #
-bacula::operator_email: 'bacula-reports@admin.debian.org'
+bacula::email_all: 'bacula-reports@admin.debian.org'
 bacula::ssl_ca_path:     '/etc/ssl/debian/certs/ca.crt'
 bacula::ssl_client_cert: '/etc/ssl/debian/certs/thishost.crt'
 bacula::ssl_client_key:  '/etc/ssl/private/thishost.key'
diff --git a/modules/bacula/manifests/director.pp b/modules/bacula/manifests/director.pp
index 26ed44fd5..dd5395df6 100644
--- a/modules/bacula/manifests/director.pp
+++ b/modules/bacula/manifests/director.pp
@@ -99,8 +99,8 @@ class bacula::director(
     notify  => Exec['bacula-director reload']
   }
 
-  Bacula::Director::Client             <<| tag == "bacula::to-director::${::fqdn}" |>>
   Bacula::Director::Client_from_storage<<| tag == "bacula::to-director::${::fqdn}" |>>
+  Bacula::Director::Client             <<| tag == "bacula::to-director::${::fqdn}" |>>
 
   package { 'bacula-console':
     ensure => installed;
diff --git a/modules/bacula/manifests/director/client.pp b/modules/bacula/manifests/director/client.pp
index 0d356a662..f021819f0 100644
--- a/modules/bacula/manifests/director/client.pp
+++ b/modules/bacula/manifests/director/client.pp
@@ -22,11 +22,14 @@ define bacula::director::client (
   # bacula::director::client and it needs to match.
   $pool_name     = "${bacula::director::pool_name}-${client}"
 
-  file { "/etc/bacula/conf.d/${client}.conf":
-    content => template('bacula/director/dir-per-client.erb'),
-    mode    => '0440',
-    group   => bacula,
-    notify  => Exec['bacula-director reload']
+  if defined(File["/etc/bacula/conf.d/${client}_storage.conf"]) {
+    # this config is only valid if the pools defined in ${client}_storage exist.
+    file { "/etc/bacula/conf.d/${client}.conf":
+      content => template('bacula/director/dir-per-client.erb'),
+      mode    => '0440',
+      group   => bacula,
+      notify  => Exec['bacula-director reload']
+    }
   }
 }
 
diff --git a/modules/bacula/manifests/init.pp b/modules/bacula/manifests/init.pp
index dfbc9ce33..02cf50615 100644
--- a/modules/bacula/manifests/init.pp
+++ b/modules/bacula/manifests/init.pp
@@ -5,7 +5,10 @@
 # @param ssl_client_key   path to TLS client certificate key
 # @param ssl_server_cert  path to TLS server certificate
 # @param ssl_server_key   path to TLS server certificate key
-# @param operator_email   email address for reports
+# @param email_all        email address for all reports
+# @param email_error      email address for errors
+# @param email_operator   email address for the operator (to mount tapes etc)
+# @param email_daemon     email address for messages from the daemon
 # @param public_addresses this host's public IP addresses.  The ones it connects out from and is reachable from outsite.
 # @param has_ipv4         daemons should listen on ipv4
 # @param has_ipv6         daemons should listen on ipv6
@@ -16,7 +19,11 @@ class bacula (
   String $ssl_server_cert,
   String $ssl_server_key,
 
-  String $operator_email                       = 'root@localhost',
+  Optional[String] $email_all = undef,
+  # default to all if defined, otherwise default to 'root' to enforce error delivery
+  String $email_error                          = $email_all ? { undef => 'root', default => $email_all },
+  String $email_operator                       = $email_error,
+  String $email_daemon                         = $email_error,
   Array[Stdlib::IP::Address] $public_addresses = $base::public_addresses,
   Boolean $has_ipv4                            = $bacula::public_addresses.any |$addr| { $addr =~ Stdlib::IP::Address::V4 },
   Boolean $has_ipv6                            = $bacula::public_addresses.any |$addr| { $addr =~ Stdlib::IP::Address::V6 },
diff --git a/modules/bacula/templates/bacula-dir.conf.erb b/modules/bacula/templates/bacula-dir.conf.erb
index f714ea20c..43a83233a 100644
--- a/modules/bacula/templates/bacula-dir.conf.erb
+++ b/modules/bacula/templates/bacula-dir.conf.erb
@@ -103,10 +103,15 @@ Catalog {
 ########################################################################
 Messages {
   Name = <%= @messages_name %>
-  mailcommand = "/usr/lib/bacula/bsmtp -h localhost -f \"\(Bacula\) %r\" -s \"Bacula: %t %e of %c %l\" %r"
-  operatorcommand = "/usr/lib/bacula/bsmtp -h localhost -f \"\(Bacula\) %r\" -s \"Bacula: Intervention needed for %j\" %r"
-  mail = <%= @operator_email %> = all
-  operator = <%= @operator_email %> = mount
+  mailcommand = "/usr/lib/bacula/bsmtp -h localhost -f \"%r\" -s \"Bacula: %t %e of %c %l\" %r"
+  operatorcommand = "/usr/lib/bacula/bsmtp -h localhost -f \"%r\" -s \"Bacula: Intervention needed for %j\" %r"
+<% if @email_all %>
+  mail = <%= @email_all %> = all
+<% end %>
+<% if @email_error != @email_all %>
+  mail on error = <%= @email_error %> = all
+<% end %>
+  operator = <%= @email_operator %> = mount
   console = all, !skipped, !saved
   syslog = all
   append = "/var/lib/bacula/log" = all
@@ -116,8 +121,8 @@ Messages {
 # Message delivery for daemon messages (no job).
 Messages {
   Name = Daemon
-  mailcommand = "/usr/lib/bacula/bsmtp -h localhost -f \"\(Bacula\) %r\" -s \"Bacula daemon message\" %r"
-  mail = <%= @operator_email %> = all
+  mailcommand = "/usr/lib/bacula/bsmtp -h localhost -f \"%r\" -s \"Bacula daemon message\" %r"
+  mail = <%= @email_daemon %> = all
   console = all, !skipped, !saved
   syslog = all
   append = "/var/lib/bacula/log" = all
diff --git a/modules/roles/manifests/puppetmaster.pp b/modules/roles/manifests/puppetmaster.pp
index af3855d32..100565c2d 100644
--- a/modules/roles/manifests/puppetmaster.pp
+++ b/modules/roles/manifests/puppetmaster.pp
@@ -11,4 +11,22 @@ class roles::puppetmaster {
     target_user => 'puppet',
     collect_tag => 'puppetmaster',
   }
+
+  # we have installed a newer libtrapperkeeper-webserver-jetty9-clojure,
+  # cf. Debian#924005, Debian#930562
+  if versioncmp(Timestamp().strftime('%F'), '2019-12-01') <= 0 {
+    $ensure = versioncmp($::operatingsystemrelease, '10.1') <= 0 ? {
+      true    => 'present',
+      default => 'absent',
+    }
+    file { '/etc/nagios/obsolete-packages-ignore.d/libtrapperkeeper-webserver-jetty9-clojure':
+      ensure  => $ensure,
+      content => "libtrapperkeeper-webserver-jetty9-clojure\n",
+    }
+  } elsif versioncmp(Timestamp().strftime('%F'), '2020-02-01') <= 0 {
+    notify {'Temporary ignore rule expired, package should be in the archive':
+      loglevel => warning, }
+  } else {
+    fail('Clean up roles::puppetmaster')
+  }
 }