mirror/dsa-puppet.git
5 years agoTry after unbound.service instead of network-online.target
Peter Palfrader [Wed, 25 Sep 2019 09:20:39 +0000 (11:20 +0200)]
Try after unbound.service instead of network-online.target

Doing the after network-online.target was not sufficient.

: Config error: Cannot add hostname(adayevskaya.debian.org) and port(9102) to addrlist (Cannot resolve hostname(adayevskaya.debian.org) Temporary failure in name resolution)
:             : line 23, col 5 of file /etc/bacula/bacula-fd.conf
:     }

5 years agoAll our systems are now at least Debian 9
Peter Palfrader [Wed, 25 Sep 2019 09:19:18 +0000 (11:19 +0200)]
All our systems are now at least Debian 9

5 years agosd and fd look up hostnames, so start them only after the network is online -a
Peter Palfrader [Wed, 25 Sep 2019 09:18:11 +0000 (11:18 +0200)]
sd and fd look up hostnames, so start them only after the network is online -a

5 years agoUse a variable that still exists to define the listen hostname
Peter Palfrader [Wed, 25 Sep 2019 09:13:14 +0000 (11:13 +0200)]
Use a variable that still exists to define the listen hostname

5 years agofd: also use the grep in public_addresses to learn if we support v4/v6
Peter Palfrader [Wed, 25 Sep 2019 09:08:22 +0000 (11:08 +0200)]
fd: also use the grep in public_addresses to learn if we support v4/v6

5 years agoPass pool-name token to volumes-delete-old
Peter Palfrader [Wed, 25 Sep 2019 09:00:15 +0000 (11:00 +0200)]
Pass pool-name token to volumes-delete-old

5 years agoTry to collect directors before we restart fd
Peter Palfrader [Wed, 25 Sep 2019 06:59:48 +0000 (08:59 +0200)]
Try to collect directors before we restart fd

5 years agoOnly restart once we have at least one file in the .d dir
Peter Palfrader [Wed, 25 Sep 2019 06:56:00 +0000 (08:56 +0200)]
Only restart once we have at least one file in the .d dir

5 years agoanother notify
Peter Palfrader [Wed, 25 Sep 2019 06:52:59 +0000 (08:52 +0200)]
another notify

5 years agoUnnecessary requires
Peter Palfrader [Wed, 25 Sep 2019 06:52:12 +0000 (08:52 +0200)]
Unnecessary requires

5 years agoAnd correct location and template for dir snippet on fd
Peter Palfrader [Wed, 25 Sep 2019 06:50:45 +0000 (08:50 +0200)]
And correct location and template for dir snippet on fd

5 years agoCorrect notify for dir snippet on fd
Peter Palfrader [Wed, 25 Sep 2019 06:49:33 +0000 (08:49 +0200)]
Correct notify for dir snippet on fd

5 years agoCorrect empty.conf location for fd
Peter Palfrader [Wed, 25 Sep 2019 06:48:42 +0000 (08:48 +0200)]
Correct empty.conf location for fd

5 years agoNew default dir name
Peter Palfrader [Wed, 25 Sep 2019 06:47:59 +0000 (08:47 +0200)]
New default dir name

5 years agoCreate an empty file in the FD's conf.d dir
Peter Palfrader [Wed, 25 Sep 2019 06:46:35 +0000 (08:46 +0200)]
Create an empty file in the FD's conf.d dir

5 years agoI do not think empty directories need a source => (these days)
Peter Palfrader [Wed, 25 Sep 2019 06:46:07 +0000 (08:46 +0200)]
I do not think empty directories need a source => (these days)

5 years agoGet director name from director
Peter Palfrader [Wed, 25 Sep 2019 06:40:28 +0000 (08:40 +0200)]
Get director name from director

5 years agomove director db pw to a more local thing
Peter Palfrader [Tue, 24 Sep 2019 22:40:26 +0000 (00:40 +0200)]
move director db pw to a more local thing

5 years agoGet the ssl variables from bacula:: as we have not inherited them
Peter Palfrader [Tue, 24 Sep 2019 22:35:48 +0000 (00:35 +0200)]
Get the ssl variables from bacula:: as we have not inherited them

5 years agocontinue with moving director address to a more local thing
Peter Palfrader [Tue, 24 Sep 2019 22:32:23 +0000 (00:32 +0200)]
continue with moving director address to a more local thing

5 years agocontinue with moving director name/address to a more local thing
Peter Palfrader [Tue, 24 Sep 2019 22:08:25 +0000 (00:08 +0200)]
continue with moving director name/address to a more local thing

5 years agoretire unused var
Peter Palfrader [Tue, 24 Sep 2019 22:02:28 +0000 (00:02 +0200)]
retire unused var

5 years agoMove ipv[46] check into the manifest
Peter Palfrader [Tue, 24 Sep 2019 22:00:29 +0000 (00:00 +0200)]
Move ipv[46] check into the manifest

5 years agoMake a few Strings be Stdlib::Host
Peter Palfrader [Tue, 24 Sep 2019 21:53:42 +0000 (23:53 +0200)]
Make a few Strings be Stdlib::Host

5 years agoRemove bacula-monitor. This seems unused for now, but we can always bring it back...
Peter Palfrader [Tue, 24 Sep 2019 21:36:14 +0000 (23:36 +0200)]
Remove bacula-monitor.  This seems unused for now, but we can always bring it back if we think it necessary

5 years agostart with moving director name to a more local thing
Peter Palfrader [Tue, 24 Sep 2019 21:31:05 +0000 (23:31 +0200)]
start with moving director name to a more local thing

5 years agoAnd storage name is sd local
Peter Palfrader [Tue, 24 Sep 2019 21:27:23 +0000 (23:27 +0200)]
And storage name is sd local

5 years agoAnd pass the right variable
Peter Palfrader [Tue, 24 Sep 2019 21:20:59 +0000 (23:20 +0200)]
And pass the right variable

5 years agoand use new variable in template
Peter Palfrader [Tue, 24 Sep 2019 21:19:15 +0000 (23:19 +0200)]
and use new variable in template

5 years agoCreate client name and secret in the fd and ship
Peter Palfrader [Tue, 24 Sep 2019 21:15:01 +0000 (23:15 +0200)]
Create client name and secret in the fd and ship

5 years agoand use fqdn in hkdf
Peter Palfrader [Tue, 24 Sep 2019 21:04:55 +0000 (23:04 +0200)]
and use fqdn in hkdf

5 years agoMake director_secret for bconsole something local to the director class
Peter Palfrader [Tue, 24 Sep 2019 21:04:27 +0000 (23:04 +0200)]
Make director_secret for bconsole something local to the director class

5 years agoMake bacula_director_port something local to the director class
Peter Palfrader [Tue, 24 Sep 2019 21:00:28 +0000 (23:00 +0200)]
Make bacula_director_port something local to the director class

5 years agoexplicitly pass client name around
Peter Palfrader [Tue, 24 Sep 2019 20:42:09 +0000 (22:42 +0200)]
explicitly pass client name around

5 years agoGive the RestoreFiles Job needs a pool. any pool.
Peter Palfrader [Tue, 24 Sep 2019 20:36:57 +0000 (22:36 +0200)]
Give the RestoreFiles Job needs a pool.  any pool.

5 years agoeximconf: add submission-domains to file list
Adam D. Barratt [Tue, 24 Sep 2019 20:33:13 +0000 (21:33 +0100)]
eximconf: add submission-domains to file list

Signed-off-by: Adam D. Barratt <adam@adam-barratt.org.uk>
5 years agoeximconf: remove explicit inclusion of 82.195.75.76
Adam D. Barratt [Tue, 24 Sep 2019 20:24:10 +0000 (21:24 +0100)]
eximconf: remove explicit inclusion of 82.195.75.76

Was apparently once a DebConf host but is now a standard d.o host

Signed-off-by: Adam D. Barratt <adam@adam-barratt.org.uk>
5 years agospell storage better
Peter Palfrader [Tue, 24 Sep 2019 19:58:47 +0000 (21:58 +0200)]
spell storage better

5 years agodifferent name
Peter Palfrader [Tue, 24 Sep 2019 19:43:15 +0000 (21:43 +0200)]
different name

5 years agoSplit the director config coming from each node in two parts: one that comes from...
Peter Palfrader [Tue, 24 Sep 2019 19:12:05 +0000 (21:12 +0200)]
Split the director config coming from each node in two parts:  one that comes from the client directly and one that goes via the storage

5 years agoMove device name, media type name, and archive device construction to the manifest
Peter Palfrader [Tue, 24 Sep 2019 14:29:29 +0000 (16:29 +0200)]
Move device name, media type name, and archive device construction to the manifest

5 years agoeximconf: remove inaccurate comment
Adam D. Barratt [Tue, 24 Sep 2019 19:50:14 +0000 (20:50 +0100)]
eximconf: remove inaccurate comment

Signed-off-by: Adam D. Barratt <adam@adam-barratt.org.uk>
5 years agoeximconf: use a more idiomatic way of "resetting" a variable
Adam D. Barratt [Tue, 24 Sep 2019 19:48:22 +0000 (20:48 +0100)]
eximconf: use a more idiomatic way of "resetting" a variable

An empty string is as valid as any other, so there's no need for hacks.

Signed-off-by: Adam D. Barratt <adam@adam-barratt.org.uk>
5 years agoeximconf: add notes on files sourced from UD
Adam D. Barratt [Tue, 24 Sep 2019 18:07:30 +0000 (19:07 +0100)]
eximconf: add notes on files sourced from UD

Signed-off-by: Adam D. Barratt <adam@adam-barratt.org.uk>
5 years agoexim_surbl: disable DBL lookups
Adam D. Barratt [Tue, 24 Sep 2019 16:59:05 +0000 (17:59 +0100)]
exim_surbl: disable DBL lookups

Probably shouldn't be enabled without some discussion

Signed-off-by: Adam D. Barratt <adam@adam-barratt.org.uk>
5 years agoeximconf: drop etch-specific comment
Adam D. Barratt [Tue, 24 Sep 2019 16:49:20 +0000 (17:49 +0100)]
eximconf: drop etch-specific comment

It's a little obsolete by now

Signed-off-by: Adam D. Barratt <adam@adam-barratt.org.uk>
5 years agoexim/manifests/init.pp: fix typo
Adam D. Barratt [Tue, 24 Sep 2019 16:48:29 +0000 (17:48 +0100)]
exim/manifests/init.pp: fix typo

Signed-off-by: Adam D. Barratt <adam@adam-barratt.org.uk>
5 years agoprefix petrova volume at bm with OLD-
Julien Cristau [Tue, 24 Sep 2019 16:26:10 +0000 (18:26 +0200)]
prefix petrova volume at bm with OLD-

5 years agoticharich no longer needs access to bmdb1
Julien Cristau [Tue, 24 Sep 2019 15:22:01 +0000 (17:22 +0200)]
ticharich no longer needs access to bmdb1

The tracker db was moved to danzi

5 years agoprefix paradis volumes at bm with OLD-
Julien Cristau [Tue, 24 Sep 2019 14:55:22 +0000 (16:55 +0200)]
prefix paradis volumes at bm with OLD-

5 years agoUndo wrong search/replace
Peter Palfrader [Tue, 24 Sep 2019 14:20:15 +0000 (16:20 +0200)]
Undo wrong search/replace

5 years agorename bacula::node to bacula::director::client
Peter Palfrader [Tue, 24 Sep 2019 13:52:20 +0000 (15:52 +0200)]
rename bacula::node to bacula::director::client

5 years agoMove filestore device and media type name to the storage, part I
Peter Palfrader [Tue, 24 Sep 2019 13:31:03 +0000 (15:31 +0200)]
Move filestore device and media type name to the storage, part I

For now for config on the storage node.  Not yet for config
pushed from the client to the director.

Also rename bacula::storage_per_node to bacula::storage::client.

5 years agobackup-path should be something that only the storage system should need to care...
Peter Palfrader [Tue, 24 Sep 2019 12:24:57 +0000 (14:24 +0200)]
backup-path should be something that only the storage system should need to care about

5 years agomove the onion address lookup for people.d.o to the template
Julien Cristau [Tue, 24 Sep 2019 11:32:26 +0000 (13:32 +0200)]
move the onion address lookup for people.d.o to the template

5 years agoRestore an empty line in sshd_config
Julien Cristau [Tue, 24 Sep 2019 10:23:24 +0000 (12:23 +0200)]
Restore an empty line in sshd_config

5 years agoFix typo
Julien Cristau [Tue, 24 Sep 2019 10:16:10 +0000 (12:16 +0200)]
Fix typo

5 years agomove sshd extra ports to class params instead of hardcoded in the template
Julien Cristau [Tue, 24 Sep 2019 10:12:24 +0000 (12:12 +0200)]
move sshd extra ports to class params instead of hardcoded in the template

5 years agoMove historical mirror from klecker to new-klecker
Aurelien Jarno [Tue, 24 Sep 2019 09:55:44 +0000 (11:55 +0200)]
Move historical mirror from klecker to new-klecker

5 years agoPull in people.d.o apache config
Julien Cristau [Tue, 24 Sep 2019 09:54:04 +0000 (11:54 +0200)]
Pull in people.d.o apache config

5 years agoStop doing catalog backups
Peter Palfrader [Tue, 24 Sep 2019 09:44:14 +0000 (11:44 +0200)]
Stop doing catalog backups

The bacula catalog backup job is this special snowflake that's unlike
all the other jobs.  It only backups one file,
/var/lib/bacula/bacula.sql.gz, that gets created in a RunBeforeJob
and deleted in a RunAfterJob.

We already have a well-thought out and more generic method to backup
databases, and we should use just that.

The RunBefore/After setup makes sense as a default when you don't have
that, but we do.

5 years agobetter shell syntax
Peter Palfrader [Tue, 24 Sep 2019 09:31:07 +0000 (11:31 +0200)]
better shell syntax

5 years agopostgres-make-base-backups: resist running as root
Peter Palfrader [Tue, 24 Sep 2019 09:10:39 +0000 (11:10 +0200)]
postgres-make-base-backups: resist running as root

5 years agobackup bacula from postgresql-manda-01
Peter Palfrader [Tue, 24 Sep 2019 09:05:15 +0000 (11:05 +0200)]
backup bacula from postgresql-manda-01

5 years agoFix fd-to-storage tag
Peter Palfrader [Tue, 24 Sep 2019 08:32:20 +0000 (10:32 +0200)]
Fix fd-to-storage tag

5 years agoDrop old WeeklyCycle, rename the daily WeeklyCycleAfterBackup schedule to CatalogSchedule
Peter Palfrader [Tue, 24 Sep 2019 08:12:59 +0000 (10:12 +0200)]
Drop old WeeklyCycle, rename the daily WeeklyCycleAfterBackup schedule to CatalogSchedule

5 years agoremove some commented out, dead code
Peter Palfrader [Tue, 24 Sep 2019 08:12:22 +0000 (10:12 +0200)]
remove some commented out, dead code

5 years agoEnclose variable names in {}
Peter Palfrader [Tue, 24 Sep 2019 08:00:01 +0000 (10:00 +0200)]
Enclose variable names in {}

5 years agoAnd retire old bacula_client_port param in node
Peter Palfrader [Tue, 24 Sep 2019 07:59:32 +0000 (09:59 +0200)]
And retire old bacula_client_port param in node

5 years agoSet bacula_client_port during the transition
Peter Palfrader [Tue, 24 Sep 2019 07:57:09 +0000 (09:57 +0200)]
Set bacula_client_port during the transition

5 years agoTry to move bacula fd port config to the client class
Peter Palfrader [Tue, 24 Sep 2019 07:54:45 +0000 (09:54 +0200)]
Try to move bacula fd port config to the client class

5 years agoMake bacula-idle-restart not be a template anymore. We can just pass all the relevan...
Peter Palfrader [Tue, 24 Sep 2019 07:10:15 +0000 (09:10 +0200)]
Make bacula-idle-restart not be a template anymore.  We can just pass all the relevant things on the command line

5 years agoparadis at ubc
Julien Cristau [Tue, 24 Sep 2019 07:03:27 +0000 (09:03 +0200)]
paradis at ubc

5 years agospacing
Peter Palfrader [Tue, 24 Sep 2019 06:46:46 +0000 (08:46 +0200)]
spacing

5 years agofix quoting
Peter Palfrader [Tue, 24 Sep 2019 06:43:24 +0000 (08:43 +0200)]
fix quoting

5 years agoAnd also make database name, user, and ssl ca path parameters
Peter Palfrader [Tue, 24 Sep 2019 06:42:07 +0000 (08:42 +0200)]
And also make database name, user, and ssl ca path parameters

5 years agospacing nitpick
Peter Palfrader [Tue, 24 Sep 2019 06:36:00 +0000 (08:36 +0200)]
spacing nitpick

5 years agoMake bacula DB a parameter and template variable again
Peter Palfrader [Tue, 24 Sep 2019 06:34:39 +0000 (08:34 +0200)]
Make bacula DB a parameter and template variable again

5 years agoremove obsolete comment
Peter Palfrader [Tue, 24 Sep 2019 06:24:48 +0000 (08:24 +0200)]
remove obsolete comment

5 years agolimit -sd access to bacula clients and the director
Peter Palfrader [Tue, 24 Sep 2019 06:22:02 +0000 (08:22 +0200)]
limit -sd access to bacula clients and the director

5 years agoQualify tags with director name. Maybe we will support more than one in the future
Peter Palfrader [Tue, 24 Sep 2019 06:15:37 +0000 (08:15 +0200)]
Qualify tags with director name.  Maybe we will support more than one in the future

5 years agoSwitch bacula director->storage firewalling to store/collect
Peter Palfrader [Tue, 24 Sep 2019 06:10:33 +0000 (08:10 +0200)]
Switch bacula director->storage firewalling to store/collect

5 years agoadd a trailing , for form
Peter Palfrader [Tue, 24 Sep 2019 06:07:02 +0000 (08:07 +0200)]
add a trailing , for form

5 years agoadd paradis volumes at ubc
Julien Cristau [Tue, 24 Sep 2019 06:10:31 +0000 (08:10 +0200)]
add paradis volumes at ubc

5 years agoSwitch bacula director->client firewalling to store/collect
Peter Palfrader [Tue, 24 Sep 2019 06:00:00 +0000 (08:00 +0200)]
Switch bacula director->client firewalling to store/collect

5 years agowhitespace/quoting: modules/bacula/manifests/* (make lint happy)
Peter Palfrader [Tue, 24 Sep 2019 05:58:59 +0000 (07:58 +0200)]
whitespace/quoting: modules/bacula/manifests/* (make lint happy)

5 years agoprefix gideon volumes at bm with OLD-
Aurelien Jarno [Mon, 23 Sep 2019 21:40:25 +0000 (23:40 +0200)]
prefix gideon volumes at bm with OLD-

5 years agoeximconf.erb: simplify bugs.d.o router
Adam D. Barratt [Mon, 23 Sep 2019 20:20:00 +0000 (21:20 +0100)]
eximconf.erb: simplify bugs.d.o router

Signed-off-by: Adam D. Barratt <adam@adam-barratt.org.uk>
5 years agodirector.pp: spacing changes
Peter Palfrader [Mon, 23 Sep 2019 17:24:55 +0000 (19:24 +0200)]
director.pp: spacing changes

5 years agostop procps messing with our protected_hardlinks setting on debian-cd hosts
Julien Cristau [Mon, 23 Sep 2019 18:57:56 +0000 (20:57 +0200)]
stop procps messing with our protected_hardlinks setting on debian-cd hosts

5 years agoexim: update {two,three}-level-tlds from SURBL
Adam D. Barratt [Mon, 23 Sep 2019 18:43:38 +0000 (19:43 +0100)]
exim: update {two,three}-level-tlds from SURBL

Signed-off-by: Adam D. Barratt <adam@adam-barratt.org.uk>
5 years agoexim: ship new {two,three}-level-tlds files for exim_surbl.pl
Adam D. Barratt [Mon, 23 Sep 2019 18:24:45 +0000 (19:24 +0100)]
exim: ship new {two,three}-level-tlds files for exim_surbl.pl

Signed-off-by: Adam D. Barratt <adam@adam-barratt.org.uk>
5 years agoexim: update exim_surbl.pl to version 2.3
Adam D. Barratt [Mon, 23 Sep 2019 18:21:16 +0000 (19:21 +0100)]
exim: update exim_surbl.pl to version 2.3

- re-add Puppet headers
- fix file paths to use Debian's /etc/exim4
- add new {two,three}-level-tlds files

Signed-off-by: Adam D. Barratt <adam@adam-barratt.org.uk>
5 years agostorage.pp: fix spacing
Peter Palfrader [Mon, 23 Sep 2019 17:00:28 +0000 (19:00 +0200)]
storage.pp: fix spacing

5 years agoDrop explicit 5.153.231.125 and 5.153.231.126 from the bacula-sd firewall allow....
Peter Palfrader [Mon, 23 Sep 2019 16:58:22 +0000 (18:58 +0200)]
Drop explicit 5.153.231.125 and 5.153.231.126 from the bacula-sd firewall allow.  If we still need them we should learn that this way

5 years agomerge ipv4 and ipv6 rules to bacula-sd
Peter Palfrader [Mon, 23 Sep 2019 16:56:43 +0000 (18:56 +0200)]
merge ipv4 and ipv6 rules to bacula-sd

5 years agorename jerea (bm) volumes to OLD-
Peter Palfrader [Mon, 23 Sep 2019 15:43:49 +0000 (17:43 +0200)]
rename jerea (bm) volumes to OLD-

5 years agothere no longer is a system-service called jenkins; update sudoers
Peter Palfrader [Mon, 23 Sep 2019 15:40:39 +0000 (17:40 +0200)]
there no longer is a system-service called jenkins; update sudoers

5 years agogive the jenkins roles home directories
Peter Palfrader [Mon, 23 Sep 2019 15:38:39 +0000 (17:38 +0200)]
give the jenkins roles home directories

5 years agoinstall jenkins metapackage
Peter Palfrader [Mon, 23 Sep 2019 15:36:12 +0000 (17:36 +0200)]
install jenkins metapackage