Peter Palfrader [Wed, 25 Sep 2019 09:20:39 +0000 (11:20 +0200)]
Try after unbound.service instead of network-online.target
Doing the after network-online.target was not sufficient.
: Config error: Cannot add hostname(adayevskaya.debian.org) and port(9102) to addrlist (Cannot resolve hostname(adayevskaya.debian.org) Temporary failure in name resolution)
: : line 23, col 5 of file /etc/bacula/bacula-fd.conf
: }
Peter Palfrader [Wed, 25 Sep 2019 09:19:18 +0000 (11:19 +0200)]
All our systems are now at least Debian 9
Peter Palfrader [Wed, 25 Sep 2019 09:18:11 +0000 (11:18 +0200)]
sd and fd look up hostnames, so start them only after the network is online -a
Peter Palfrader [Wed, 25 Sep 2019 09:13:14 +0000 (11:13 +0200)]
Use a variable that still exists to define the listen hostname
Peter Palfrader [Wed, 25 Sep 2019 09:08:22 +0000 (11:08 +0200)]
fd: also use the grep in public_addresses to learn if we support v4/v6
Peter Palfrader [Wed, 25 Sep 2019 09:00:15 +0000 (11:00 +0200)]
Pass pool-name token to volumes-delete-old
Peter Palfrader [Wed, 25 Sep 2019 06:59:48 +0000 (08:59 +0200)]
Try to collect directors before we restart fd
Peter Palfrader [Wed, 25 Sep 2019 06:56:00 +0000 (08:56 +0200)]
Only restart once we have at least one file in the .d dir
Peter Palfrader [Wed, 25 Sep 2019 06:52:59 +0000 (08:52 +0200)]
another notify
Peter Palfrader [Wed, 25 Sep 2019 06:52:12 +0000 (08:52 +0200)]
Unnecessary requires
Peter Palfrader [Wed, 25 Sep 2019 06:50:45 +0000 (08:50 +0200)]
And correct location and template for dir snippet on fd
Peter Palfrader [Wed, 25 Sep 2019 06:49:33 +0000 (08:49 +0200)]
Correct notify for dir snippet on fd
Peter Palfrader [Wed, 25 Sep 2019 06:48:42 +0000 (08:48 +0200)]
Correct empty.conf location for fd
Peter Palfrader [Wed, 25 Sep 2019 06:47:59 +0000 (08:47 +0200)]
New default dir name
Peter Palfrader [Wed, 25 Sep 2019 06:46:35 +0000 (08:46 +0200)]
Create an empty file in the FD's conf.d dir
Peter Palfrader [Wed, 25 Sep 2019 06:46:07 +0000 (08:46 +0200)]
I do not think empty directories need a source => (these days)
Peter Palfrader [Wed, 25 Sep 2019 06:40:28 +0000 (08:40 +0200)]
Get director name from director
Peter Palfrader [Tue, 24 Sep 2019 22:40:26 +0000 (00:40 +0200)]
move director db pw to a more local thing
Peter Palfrader [Tue, 24 Sep 2019 22:35:48 +0000 (00:35 +0200)]
Get the ssl variables from bacula:: as we have not inherited them
Peter Palfrader [Tue, 24 Sep 2019 22:32:23 +0000 (00:32 +0200)]
continue with moving director address to a more local thing
Peter Palfrader [Tue, 24 Sep 2019 22:08:25 +0000 (00:08 +0200)]
continue with moving director name/address to a more local thing
Peter Palfrader [Tue, 24 Sep 2019 22:02:28 +0000 (00:02 +0200)]
retire unused var
Peter Palfrader [Tue, 24 Sep 2019 22:00:29 +0000 (00:00 +0200)]
Move ipv[46] check into the manifest
Peter Palfrader [Tue, 24 Sep 2019 21:53:42 +0000 (23:53 +0200)]
Make a few Strings be Stdlib::Host
Peter Palfrader [Tue, 24 Sep 2019 21:36:14 +0000 (23:36 +0200)]
Remove bacula-monitor. This seems unused for now, but we can always bring it back if we think it necessary
Peter Palfrader [Tue, 24 Sep 2019 21:31:05 +0000 (23:31 +0200)]
start with moving director name to a more local thing
Peter Palfrader [Tue, 24 Sep 2019 21:27:23 +0000 (23:27 +0200)]
And storage name is sd local
Peter Palfrader [Tue, 24 Sep 2019 21:20:59 +0000 (23:20 +0200)]
And pass the right variable
Peter Palfrader [Tue, 24 Sep 2019 21:19:15 +0000 (23:19 +0200)]
and use new variable in template
Peter Palfrader [Tue, 24 Sep 2019 21:15:01 +0000 (23:15 +0200)]
Create client name and secret in the fd and ship
Peter Palfrader [Tue, 24 Sep 2019 21:04:55 +0000 (23:04 +0200)]
and use fqdn in hkdf
Peter Palfrader [Tue, 24 Sep 2019 21:04:27 +0000 (23:04 +0200)]
Make director_secret for bconsole something local to the director class
Peter Palfrader [Tue, 24 Sep 2019 21:00:28 +0000 (23:00 +0200)]
Make bacula_director_port something local to the director class
Peter Palfrader [Tue, 24 Sep 2019 20:42:09 +0000 (22:42 +0200)]
explicitly pass client name around
Peter Palfrader [Tue, 24 Sep 2019 20:36:57 +0000 (22:36 +0200)]
Give the RestoreFiles Job needs a pool. any pool.
Adam D. Barratt [Tue, 24 Sep 2019 20:33:13 +0000 (21:33 +0100)]
eximconf: add submission-domains to file list
Signed-off-by: Adam D. Barratt <adam@adam-barratt.org.uk>
Adam D. Barratt [Tue, 24 Sep 2019 20:24:10 +0000 (21:24 +0100)]
eximconf: remove explicit inclusion of 82.195.75.76
Was apparently once a DebConf host but is now a standard d.o host
Signed-off-by: Adam D. Barratt <adam@adam-barratt.org.uk>
Peter Palfrader [Tue, 24 Sep 2019 19:58:47 +0000 (21:58 +0200)]
spell storage better
Peter Palfrader [Tue, 24 Sep 2019 19:43:15 +0000 (21:43 +0200)]
different name
Peter Palfrader [Tue, 24 Sep 2019 19:12:05 +0000 (21:12 +0200)]
Split the director config coming from each node in two parts: one that comes from the client directly and one that goes via the storage
Peter Palfrader [Tue, 24 Sep 2019 14:29:29 +0000 (16:29 +0200)]
Move device name, media type name, and archive device construction to the manifest
Adam D. Barratt [Tue, 24 Sep 2019 19:50:14 +0000 (20:50 +0100)]
eximconf: remove inaccurate comment
Signed-off-by: Adam D. Barratt <adam@adam-barratt.org.uk>
Adam D. Barratt [Tue, 24 Sep 2019 19:48:22 +0000 (20:48 +0100)]
eximconf: use a more idiomatic way of "resetting" a variable
An empty string is as valid as any other, so there's no need for hacks.
Signed-off-by: Adam D. Barratt <adam@adam-barratt.org.uk>
Adam D. Barratt [Tue, 24 Sep 2019 18:07:30 +0000 (19:07 +0100)]
eximconf: add notes on files sourced from UD
Signed-off-by: Adam D. Barratt <adam@adam-barratt.org.uk>
Adam D. Barratt [Tue, 24 Sep 2019 16:59:05 +0000 (17:59 +0100)]
exim_surbl: disable DBL lookups
Probably shouldn't be enabled without some discussion
Signed-off-by: Adam D. Barratt <adam@adam-barratt.org.uk>
Adam D. Barratt [Tue, 24 Sep 2019 16:49:20 +0000 (17:49 +0100)]
eximconf: drop etch-specific comment
It's a little obsolete by now
Signed-off-by: Adam D. Barratt <adam@adam-barratt.org.uk>
Adam D. Barratt [Tue, 24 Sep 2019 16:48:29 +0000 (17:48 +0100)]
exim/manifests/init.pp: fix typo
Signed-off-by: Adam D. Barratt <adam@adam-barratt.org.uk>
Julien Cristau [Tue, 24 Sep 2019 16:26:10 +0000 (18:26 +0200)]
prefix petrova volume at bm with OLD-
Julien Cristau [Tue, 24 Sep 2019 15:22:01 +0000 (17:22 +0200)]
ticharich no longer needs access to bmdb1
The tracker db was moved to danzi
Julien Cristau [Tue, 24 Sep 2019 14:55:22 +0000 (16:55 +0200)]
prefix paradis volumes at bm with OLD-
Peter Palfrader [Tue, 24 Sep 2019 14:20:15 +0000 (16:20 +0200)]
Undo wrong search/replace
Peter Palfrader [Tue, 24 Sep 2019 13:52:20 +0000 (15:52 +0200)]
rename bacula::node to bacula::director::client
Peter Palfrader [Tue, 24 Sep 2019 13:31:03 +0000 (15:31 +0200)]
Move filestore device and media type name to the storage, part I
For now for config on the storage node. Not yet for config
pushed from the client to the director.
Also rename bacula::storage_per_node to bacula::storage::client.
Peter Palfrader [Tue, 24 Sep 2019 12:24:57 +0000 (14:24 +0200)]
backup-path should be something that only the storage system should need to care about
Julien Cristau [Tue, 24 Sep 2019 11:32:26 +0000 (13:32 +0200)]
move the onion address lookup for people.d.o to the template
Julien Cristau [Tue, 24 Sep 2019 10:23:24 +0000 (12:23 +0200)]
Restore an empty line in sshd_config
Julien Cristau [Tue, 24 Sep 2019 10:16:10 +0000 (12:16 +0200)]
Fix typo
Julien Cristau [Tue, 24 Sep 2019 10:12:24 +0000 (12:12 +0200)]
move sshd extra ports to class params instead of hardcoded in the template
Aurelien Jarno [Tue, 24 Sep 2019 09:55:44 +0000 (11:55 +0200)]
Move historical mirror from klecker to new-klecker
Julien Cristau [Tue, 24 Sep 2019 09:54:04 +0000 (11:54 +0200)]
Pull in people.d.o apache config
Peter Palfrader [Tue, 24 Sep 2019 09:44:14 +0000 (11:44 +0200)]
Stop doing catalog backups
The bacula catalog backup job is this special snowflake that's unlike
all the other jobs. It only backups one file,
/var/lib/bacula/bacula.sql.gz, that gets created in a RunBeforeJob
and deleted in a RunAfterJob.
We already have a well-thought out and more generic method to backup
databases, and we should use just that.
The RunBefore/After setup makes sense as a default when you don't have
that, but we do.
Peter Palfrader [Tue, 24 Sep 2019 09:31:07 +0000 (11:31 +0200)]
better shell syntax
Peter Palfrader [Tue, 24 Sep 2019 09:10:39 +0000 (11:10 +0200)]
postgres-make-base-backups: resist running as root
Peter Palfrader [Tue, 24 Sep 2019 09:05:15 +0000 (11:05 +0200)]
backup bacula from postgresql-manda-01
Peter Palfrader [Tue, 24 Sep 2019 08:32:20 +0000 (10:32 +0200)]
Fix fd-to-storage tag
Peter Palfrader [Tue, 24 Sep 2019 08:12:59 +0000 (10:12 +0200)]
Drop old WeeklyCycle, rename the daily WeeklyCycleAfterBackup schedule to CatalogSchedule
Peter Palfrader [Tue, 24 Sep 2019 08:12:22 +0000 (10:12 +0200)]
remove some commented out, dead code
Peter Palfrader [Tue, 24 Sep 2019 08:00:01 +0000 (10:00 +0200)]
Enclose variable names in {}
Peter Palfrader [Tue, 24 Sep 2019 07:59:32 +0000 (09:59 +0200)]
And retire old bacula_client_port param in node
Peter Palfrader [Tue, 24 Sep 2019 07:57:09 +0000 (09:57 +0200)]
Set bacula_client_port during the transition
Peter Palfrader [Tue, 24 Sep 2019 07:54:45 +0000 (09:54 +0200)]
Try to move bacula fd port config to the client class
Peter Palfrader [Tue, 24 Sep 2019 07:10:15 +0000 (09:10 +0200)]
Make bacula-idle-restart not be a template anymore. We can just pass all the relevant things on the command line
Julien Cristau [Tue, 24 Sep 2019 07:03:27 +0000 (09:03 +0200)]
paradis at ubc
Peter Palfrader [Tue, 24 Sep 2019 06:46:46 +0000 (08:46 +0200)]
spacing
Peter Palfrader [Tue, 24 Sep 2019 06:43:24 +0000 (08:43 +0200)]
fix quoting
Peter Palfrader [Tue, 24 Sep 2019 06:42:07 +0000 (08:42 +0200)]
And also make database name, user, and ssl ca path parameters
Peter Palfrader [Tue, 24 Sep 2019 06:36:00 +0000 (08:36 +0200)]
spacing nitpick
Peter Palfrader [Tue, 24 Sep 2019 06:34:39 +0000 (08:34 +0200)]
Make bacula DB a parameter and template variable again
Peter Palfrader [Tue, 24 Sep 2019 06:24:48 +0000 (08:24 +0200)]
remove obsolete comment
Peter Palfrader [Tue, 24 Sep 2019 06:22:02 +0000 (08:22 +0200)]
limit -sd access to bacula clients and the director
Peter Palfrader [Tue, 24 Sep 2019 06:15:37 +0000 (08:15 +0200)]
Qualify tags with director name. Maybe we will support more than one in the future
Peter Palfrader [Tue, 24 Sep 2019 06:10:33 +0000 (08:10 +0200)]
Switch bacula director->storage firewalling to store/collect
Peter Palfrader [Tue, 24 Sep 2019 06:07:02 +0000 (08:07 +0200)]
add a trailing , for form
Julien Cristau [Tue, 24 Sep 2019 06:10:31 +0000 (08:10 +0200)]
add paradis volumes at ubc
Peter Palfrader [Tue, 24 Sep 2019 06:00:00 +0000 (08:00 +0200)]
Switch bacula director->client firewalling to store/collect
Peter Palfrader [Tue, 24 Sep 2019 05:58:59 +0000 (07:58 +0200)]
whitespace/quoting: modules/bacula/manifests/* (make lint happy)
Aurelien Jarno [Mon, 23 Sep 2019 21:40:25 +0000 (23:40 +0200)]
prefix gideon volumes at bm with OLD-
Adam D. Barratt [Mon, 23 Sep 2019 20:20:00 +0000 (21:20 +0100)]
eximconf.erb: simplify bugs.d.o router
Signed-off-by: Adam D. Barratt <adam@adam-barratt.org.uk>
Peter Palfrader [Mon, 23 Sep 2019 17:24:55 +0000 (19:24 +0200)]
director.pp: spacing changes
Julien Cristau [Mon, 23 Sep 2019 18:57:56 +0000 (20:57 +0200)]
stop procps messing with our protected_hardlinks setting on debian-cd hosts
Adam D. Barratt [Mon, 23 Sep 2019 18:43:38 +0000 (19:43 +0100)]
exim: update {two,three}-level-tlds from SURBL
Signed-off-by: Adam D. Barratt <adam@adam-barratt.org.uk>
Adam D. Barratt [Mon, 23 Sep 2019 18:24:45 +0000 (19:24 +0100)]
exim: ship new {two,three}-level-tlds files for exim_surbl.pl
Signed-off-by: Adam D. Barratt <adam@adam-barratt.org.uk>
Adam D. Barratt [Mon, 23 Sep 2019 18:21:16 +0000 (19:21 +0100)]
exim: update exim_surbl.pl to version 2.3
- re-add Puppet headers
- fix file paths to use Debian's /etc/exim4
- add new {two,three}-level-tlds files
Signed-off-by: Adam D. Barratt <adam@adam-barratt.org.uk>
Peter Palfrader [Mon, 23 Sep 2019 17:00:28 +0000 (19:00 +0200)]
storage.pp: fix spacing
Peter Palfrader [Mon, 23 Sep 2019 16:58:22 +0000 (18:58 +0200)]
Drop explicit 5.153.231.125 and 5.153.231.126 from the bacula-sd firewall allow. If we still need them we should learn that this way
Peter Palfrader [Mon, 23 Sep 2019 16:56:43 +0000 (18:56 +0200)]
merge ipv4 and ipv6 rules to bacula-sd
Peter Palfrader [Mon, 23 Sep 2019 15:43:49 +0000 (17:43 +0200)]
rename jerea (bm) volumes to OLD-
Peter Palfrader [Mon, 23 Sep 2019 15:40:39 +0000 (17:40 +0200)]
there no longer is a system-service called jenkins; update sudoers
Peter Palfrader [Mon, 23 Sep 2019 15:38:39 +0000 (17:38 +0200)]
give the jenkins roles home directories
Peter Palfrader [Mon, 23 Sep 2019 15:36:12 +0000 (17:36 +0200)]
install jenkins metapackage