Adam D. Barratt [Tue, 24 Sep 2019 19:50:14 +0000 (20:50 +0100)]
eximconf: remove inaccurate comment
Signed-off-by: Adam D. Barratt <adam@adam-barratt.org.uk>
Adam D. Barratt [Tue, 24 Sep 2019 19:48:22 +0000 (20:48 +0100)]
eximconf: use a more idiomatic way of "resetting" a variable
An empty string is as valid as any other, so there's no need for hacks.
Signed-off-by: Adam D. Barratt <adam@adam-barratt.org.uk>
Adam D. Barratt [Tue, 24 Sep 2019 18:07:30 +0000 (19:07 +0100)]
eximconf: add notes on files sourced from UD
Signed-off-by: Adam D. Barratt <adam@adam-barratt.org.uk>
Adam D. Barratt [Tue, 24 Sep 2019 16:59:05 +0000 (17:59 +0100)]
exim_surbl: disable DBL lookups
Probably shouldn't be enabled without some discussion
Signed-off-by: Adam D. Barratt <adam@adam-barratt.org.uk>
Adam D. Barratt [Tue, 24 Sep 2019 16:49:20 +0000 (17:49 +0100)]
eximconf: drop etch-specific comment
It's a little obsolete by now
Signed-off-by: Adam D. Barratt <adam@adam-barratt.org.uk>
Adam D. Barratt [Tue, 24 Sep 2019 16:48:29 +0000 (17:48 +0100)]
exim/manifests/init.pp: fix typo
Signed-off-by: Adam D. Barratt <adam@adam-barratt.org.uk>
Adam D. Barratt [Mon, 23 Sep 2019 20:20:00 +0000 (21:20 +0100)]
eximconf.erb: simplify bugs.d.o router
Signed-off-by: Adam D. Barratt <adam@adam-barratt.org.uk>
Adam D. Barratt [Mon, 23 Sep 2019 18:43:38 +0000 (19:43 +0100)]
exim: update {two,three}-level-tlds from SURBL
Signed-off-by: Adam D. Barratt <adam@adam-barratt.org.uk>
Adam D. Barratt [Mon, 23 Sep 2019 18:24:45 +0000 (19:24 +0100)]
exim: ship new {two,three}-level-tlds files for exim_surbl.pl
Signed-off-by: Adam D. Barratt <adam@adam-barratt.org.uk>
Adam D. Barratt [Mon, 23 Sep 2019 18:21:16 +0000 (19:21 +0100)]
exim: update exim_surbl.pl to version 2.3
- re-add Puppet headers
- fix file paths to use Debian's /etc/exim4
- add new {two,three}-level-tlds files
Signed-off-by: Adam D. Barratt <adam@adam-barratt.org.uk>
Adam D. Barratt [Sun, 22 Sep 2019 19:45:31 +0000 (20:45 +0100)]
eximconf.erb: macroize maximum content scanning message size
Signed-off-by: Adam D. Barratt <adam@adam-barratt.org.uk>
Adam D. Barratt [Sun, 22 Sep 2019 19:25:00 +0000 (20:25 +0100)]
eximconf.erb: standardise on style of condition checks
From the Exim documentation:
"If both strings are omitted, the result is the string true if the
condition is true, and the empty string if the condition is false.
This makes it less cumbersome to write custom ACL and router
conditions."
Signed-off-by: Adam D. Barratt <adam@adam-barratt.org.uk>
Adam D. Barratt [Sun, 22 Sep 2019 17:39:05 +0000 (18:39 +0100)]
eximconf.erb: typo fix ("seperate" -> "separate")
Signed-off-by: Adam D. Barratt <adam@adam-barratt.org.uk>
Adam D. Barratt [Sun, 22 Sep 2019 17:38:43 +0000 (18:38 +0100)]
eximconf.erb: consistently capitalise Exim and Debian
Signed-off-by: Adam D. Barratt <adam@adam-barratt.org.uk>
Adam D. Barratt [Sun, 22 Sep 2019 17:34:30 +0000 (18:34 +0100)]
eximconf.erb: fix typo ("usefull" -> "useful")
Signed-off-by: Adam D. Barratt <adam@adam-barratt.org.uk>
Adam D. Barratt [Sun, 22 Sep 2019 17:33:29 +0000 (18:33 +0100)]
eximconf.erb: fix address mentioned in postmaster@d.o check
Signed-off-by: Adam D. Barratt <adam@adam-barratt.org.uk>
Adam D. Barratt [Sun, 22 Sep 2019 17:32:44 +0000 (18:32 +0100)]
eximconf.erb: fix some typoes
Signed-off-by: Adam D. Barratt <adam@adam-barratt.org.uk>
Adam D. Barratt [Sun, 22 Sep 2019 17:00:52 +0000 (18:00 +0100)]
eximconf: correct obsolete references to "/etc/exim"
Signed-off-by: Adam D. Barratt <adam@adam-barratt.org.uk>
Adam D. Barratt [Sun, 22 Sep 2019 16:56:53 +0000 (17:56 +0100)]
Remove no longer required submission-domains override for busoni
busoni itself no longer exists and the bugs.d.o submission override
is now handled differently.
Signed-off-by: Adam D. Barratt <adam@adam-barratt.org.uk>
Peter Palfrader [Wed, 25 Sep 2019 14:54:18 +0000 (16:54 +0200)]
Try to wait for both network-online *and* unbound
Peter Palfrader [Wed, 25 Sep 2019 12:57:31 +0000 (14:57 +0200)]
defaults for db_address, db_port; move dbsslmode = verify-ca into the case where we have a dbsslca
Peter Palfrader [Wed, 25 Sep 2019 12:21:32 +0000 (14:21 +0200)]
List non-optional params first
Peter Palfrader [Wed, 25 Sep 2019 12:20:25 +0000 (14:20 +0200)]
Move bacula::bacula_ssl_{server,client}_{cert,key} to hiera
Peter Palfrader [Wed, 25 Sep 2019 12:09:45 +0000 (14:09 +0200)]
Move bacula::bacula_ssl_ca_path to hiera
Peter Palfrader [Wed, 25 Sep 2019 12:01:48 +0000 (14:01 +0200)]
s/bacula_ca_path/bacula_ssl_ca_path/
Peter Palfrader [Wed, 25 Sep 2019 11:59:57 +0000 (13:59 +0200)]
Move operator_email to hiera
Peter Palfrader [Wed, 25 Sep 2019 11:58:01 +0000 (13:58 +0200)]
bacula_dsa_client_list and tag_bacula_dsa_client_list are not parameters
Peter Palfrader [Wed, 25 Sep 2019 11:41:15 +0000 (13:41 +0200)]
Document ferm::rule::simple
Peter Palfrader [Wed, 25 Sep 2019 11:05:06 +0000 (13:05 +0200)]
dsa_systemd::override: cleanup and make sure removal cleans the dir also
Peter Palfrader [Wed, 25 Sep 2019 09:50:42 +0000 (11:50 +0200)]
Make rentention periods configurable with hiera, per client
Peter Palfrader [Wed, 25 Sep 2019 09:40:05 +0000 (11:40 +0200)]
Globally enable Heartbeat Interval
Peter Palfrader [Wed, 25 Sep 2019 09:33:50 +0000 (11:33 +0200)]
Remove defaults
Peter Palfrader [Wed, 25 Sep 2019 09:31:24 +0000 (11:31 +0200)]
Unify name of the Messages Resource
Peter Palfrader [Wed, 25 Sep 2019 09:20:39 +0000 (11:20 +0200)]
Try after unbound.service instead of network-online.target
Doing the after network-online.target was not sufficient.
: Config error: Cannot add hostname(adayevskaya.debian.org) and port(9102) to addrlist (Cannot resolve hostname(adayevskaya.debian.org) Temporary failure in name resolution)
: : line 23, col 5 of file /etc/bacula/bacula-fd.conf
: }
Peter Palfrader [Wed, 25 Sep 2019 09:19:18 +0000 (11:19 +0200)]
All our systems are now at least Debian 9
Peter Palfrader [Wed, 25 Sep 2019 09:18:11 +0000 (11:18 +0200)]
sd and fd look up hostnames, so start them only after the network is online -a
Peter Palfrader [Wed, 25 Sep 2019 09:13:14 +0000 (11:13 +0200)]
Use a variable that still exists to define the listen hostname
Peter Palfrader [Wed, 25 Sep 2019 09:08:22 +0000 (11:08 +0200)]
fd: also use the grep in public_addresses to learn if we support v4/v6
Peter Palfrader [Wed, 25 Sep 2019 09:00:15 +0000 (11:00 +0200)]
Pass pool-name token to volumes-delete-old
Peter Palfrader [Wed, 25 Sep 2019 06:59:48 +0000 (08:59 +0200)]
Try to collect directors before we restart fd
Peter Palfrader [Wed, 25 Sep 2019 06:56:00 +0000 (08:56 +0200)]
Only restart once we have at least one file in the .d dir
Peter Palfrader [Wed, 25 Sep 2019 06:52:59 +0000 (08:52 +0200)]
another notify
Peter Palfrader [Wed, 25 Sep 2019 06:52:12 +0000 (08:52 +0200)]
Unnecessary requires
Peter Palfrader [Wed, 25 Sep 2019 06:50:45 +0000 (08:50 +0200)]
And correct location and template for dir snippet on fd
Peter Palfrader [Wed, 25 Sep 2019 06:49:33 +0000 (08:49 +0200)]
Correct notify for dir snippet on fd
Peter Palfrader [Wed, 25 Sep 2019 06:48:42 +0000 (08:48 +0200)]
Correct empty.conf location for fd
Peter Palfrader [Wed, 25 Sep 2019 06:47:59 +0000 (08:47 +0200)]
New default dir name
Peter Palfrader [Wed, 25 Sep 2019 06:46:35 +0000 (08:46 +0200)]
Create an empty file in the FD's conf.d dir
Peter Palfrader [Wed, 25 Sep 2019 06:46:07 +0000 (08:46 +0200)]
I do not think empty directories need a source => (these days)
Peter Palfrader [Wed, 25 Sep 2019 06:40:28 +0000 (08:40 +0200)]
Get director name from director
Peter Palfrader [Tue, 24 Sep 2019 22:40:26 +0000 (00:40 +0200)]
move director db pw to a more local thing
Peter Palfrader [Tue, 24 Sep 2019 22:35:48 +0000 (00:35 +0200)]
Get the ssl variables from bacula:: as we have not inherited them
Peter Palfrader [Tue, 24 Sep 2019 22:32:23 +0000 (00:32 +0200)]
continue with moving director address to a more local thing
Peter Palfrader [Tue, 24 Sep 2019 22:08:25 +0000 (00:08 +0200)]
continue with moving director name/address to a more local thing
Peter Palfrader [Tue, 24 Sep 2019 22:02:28 +0000 (00:02 +0200)]
retire unused var
Peter Palfrader [Tue, 24 Sep 2019 22:00:29 +0000 (00:00 +0200)]
Move ipv[46] check into the manifest
Peter Palfrader [Tue, 24 Sep 2019 21:53:42 +0000 (23:53 +0200)]
Make a few Strings be Stdlib::Host
Peter Palfrader [Tue, 24 Sep 2019 21:36:14 +0000 (23:36 +0200)]
Remove bacula-monitor. This seems unused for now, but we can always bring it back if we think it necessary
Peter Palfrader [Tue, 24 Sep 2019 21:31:05 +0000 (23:31 +0200)]
start with moving director name to a more local thing
Peter Palfrader [Tue, 24 Sep 2019 21:27:23 +0000 (23:27 +0200)]
And storage name is sd local
Peter Palfrader [Tue, 24 Sep 2019 21:20:59 +0000 (23:20 +0200)]
And pass the right variable
Peter Palfrader [Tue, 24 Sep 2019 21:19:15 +0000 (23:19 +0200)]
and use new variable in template
Peter Palfrader [Tue, 24 Sep 2019 21:15:01 +0000 (23:15 +0200)]
Create client name and secret in the fd and ship
Peter Palfrader [Tue, 24 Sep 2019 21:04:55 +0000 (23:04 +0200)]
and use fqdn in hkdf
Peter Palfrader [Tue, 24 Sep 2019 21:04:27 +0000 (23:04 +0200)]
Make director_secret for bconsole something local to the director class
Peter Palfrader [Tue, 24 Sep 2019 21:00:28 +0000 (23:00 +0200)]
Make bacula_director_port something local to the director class
Peter Palfrader [Tue, 24 Sep 2019 20:42:09 +0000 (22:42 +0200)]
explicitly pass client name around
Peter Palfrader [Tue, 24 Sep 2019 20:36:57 +0000 (22:36 +0200)]
Give the RestoreFiles Job needs a pool. any pool.
Peter Palfrader [Tue, 24 Sep 2019 19:58:47 +0000 (21:58 +0200)]
spell storage better
Peter Palfrader [Tue, 24 Sep 2019 19:43:15 +0000 (21:43 +0200)]
different name
Peter Palfrader [Tue, 24 Sep 2019 19:12:05 +0000 (21:12 +0200)]
Split the director config coming from each node in two parts: one that comes from the client directly and one that goes via the storage
Peter Palfrader [Tue, 24 Sep 2019 14:29:29 +0000 (16:29 +0200)]
Move device name, media type name, and archive device construction to the manifest
Julien Cristau [Tue, 24 Sep 2019 16:26:10 +0000 (18:26 +0200)]
prefix petrova volume at bm with OLD-
Julien Cristau [Tue, 24 Sep 2019 15:22:01 +0000 (17:22 +0200)]
ticharich no longer needs access to bmdb1
The tracker db was moved to danzi
Julien Cristau [Tue, 24 Sep 2019 14:55:22 +0000 (16:55 +0200)]
prefix paradis volumes at bm with OLD-
Peter Palfrader [Tue, 24 Sep 2019 14:20:15 +0000 (16:20 +0200)]
Undo wrong search/replace
Peter Palfrader [Tue, 24 Sep 2019 13:52:20 +0000 (15:52 +0200)]
rename bacula::node to bacula::director::client
Peter Palfrader [Tue, 24 Sep 2019 13:31:03 +0000 (15:31 +0200)]
Move filestore device and media type name to the storage, part I
For now for config on the storage node. Not yet for config
pushed from the client to the director.
Also rename bacula::storage_per_node to bacula::storage::client.
Peter Palfrader [Tue, 24 Sep 2019 12:24:57 +0000 (14:24 +0200)]
backup-path should be something that only the storage system should need to care about
Julien Cristau [Tue, 24 Sep 2019 11:32:26 +0000 (13:32 +0200)]
move the onion address lookup for people.d.o to the template
Julien Cristau [Tue, 24 Sep 2019 10:23:24 +0000 (12:23 +0200)]
Restore an empty line in sshd_config
Julien Cristau [Tue, 24 Sep 2019 10:16:10 +0000 (12:16 +0200)]
Fix typo
Julien Cristau [Tue, 24 Sep 2019 10:12:24 +0000 (12:12 +0200)]
move sshd extra ports to class params instead of hardcoded in the template
Aurelien Jarno [Tue, 24 Sep 2019 09:55:44 +0000 (11:55 +0200)]
Move historical mirror from klecker to new-klecker
Julien Cristau [Tue, 24 Sep 2019 09:54:04 +0000 (11:54 +0200)]
Pull in people.d.o apache config
Peter Palfrader [Tue, 24 Sep 2019 09:44:14 +0000 (11:44 +0200)]
Stop doing catalog backups
The bacula catalog backup job is this special snowflake that's unlike
all the other jobs. It only backups one file,
/var/lib/bacula/bacula.sql.gz, that gets created in a RunBeforeJob
and deleted in a RunAfterJob.
We already have a well-thought out and more generic method to backup
databases, and we should use just that.
The RunBefore/After setup makes sense as a default when you don't have
that, but we do.
Peter Palfrader [Tue, 24 Sep 2019 09:31:07 +0000 (11:31 +0200)]
better shell syntax
Peter Palfrader [Tue, 24 Sep 2019 09:10:39 +0000 (11:10 +0200)]
postgres-make-base-backups: resist running as root
Peter Palfrader [Tue, 24 Sep 2019 09:05:15 +0000 (11:05 +0200)]
backup bacula from postgresql-manda-01
Peter Palfrader [Tue, 24 Sep 2019 08:32:20 +0000 (10:32 +0200)]
Fix fd-to-storage tag
Peter Palfrader [Tue, 24 Sep 2019 08:12:59 +0000 (10:12 +0200)]
Drop old WeeklyCycle, rename the daily WeeklyCycleAfterBackup schedule to CatalogSchedule
Peter Palfrader [Tue, 24 Sep 2019 08:12:22 +0000 (10:12 +0200)]
remove some commented out, dead code
Peter Palfrader [Tue, 24 Sep 2019 08:00:01 +0000 (10:00 +0200)]
Enclose variable names in {}
Peter Palfrader [Tue, 24 Sep 2019 07:59:32 +0000 (09:59 +0200)]
And retire old bacula_client_port param in node
Peter Palfrader [Tue, 24 Sep 2019 07:57:09 +0000 (09:57 +0200)]
Set bacula_client_port during the transition
Peter Palfrader [Tue, 24 Sep 2019 07:54:45 +0000 (09:54 +0200)]
Try to move bacula fd port config to the client class
Peter Palfrader [Tue, 24 Sep 2019 07:10:15 +0000 (09:10 +0200)]
Make bacula-idle-restart not be a template anymore. We can just pass all the relevant things on the command line
Julien Cristau [Tue, 24 Sep 2019 07:03:27 +0000 (09:03 +0200)]
paradis at ubc
Peter Palfrader [Tue, 24 Sep 2019 06:46:46 +0000 (08:46 +0200)]
spacing
Peter Palfrader [Tue, 24 Sep 2019 06:43:24 +0000 (08:43 +0200)]
fix quoting