# @param port_dir Port that the director should listen on
# @param db_sslca SSL CA store for DB access
# @param director_name bacula name of this dir instance
+# @param director_address address of this sd instance that other instances should connect to (dns name)
class bacula::director(
String $db_address,
Integer $db_port,
Optional[String] $db_sslca = undef,
#String $director_name = "${::fqdn}-dir",
String $director_name = $bacula::bacula_director_name,
+ Stdlib::Host $director_address = $::fqdn,
) inherits bacula {
# used by e.g. bconsole
$director_secret = hkdf('/etc/puppet/secret', "bacula-dir-${::fqdn}")
- # the RestoreFiles Job needs a Pool. Any valid pool.
- $some_pool_name = "poolfull-${pool_name}-${bacula::bacula_director_address}"
+ # the RestoreFiles Job needs a Pool and a client. Any valid pool and client.
+ $some_pool_name = "poolfull-${pool_name}-${director_address}"
+ $some_client_name = "${director_address}-fd"
ensure_packages ( [
'bacula-director-pgsql',
saddr => $bacula::public_addresses,
}
@@ferm::rule::simple { "bacula::director-to-storage::${::fqdn}":
- tag => "bacula::director-to-storage::${::fqdn}",
+ tag => 'bacula::director-to-storage',
description => 'Allow bacula-storage access from the bacula-director',
chain => 'bacula-sd',
saddr => $bacula::public_addresses,
port => $port_sd,
target => 'bacula-sd',
}
- Ferm::Rule::Simple <<| tag == "bacula::director-to-storage::${bacula::bacula_director_address}" |>>;
+ Ferm::Rule::Simple <<| tag == 'bacula::director-to-storage' |>>;
Ferm::Rule::Simple <<| tag == "bacula::fd-to-storage::${::fqdn}" |>>;
file { '/etc/bacula/storage-conf.d/empty.conf':
DirAddresses = {
# Always have localhost in, then the configured IP
ip = { addr = 127.0.0.1; port = <%= @port_dir %> }
- ip = { addr = <%=@bacula_director_address%>; port = <%= @port_dir %> }
+ ip = { addr = <%= @director_address %>; port = <%= @port_dir %> }
}
TLS Enable = yes
TLS Require = yes
TLS Verify Peer = yes
- TLS Allowed CN = "clientcerts/<%= @bacula_director_address %>"
+ TLS Allowed CN = "clientcerts/<%= @director_address %>"
TLS CA Certificate File = "<%= @bacula_ca_path %>"
# This is a server certificate, used for incoming console connections.
TLS Certificate = "<%= @bacula_ssl_server_cert %>"
Job {
Name = "RestoreFiles"
Type = Restore
- Client = <%=@bacula_director_address%>-fd
FileSet = "Standard Set"
+ Client = <%= @some_client_name%>
Pool = <%= @some_pool_name %>
Messages = Standard
Where = /var/tmp/bacula-restores
projects / mirror / dsa-puppet.git / commitdiff