From: Peter Palfrader Date: Tue, 24 Sep 2019 13:52:20 +0000 (+0200) Subject: rename bacula::node to bacula::director::client X-Git-Url: https://git.adam-barratt.org.uk/?p=mirror%2Fdsa-puppet.git;a=commitdiff_plain;h=60e3d192b636a817ee75524e75d4e8c953841a49 rename bacula::node to bacula::director::client --- diff --git a/data/common.yaml b/data/common.yaml index 4cd0c195d..27d8a53e5 100644 --- a/data/common.yaml +++ b/data/common.yaml @@ -36,6 +36,7 @@ bacula::director::db_address: 'postgresql-manda-01.debian.org' bacula::director::db_port: 5432 bacula::director::db_sslca: '/etc/ssl/debian/certs/ca.crt' +bacula::client::director_server: dinis.debian.org bacula::client::storage_server: storace.debian.org diff --git a/modules/bacula/manifests/client.pp b/modules/bacula/manifests/client.pp index 200f4b01b..8bf5daae3 100644 --- a/modules/bacula/manifests/client.pp +++ b/modules/bacula/manifests/client.pp @@ -3,10 +3,12 @@ # this mostly configures the file daemon, but also firewall rules and # fragments to sent to the other servers. # +# @param director_server The director server that controls this client's backups # @param storage_server The storage server to use for this client # @param port_fd Port that bacula-fd listens on # @param ensure present or absent class bacula::client( + String $director_server, String $storage_server, Integer $port_fd = 9102, Enum['present', 'absent'] $ensure = defined(Class['bacula::not_a_client']) ? { true => 'absent', default => 'present' }, @@ -21,8 +23,9 @@ class bacula::client( tag => "bacula::to-storage::${storage_server}" } - @@bacula::node { $::fqdn: + @@bacula::director::client { $::fqdn: port_fd => $port_fd, + tag => "bacula::to-director::${director_server}" } @@concat::fragment { "bacula-dsa-client-list::${::fqdn}": diff --git a/modules/bacula/manifests/client/storage.pp b/modules/bacula/manifests/client/storage.pp new file mode 100644 index 000000000..716483c8e --- /dev/null +++ b/modules/bacula/manifests/client/storage.pp @@ -0,0 +1,9 @@ +# Bacula configuration for a client, pushed from the storage. +# +# This is stored config by a storage and then collected on the client. +# +define bacula::client::storage( +) { + include bacula::client + +} diff --git a/modules/bacula/manifests/director.pp b/modules/bacula/manifests/director.pp index cb7afc3cf..956374915 100644 --- a/modules/bacula/manifests/director.pp +++ b/modules/bacula/manifests/director.pp @@ -67,7 +67,7 @@ class bacula::director( notify => Exec['bacula-director reload'] } - Bacula::Node<<| |>> + Bacula::Director::Client<<| tag == "bacula::to-director::${::fqdn}" |>> package { 'bacula-console': ensure => installed; diff --git a/modules/bacula/manifests/director/client.pp b/modules/bacula/manifests/director/client.pp new file mode 100644 index 000000000..dc4dafc5e --- /dev/null +++ b/modules/bacula/manifests/director/client.pp @@ -0,0 +1,41 @@ +# Bacula client config on the director +# +# This is stored config by a client, collected on the director +# +# @param port_fd port that this node's bacula-fd is listening on +# @param client The name of the client (relevant for device names, media type names, etc.) +define bacula::director::client ( + Integer $port_fd = 9102, + String $client = $name, +) { + include bacula + + $bacula_pool_name = $bacula::bacula_pool_name + $bacula_filestor_name = $bacula::bacula_filestor_name + $bacula_filestor_device = $bacula::bacula_filestor_device + $bacula_storage_address = $bacula::bacula_storage_address + $bacula_storage_port = $bacula::bacula_storage_port + $bacula_storage_secret = $bacula::bacula_storage_secret + + $bacula_ca_path = $bacula::bacula_ca_path + $bacula_ssl_client_cert = $bacula::bacula_ssl_client_cert + $bacula_ssl_client_key = $bacula::bacula_ssl_client_key + + $bacula_client_name = "${client}-fd" + $bacula_client_secret = hkdf('/etc/puppet/secret', "bacula-fd-${client}") + + file { "/etc/bacula/conf.d/${client}.conf": + content => template('bacula/director/dir-per-client.erb'), + mode => '0440', + group => bacula, + notify => Exec['bacula-director reload'] + } + + file { "/etc/bacula/storages-list.d/${client}.storage": + content => "${bacula::bacula_filestor_client}-${client}\n", + mode => '0440', + group => bacula, + notify => Exec['bacula-director reload'] + } +} + diff --git a/modules/bacula/manifests/node.pp b/modules/bacula/manifests/node.pp deleted file mode 100644 index 38ce3059a..000000000 --- a/modules/bacula/manifests/node.pp +++ /dev/null @@ -1,40 +0,0 @@ -# Bacula client config on the director -# -# This is stored config by a client, collected on the director -# -# @param port_fd port that this node's bacula-fd is listening on -define bacula::node ( - Integer $port_fd = 9102, -) { - include bacula - - $bacula_pool_name = $bacula::bacula_pool_name - $bacula_filestor_name = $bacula::bacula_filestor_name - $bacula_filestor_device = $bacula::bacula_filestor_device - $bacula_storage_address = $bacula::bacula_storage_address - $bacula_storage_port = $bacula::bacula_storage_port - $bacula_storage_secret = $bacula::bacula_storage_secret - - $bacula_ca_path = $bacula::bacula_ca_path - $bacula_ssl_client_cert = $bacula::bacula_ssl_client_cert - $bacula_ssl_client_key = $bacula::bacula_ssl_client_key - - $bacula_client_name = "${name}-fd" - $bacula_client_secret = hkdf('/etc/puppet/secret', "bacula-fd-${name}") - $client = $name - - file { "/etc/bacula/conf.d/${name}.conf": - content => template('bacula/per-client.conf.erb'), - mode => '0440', - group => bacula, - notify => Exec['bacula-director reload'] - } - - file { "/etc/bacula/storages-list.d/${name}.storage": - content => "${bacula::bacula_filestor_name}-${client}\n", - mode => '0440', - group => bacula, - notify => Exec['bacula-director reload'] - } -} - diff --git a/modules/bacula/templates/director/dir-per-client.erb b/modules/bacula/templates/director/dir-per-client.erb new file mode 100644 index 000000000..213bfe2e1 --- /dev/null +++ b/modules/bacula/templates/director/dir-per-client.erb @@ -0,0 +1,118 @@ +## +## THIS FILE IS UNDER PUPPET CONTROL. DON'T EDIT IT HERE. +## USE: git clone git+ssh://$USER@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet.git +## +# For Bacula release 5.0.1 (24 February 2010) -- debian 5.0.4 + +Job { + Name = "<%= @client %>" + JobDefs = "Standardbackup" + Client = <%= @bacula_client_name %> + + Pool = "poolfull-<%= @bacula_pool_name %>-<%= @client %>" + Differential Backup Pool = "pooldiff-<%= @bacula_pool_name %>-<%= @client %>" + Incremental Backup Pool = "poolinc-<%= @bacula_pool_name %>-<%= @client %>" + + Reschedule On Error = yes + Reschedule Interval = 4 hours + Reschedule Times = 2 + + Cancel Lower Level Duplicates = yes + Cancel Queued Duplicates = yes +} + +# Client (File Services) to backup +Client { + Name = <%= @bacula_client_name %> + Address = <%= @client %> + FDPort = <%= @port_fd %> + Catalog = MyCatalog + Password = "<%= @bacula_client_secret %>" + File Retention = 30 days + Job Retention = 3 months + AutoPrune = yes + + TLS Enable = yes + TLS Require = yes + TLS CA Certificate File = "<%= @bacula_ca_path %>" + # This is a client certificate, used by the director to connect to the client's file daemon + TLS Certificate = "<%= @bacula_ssl_client_cert %>" + TLS Key = "<%= @bacula_ssl_client_key %>" +} + +######################################################################## +# Storage config # +######################################################################## + +Storage { + Name = "<%= @bacula_filestor_name %>-<%= @client %>" + Address = <%= @bacula_storage_address %> + SDPort = <%= @bacula_storage_port %> + Password = "<%= @bacula_storage_secret %>" + Device = "<%= @bacula_filestor_device %>-<%= @client %>" + Media Type = "<%= @bacula_filestor_name %>-<%= @client %>" + Maximum Concurrent Jobs = 10 + + TLS Enable = yes + TLS Require = yes + TLS CA Certificate File = "<%= @bacula_ca_path %>" + # This is a client certificate, used by the director to connect to the storage daemon + TLS Certificate = "<%= @bacula_ssl_client_cert %>" + TLS Key = "<%= @bacula_ssl_client_key %>" +} + +######################################################################## +# Pool definition # +######################################################################## +Pool { + Name = "poolfull-<%=@bacula_pool_name%>-<%= @client %>" + Pool Type = Backup + Storage = "<%=@bacula_filestor_name%>-<%= @client %>" + AutoPrune = yes + Volume Retention = 100 days + Label Format = "<%= @bacula_pool_name %>-full-<%= @client %>.${Year}-${Month:p/2/0/r}-${Day:p/2/0/r}_${Hour:p/2/0/r}:${Minute:p/2/0/r}" + Volume Use Duration = 23h + Maximum Volume Jobs = 1 + Maximum Volume Bytes = 500G + Action On Purge = Truncate + Recycle = yes + RecyclePool = "poolgraveyard-<%=@bacula_pool_name%>-<%= @client %>" +} + +Pool { + Name = "pooldiff-<%=@bacula_pool_name%>-<%= @client %>" + Pool Type = Backup + Storage = "<%=@bacula_filestor_name%>-<%= @client %>" + AutoPrune = yes + Volume Retention = 50 days + Label Format = "<%= @bacula_pool_name %>-diff-<%= @client %>.${Year}-${Month:p/2/0/r}-${Day:p/2/0/r}_${Hour:p/2/0/r}:${Minute:p/2/0/r}" + Volume Use Duration = 23h + Maximum Volume Jobs = 1 + Maximum Volume Bytes = 500G + Action On Purge = Truncate + Recycle = yes + RecyclePool = "poolgraveyard-<%=@bacula_pool_name%>-<%= @client %>" +} + +Pool { + Name = "poolinc-<%=@bacula_pool_name%>-<%= @client %>" + Pool Type = Backup + Storage = "<%=@bacula_filestor_name%>-<%= @client %>" + AutoPrune = yes + Volume Retention = 30 days + Label Format = "<%= @bacula_pool_name %>-inc-<%= @client %>.${Year}-${Month:p/2/0/r}-${Day:p/2/0/r}_${Hour:p/2/0/r}:${Minute:p/2/0/r}" + Volume Use Duration = 23h + Maximum Volume Jobs = 1 + Maximum Volume Bytes = 500G + Action On Purge = Truncate + Recycle = yes + RecyclePool = "poolgraveyard-<%=@bacula_pool_name%>-<%= @client %>" +} + +Pool { + Name = "poolgraveyard-<%=@bacula_pool_name%>-<%= @client %>" + Pool Type = Backup + Storage = "<%=@bacula_filestor_name%>-<%= @client %>" + Recycle = yes + RecyclePool = "poolgraveyard-<%=@bacula_pool_name%>-<%= @client %>" +} diff --git a/modules/bacula/templates/per-client.conf.erb b/modules/bacula/templates/per-client.conf.erb deleted file mode 100644 index 213bfe2e1..000000000 --- a/modules/bacula/templates/per-client.conf.erb +++ /dev/null @@ -1,118 +0,0 @@ -## -## THIS FILE IS UNDER PUPPET CONTROL. DON'T EDIT IT HERE. -## USE: git clone git+ssh://$USER@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet.git -## -# For Bacula release 5.0.1 (24 February 2010) -- debian 5.0.4 - -Job { - Name = "<%= @client %>" - JobDefs = "Standardbackup" - Client = <%= @bacula_client_name %> - - Pool = "poolfull-<%= @bacula_pool_name %>-<%= @client %>" - Differential Backup Pool = "pooldiff-<%= @bacula_pool_name %>-<%= @client %>" - Incremental Backup Pool = "poolinc-<%= @bacula_pool_name %>-<%= @client %>" - - Reschedule On Error = yes - Reschedule Interval = 4 hours - Reschedule Times = 2 - - Cancel Lower Level Duplicates = yes - Cancel Queued Duplicates = yes -} - -# Client (File Services) to backup -Client { - Name = <%= @bacula_client_name %> - Address = <%= @client %> - FDPort = <%= @port_fd %> - Catalog = MyCatalog - Password = "<%= @bacula_client_secret %>" - File Retention = 30 days - Job Retention = 3 months - AutoPrune = yes - - TLS Enable = yes - TLS Require = yes - TLS CA Certificate File = "<%= @bacula_ca_path %>" - # This is a client certificate, used by the director to connect to the client's file daemon - TLS Certificate = "<%= @bacula_ssl_client_cert %>" - TLS Key = "<%= @bacula_ssl_client_key %>" -} - -######################################################################## -# Storage config # -######################################################################## - -Storage { - Name = "<%= @bacula_filestor_name %>-<%= @client %>" - Address = <%= @bacula_storage_address %> - SDPort = <%= @bacula_storage_port %> - Password = "<%= @bacula_storage_secret %>" - Device = "<%= @bacula_filestor_device %>-<%= @client %>" - Media Type = "<%= @bacula_filestor_name %>-<%= @client %>" - Maximum Concurrent Jobs = 10 - - TLS Enable = yes - TLS Require = yes - TLS CA Certificate File = "<%= @bacula_ca_path %>" - # This is a client certificate, used by the director to connect to the storage daemon - TLS Certificate = "<%= @bacula_ssl_client_cert %>" - TLS Key = "<%= @bacula_ssl_client_key %>" -} - -######################################################################## -# Pool definition # -######################################################################## -Pool { - Name = "poolfull-<%=@bacula_pool_name%>-<%= @client %>" - Pool Type = Backup - Storage = "<%=@bacula_filestor_name%>-<%= @client %>" - AutoPrune = yes - Volume Retention = 100 days - Label Format = "<%= @bacula_pool_name %>-full-<%= @client %>.${Year}-${Month:p/2/0/r}-${Day:p/2/0/r}_${Hour:p/2/0/r}:${Minute:p/2/0/r}" - Volume Use Duration = 23h - Maximum Volume Jobs = 1 - Maximum Volume Bytes = 500G - Action On Purge = Truncate - Recycle = yes - RecyclePool = "poolgraveyard-<%=@bacula_pool_name%>-<%= @client %>" -} - -Pool { - Name = "pooldiff-<%=@bacula_pool_name%>-<%= @client %>" - Pool Type = Backup - Storage = "<%=@bacula_filestor_name%>-<%= @client %>" - AutoPrune = yes - Volume Retention = 50 days - Label Format = "<%= @bacula_pool_name %>-diff-<%= @client %>.${Year}-${Month:p/2/0/r}-${Day:p/2/0/r}_${Hour:p/2/0/r}:${Minute:p/2/0/r}" - Volume Use Duration = 23h - Maximum Volume Jobs = 1 - Maximum Volume Bytes = 500G - Action On Purge = Truncate - Recycle = yes - RecyclePool = "poolgraveyard-<%=@bacula_pool_name%>-<%= @client %>" -} - -Pool { - Name = "poolinc-<%=@bacula_pool_name%>-<%= @client %>" - Pool Type = Backup - Storage = "<%=@bacula_filestor_name%>-<%= @client %>" - AutoPrune = yes - Volume Retention = 30 days - Label Format = "<%= @bacula_pool_name %>-inc-<%= @client %>.${Year}-${Month:p/2/0/r}-${Day:p/2/0/r}_${Hour:p/2/0/r}:${Minute:p/2/0/r}" - Volume Use Duration = 23h - Maximum Volume Jobs = 1 - Maximum Volume Bytes = 500G - Action On Purge = Truncate - Recycle = yes - RecyclePool = "poolgraveyard-<%=@bacula_pool_name%>-<%= @client %>" -} - -Pool { - Name = "poolgraveyard-<%=@bacula_pool_name%>-<%= @client %>" - Pool Type = Backup - Storage = "<%=@bacula_filestor_name%>-<%= @client %>" - Recycle = yes - RecyclePool = "poolgraveyard-<%=@bacula_pool_name%>-<%= @client %>" -}