Skip to content

Commit

Permalink
Define resource bacula::director::console
Browse files Browse the repository at this point in the history
  • Loading branch information
lemrouch committed Jun 19, 2024
1 parent 36ae599 commit a0ae1a5
Show file tree
Hide file tree
Showing 5 changed files with 252 additions and 0 deletions.
138 changes: 138 additions & 0 deletions REFERENCE.md
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@
### Defined types

* [`bacula::director::client`](#bacula--director--client): Define a Bacula Director Client
* [`bacula::director::console`](#bacula--director--console): Define a Bacula Director Console
* [`bacula::director::fileset`](#bacula--director--fileset): Configure a Bacula Director Fileset
* [`bacula::director::job`](#bacula--director--job): Configure a Bacula Director Job
* [`bacula::director::pool`](#bacula--director--pool): Configure a Bacula Director Pool
Expand Down Expand Up @@ -1007,6 +1008,143 @@ The path to the bacula configuration directory

Default value: `$bacula::conf_dir`

### <a name="bacula--director--console"></a>`bacula::director::console`

This define creates a console declaration for the director.
Resources of this type are intended to manage conf.d/console.conf entries.

Aside from Director resource names and console command names,
the special keyword *all* can be specified in any of the above access control lists.
When this keyword is present, any resource or command name (which ever is appropriate) will be accepted.

#### Examples

#####

```puppet
bacula::director::console { 'Monitoring':
password => 'monitoring_password',
}
```

#### Parameters

The following parameters are available in the `bacula::director::console` defined type:

* [`conf_dir`](#-bacula--director--console--conf_dir)
* [`password`](#-bacula--director--console--password)
* [`jobacl`](#-bacula--director--console--jobacl)
* [`clientacl`](#-bacula--director--console--clientacl)
* [`storageacl`](#-bacula--director--console--storageacl)
* [`scheduleacl`](#-bacula--director--console--scheduleacl)
* [`poolacl`](#-bacula--director--console--poolacl)
* [`filesetacl`](#-bacula--director--console--filesetacl)
* [`catalogacl`](#-bacula--director--console--catalogacl)
* [`commandacl`](#-bacula--director--console--commandacl)
* [`whereacl`](#-bacula--director--console--whereacl)

##### <a name="-bacula--director--console--conf_dir"></a>`conf_dir`

Data type: `String`

The bacula configuration director. Should not need adjusting

Default value: `$bacula::conf_dir`

##### <a name="-bacula--director--console--password"></a>`password`

Data type: `String[1]`

The password that must be supplied for a named Bacula Console to be authorized

##### <a name="-bacula--director--console--jobacl"></a>`jobacl`

Data type: `Optional[String[1]]`

A list of Job resource names that can be accessed by the console.

Default value: `undef`

##### <a name="-bacula--director--console--clientacl"></a>`clientacl`

Data type: `Optional[String[1]]`

A list of Client resource names that can be accessed by the console.

Default value: `undef`

##### <a name="-bacula--director--console--storageacl"></a>`storageacl`

Data type: `Optional[String[1]]`

A list of Storage resource names that can be accessed by the console.

Default value: `undef`

##### <a name="-bacula--director--console--scheduleacl"></a>`scheduleacl`

Data type: `Optional[String[1]]`

A list of Schedule resource names that can be accessed by the console.

Default value: `undef`

##### <a name="-bacula--director--console--poolacl"></a>`poolacl`

Data type: `Optional[String[1]]`

A list of Pool resource names that can be accessed by the console.

Default value: `undef`

##### <a name="-bacula--director--console--filesetacl"></a>`filesetacl`

Data type: `Optional[String[1]]`

A list of FileSet resource names that can be accessed by the console.

Default value: `undef`

##### <a name="-bacula--director--console--catalogacl"></a>`catalogacl`

Data type: `String[1]`

A list of Catalog resource names that can be accessed by the console.

Default value: `'*all*'`

##### <a name="-bacula--director--console--commandacl"></a>`commandacl`

Data type:

```puppet
Array[Enum[
['add'], ['autodisplay'], ['automount'], ['cancel'], ['cloud'], ['create'], ['delete'], ['disable'], ['enable'], ['estimate'],
['exit'], ['gui'], ['help'], ['label'], ['list'], ['llist'], ['messages'], ['memory'], ['mount'], ['prune'], ['purge'], ['query'],
['quit'], ['relabel'], ['release'], ['reload'], ['restart'], ['resume'], ['restore'], ['run'], ['setbandwidth'], ['setdebug'],
['setip'], ['show'], ['sqlquery'], ['status'], ['tag'], ['time'], ['trace'], ['umount'], ['unmount'], ['update'], ['use'], ['var'],
['version'], ['wait'], ['.api'], ['.backups'], ['.clients'], ['.catalogs'], ['.defaults'], ['.die'], ['.dir'], ['.dump'], ['.exit'],
['.events'], ['.filesets'], ['.help'], ['.jobs'], ['.estimate'], ['.jlist'], ['.levels'], ['.messages'], ['.msgs'], ['.pools'],
['.quit'], ['.putfile'], ['.schedule'], ['.sql'], ['.status'], ['.storage'], ['.volstatus'], ['.media'], ['.mediatypes'],
['.locations'], ['.actiononpurge'], ['.bvfs_lsdirs'], ['.bvfs_lsfiles'], ['.bvfs_get_volumes'], ['.bvfs_update'],
['.bvfs_get_jobids'], ['.bvfs_get_jobs'], ['.bvfs_get_bootstrap'], ['.bvfs_get_fileindex'], ['.bvfs_versions'], ['.bvfs_get_delta'],
['.bvfs_restore'], ['.bvfs_cleanup'], ['.bvfs_decode_lstat'], ['.bvfs_clear_cache'], ['.bvfs_update_fv'], ['.bvfs_delete_fileid'],
['.setuid'], ['.ls'], ['.types'], ['.query'], ['.tags'],
]]
```

A list of of console commands that can be executed by the console.

Default value: `['list']`

##### <a name="-bacula--director--console--whereacl"></a>`whereacl`

Data type: `Optional[String]`

This directive permits you to specify where a restricted console can restore files.

Default value: `undef`

### <a name="bacula--director--fileset"></a>`bacula::director::fileset`

This class handles a Director's fileset.conf entry. Filesets are intended to
Expand Down
1 change: 1 addition & 0 deletions manifests/director.pp
Original file line number Diff line number Diff line change
Expand Up @@ -155,6 +155,7 @@
]

$sub_confs_with_secrets = [
"${conf_dir}/conf.d/console.conf",
"${conf_dir}/conf.d/client.conf",
"${conf_dir}/conf.d/storage.conf",
]
Expand Down
70 changes: 70 additions & 0 deletions manifests/director/console.pp
Original file line number Diff line number Diff line change
@@ -0,0 +1,70 @@
# @summary Define a Bacula Director Console
#
# This define creates a console declaration for the director.
# Resources of this type are intended to manage conf.d/console.conf entries.
#
# @param conf_dir The bacula configuration director. Should not need adjusting
# @param password The password that must be supplied for a named Bacula Console to be authorized
# @param jobacl A list of Job resource names that can be accessed by the console.
# @param clientacl A list of Client resource names that can be accessed by the console.
# @param storageacl A list of Storage resource names that can be accessed by the console.
# @param scheduleacl A list of Schedule resource names that can be accessed by the console.
# @param poolacl A list of Pool resource names that can be accessed by the console.
# @param filesetacl A list of FileSet resource names that can be accessed by the console.
# @param catalogacl A list of Catalog resource names that can be accessed by the console.
# @param commandacl A list of of console commands that can be executed by the console.
# @param whereacl This directive permits you to specify where a restricted console can restore files.
#
# Aside from Director resource names and console command names,
# the special keyword *all* can be specified in any of the above access control lists.
# When this keyword is present, any resource or command name (which ever is appropriate) will be accepted.
#
# @example
# bacula::director::console { 'Monitoring':
# password => 'monitoring_password',
# }
#
define bacula::director::console (
String[1] $password,
String $conf_dir = $bacula::conf_dir,
String[1] $catalogacl = '*all*',
Array[Enum[
['add'], ['autodisplay'], ['automount'], ['cancel'], ['cloud'], ['create'], ['delete'], ['disable'], ['enable'], ['estimate'],
['exit'], ['gui'], ['help'], ['label'], ['list'], ['llist'], ['messages'], ['memory'], ['mount'], ['prune'], ['purge'], ['query'],
['quit'], ['relabel'], ['release'], ['reload'], ['restart'], ['resume'], ['restore'], ['run'], ['setbandwidth'], ['setdebug'],
['setip'], ['show'], ['sqlquery'], ['status'], ['tag'], ['time'], ['trace'], ['umount'], ['unmount'], ['update'], ['use'], ['var'],
['version'], ['wait'], ['.api'], ['.backups'], ['.clients'], ['.catalogs'], ['.defaults'], ['.die'], ['.dir'], ['.dump'], ['.exit'],
['.events'], ['.filesets'], ['.help'], ['.jobs'], ['.estimate'], ['.jlist'], ['.levels'], ['.messages'], ['.msgs'], ['.pools'],
['.quit'], ['.putfile'], ['.schedule'], ['.sql'], ['.status'], ['.storage'], ['.volstatus'], ['.media'], ['.mediatypes'],
['.locations'], ['.actiononpurge'], ['.bvfs_lsdirs'], ['.bvfs_lsfiles'], ['.bvfs_get_volumes'], ['.bvfs_update'],
['.bvfs_get_jobids'], ['.bvfs_get_jobs'], ['.bvfs_get_bootstrap'], ['.bvfs_get_fileindex'], ['.bvfs_versions'], ['.bvfs_get_delta'],
['.bvfs_restore'], ['.bvfs_cleanup'], ['.bvfs_decode_lstat'], ['.bvfs_clear_cache'], ['.bvfs_update_fv'], ['.bvfs_delete_fileid'],
['.setuid'], ['.ls'], ['.types'], ['.query'], ['.tags'],
]] $commandacl = ['list'],
Optional[String[1]] $jobacl = undef,
Optional[String[1]] $clientacl = undef,
Optional[String[1]] $storageacl = undef,
Optional[String[1]] $scheduleacl = undef,
Optional[String[1]] $poolacl = undef,
Optional[String[1]] $filesetacl = undef,
Optional[String] $whereacl = undef,
) {
$epp_console_variables = {
name => $name,
password => $password,
commandacl => $commandacl,
whereacl => $whereacl,
jobacl => $jobacl,
clientacl => $clientacl,
storageacl => $scheduleacl,
scheduleacl => $scheduleacl,
poolacl => $poolacl,
filesetacl => $filesetacl,
catalogacl => $catalogacl,
}

concat::fragment { "bacula-director-console-${name}":
target => "${conf_dir}/conf.d/console.conf",
content => epp('bacula/bacula-dir-console.epp', $epp_console_variables),
}
}
42 changes: 42 additions & 0 deletions templates/bacula-dir-console.epp
Original file line number Diff line number Diff line change
@@ -0,0 +1,42 @@
<%
|
String $name,
String $password,
String $catalogacl,
Array $commandacl,
Optional[String] $jobacl,
Optional[String] $clientacl,
Optional[String] $storageacl,
Optional[String] $scheduleacl,
Optional[String] $poolacl,
Optional[String] $filesetacl,
Optional[String] $whereacl,
|
-%>
Console {
Name = <%= $name %>
Password = "<%= $password %>"
<% if $jobacl { -%>
JobACL = <%= $jobacl %>
<% } -%>
<% if $clientacl { -%>
ClientACL = <%= $clientacl %>
<% } -%>
<% if $storageacl { -%>
StorageACL = <%= $storageacl %>
<% } -%>
<% if $scheduleacl { -%>
ScheduleACL = <%= $scheduleacl %>
<% } -%>
<% if $poolacl { -%>
PoolACL = <%= $poolacl %>
<% } -%>
<% if $filesetacl { -%>
FileSetACL = <%= $filesetacl %>
<% } -%>
CatalogACL = <%= $catalogacl %>
CommandACL = <%= $commandacl.join(', ') %>
<% if $whereacl { -%>
WhereACL = <%= $whereacl %>
<% } -%>
}
1 change: 1 addition & 0 deletions templates/bacula-dir-tail.epp
Original file line number Diff line number Diff line change
Expand Up @@ -5,3 +5,4 @@
@<%= $bacula::conf_dir %>/conf.d/fileset.conf
@<%= $bacula::conf_dir %>/conf.d/jobdefs.conf
@<%= $bacula::conf_dir %>/conf.d/job.conf
@<%= $bacula::conf_dir %>/conf.d/console.conf

0 comments on commit a0ae1a5

Please sign in to comment.