generate_bconsole_config() {
BCONSOLE_CONFIG=/etc/bacula/bconsole.conf
- if [ -s $BCONSOLE_CONFIG ] && grep -q 'sysbackup-dir' $BCONSOLE_CONFIG; then
+ if [ -s $BCONSOLE_CONFIG ] && grep -q 'Console {' $BCONSOLE_CONFIG; then
echo $BCONSOLE_CONFIG already exists, skipping.
else
umask 077
Name = sysbackup-dir
DIRport = 9101
address = sysbackup.carnet.hr
- Password = "$PASS_BCONSOLE"
+ Password = "__INVALID__" # not used
# you need these TLS entries so the bconsole and Director can communicate
TLS Enable = yes
TLS Certificate = "/etc/bacula/bacula-fd.pem"
TLS Key = "/etc/bacula/bacula-fd.pem"
}
+
+Console {
+ Name = $HOST-acl
+ Password = "$PASS_BCONSOLE"
+}
EOF
fi
}
fi
}
+random_string() {
+ head -n 20 /dev/urandom | openssl dgst -sha1
+}
+
send_mail() {
REQUEST_FILE=/etc/bacula/bacula-fd.txt
GPG_HOME=/var/lib/bacula-cn/gpg
- BOUNDARY=$( head -20 /dev/urandom | openssl dgst -sha1 )
+ BOUNDARY=$( random_string )
GPG="gpg --homedir $GPG_HOME --batch --encrypt --armour --recipient rt@tt.carnet.hr --always-trust"
if [ -z "$CONFIG_CHANGED" ]; then
return
fi
- umask 077
+ umask 022
chmod 0700 $GPG_HOME
echo Generating request in $REQUEST_FILE
+ rm -f $REQUEST_FILE
# Header
cat > $REQUEST_FILE <<EOF
EOF
- df -h | $GPG >> $REQUEST_FILE
+ df -h | $GPG >> $REQUEST_FILE
+
+# attachment: database sizes
+if [ -d /var/lib/mysql -o -d /var/lib/postgresql ]; then
+ cat >> $REQUEST_FILE <<EOF
+--$BOUNDARY
+Content-Type: text/plain
+Content-Transfer-Encoding: 7bit
+Content-Disposition: inline; filename="db.txt.gpg"
+
+EOF
+
+ du -sh /var/lib/mysql /var/lib/postgresql 2>/dev/null \
+ | $GPG >> $REQUEST_FILE
+fi
# attachment: client config
cat >> $REQUEST_FILE <<EOF
# Requested by $CONTACT on $DATE
Client {
Name = $HOST-fd
+ @/etc/bacula/include/client-debian-default.conf
Address = $IP
Password = "$PASS_FD" # password for bacula-fd(8)
- @/etc/bacula/include/client-debian-default.conf
-
- TLS Enable = yes
- TLS Require = yes
TLS CA Certificate File = "/etc/bacula/clients.d/$HOST-fd.pem"
- TLS Certificate = "/etc/bacula/bacula.pem"
- TLS Key = "/etc/bacula/bacula.pem"
-}
-
-Job {
- Name = "$HOST"
- Client = $HOST-fd
- JobDefs = "Job_SysBackup"
}
Console {
Name = $HOST-acl
+ @/etc/bacula/include/acl-default.conf
Password = "$PASS_BCONSOLE" # password for bconsole(8)
JobACL = $HOST, RestoreFiles
ClientACL = $HOST-fd
- @/etc/bacula/include/acl-default.conf
+}
+
+Job {
+ Name = "$HOST"
+ Client = $HOST-fd
+ JobDefs = "Job_TapeBackup"
}
EOF
--$BOUNDARY--
EOF
- # Send it
- echo Mailing request from $REQUEST_FILE
- sendmail -t -oi < $REQUEST_FILE
+ # Try to send it
+ if [ -x "`which sendmail 2>/dev/null`" ]; then
+ echo Mailing request from $REQUEST_FILE
+ if sendmail -t -oi < $REQUEST_FILE; then
+ requestsent=1
+ fi
+ fi
+
+ if [ -z "$requestsent" ]; then
+ db_input high bacula-cn/mail-failed || true
+ db_go || true
+ fi
}
load_config() {
db_get bacula-cn/contact
CONTACT=$RET
- db_stop
-
- PASS_FD=$( head -20 /dev/urandom | openssl dgst -sha1 )
- PASS_BCONSOLE=$( head -20 /dev/urandom | openssl dgst -sha1 )
+ PASS_FD=$( random_string )
+ PASS_BCONSOLE=$( random_string )
DATE=$( date '+%Y-%m-%d' )
restart_bacula
send_mail
+
+ db_stop
;;
abort-upgrade|abort-remove|abort-deconfigure)
projects / bacula-cn.git / blobdiff