configure bacula
This commit is contained in:
parent
32b74fefd1
commit
3fef58e888
GPG key ID:
B95E8FE6B11C4D09
|
|
@ -25,6 +25,7 @@
|
||||||
inputs.kpp.nixosModules.default
|
inputs.kpp.nixosModules.default
|
||||||
course-management.nixosModules.default
|
course-management.nixosModules.default
|
||||||
./hosts/quitte/configuration.nix
|
./hosts/quitte/configuration.nix
|
||||||
|
./modules/bacula.nix
|
||||||
./modules/options.nix
|
./modules/options.nix
|
||||||
./modules/base.nix
|
./modules/base.nix
|
||||||
./modules/sops.nix
|
./modules/sops.nix
|
||||||
|
|
|
||||||
39
modules/bacula.nix
Normal file
39
modules/bacula.nix
Normal file
|
|
@ -0,0 +1,39 @@
|
||||||
|
{ config, ... }:
|
||||||
|
{
|
||||||
|
sops.secrets = {
|
||||||
|
"bacula/password".owner = "bacula";
|
||||||
|
"bacula/keypair".owner = "bacula";
|
||||||
|
"bacula/masterkey".owner = "bacula";
|
||||||
|
};
|
||||||
|
services.bacula-fd = {
|
||||||
|
enable = true;
|
||||||
|
name = "ifsr-quitte";
|
||||||
|
extraClientConfig = ''
|
||||||
|
WorkingDirectory = /var/lib/bacula
|
||||||
|
Pid Directory = /run/bacula
|
||||||
|
Maximum Concurrent Jobs = 20
|
||||||
|
FDAddress = 141.30.30.169
|
||||||
|
PKI Signatures = Yes
|
||||||
|
PKI Encryption = Yes
|
||||||
|
PKI Keypair = ${config.sops.secrets."bacula/keypair".path}
|
||||||
|
PKI Master Key = ${config.sops.secrets."bacula/masterkey".path}
|
||||||
|
'';
|
||||||
|
extraMessagesConfig = ''
|
||||||
|
Name = Standard
|
||||||
|
directory = abel-dir = all, !skipped, !restored
|
||||||
|
'';
|
||||||
|
director."abel-dir".password = "@${config.sops.secrets."bacula/password".path}";
|
||||||
|
};
|
||||||
|
environment.etc."bacula/bconsole.conf".text = ''
|
||||||
|
Director {
|
||||||
|
Name = abel-dir
|
||||||
|
DIRport = 9101
|
||||||
|
address = 10.144.0.11
|
||||||
|
Password = @${config.sops.secrests."bacula/password".path}
|
||||||
|
}
|
||||||
|
Console {
|
||||||
|
Name = ifsr-quitte-console
|
||||||
|
Password = @${config.sops.secrests."bacula/password".path}
|
||||||
|
}
|
||||||
|
'';
|
||||||
|
}
|
||||||
|
|
@ -5,7 +5,8 @@ in
|
||||||
{
|
{
|
||||||
sops.secrets =
|
sops.secrets =
|
||||||
let inherit (config.services.course-management) user;
|
let inherit (config.services.course-management) user;
|
||||||
in {
|
in
|
||||||
|
{
|
||||||
"course-management/secret-key".owner = user;
|
"course-management/secret-key".owner = user;
|
||||||
"course-management/adminpass".owner = user;
|
"course-management/adminpass".owner = user;
|
||||||
};
|
};
|
||||||
|
|
@ -33,7 +34,7 @@ in
|
||||||
};
|
};
|
||||||
|
|
||||||
services.postgresql = {
|
services.postgresql = {
|
||||||
enable = true;
|
enable = lib.mkForce true; # upstream bacula config wants to disable it, so we need to force
|
||||||
ensureUsers = [{
|
ensureUsers = [{
|
||||||
name = "course-management";
|
name = "course-management";
|
||||||
ensurePermissions = {
|
ensurePermissions = {
|
||||||
|
|
|
||||||
File diff suppressed because one or more lines are too long
Loading…
Reference in a new issue