public/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
nixpkgs/nixos/modules/services/backup/bacula.nix
wucke13 93696e3c1f nixos/bacula-sd: add autochange support 
+ Fixing interrupted descriptions
+ Added more verbose descriptions
+ Addded <literal> to the descriptions
+ uniformly reformated descriptions to break at 80 chars

(cherry picked from commit c7945c8a97df52a468cf32155154cdec021561bc)
2019-12-11 19:16:50 +01:00

557 lines
18 KiB
Nix
Raw Blame History

{ config, lib, pkgs, ... }:
# TODO: test configuration when building nixexpr (use -t parameter)
# TODO: support sqlite3 (it's deprecate?) and mysql
with lib;
let
libDir = "/var/lib/bacula";
fd_cfg = config.services.bacula-fd;
fd_conf = pkgs.writeText "bacula-fd.conf"
''
Client {
Name = "${fd_cfg.name}";
FDPort = ${toString fd_cfg.port};
WorkingDirectory = "${libDir}";
Pid Directory = "/run";
${fd_cfg.extraClientConfig}
}
${concatStringsSep "\n" (mapAttrsToList (name: value: ''
Director {
Name = "${name}";
Password = "${value.password}";
Monitor = "${value.monitor}";
}
'') fd_cfg.director)}
Messages {
Name = Standard;
syslog = all, !skipped, !restored
${fd_cfg.extraMessagesConfig}
}
'';
sd_cfg = config.services.bacula-sd;
sd_conf = pkgs.writeText "bacula-sd.conf"
''
Storage {
Name = "${sd_cfg.name}";
SDPort = ${toString sd_cfg.port};
WorkingDirectory = "${libDir}";
Pid Directory = "/run";
${sd_cfg.extraStorageConfig}
}
${concatStringsSep "\n" (mapAttrsToList (name: value: ''
Autochanger {
Name = "${name}";
Device = ${concatStringsSep ", " (map (a: "\"${a}\"") value.devices)};
Changer Device = "${value.changerDevice}";
Changer Command = "${value.changerCommand}";
${value.extraAutochangerConfig}
}
'') sd_cfg.autochanger)}
${concatStringsSep "\n" (mapAttrsToList (name: value: ''
Device {
Name = "${name}";
Archive Device = "${value.archiveDevice}";
Media Type = "${value.mediaType}";
${value.extraDeviceConfig}
}
'') sd_cfg.device)}
${concatStringsSep "\n" (mapAttrsToList (name: value: ''
Director {
Name = "${name}";
Password = "${value.password}";
Monitor = "${value.monitor}";
}
'') sd_cfg.director)}
Messages {
Name = Standard;
syslog = all, !skipped, !restored
${sd_cfg.extraMessagesConfig}
}
'';
dir_cfg = config.services.bacula-dir;
dir_conf = pkgs.writeText "bacula-dir.conf"
''
Director {
Name = "${dir_cfg.name}";
Password = "${dir_cfg.password}";
DirPort = ${toString dir_cfg.port};
Working Directory = "${libDir}";
Pid Directory = "/run/";
QueryFile = "${pkgs.bacula}/etc/query.sql";
${dir_cfg.extraDirectorConfig}
}
Catalog {
Name = "PostgreSQL";
dbname = "bacula";
user = "bacula";
}
Messages {
Name = Standard;
syslog = all, !skipped, !restored
${dir_cfg.extraMessagesConfig}
}
${dir_cfg.extraConfig}
'';
directorOptions = {...}:
{
options = {
password = mkOption {
# TODO: required?
description = ''
Specifies the password that must be supplied for the default Bacula
Console to be authorized. The same password must appear in the
Director resource of the Console configuration file. For added
security, the password is never passed across the network but instead
a challenge response hash code created with the password. This
directive is required. If you have either /dev/random or bc on your
machine, Bacula will generate a random password during the
configuration process, otherwise it will be left blank and you must
manually supply it.
The password is plain text. It is not generated through any special
process but as noted above, it is better to use random text for
security reasons.
'';
};
monitor = mkOption {
default = "no";
example = "yes";
description = ''
If Monitor is set to <literal>no</literal>, this director will have
full access to this Storage daemon. If Monitor is set to
<literal>yes</literal>, this director will only be able to fetch the
current status of this Storage daemon.
Please note that if this director is being used by a Monitor, we
highly recommend to set this directive to yes to avoid serious
security problems.
'';
};
};
};
autochangerOptions = {...}:
{
options = {
changerDevice = mkOption {
description = ''
The specified name-string must be the generic SCSI device name of the
autochanger that corresponds to the normal read/write Archive Device
specified in the Device resource. This generic SCSI device name
should be specified if you have an autochanger or if you have a
standard tape drive and want to use the Alert Command (see below).
For example, on Linux systems, for an Archive Device name of
<literal>/dev/nst0</literal>, you would specify
<literal>/dev/sg0</literal> for the Changer Device name. Depending
on your exact configuration, and the number of autochangers or the
type of autochanger, what you specify here can vary. This directive
is optional. See the Using AutochangersAutochangersChapter chapter of
this manual for more details of using this and the following
autochanger directives.
'';
};
changerCommand = mkOption {
description = ''
The name-string specifies an external program to be called that will
automatically change volumes as required by Bacula. Normally, this
directive will be specified only in the AutoChanger resource, which
is then used for all devices. However, you may also specify the
different Changer Command in each Device resource. Most frequently,
you will specify the Bacula supplied mtx-changer script as follows:
<literal>"/path/mtx-changer %c %o %S %a %d"</literal>
and you will install the mtx on your system (found in the depkgs
release). An example of this command is in the default bacula-sd.conf
file. For more details on the substitution characters that may be
specified to configure your autochanger please see the
AutochangersAutochangersChapter chapter of this manual. For FreeBSD
users, you might want to see one of the several chio scripts in
examples/autochangers.
'';
default = "/etc/bacula/mtx-changer %c %o %S %a %d";
};
devices = mkOption {
description = ''
'';
};
extraAutochangerConfig = mkOption {
default = "";
description = ''
Extra configuration to be passed in Autochanger directive.
'';
example = ''
'';
};
};
};
deviceOptions = {...}:
{
options = {
archiveDevice = mkOption {
# TODO: required?
description = ''
The specified name-string gives the system file name of the storage
device managed by this storage daemon. This will usually be the
device file name of a removable storage device (tape drive), for
example <literal>/dev/nst0</literal> or
<literal>/dev/rmt/0mbn</literal>. For a DVD-writer, it will be for
example <literal>/dev/hdc</literal>. It may also be a directory name
if you are archiving to disk storage. In this case, you must supply
the full absolute path to the directory. When specifying a tape
device, it is preferable that the "non-rewind" variant of the device
file name be given.
'';
};
mediaType = mkOption {
# TODO: required?
description = ''
The specified name-string names the type of media supported by this
device, for example, <literal>DLT7000</literal>. Media type names are
arbitrary in that you set them to anything you want, but they must be
known to the volume database to keep track of which storage daemons
can read which volumes. In general, each different storage type
should have a unique Media Type associated with it. The same
name-string must appear in the appropriate Storage resource
definition in the Director's configuration file.
Even though the names you assign are arbitrary (i.e. you choose the
name you want), you should take care in specifying them because the
Media Type is used to determine which storage device Bacula will
select during restore. Thus you should probably use the same Media
Type specification for all drives where the Media can be freely
interchanged. This is not generally an issue if you have a single
Storage daemon, but it is with multiple Storage daemons, especially
if they have incompatible media.
For example, if you specify a Media Type of <literal>DDS-4</literal>
then during the restore, Bacula will be able to choose any Storage
Daemon that handles <literal>DDS-4</literal>. If you have an
autochanger, you might want to name the Media Type in a way that is
unique to the autochanger, unless you wish to possibly use the
Volumes in other drives. You should also ensure to have unique Media
Type names if the Media is not compatible between drives. This
specification is required for all devices.
In addition, if you are using disk storage, each Device resource will
generally have a different mount point or directory. In order for
Bacula to select the correct Device resource, each one must have a
unique Media Type.
'';
};
extraDeviceConfig = mkOption {
default = "";
description = ''
Extra configuration to be passed in Device directive.
'';
example = ''
LabelMedia = yes
Random Access = no
AutomaticMount = no
RemovableMedia = no
MaximumOpenWait = 60
AlwaysOpen = no
'';
};
};
};
in {
options = {
services.bacula-fd = {
enable = mkOption {
type = types.bool;
default = false;
description = ''
Whether to enable the Bacula File Daemon.
'';
};
name = mkOption {
default = "${config.networking.hostName}-fd";
description = ''
The client name that must be used by the Director when connecting.
Generally, it is a good idea to use a name related to the machine so
that error messages can be easily identified if you have multiple
Clients. This directive is required.
'';
};
port = mkOption {
default = 9102;
type = types.int;
description = ''
This specifies the port number on which the Client listens for
Director connections. It must agree with the FDPort specified in
the Client resource of the Director's configuration file.
'';
};
director = mkOption {
default = {};
description = ''
This option defines director resources in Bacula File Daemon.
'';
type = with types; attrsOf (submodule directorOptions);
};
extraClientConfig = mkOption {
default = "";
description = ''
Extra configuration to be passed in Client directive.
'';
example = ''
Maximum Concurrent Jobs = 20;
Heartbeat Interval = 30;
'';
};
extraMessagesConfig = mkOption {
default = "";
description = ''
Extra configuration to be passed in Messages directive.
'';
example = ''
console = all
'';
};
};
services.bacula-sd = {
enable = mkOption {
type = types.bool;
default = false;
description = ''
Whether to enable Bacula Storage Daemon.
'';
};
name = mkOption {
default = "${config.networking.hostName}-sd";
description = ''
Specifies the Name of the Storage daemon.
'';
};
port = mkOption {
default = 9103;
type = types.int;
description = ''
Specifies port number on which the Storage daemon listens for
Director connections.
'';
};
director = mkOption {
default = {};
description = ''
This option defines Director resources in Bacula Storage Daemon.
'';
type = with types; attrsOf (submodule directorOptions);
};
device = mkOption {
default = {};
description = ''
This option defines Device resources in Bacula Storage Daemon.
'';
type = with types; attrsOf (submodule deviceOptions);
};
autochanger = mkOption {
default = {};
description = ''
This option defines Autochanger resources in Bacula Storage Daemon.
'';
type = with types; attrsOf (submodule autochangerOptions);
};
extraStorageConfig = mkOption {
default = "";
description = ''
Extra configuration to be passed in Storage directive.
'';
example = ''
Maximum Concurrent Jobs = 20;
Heartbeat Interval = 30;
'';
};
extraMessagesConfig = mkOption {
default = "";
description = ''
Extra configuration to be passed in Messages directive.
'';
example = ''
console = all
'';
};
};
services.bacula-dir = {
enable = mkOption {
type = types.bool;
default = false;
description = ''
Whether to enable Bacula Director Daemon.
'';
};
name = mkOption {
default = "${config.networking.hostName}-dir";
description = ''
The director name used by the system administrator. This directive is
required.
'';
};
port = mkOption {
default = 9101;
type = types.int;
description = ''
Specify the port (a positive integer) on which the Director daemon
will listen for Bacula Console connections. This same port number
must be specified in the Director resource of the Console
configuration file. The default is 9101, so normally this directive
need not be specified. This directive should not be used if you
specify DirAddresses (N.B plural) directive.
'';
};
password = mkOption {
# TODO: required?
description = ''
Specifies the password that must be supplied for a Director.
'';
};
extraMessagesConfig = mkOption {
default = "";
description = ''
Extra configuration to be passed in Messages directive.
'';
example = ''
console = all
'';
};
extraDirectorConfig = mkOption {
default = "";
description = ''
Extra configuration to be passed in Director directive.
'';
example = ''
Maximum Concurrent Jobs = 20;
Heartbeat Interval = 30;
'';
};
extraConfig = mkOption {
default = "";
type = types.lines;
description = ''
Extra configuration for Bacula Director Daemon.
'';
example = ''
TODO
'';
};
};
};
config = mkIf (fd_cfg.enable || sd_cfg.enable || dir_cfg.enable) {
systemd.services.bacula-fd = mkIf fd_cfg.enable {
after = [ "network.target" ];
description = "Bacula File Daemon";
wantedBy = [ "multi-user.target" ];
path = [ pkgs.bacula ];
serviceConfig = {
ExecStart = "${pkgs.bacula}/sbin/bacula-fd -f -u root -g bacula -c ${fd_conf}";
ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";
LogsDirectory = "bacula";
StateDirectory = "bacula";
};
};
systemd.services.bacula-sd = mkIf sd_cfg.enable {
after = [ "network.target" ];
description = "Bacula Storage Daemon";
wantedBy = [ "multi-user.target" ];
path = [ pkgs.bacula ];
serviceConfig = {
ExecStart = "${pkgs.bacula}/sbin/bacula-sd -f -u bacula -g bacula -c ${sd_conf}";
ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";
LogsDirectory = "bacula";
StateDirectory = "bacula";
};
};
services.postgresql.enable = dir_cfg.enable == true;
systemd.services.bacula-dir = mkIf dir_cfg.enable {
after = [ "network.target" "postgresql.service" ];
description = "Bacula Director Daemon";
wantedBy = [ "multi-user.target" ];
path = [ pkgs.bacula ];
serviceConfig = {
ExecStart = "${pkgs.bacula}/sbin/bacula-dir -f -u bacula -g bacula -c ${dir_conf}";
ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";
LogsDirectory = "bacula";
StateDirectory = "bacula";
};
preStart = ''
if ! test -e "${libDir}/db-created"; then
${pkgs.postgresql}/bin/createuser --no-superuser --no-createdb --no-createrole bacula
#${pkgs.postgresql}/bin/createdb --owner bacula bacula
# populate DB
${pkgs.bacula}/etc/create_bacula_database postgresql
${pkgs.bacula}/etc/make_bacula_tables postgresql
${pkgs.bacula}/etc/grant_bacula_privileges postgresql
touch "${libDir}/db-created"
else
${pkgs.bacula}/etc/update_bacula_tables postgresql || true
fi
'';
};
environment.systemPackages = [ pkgs.bacula ];
users.users.bacula = {
group = "bacula";
uid = config.ids.uids.bacula;
home = "${libDir}";
createHome = true;
description = "Bacula Daemons user";
shell = "${pkgs.bash}/bin/bash";
};
users.groups.bacula.gid = config.ids.gids.bacula;
};
}
Reference in New Issue View Git Blame Copy Permalink