commit 95a1b068b166fe608e1245e505593d098130e1ac Author: Eduardo Fraga Date: Wed Aug 23 07:33:42 2023 -0300 Build 13.0.3 diff --git a/.github/workflows/bacula-build-and-publish.yml b/.github/workflows/bacula-build-and-publish.yml new file mode 100644 index 0000000..93b25e1 --- /dev/null +++ b/.github/workflows/bacula-build-and-publish.yml @@ -0,0 +1,446 @@ +name: Build containers + +# This workflow uses actions that are not certified by GitHub. +# They are provided by a third-party and are governed by +# separate terms of service, privacy policy, and support +# documentation. + +on: + # schedule: + # - cron: '26 6 * * *' + push: + branches: [ "master" ] + # Publish semver tags as releases. + # tags: [ 'v*.*.*' ] + #pull_request: + # branches: [ "master" ] + +env: + # Use docker.io for Docker Hub if empty + # REGISTRY: ghcr.io + REGISTRY: "docker.io" + # github.repository as / + IMAGE_NAME: ${{ github.repository }} + VERSION: "13.0.3" + + + +jobs: + build-base: + env: + CONTEXT: ./docker/bacula-base + SUFFIX: base + PLATFORMS: linux/amd64 + + runs-on: ubuntu-latest + permissions: + contents: read + packages: write + # This is used to complete the identity challenge + # with sigstore/fulcio when running outside of PRs. + id-token: write + + steps: + - name: Checkout repository + uses: actions/checkout@v3 + + # Install the cosign tool except on PR + # https://github.com/sigstore/cosign-installer + - name: Install cosign + if: github.event_name != 'pull_request' + uses: sigstore/cosign-installer@f3c664df7af409cb4873aa5068053ba9d61a57b6 #v2.6.0 + with: + cosign-release: 'v1.13.1' + + + # Workaround: https://github.com/docker/build-push-action/issues/461 + - name: Setup Docker buildx + uses: docker/setup-buildx-action@79abd3f86f79a9d68a23c75a09a9a85889262adf + + # Login against a Docker registry except on PR + # https://github.com/docker/login-action + - name: Log into registry ${{ env.REGISTRY }} + if: github.event_name != 'pull_request' + uses: docker/login-action@28218f9b04b4f3f62068d7b6ce6ca5b26e35336c + with: + registry: ${{ env.REGISTRY }} + # username: ${{ github.actor }} + username: ${{ secrets.DOCKERHUB_USERNAME }} + # password: ${{ secrets.GITHUB_TOKEN }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + # Extract metadata (tags, labels) for Docker + # https://github.com/docker/metadata-action + - name: Extract Docker metadata + id: meta + uses: docker/metadata-action@98669ae865ea3cffbcbaa878cf57c20bbf1c6c38 + with: + images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} + tags: | + type=raw,value=${{ env.VERSION }}-${{ env.SUFFIX }} + + # Build and push Docker image with Buildx (don't push on PR) + # https://github.com/docker/build-push-action + - name: Build and push Docker image + id: build-and-push + uses: docker/build-push-action@ac9327eae2b366085ac7f6a2d02df8aa8ead720a + with: + context: ${{ env.CONTEXT }} + platforms: ${{ env.PLATFORMS }} + push: ${{ github.event_name != 'pull_request' }} + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + cache-from: type=gha + cache-to: type=gha,mode=max + + + # Sign the resulting Docker image digest except on PRs. + # This will only write to the public Rekor transparency log when the Docker + # repository is public to avoid leaking data. If you would like to publish + # transparency data even for private images, pass --force to cosign below. + # https://github.com/sigstore/cosign + - name: Sign the published Docker image + if: ${{ github.event_name != 'pull_request' }} + env: + COSIGN_EXPERIMENTAL: "true" + # This step uses the identity token to provision an ephemeral certificate + # against the sigstore community Fulcio instance. + run: echo "${{ steps.meta.outputs.tags }}" | xargs -I {} cosign sign {}@${{ steps.build-and-push.outputs.digest }} + + build-catalog: + + needs: build-base + + env: + CONTEXT: ./docker/bacula-catalog + SUFFIX: catalog + PLATFORMS: linux/amd64 + + runs-on: ubuntu-latest + permissions: + contents: read + packages: write + # This is used to complete the identity challenge + # with sigstore/fulcio when running outside of PRs. + id-token: write + + steps: + - name: Checkout repository + uses: actions/checkout@v3 + + # Install the cosign tool except on PR + # https://github.com/sigstore/cosign-installer + - name: Install cosign + if: github.event_name != 'pull_request' + uses: sigstore/cosign-installer@f3c664df7af409cb4873aa5068053ba9d61a57b6 #v2.6.0 + with: + cosign-release: 'v1.13.1' + + + # Workaround: https://github.com/docker/build-push-action/issues/461 + - name: Setup Docker buildx + uses: docker/setup-buildx-action@79abd3f86f79a9d68a23c75a09a9a85889262adf + + # Login against a Docker registry except on PR + # https://github.com/docker/login-action + - name: Log into registry ${{ env.REGISTRY }} + if: github.event_name != 'pull_request' + uses: docker/login-action@28218f9b04b4f3f62068d7b6ce6ca5b26e35336c + with: + registry: ${{ env.REGISTRY }} + # username: ${{ github.actor }} + username: ${{ secrets.DOCKERHUB_USERNAME }} + # password: ${{ secrets.GITHUB_TOKEN }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + # Extract metadata (tags, labels) for Docker + # https://github.com/docker/metadata-action + - name: Extract Docker metadata + id: meta + uses: docker/metadata-action@98669ae865ea3cffbcbaa878cf57c20bbf1c6c38 + with: + images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} + tags: | + type=raw,value=${{ env.VERSION }}-${{ env.SUFFIX }} + + # Build and push Docker image with Buildx (don't push on PR) + # https://github.com/docker/build-push-action + - name: Build and push Docker image + id: build-and-push + uses: docker/build-push-action@ac9327eae2b366085ac7f6a2d02df8aa8ead720a + with: + context: ${{ env.CONTEXT }} + platforms: ${{ env.PLATFORMS }} + push: ${{ github.event_name != 'pull_request' }} + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + cache-from: type=gha + cache-to: type=gha,mode=max + + + # Sign the resulting Docker image digest except on PRs. + # This will only write to the public Rekor transparency log when the Docker + # repository is public to avoid leaking data. If you would like to publish + # transparency data even for private images, pass --force to cosign below. + # https://github.com/sigstore/cosign + - name: Sign the published Docker image + if: ${{ github.event_name != 'pull_request' }} + env: + COSIGN_EXPERIMENTAL: "true" + # This step uses the identity token to provision an ephemeral certificate + # against the sigstore community Fulcio instance. + run: echo "${{ steps.meta.outputs.tags }}" | xargs -I {} cosign sign {}@${{ steps.build-and-push.outputs.digest }} + + + build-director: + + needs: build-base + + env: + CONTEXT: ./docker/bacula-dir + SUFFIX: director + PLATFORMS: linux/amd64 + + runs-on: ubuntu-latest + permissions: + contents: read + packages: write + # This is used to complete the identity challenge + # with sigstore/fulcio when running outside of PRs. + id-token: write + + steps: + - name: Checkout repository + uses: actions/checkout@v3 + + # Install the cosign tool except on PR + # https://github.com/sigstore/cosign-installer + - name: Install cosign + if: github.event_name != 'pull_request' + uses: sigstore/cosign-installer@f3c664df7af409cb4873aa5068053ba9d61a57b6 #v2.6.0 + with: + cosign-release: 'v1.13.1' + + + # Workaround: https://github.com/docker/build-push-action/issues/461 + - name: Setup Docker buildx + uses: docker/setup-buildx-action@79abd3f86f79a9d68a23c75a09a9a85889262adf + + # Login against a Docker registry except on PR + # https://github.com/docker/login-action + - name: Log into registry ${{ env.REGISTRY }} + if: github.event_name != 'pull_request' + uses: docker/login-action@28218f9b04b4f3f62068d7b6ce6ca5b26e35336c + with: + registry: ${{ env.REGISTRY }} + # username: ${{ github.actor }} + username: ${{ secrets.DOCKERHUB_USERNAME }} + # password: ${{ secrets.GITHUB_TOKEN }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + # Extract metadata (tags, labels) for Docker + # https://github.com/docker/metadata-action + - name: Extract Docker metadata + id: meta + uses: docker/metadata-action@98669ae865ea3cffbcbaa878cf57c20bbf1c6c38 + with: + images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} + tags: | + type=raw,value=${{ env.VERSION }}-${{ env.SUFFIX }} + + # Build and push Docker image with Buildx (don't push on PR) + # https://github.com/docker/build-push-action + - name: Build and push Docker image + id: build-and-push + uses: docker/build-push-action@ac9327eae2b366085ac7f6a2d02df8aa8ead720a + with: + context: ${{ env.CONTEXT }} + platforms: ${{ env.PLATFORMS }} + push: ${{ github.event_name != 'pull_request' }} + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + cache-from: type=gha + cache-to: type=gha,mode=max + + + # Sign the resulting Docker image digest except on PRs. + # This will only write to the public Rekor transparency log when the Docker + # repository is public to avoid leaking data. If you would like to publish + # transparency data even for private images, pass --force to cosign below. + # https://github.com/sigstore/cosign + - name: Sign the published Docker image + if: ${{ github.event_name != 'pull_request' }} + env: + COSIGN_EXPERIMENTAL: "true" + # This step uses the identity token to provision an ephemeral certificate + # against the sigstore community Fulcio instance. + run: echo "${{ steps.meta.outputs.tags }}" | xargs -I {} cosign sign {}@${{ steps.build-and-push.outputs.digest }} + + + build-storage: + + needs: build-base + + env: + CONTEXT: ./docker/bacula-sd + SUFFIX: storage + PLATFORMS: linux/amd64 + + runs-on: ubuntu-latest + permissions: + contents: read + packages: write + # This is used to complete the identity challenge + # with sigstore/fulcio when running outside of PRs. + id-token: write + + steps: + - name: Checkout repository + uses: actions/checkout@v3 + + # Install the cosign tool except on PR + # https://github.com/sigstore/cosign-installer + - name: Install cosign + if: github.event_name != 'pull_request' + uses: sigstore/cosign-installer@f3c664df7af409cb4873aa5068053ba9d61a57b6 #v2.6.0 + with: + cosign-release: 'v1.13.1' + + + # Workaround: https://github.com/docker/build-push-action/issues/461 + - name: Setup Docker buildx + uses: docker/setup-buildx-action@79abd3f86f79a9d68a23c75a09a9a85889262adf + + # Login against a Docker registry except on PR + # https://github.com/docker/login-action + - name: Log into registry ${{ env.REGISTRY }} + if: github.event_name != 'pull_request' + uses: docker/login-action@28218f9b04b4f3f62068d7b6ce6ca5b26e35336c + with: + registry: ${{ env.REGISTRY }} + # username: ${{ github.actor }} + username: ${{ secrets.DOCKERHUB_USERNAME }} + # password: ${{ secrets.GITHUB_TOKEN }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + # Extract metadata (tags, labels) for Docker + # https://github.com/docker/metadata-action + - name: Extract Docker metadata + id: meta + uses: docker/metadata-action@98669ae865ea3cffbcbaa878cf57c20bbf1c6c38 + with: + images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} + tags: | + type=raw,value=${{ env.VERSION }}-${{ env.SUFFIX }} + + # Build and push Docker image with Buildx (don't push on PR) + # https://github.com/docker/build-push-action + - name: Build and push Docker image + id: build-and-push + uses: docker/build-push-action@ac9327eae2b366085ac7f6a2d02df8aa8ead720a + with: + context: ${{ env.CONTEXT }} + platforms: ${{ env.PLATFORMS }} + push: ${{ github.event_name != 'pull_request' }} + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + cache-from: type=gha + cache-to: type=gha,mode=max + + + # Sign the resulting Docker image digest except on PRs. + # This will only write to the public Rekor transparency log when the Docker + # repository is public to avoid leaking data. If you would like to publish + # transparency data even for private images, pass --force to cosign below. + # https://github.com/sigstore/cosign + - name: Sign the published Docker image + if: ${{ github.event_name != 'pull_request' }} + env: + COSIGN_EXPERIMENTAL: "true" + # This step uses the identity token to provision an ephemeral certificate + # against the sigstore community Fulcio instance. + run: echo "${{ steps.meta.outputs.tags }}" | xargs -I {} cosign sign {}@${{ steps.build-and-push.outputs.digest }} + + + + build-client: + + needs: build-base + + env: + CONTEXT: ./docker/bacula-fd + SUFFIX: client + PLATFORMS: linux/amd64 + + runs-on: ubuntu-latest + permissions: + contents: read + packages: write + # This is used to complete the identity challenge + # with sigstore/fulcio when running outside of PRs. + id-token: write + + steps: + - name: Checkout repository + uses: actions/checkout@v3 + + # Install the cosign tool except on PR + # https://github.com/sigstore/cosign-installer + - name: Install cosign + if: github.event_name != 'pull_request' + uses: sigstore/cosign-installer@f3c664df7af409cb4873aa5068053ba9d61a57b6 #v2.6.0 + with: + cosign-release: 'v1.13.1' + + + # Workaround: https://github.com/docker/build-push-action/issues/461 + - name: Setup Docker buildx + uses: docker/setup-buildx-action@79abd3f86f79a9d68a23c75a09a9a85889262adf + + # Login against a Docker registry except on PR + # https://github.com/docker/login-action + - name: Log into registry ${{ env.REGISTRY }} + if: github.event_name != 'pull_request' + uses: docker/login-action@28218f9b04b4f3f62068d7b6ce6ca5b26e35336c + with: + registry: ${{ env.REGISTRY }} + # username: ${{ github.actor }} + username: ${{ secrets.DOCKERHUB_USERNAME }} + # password: ${{ secrets.GITHUB_TOKEN }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + # Extract metadata (tags, labels) for Docker + # https://github.com/docker/metadata-action + - name: Extract Docker metadata + id: meta + uses: docker/metadata-action@98669ae865ea3cffbcbaa878cf57c20bbf1c6c38 + with: + images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} + tags: | + type=raw,value=${{ env.VERSION }}-${{ env.SUFFIX }} + + # Build and push Docker image with Buildx (don't push on PR) + # https://github.com/docker/build-push-action + - name: Build and push Docker image + id: build-and-push + uses: docker/build-push-action@ac9327eae2b366085ac7f6a2d02df8aa8ead720a + with: + context: ${{ env.CONTEXT }} + platforms: ${{ env.PLATFORMS }} + push: ${{ github.event_name != 'pull_request' }} + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + cache-from: type=gha + cache-to: type=gha,mode=max + + + # Sign the resulting Docker image digest except on PRs. + # This will only write to the public Rekor transparency log when the Docker + # repository is public to avoid leaking data. If you would like to publish + # transparency data even for private images, pass --force to cosign below. + # https://github.com/sigstore/cosign + - name: Sign the published Docker image + if: ${{ github.event_name != 'pull_request' }} + env: + COSIGN_EXPERIMENTAL: "true" + # This step uses the identity token to provision an ephemeral certificate + # against the sigstore community Fulcio instance. + run: echo "${{ steps.meta.outputs.tags }}" | xargs -I {} cosign sign {}@${{ steps.build-and-push.outputs.digest }} + + + diff --git a/.github/workflows/baculum-build-and-publish.yml b/.github/workflows/baculum-build-and-publish.yml new file mode 100644 index 0000000..6ad4c93 --- /dev/null +++ b/.github/workflows/baculum-build-and-publish.yml @@ -0,0 +1,190 @@ +name: Build baculum containers + +# This workflow uses actions that are not certified by GitHub. +# They are provided by a third-party and are governed by +# separate terms of service, privacy policy, and support +# documentation. + +on: + # schedule: + # - cron: '26 6 * * *' + push: + branches: [ "master" ] + # Publish semver tags as releases. + # tags: [ 'v*.*.*' ] + #pull_request: + # branches: [ "master" ] + +env: + # Use docker.io for Docker Hub if empty + # REGISTRY: ghcr.io + REGISTRY: "docker.io" + # github.repository as / + IMAGE_NAME: ${{ github.repository }} + VERSION: "11.0.6" + + + +jobs: + build-api: + env: + CONTEXT: ./docker/baculum-api + SUFFIX: api + PLATFORMS: linux/amd64 + + runs-on: ubuntu-latest + permissions: + contents: read + packages: write + # This is used to complete the identity challenge + # with sigstore/fulcio when running outside of PRs. + id-token: write + + steps: + - name: Checkout repository + uses: actions/checkout@v3 + + # Install the cosign tool except on PR + # https://github.com/sigstore/cosign-installer + - name: Install cosign + if: github.event_name != 'pull_request' + uses: sigstore/cosign-installer@f3c664df7af409cb4873aa5068053ba9d61a57b6 #v2.6.0 + with: + cosign-release: 'v1.13.1' + + + # Workaround: https://github.com/docker/build-push-action/issues/461 + - name: Setup Docker buildx + uses: docker/setup-buildx-action@79abd3f86f79a9d68a23c75a09a9a85889262adf + + # Login against a Docker registry except on PR + # https://github.com/docker/login-action + - name: Log into registry ${{ env.REGISTRY }} + if: github.event_name != 'pull_request' + uses: docker/login-action@28218f9b04b4f3f62068d7b6ce6ca5b26e35336c + with: + registry: ${{ env.REGISTRY }} + # username: ${{ github.actor }} + username: ${{ secrets.DOCKERHUB_USERNAME }} + # password: ${{ secrets.GITHUB_TOKEN }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + # Extract metadata (tags, labels) for Docker + # https://github.com/docker/metadata-action + - name: Extract Docker metadata + id: meta + uses: docker/metadata-action@98669ae865ea3cffbcbaa878cf57c20bbf1c6c38 + with: + images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} + tags: | + type=raw,value=${{ env.VERSION }}-${{ env.SUFFIX }} + + # Build and push Docker image with Buildx (don't push on PR) + # https://github.com/docker/build-push-action + - name: Build and push Docker image + id: build-and-push + uses: docker/build-push-action@ac9327eae2b366085ac7f6a2d02df8aa8ead720a + with: + context: ${{ env.CONTEXT }} + platforms: ${{ env.PLATFORMS }} + push: ${{ github.event_name != 'pull_request' }} + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + cache-from: type=gha + cache-to: type=gha,mode=max + + + # Sign the resulting Docker image digest except on PRs. + # This will only write to the public Rekor transparency log when the Docker + # repository is public to avoid leaking data. If you would like to publish + # transparency data even for private images, pass --force to cosign below. + # https://github.com/sigstore/cosign + - name: Sign the published Docker image + if: ${{ github.event_name != 'pull_request' }} + env: + COSIGN_EXPERIMENTAL: "true" + # This step uses the identity token to provision an ephemeral certificate + # against the sigstore community Fulcio instance. + run: echo "${{ steps.meta.outputs.tags }}" | xargs -I {} cosign sign {}@${{ steps.build-and-push.outputs.digest }} + + build-catalog: + + needs: build-api + + env: + CONTEXT: ./docker/baculum-web + SUFFIX: web + PLATFORMS: linux/amd64 + + runs-on: ubuntu-latest + permissions: + contents: read + packages: write + # This is used to complete the identity challenge + # with sigstore/fulcio when running outside of PRs. + id-token: write + + steps: + - name: Checkout repository + uses: actions/checkout@v3 + + # Install the cosign tool except on PR + # https://github.com/sigstore/cosign-installer + - name: Install cosign + if: github.event_name != 'pull_request' + uses: sigstore/cosign-installer@f3c664df7af409cb4873aa5068053ba9d61a57b6 #v2.6.0 + with: + cosign-release: 'v1.13.1' + + + # Workaround: https://github.com/docker/build-push-action/issues/461 + - name: Setup Docker buildx + uses: docker/setup-buildx-action@79abd3f86f79a9d68a23c75a09a9a85889262adf + + # Login against a Docker registry except on PR + # https://github.com/docker/login-action + - name: Log into registry ${{ env.REGISTRY }} + if: github.event_name != 'pull_request' + uses: docker/login-action@28218f9b04b4f3f62068d7b6ce6ca5b26e35336c + with: + registry: ${{ env.REGISTRY }} + # username: ${{ github.actor }} + username: ${{ secrets.DOCKERHUB_USERNAME }} + # password: ${{ secrets.GITHUB_TOKEN }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + # Extract metadata (tags, labels) for Docker + # https://github.com/docker/metadata-action + - name: Extract Docker metadata + id: meta + uses: docker/metadata-action@98669ae865ea3cffbcbaa878cf57c20bbf1c6c38 + with: + images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} + tags: | + type=raw,value=${{ env.VERSION }}-${{ env.SUFFIX }} + + # Build and push Docker image with Buildx (don't push on PR) + # https://github.com/docker/build-push-action + - name: Build and push Docker image + id: build-and-push + uses: docker/build-push-action@ac9327eae2b366085ac7f6a2d02df8aa8ead720a + with: + context: ${{ env.CONTEXT }} + platforms: ${{ env.PLATFORMS }} + push: ${{ github.event_name != 'pull_request' }} + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + cache-from: type=gha + cache-to: type=gha,mode=max + + + # Sign the resulting Docker image digest except on PRs. + # This will only write to the public Rekor transparency log when the Docker + # repository is public to avoid leaking data. If you would like to publish + # transparency data even for private images, pass --force to cosign below. + # https://github.com/sigstore/cosign + - name: Sign the published Docker image + if: ${{ github.event_name != 'pull_request' }} + env: + COSIGN_EXPERIMENTAL: "true" + # This step uses the identity token to provision an ephemeral certificate + # against the sigstore community Fulcio instance. + run: echo "${{ steps.meta.outputs.tags }}" | xargs -I {} cosign sign {}@${{ steps.build-and-push.outputs.digest }} diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000..f288702 --- /dev/null +++ b/LICENSE @@ -0,0 +1,674 @@ + GNU GENERAL PUBLIC LICENSE + Version 3, 29 June 2007 + + Copyright (C) 2007 Free Software Foundation, Inc. + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. + + Preamble + + The GNU General Public License is a free, copyleft license for +software and other kinds of works. + + The licenses for most software and other practical works are designed +to take away your freedom to share and change the works. By contrast, +the GNU General Public License is intended to guarantee your freedom to +share and change all versions of a program--to make sure it remains free +software for all its users. We, the Free Software Foundation, use the +GNU General Public License for most of our software; it applies also to +any other work released this way by its authors. You can apply it to +your programs, too. + + When we speak of free software, we are referring to freedom, not +price. Our General Public Licenses are designed to make sure that you +have the freedom to distribute copies of free software (and charge for +them if you wish), that you receive source code or can get it if you +want it, that you can change the software or use pieces of it in new +free programs, and that you know you can do these things. + + To protect your rights, we need to prevent others from denying you +these rights or asking you to surrender the rights. Therefore, you have +certain responsibilities if you distribute copies of the software, or if +you modify it: responsibilities to respect the freedom of others. + + For example, if you distribute copies of such a program, whether +gratis or for a fee, you must pass on to the recipients the same +freedoms that you received. You must make sure that they, too, receive +or can get the source code. And you must show them these terms so they +know their rights. + + Developers that use the GNU GPL protect your rights with two steps: +(1) assert copyright on the software, and (2) offer you this License +giving you legal permission to copy, distribute and/or modify it. + + For the developers' and authors' protection, the GPL clearly explains +that there is no warranty for this free software. For both users' and +authors' sake, the GPL requires that modified versions be marked as +changed, so that their problems will not be attributed erroneously to +authors of previous versions. + + Some devices are designed to deny users access to install or run +modified versions of the software inside them, although the manufacturer +can do so. This is fundamentally incompatible with the aim of +protecting users' freedom to change the software. The systematic +pattern of such abuse occurs in the area of products for individuals to +use, which is precisely where it is most unacceptable. Therefore, we +have designed this version of the GPL to prohibit the practice for those +products. If such problems arise substantially in other domains, we +stand ready to extend this provision to those domains in future versions +of the GPL, as needed to protect the freedom of users. + + Finally, every program is threatened constantly by software patents. +States should not allow patents to restrict development and use of +software on general-purpose computers, but in those that do, we wish to +avoid the special danger that patents applied to a free program could +make it effectively proprietary. To prevent this, the GPL assures that +patents cannot be used to render the program non-free. + + The precise terms and conditions for copying, distribution and +modification follow. + + TERMS AND CONDITIONS + + 0. Definitions. + + "This License" refers to version 3 of the GNU General Public License. + + "Copyright" also means copyright-like laws that apply to other kinds of +works, such as semiconductor masks. + + "The Program" refers to any copyrightable work licensed under this +License. Each licensee is addressed as "you". "Licensees" and +"recipients" may be individuals or organizations. + + To "modify" a work means to copy from or adapt all or part of the work +in a fashion requiring copyright permission, other than the making of an +exact copy. The resulting work is called a "modified version" of the +earlier work or a work "based on" the earlier work. + + A "covered work" means either the unmodified Program or a work based +on the Program. + + To "propagate" a work means to do anything with it that, without +permission, would make you directly or secondarily liable for +infringement under applicable copyright law, except executing it on a +computer or modifying a private copy. Propagation includes copying, +distribution (with or without modification), making available to the +public, and in some countries other activities as well. + + To "convey" a work means any kind of propagation that enables other +parties to make or receive copies. Mere interaction with a user through +a computer network, with no transfer of a copy, is not conveying. + + An interactive user interface displays "Appropriate Legal Notices" +to the extent that it includes a convenient and prominently visible +feature that (1) displays an appropriate copyright notice, and (2) +tells the user that there is no warranty for the work (except to the +extent that warranties are provided), that licensees may convey the +work under this License, and how to view a copy of this License. If +the interface presents a list of user commands or options, such as a +menu, a prominent item in the list meets this criterion. + + 1. Source Code. + + The "source code" for a work means the preferred form of the work +for making modifications to it. "Object code" means any non-source +form of a work. + + A "Standard Interface" means an interface that either is an official +standard defined by a recognized standards body, or, in the case of +interfaces specified for a particular programming language, one that +is widely used among developers working in that language. + + The "System Libraries" of an executable work include anything, other +than the work as a whole, that (a) is included in the normal form of +packaging a Major Component, but which is not part of that Major +Component, and (b) serves only to enable use of the work with that +Major Component, or to implement a Standard Interface for which an +implementation is available to the public in source code form. A +"Major Component", in this context, means a major essential component +(kernel, window system, and so on) of the specific operating system +(if any) on which the executable work runs, or a compiler used to +produce the work, or an object code interpreter used to run it. + + The "Corresponding Source" for a work in object code form means all +the source code needed to generate, install, and (for an executable +work) run the object code and to modify the work, including scripts to +control those activities. However, it does not include the work's +System Libraries, or general-purpose tools or generally available free +programs which are used unmodified in performing those activities but +which are not part of the work. For example, Corresponding Source +includes interface definition files associated with source files for +the work, and the source code for shared libraries and dynamically +linked subprograms that the work is specifically designed to require, +such as by intimate data communication or control flow between those +subprograms and other parts of the work. + + The Corresponding Source need not include anything that users +can regenerate automatically from other parts of the Corresponding +Source. + + The Corresponding Source for a work in source code form is that +same work. + + 2. Basic Permissions. + + All rights granted under this License are granted for the term of +copyright on the Program, and are irrevocable provided the stated +conditions are met. This License explicitly affirms your unlimited +permission to run the unmodified Program. The output from running a +covered work is covered by this License only if the output, given its +content, constitutes a covered work. This License acknowledges your +rights of fair use or other equivalent, as provided by copyright law. + + You may make, run and propagate covered works that you do not +convey, without conditions so long as your license otherwise remains +in force. You may convey covered works to others for the sole purpose +of having them make modifications exclusively for you, or provide you +with facilities for running those works, provided that you comply with +the terms of this License in conveying all material for which you do +not control copyright. Those thus making or running the covered works +for you must do so exclusively on your behalf, under your direction +and control, on terms that prohibit them from making any copies of +your copyrighted material outside their relationship with you. + + Conveying under any other circumstances is permitted solely under +the conditions stated below. Sublicensing is not allowed; section 10 +makes it unnecessary. + + 3. Protecting Users' Legal Rights From Anti-Circumvention Law. + + No covered work shall be deemed part of an effective technological +measure under any applicable law fulfilling obligations under article +11 of the WIPO copyright treaty adopted on 20 December 1996, or +similar laws prohibiting or restricting circumvention of such +measures. + + When you convey a covered work, you waive any legal power to forbid +circumvention of technological measures to the extent such circumvention +is effected by exercising rights under this License with respect to +the covered work, and you disclaim any intention to limit operation or +modification of the work as a means of enforcing, against the work's +users, your or third parties' legal rights to forbid circumvention of +technological measures. + + 4. Conveying Verbatim Copies. + + You may convey verbatim copies of the Program's source code as you +receive it, in any medium, provided that you conspicuously and +appropriately publish on each copy an appropriate copyright notice; +keep intact all notices stating that this License and any +non-permissive terms added in accord with section 7 apply to the code; +keep intact all notices of the absence of any warranty; and give all +recipients a copy of this License along with the Program. + + You may charge any price or no price for each copy that you convey, +and you may offer support or warranty protection for a fee. + + 5. Conveying Modified Source Versions. + + You may convey a work based on the Program, or the modifications to +produce it from the Program, in the form of source code under the +terms of section 4, provided that you also meet all of these conditions: + + a) The work must carry prominent notices stating that you modified + it, and giving a relevant date. + + b) The work must carry prominent notices stating that it is + released under this License and any conditions added under section + 7. This requirement modifies the requirement in section 4 to + "keep intact all notices". + + c) You must license the entire work, as a whole, under this + License to anyone who comes into possession of a copy. This + License will therefore apply, along with any applicable section 7 + additional terms, to the whole of the work, and all its parts, + regardless of how they are packaged. This License gives no + permission to license the work in any other way, but it does not + invalidate such permission if you have separately received it. + + d) If the work has interactive user interfaces, each must display + Appropriate Legal Notices; however, if the Program has interactive + interfaces that do not display Appropriate Legal Notices, your + work need not make them do so. + + A compilation of a covered work with other separate and independent +works, which are not by their nature extensions of the covered work, +and which are not combined with it such as to form a larger program, +in or on a volume of a storage or distribution medium, is called an +"aggregate" if the compilation and its resulting copyright are not +used to limit the access or legal rights of the compilation's users +beyond what the individual works permit. Inclusion of a covered work +in an aggregate does not cause this License to apply to the other +parts of the aggregate. + + 6. Conveying Non-Source Forms. + + You may convey a covered work in object code form under the terms +of sections 4 and 5, provided that you also convey the +machine-readable Corresponding Source under the terms of this License, +in one of these ways: + + a) Convey the object code in, or embodied in, a physical product + (including a physical distribution medium), accompanied by the + Corresponding Source fixed on a durable physical medium + customarily used for software interchange. + + b) Convey the object code in, or embodied in, a physical product + (including a physical distribution medium), accompanied by a + written offer, valid for at least three years and valid for as + long as you offer spare parts or customer support for that product + model, to give anyone who possesses the object code either (1) a + copy of the Corresponding Source for all the software in the + product that is covered by this License, on a durable physical + medium customarily used for software interchange, for a price no + more than your reasonable cost of physically performing this + conveying of source, or (2) access to copy the + Corresponding Source from a network server at no charge. + + c) Convey individual copies of the object code with a copy of the + written offer to provide the Corresponding Source. This + alternative is allowed only occasionally and noncommercially, and + only if you received the object code with such an offer, in accord + with subsection 6b. + + d) Convey the object code by offering access from a designated + place (gratis or for a charge), and offer equivalent access to the + Corresponding Source in the same way through the same place at no + further charge. You need not require recipients to copy the + Corresponding Source along with the object code. If the place to + copy the object code is a network server, the Corresponding Source + may be on a different server (operated by you or a third party) + that supports equivalent copying facilities, provided you maintain + clear directions next to the object code saying where to find the + Corresponding Source. Regardless of what server hosts the + Corresponding Source, you remain obligated to ensure that it is + available for as long as needed to satisfy these requirements. + + e) Convey the object code using peer-to-peer transmission, provided + you inform other peers where the object code and Corresponding + Source of the work are being offered to the general public at no + charge under subsection 6d. + + A separable portion of the object code, whose source code is excluded +from the Corresponding Source as a System Library, need not be +included in conveying the object code work. + + A "User Product" is either (1) a "consumer product", which means any +tangible personal property which is normally used for personal, family, +or household purposes, or (2) anything designed or sold for incorporation +into a dwelling. In determining whether a product is a consumer product, +doubtful cases shall be resolved in favor of coverage. For a particular +product received by a particular user, "normally used" refers to a +typical or common use of that class of product, regardless of the status +of the particular user or of the way in which the particular user +actually uses, or expects or is expected to use, the product. A product +is a consumer product regardless of whether the product has substantial +commercial, industrial or non-consumer uses, unless such uses represent +the only significant mode of use of the product. + + "Installation Information" for a User Product means any methods, +procedures, authorization keys, or other information required to install +and execute modified versions of a covered work in that User Product from +a modified version of its Corresponding Source. The information must +suffice to ensure that the continued functioning of the modified object +code is in no case prevented or interfered with solely because +modification has been made. + + If you convey an object code work under this section in, or with, or +specifically for use in, a User Product, and the conveying occurs as +part of a transaction in which the right of possession and use of the +User Product is transferred to the recipient in perpetuity or for a +fixed term (regardless of how the transaction is characterized), the +Corresponding Source conveyed under this section must be accompanied +by the Installation Information. But this requirement does not apply +if neither you nor any third party retains the ability to install +modified object code on the User Product (for example, the work has +been installed in ROM). + + The requirement to provide Installation Information does not include a +requirement to continue to provide support service, warranty, or updates +for a work that has been modified or installed by the recipient, or for +the User Product in which it has been modified or installed. Access to a +network may be denied when the modification itself materially and +adversely affects the operation of the network or violates the rules and +protocols for communication across the network. + + Corresponding Source conveyed, and Installation Information provided, +in accord with this section must be in a format that is publicly +documented (and with an implementation available to the public in +source code form), and must require no special password or key for +unpacking, reading or copying. + + 7. Additional Terms. + + "Additional permissions" are terms that supplement the terms of this +License by making exceptions from one or more of its conditions. +Additional permissions that are applicable to the entire Program shall +be treated as though they were included in this License, to the extent +that they are valid under applicable law. If additional permissions +apply only to part of the Program, that part may be used separately +under those permissions, but the entire Program remains governed by +this License without regard to the additional permissions. + + When you convey a copy of a covered work, you may at your option +remove any additional permissions from that copy, or from any part of +it. (Additional permissions may be written to require their own +removal in certain cases when you modify the work.) You may place +additional permissions on material, added by you to a covered work, +for which you have or can give appropriate copyright permission. + + Notwithstanding any other provision of this License, for material you +add to a covered work, you may (if authorized by the copyright holders of +that material) supplement the terms of this License with terms: + + a) Disclaiming warranty or limiting liability differently from the + terms of sections 15 and 16 of this License; or + + b) Requiring preservation of specified reasonable legal notices or + author attributions in that material or in the Appropriate Legal + Notices displayed by works containing it; or + + c) Prohibiting misrepresentation of the origin of that material, or + requiring that modified versions of such material be marked in + reasonable ways as different from the original version; or + + d) Limiting the use for publicity purposes of names of licensors or + authors of the material; or + + e) Declining to grant rights under trademark law for use of some + trade names, trademarks, or service marks; or + + f) Requiring indemnification of licensors and authors of that + material by anyone who conveys the material (or modified versions of + it) with contractual assumptions of liability to the recipient, for + any liability that these contractual assumptions directly impose on + those licensors and authors. + + All other non-permissive additional terms are considered "further +restrictions" within the meaning of section 10. If the Program as you +received it, or any part of it, contains a notice stating that it is +governed by this License along with a term that is a further +restriction, you may remove that term. If a license document contains +a further restriction but permits relicensing or conveying under this +License, you may add to a covered work material governed by the terms +of that license document, provided that the further restriction does +not survive such relicensing or conveying. + + If you add terms to a covered work in accord with this section, you +must place, in the relevant source files, a statement of the +additional terms that apply to those files, or a notice indicating +where to find the applicable terms. + + Additional terms, permissive or non-permissive, may be stated in the +form of a separately written license, or stated as exceptions; +the above requirements apply either way. + + 8. Termination. + + You may not propagate or modify a covered work except as expressly +provided under this License. Any attempt otherwise to propagate or +modify it is void, and will automatically terminate your rights under +this License (including any patent licenses granted under the third +paragraph of section 11). + + However, if you cease all violation of this License, then your +license from a particular copyright holder is reinstated (a) +provisionally, unless and until the copyright holder explicitly and +finally terminates your license, and (b) permanently, if the copyright +holder fails to notify you of the violation by some reasonable means +prior to 60 days after the cessation. + + Moreover, your license from a particular copyright holder is +reinstated permanently if the copyright holder notifies you of the +violation by some reasonable means, this is the first time you have +received notice of violation of this License (for any work) from that +copyright holder, and you cure the violation prior to 30 days after +your receipt of the notice. + + Termination of your rights under this section does not terminate the +licenses of parties who have received copies or rights from you under +this License. If your rights have been terminated and not permanently +reinstated, you do not qualify to receive new licenses for the same +material under section 10. + + 9. Acceptance Not Required for Having Copies. + + You are not required to accept this License in order to receive or +run a copy of the Program. Ancillary propagation of a covered work +occurring solely as a consequence of using peer-to-peer transmission +to receive a copy likewise does not require acceptance. However, +nothing other than this License grants you permission to propagate or +modify any covered work. These actions infringe copyright if you do +not accept this License. Therefore, by modifying or propagating a +covered work, you indicate your acceptance of this License to do so. + + 10. Automatic Licensing of Downstream Recipients. + + Each time you convey a covered work, the recipient automatically +receives a license from the original licensors, to run, modify and +propagate that work, subject to this License. You are not responsible +for enforcing compliance by third parties with this License. + + An "entity transaction" is a transaction transferring control of an +organization, or substantially all assets of one, or subdividing an +organization, or merging organizations. If propagation of a covered +work results from an entity transaction, each party to that +transaction who receives a copy of the work also receives whatever +licenses to the work the party's predecessor in interest had or could +give under the previous paragraph, plus a right to possession of the +Corresponding Source of the work from the predecessor in interest, if +the predecessor has it or can get it with reasonable efforts. + + You may not impose any further restrictions on the exercise of the +rights granted or affirmed under this License. For example, you may +not impose a license fee, royalty, or other charge for exercise of +rights granted under this License, and you may not initiate litigation +(including a cross-claim or counterclaim in a lawsuit) alleging that +any patent claim is infringed by making, using, selling, offering for +sale, or importing the Program or any portion of it. + + 11. Patents. + + A "contributor" is a copyright holder who authorizes use under this +License of the Program or a work on which the Program is based. The +work thus licensed is called the contributor's "contributor version". + + A contributor's "essential patent claims" are all patent claims +owned or controlled by the contributor, whether already acquired or +hereafter acquired, that would be infringed by some manner, permitted +by this License, of making, using, or selling its contributor version, +but do not include claims that would be infringed only as a +consequence of further modification of the contributor version. For +purposes of this definition, "control" includes the right to grant +patent sublicenses in a manner consistent with the requirements of +this License. + + Each contributor grants you a non-exclusive, worldwide, royalty-free +patent license under the contributor's essential patent claims, to +make, use, sell, offer for sale, import and otherwise run, modify and +propagate the contents of its contributor version. + + In the following three paragraphs, a "patent license" is any express +agreement or commitment, however denominated, not to enforce a patent +(such as an express permission to practice a patent or covenant not to +sue for patent infringement). To "grant" such a patent license to a +party means to make such an agreement or commitment not to enforce a +patent against the party. + + If you convey a covered work, knowingly relying on a patent license, +and the Corresponding Source of the work is not available for anyone +to copy, free of charge and under the terms of this License, through a +publicly available network server or other readily accessible means, +then you must either (1) cause the Corresponding Source to be so +available, or (2) arrange to deprive yourself of the benefit of the +patent license for this particular work, or (3) arrange, in a manner +consistent with the requirements of this License, to extend the patent +license to downstream recipients. "Knowingly relying" means you have +actual knowledge that, but for the patent license, your conveying the +covered work in a country, or your recipient's use of the covered work +in a country, would infringe one or more identifiable patents in that +country that you have reason to believe are valid. + + If, pursuant to or in connection with a single transaction or +arrangement, you convey, or propagate by procuring conveyance of, a +covered work, and grant a patent license to some of the parties +receiving the covered work authorizing them to use, propagate, modify +or convey a specific copy of the covered work, then the patent license +you grant is automatically extended to all recipients of the covered +work and works based on it. + + A patent license is "discriminatory" if it does not include within +the scope of its coverage, prohibits the exercise of, or is +conditioned on the non-exercise of one or more of the rights that are +specifically granted under this License. You may not convey a covered +work if you are a party to an arrangement with a third party that is +in the business of distributing software, under which you make payment +to the third party based on the extent of your activity of conveying +the work, and under which the third party grants, to any of the +parties who would receive the covered work from you, a discriminatory +patent license (a) in connection with copies of the covered work +conveyed by you (or copies made from those copies), or (b) primarily +for and in connection with specific products or compilations that +contain the covered work, unless you entered into that arrangement, +or that patent license was granted, prior to 28 March 2007. + + Nothing in this License shall be construed as excluding or limiting +any implied license or other defenses to infringement that may +otherwise be available to you under applicable patent law. + + 12. No Surrender of Others' Freedom. + + If conditions are imposed on you (whether by court order, agreement or +otherwise) that contradict the conditions of this License, they do not +excuse you from the conditions of this License. If you cannot convey a +covered work so as to satisfy simultaneously your obligations under this +License and any other pertinent obligations, then as a consequence you may +not convey it at all. For example, if you agree to terms that obligate you +to collect a royalty for further conveying from those to whom you convey +the Program, the only way you could satisfy both those terms and this +License would be to refrain entirely from conveying the Program. + + 13. Use with the GNU Affero General Public License. + + Notwithstanding any other provision of this License, you have +permission to link or combine any covered work with a work licensed +under version 3 of the GNU Affero General Public License into a single +combined work, and to convey the resulting work. The terms of this +License will continue to apply to the part which is the covered work, +but the special requirements of the GNU Affero General Public License, +section 13, concerning interaction through a network will apply to the +combination as such. + + 14. Revised Versions of this License. + + The Free Software Foundation may publish revised and/or new versions of +the GNU General Public License from time to time. Such new versions will +be similar in spirit to the present version, but may differ in detail to +address new problems or concerns. + + Each version is given a distinguishing version number. If the +Program specifies that a certain numbered version of the GNU General +Public License "or any later version" applies to it, you have the +option of following the terms and conditions either of that numbered +version or of any later version published by the Free Software +Foundation. If the Program does not specify a version number of the +GNU General Public License, you may choose any version ever published +by the Free Software Foundation. + + If the Program specifies that a proxy can decide which future +versions of the GNU General Public License can be used, that proxy's +public statement of acceptance of a version permanently authorizes you +to choose that version for the Program. + + Later license versions may give you additional or different +permissions. However, no additional obligations are imposed on any +author or copyright holder as a result of your choosing to follow a +later version. + + 15. Disclaimer of Warranty. + + THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY +APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT +HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY +OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, +THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM +IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF +ALL NECESSARY SERVICING, REPAIR OR CORRECTION. + + 16. Limitation of Liability. + + IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING +WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS +THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY +GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE +USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF +DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD +PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), +EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF +SUCH DAMAGES. + + 17. Interpretation of Sections 15 and 16. + + If the disclaimer of warranty and limitation of liability provided +above cannot be given local legal effect according to their terms, +reviewing courts shall apply local law that most closely approximates +an absolute waiver of all civil liability in connection with the +Program, unless a warranty or assumption of liability accompanies a +copy of the Program in return for a fee. + + END OF TERMS AND CONDITIONS + + How to Apply These Terms to Your New Programs + + If you develop a new program, and you want it to be of the greatest +possible use to the public, the best way to achieve this is to make it +free software which everyone can redistribute and change under these terms. + + To do so, attach the following notices to the program. It is safest +to attach them to the start of each source file to most effectively +state the exclusion of warranty; and each file should have at least +the "copyright" line and a pointer to where the full notice is found. + + + Copyright (C) + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . + +Also add information on how to contact you by electronic and paper mail. + + If the program does terminal interaction, make it output a short +notice like this when it starts in an interactive mode: + + Copyright (C) + This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'. + This is free software, and you are welcome to redistribute it + under certain conditions; type `show c' for details. + +The hypothetical commands `show w' and `show c' should show the appropriate +parts of the General Public License. Of course, your program's commands +might be different; for a GUI interface, you would use an "about box". + + You should also get your employer (if you work as a programmer) or school, +if any, to sign a "copyright disclaimer" for the program, if necessary. +For more information on this, and how to apply and follow the GNU GPL, see +. + + The GNU General Public License does not permit incorporating your program +into proprietary programs. If your program is a subroutine library, you +may consider it more useful to permit linking proprietary applications with +the library. If this is what you want to do, use the GNU Lesser General +Public License instead of this License. But first, please read +. diff --git a/README.md b/README.md new file mode 100644 index 0000000..e409c59 --- /dev/null +++ b/README.md @@ -0,0 +1,118 @@ +# Bacula 13.0.3 Container + +Deploy the bacula community edition on Docker Containers. + +## Images + +- [x] Bacula Catalog eftechcombr/bacula:13.0.3-catalog +- [x] Bacula Director eftechcombr/bacula:13.0.3-director +- [x] Bacula Storage Daemon eftechcombr/bacula:13.0.3-storage +- [x] Bacula File Daemon eftechcombr/bacula:13.0.3-client +- [x] Bacula File Daemon S3 eftechcombr/bacula:13.0.3-client-s3fs (NEW) +- [x] Bacula File Daemon Git eftechcombr/bacula:13.0.3-client-git (NEW) +- [x] Baculum Web Gui eftechcombr/baculum:11.0.6-web +- [x] Baculum API eftechcombr/baculum:11.0.6-api +- [x] Postfix SMTP Relay eftechcombr/postfix:latest +- [x] SMTP2TG SMTP Relay to Telegram b3vis/docker-smtp2tg + +## Install Docker + + curl -sSL https://get.docker.com | bash + +## Install Docker-compose + + curl -L "https://github.com/docker/compose/releases/download/1.24.1/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose + chmod +x /usr/local/bin/docker-compose + +## Set permission on etc/baculum + + chmod -R a+rwx etc/baculum + + +## Download and Install Bacula Container + + git clone https://github.com/eftechcombr/bacula + cd bacula/docker + docker-compose up + +## Tests + + docker exec -it docker_bacula-dir_1 bash + > bconsole + * + + +## Video + +[![asciicast](https://asciinema.org/a/279317.svg)](https://asciinema.org/a/279317) + + +## Docker Compose + +docker-compose.yaml + + + version: '3.1' + services: + db: + image: eftechcombr/bacula:13.0.3-catalog + restart: unless-stopped + environment: + POSTGRES_PASSWORD: bacula + POSTGRES_USER: bacula + POSTGRES_DB: bacula + volumes: + - pgdata:/var/lib/postgresql/data:rw + ports: + - 5432 + bacula-dir: + image: eftechcombr/bacula:13.0.3-director + restart: unless-stopped + volumes: + - ./etc/bacula-dir.conf:/opt/bacula/etc/bacula-dir.conf:ro + - ./etc/bconsole.conf:/opt/bacula/etc/bconsole.conf:ro + depends_on: + - db + ports: + - 9101 + bacula-sd: + image: eftechcombr/bacula:13.0.3-storage + restart: unless-stopped + depends_on: + - bacula-dir + - db + volumes: + - ./etc/bacula-sd.conf:/opt/bacula/etc/bacula-sd.conf:ro + ports: + - 9103 + bacula-fd: + image: eftechcombr/bacula:13.0.3-client + restart: unless-stopped + depends_on: + - bacula-sd + - bacula-dir + volumes: + - ./etc/bacula-fd.conf:/opt/bacula/etc/bacula-fd.conf:ro + ports: + - 9102 + volumes: + pgdata: + +## Support + +For technical support please contact us. + +suporte@eftech.com.br + +## e-Learning + +https://www.eftech.com.br + + +## Reference + +http://www.bacula.lat/community/baculum/ + +http://www.bacula.lat/community/script-instalacao-bacula-community-9-x-pacotes-oficiais/ + +https://www.bacula.org/documentation/documentation/ diff --git a/docker/.gitignore b/docker/.gitignore new file mode 100644 index 0000000..f7c8483 --- /dev/null +++ b/docker/.gitignore @@ -0,0 +1,2 @@ +working/* +etc/baculum/Config-web-apache/session.dump diff --git a/docker/bacula-base/Dockerfile b/docker/bacula-base/Dockerfile new file mode 100644 index 0000000..de26673 --- /dev/null +++ b/docker/bacula-base/Dockerfile @@ -0,0 +1,21 @@ +FROM debian:11 + +ENV BACULA_VERSION 13.0.3 + +ENV DISTRO bullseye + +ENV DEBIAN_FRONTEND noninteractive + +# get your key on: https://www.bacula.org/bacula-binary-package-download/ +ENV BACULA_KEY 5cee4d079821e + +ENV EMAIL suporte@eftech.com.br + +RUN apt update && \ + apt -y install gnupg2 curl && \ + curl https://bacula.org/downloads/Bacula-4096-Distribution-Verification-key.asc | apt-key add - && \ + echo "deb https://www.bacula.org/packages/${BACULA_KEY}/debs/${BACULA_VERSION} ${DISTRO} main" > /etc/apt/sources.list.d/bacula-community.list && \ + apt update && \ + apt -y install dbconfig-pgsql bacula-postgresql + +RUN for i in `ls /opt/bacula/bin`; do if test -z /usr/sbin/$i; then ln -s /opt/bacula/bin/$i /usr/sbin/$i; fi; done \ No newline at end of file diff --git a/docker/bacula-base/bacula-community.repo b/docker/bacula-base/bacula-community.repo new file mode 100644 index 0000000..ad67182 --- /dev/null +++ b/docker/bacula-base/bacula-community.repo @@ -0,0 +1,6 @@ +[Bacula-Community] +name=CentOS - Bacula - Community +baseurl=https://www.bacula.org/packages/BACULA_KEY/rpms/BACULA_VERSION/el7/ +enabled=1 +protect=0 +gpgcheck=0 diff --git a/docker/bacula-catalog/Dockerfile b/docker/bacula-catalog/Dockerfile new file mode 100644 index 0000000..70fb697 --- /dev/null +++ b/docker/bacula-catalog/Dockerfile @@ -0,0 +1,32 @@ +FROM eftechcombr/bacula:13.0.3-base AS base + +FROM postgres:13.7 + +ENV POSTGRES_PASSWORD bacula + +ENV POSTGRES_USER bacula + +ENV POSTGRES_DB bacula + +ENV POSTGRES_INITDB_ARGS '--encoding=SQL_ASCII --lc-collate=C --lc-ctype=C' + +COPY --from=base /opt/bacula/scripts/make_postgresql_tables /docker-entrypoint-initdb.d/make_postgresql_tables + +COPY --from=base /opt/bacula/scripts/grant_postgresql_privileges /docker-entrypoint-initdb.d/grant_postgresql_privileges + +RUN { \ + echo '#!/bin/bash'; \ + echo 'sh /docker-entrypoint-initdb.d/make_postgresql_tables --username=$POSTGRES_USER'; \ + echo 'sh /docker-entrypoint-initdb.d/grant_postgresql_privileges --username=$POSTGRES_USER'; \ +} >> /docker-entrypoint-initdb.d/deploy_database.sh \ +&& chmod +x /docker-entrypoint-initdb.d/deploy_database.sh \ +&& chown postgres. /docker-entrypoint-initdb.d/deploy_database.sh + +# COPY 01-make_postgresql_tables.sql 02-grant_postgresql_privileges.sql /docker-entrypoint-initdb.d/ + +RUN chown -R postgres. /docker-entrypoint-initdb.d/* + +VOLUME ["/var/lib/postgresql/data"] + +EXPOSE 5432/tcp + diff --git a/docker/bacula-dir/Dockerfile b/docker/bacula-dir/Dockerfile new file mode 100644 index 0000000..ee4891f --- /dev/null +++ b/docker/bacula-dir/Dockerfile @@ -0,0 +1,9 @@ +FROM eftechcombr/bacula:13.0.3-base + +VOLUME ["/opt/bacula/etc"] + +EXPOSE 9101/tcp + +ENTRYPOINT ["/opt/bacula/bin/bacula-dir"] + +CMD ["-f", "-c", "/opt/bacula/etc/bacula-dir.conf"] diff --git a/docker/bacula-fd/Dockerfile b/docker/bacula-fd/Dockerfile new file mode 100644 index 0000000..26782e7 --- /dev/null +++ b/docker/bacula-fd/Dockerfile @@ -0,0 +1,9 @@ +FROM eftechcombr/bacula:13.0.3-base + +VOLUME ["/opt/bacula/etc"] + +EXPOSE 9102/tcp + +ENTRYPOINT ["/opt/bacula/bin/bacula-fd"] + +CMD ["-f", "-c", "/opt/bacula/etc/bacula-fd.conf"] diff --git a/docker/bacula-fd/Dockerfile-git b/docker/bacula-fd/Dockerfile-git new file mode 100644 index 0000000..d0c7e1e --- /dev/null +++ b/docker/bacula-fd/Dockerfile-git @@ -0,0 +1,21 @@ +FROM eftechcombr/bacula:13.0.3-base + +ENV USERNAME ${USERNAME} + +ENV TOKEN ${TOKEN} + +ENV ORG ${ORG} + +ADD scripts/*.sh /usr/local/bin/ + +RUN chmod a+x /usr/local/bin/*.sh + +RUN apt -y install git curl jq + +VOLUME ["/opt/bacula/etc"] + +EXPOSE 9102/tcp + +ENTRYPOINT ["/opt/bacula/bin/bacula-fd"] + +CMD ["-f", "-c", "/opt/bacula/etc/bacula-fd.conf"] diff --git a/docker/bacula-fd/Dockerfile-s3fs b/docker/bacula-fd/Dockerfile-s3fs new file mode 100644 index 0000000..396a1c0 --- /dev/null +++ b/docker/bacula-fd/Dockerfile-s3fs @@ -0,0 +1,26 @@ +FROM eftechcombr/bacula:13.0.3-base + +ENV AWS_S3_ACCESS_KEY_ID "${AWS_S3_ACCESS_KEY_ID}" + +ENV AWS_S3_BUCKET "${AWS_S3_BUCKET}" + +ENV AWS_S3_SECRET_ACCESS_KEY "${AWS_S3_SECRET_ACCESS_KEY}" + +RUN apt -y install s3fs + +RUN { \ + echo '#!/bin/sh' ; \ + echo ; \ + echo 'echo ${AWS_S3_ACCESS_KEY_ID}:${AWS_S3_SECRET_ACCESS_KEY} > ${HOME}/.passwd-s3fs' ; \ + echo 'chmod 0600 ${HOME}/.passwd-s3fs' ; \ + echo 'mkdir -p /${AWS_S3_BUCKET}' ; \ + echo 's3fs ${AWS_S3_BUCKET} /${AWS_S3_BUCKET} -o passwd_file=${HOME}/.passwd-s3fs' ; \ + echo '/opt/bacula/bin/bacula-fd -f -c /opt/bacula/etc/bacula-fd.conf' ; \ + echo ; \ + } > /entrypoint.sh && chmod +x /entrypoint.sh + +VOLUME ["/opt/bacula/etc"] + +EXPOSE 9102/tcp + +CMD ["/entrypoint.sh"] diff --git a/docker/bacula-fd/scripts/GitRepoList.sh b/docker/bacula-fd/scripts/GitRepoList.sh new file mode 100644 index 0000000..f3f2191 --- /dev/null +++ b/docker/bacula-fd/scripts/GitRepoList.sh @@ -0,0 +1,24 @@ +#!/bin/bash +# Author: Sarav AK +# Email: hello@gritfy.com +# Created Date: 19 Aug 2021 +# Update by Eduardo Fraga at 27 Dec 2022 +# +# + +if [ -z $USERNAME ] || [ -z $TOKEN ] || [ -z $ORG ]; then + echo "Missing environmet variables USERNAME, TOKEN, ORG" + exit 1; +fi + +# No of reposoitories per page - Maximum Limit is 100 +PERPAGE=100 + +# Change the BASEURL to your Org or User based +# Org base URL +BASEURL="https://api.github.com/orgs/${ORG}/repos" + +# User base URL +# BASEURL="https://api.github.com/user//repos" + +curl -s -u $USERNAME:$TOKEN -H 'Accept: application/vnd.github.v3+json' "${BASEURL}?per_page=${PERPAGE}&page=1" 2>&1 | jq '.[].name' | tr -d '\\"' \ No newline at end of file diff --git a/docker/bacula-fd/scripts/backup-all-repos.sh b/docker/bacula-fd/scripts/backup-all-repos.sh new file mode 100644 index 0000000..bc86056 --- /dev/null +++ b/docker/bacula-fd/scripts/backup-all-repos.sh @@ -0,0 +1,6 @@ +#!/bin/bash + +# for i in `/usr/local/bin/GitRepoList.sh`; do /usr/local/bin/backup-github.sh $i /github/$i.bundle || exit 1; done + +for i in `/usr/local/bin/GitRepoList.sh`; do /usr/local/bin/backup-github.sh $i /github/$i.bundle; done + diff --git a/docker/bacula-fd/scripts/backup-github.sh b/docker/bacula-fd/scripts/backup-github.sh new file mode 100644 index 0000000..96783eb --- /dev/null +++ b/docker/bacula-fd/scripts/backup-github.sh @@ -0,0 +1,31 @@ +#!/bin/bash +# Update by Eduardo Fraga at 27 Dec 2022 +# +# +# Required: git + +# Required environment variables above: +if [ -z $USERNAME ] || [ -z $TOKEN ] || [ -z $ORG ]; then + echo "Missing environmet variables USERNAME, TOKEN, ORG" + exit 1; +fi + +# Args +if [ -z $1 ] || [ -z $2 ]; then + echo "Required $0 " + exit 2 +fi + +DIR=`mktemp -d` + +cd $DIR + +git clone https://$USERNAME:$TOKEN@github.com/$ORG/$1 + +cd $1 + +git bundle create $2 --all + +git bundle verify $2 || exit 3 + +rm -rf $DIR diff --git a/docker/bacula-sd/Dockerfile b/docker/bacula-sd/Dockerfile new file mode 100644 index 0000000..8eb4333 --- /dev/null +++ b/docker/bacula-sd/Dockerfile @@ -0,0 +1,11 @@ +FROM eftechcombr/bacula:13.0.3-base + +RUN apt -y install bacula-cloud-storage-common bacula-cloud-storage-s3 bacula-aligned + +VOLUME ["/opt/bacula/etc"] + +EXPOSE 9103/tcp + +ENTRYPOINT ["/opt/bacula/bin/bacula-sd"] + +CMD ["-f", "-c", "/opt/bacula/etc/bacula-sd.conf"] diff --git a/docker/baculum-api/Config-api-apache/api.conf b/docker/baculum-api/Config-api-apache/api.conf new file mode 100644 index 0000000..17efdf9 --- /dev/null +++ b/docker/baculum-api/Config-api-apache/api.conf @@ -0,0 +1,34 @@ +[api] +auth_type = "basic" +debug = "0" +lang = "en" + +[db] +enabled = "1" +type = "pgsql" +name = "bacula" +login = "bacula" +password = "bacula" +ip_addr = "db" +port = "5432" +path = "" + +[bconsole] +enabled = "1" +bin_path = "/opt/bacula/bin/bconsole" +cfg_path = "/opt/bacula/etc/bconsole.conf" +use_sudo = "1" + +[jsontools] +enabled = "1" +use_sudo = "1" +bconfig_dir = "/opt/bacula/etc" +bdirjson_path = "/opt/bacula/bin/bdirjson" +dir_cfg_path = "/opt/bacula/etc/bacula-dir.conf" +bsdjson_path = "/opt/bacula/bin/bsdjson" +sd_cfg_path = "/opt/bacula/etc/bacula-sd.conf" +bfdjson_path = "/opt/bacula/bin/bfdjson" +fd_cfg_path = "/opt/bacula/etc/bacula-fd.conf" +bbconsjson_path = "/opt/bacula/bin/bbconsjson" +bcons_cfg_path = "/opt/bacula/etc/bconsole.conf" + diff --git a/docker/baculum-api/Config-api-apache/baculum.users b/docker/baculum-api/Config-api-apache/baculum.users new file mode 100644 index 0000000..1375f69 --- /dev/null +++ b/docker/baculum-api/Config-api-apache/baculum.users @@ -0,0 +1 @@ +admin:YWG41BPzVAkN6 \ No newline at end of file diff --git a/docker/baculum-api/Dockerfile b/docker/baculum-api/Dockerfile new file mode 100644 index 0000000..1bd5273 --- /dev/null +++ b/docker/baculum-api/Dockerfile @@ -0,0 +1,38 @@ +FROM eftechcombr/bacula:13.0.3-base + +RUN curl https://www.bacula.org/downloads/baculum/baculum.pub | apt-key add - + +COPY baculum.list /etc/apt/sources.list.d/baculum.list + +RUN apt update && \ + apt -y install \ + php-bcmath \ + php*-mbstring \ + php-fpm \ + baculum-api \ + baculum-api-apache2 \ + baculum-common \ + bacula-console \ + baculum-web \ + baculum-web-apache2 \ + supervisor + +COPY sudoers-baculum /etc/sudoers.d/sudoers-baculum + +RUN usermod -aG bacula www-data && \ + chown -R www-data:bacula /opt/bacula/working /opt/bacula/etc && \ + chmod -R g+rwx /opt/bacula/working /opt/bacula/etc && \ + a2enmod rewrite && \ + a2ensite baculum-api + +COPY timezone.ini /etc/php.d/timezone.ini + +COPY confs/supervisord.conf /etc/supervisord.conf + +VOLUME ["/opt/bacula/etc","/etc/baculum"] + +EXPOSE 9096/tcp + +RUN mkdir -p /run/php + +CMD ["/usr/bin/supervisord"] diff --git a/docker/baculum-api/baculum.list b/docker/baculum-api/baculum.list new file mode 100644 index 0000000..b7f6942 --- /dev/null +++ b/docker/baculum-api/baculum.list @@ -0,0 +1,2 @@ +deb [ arch=amd64 ] https://www.bacula.org/downloads/baculum/stable-11/debian bullseye main +deb-src https://www.bacula.org/downloads/baculum/stable-11/debian bullseye main diff --git a/docker/baculum-api/confs/supervisord.conf b/docker/baculum-api/confs/supervisord.conf new file mode 100644 index 0000000..7dafb2f --- /dev/null +++ b/docker/baculum-api/confs/supervisord.conf @@ -0,0 +1,31 @@ +[unix_http_server] +file=/var/run/supervisor.sock ; the path to the socket file + +[supervisord] +logfile=/var/log/supervisord.log +loglevel=info +pidfile=/var/run/supervisord.pid +nodaemon=true +logfile_backups=10 +logfile_maxbytes=50MB + + +[rpcinterface:supervisor] +supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface + + +[supervisorctl] +serverurl=unix:///var/run/supervisor.sock + + +[program:php-fpm7.4] +command=/usr/sbin/php-fpm7.4 --nodaemonize -c /etc/php/7.4/fpm/php-fpm.conf +priority=50 +autorestart=true + + +[program:apache2] +command=/usr/sbin/apache2ctl -D FOREGROUND +priority=50 +autorestart=true + diff --git a/docker/baculum-api/sudoers-baculum b/docker/baculum-api/sudoers-baculum new file mode 100644 index 0000000..5fbaad8 --- /dev/null +++ b/docker/baculum-api/sudoers-baculum @@ -0,0 +1,16 @@ +Defaults:apache "'!'"requiretty +www-data ALL=NOPASSWD: /usr/sbin/bconsole +www-data ALL=NOPASSWD: /usr/sbin/bdirjson +www-data ALL=NOPASSWD: /usr/sbin/bsdjson +www-data ALL=NOPASSWD: /usr/sbin/bfdjson +www-data ALL=NOPASSWD: /usr/sbin/bbconsjson +www-data ALL=(root) NOPASSWD: /usr/bin/systemctl start bacula-dir +www-data ALL=(root) NOPASSWD: /usr/bin/systemctl stop bacula-dir +www-data ALL=(root) NOPASSWD: /usr/bin/systemctl restart bacula-dir +www-data ALL=(root) NOPASSWD: /usr/bin/systemctl start bacula-sd +www-data ALL=(root) NOPASSWD: /usr/bin/systemctl stop bacula-sd +www-data ALL=(root) NOPASSWD: /usr/bin/systemctl restart bacula-sd +www-data ALL=(root) NOPASSWD: /usr/bin/systemctl start bacula-fd +www-data ALL=(root) NOPASSWD: /usr/bin/systemctl stop bacula-fd +www-data ALL=(root) NOPASSWD: /usr/bin/systemctl restart bacula-fd +www-data ALL=(root) NOPASSWD: /opt/bacula/bin/mtx-changer \ No newline at end of file diff --git a/docker/baculum-api/timezone.ini b/docker/baculum-api/timezone.ini new file mode 100644 index 0000000..89636a1 --- /dev/null +++ b/docker/baculum-api/timezone.ini @@ -0,0 +1,2 @@ +[Date] +date.timezone = Etc/UTC ; diff --git a/docker/baculum-web/Config-web-apache/baculum.users b/docker/baculum-web/Config-web-apache/baculum.users new file mode 100644 index 0000000..1375f69 --- /dev/null +++ b/docker/baculum-web/Config-web-apache/baculum.users @@ -0,0 +1 @@ +admin:YWG41BPzVAkN6 \ No newline at end of file diff --git a/docker/baculum-web/Config-web-apache/hosts.conf b/docker/baculum-web/Config-web-apache/hosts.conf new file mode 100644 index 0000000..1e07440 --- /dev/null +++ b/docker/baculum-web/Config-web-apache/hosts.conf @@ -0,0 +1,13 @@ +[Main] +auth_type = "basic" +login = "admin" +password = "admin" +client_id = "" +client_secret = "" +redirect_uri = "" +scope = "" +protocol = "http" +address = "baculum-api" +port = "9096" +url_prefix = "" + diff --git a/docker/baculum-web/Config-web-apache/session.dump b/docker/baculum-web/Config-web-apache/session.dump new file mode 100644 index 0000000..fea6c70 --- /dev/null +++ b/docker/baculum-web/Config-web-apache/session.dump @@ -0,0 +1 @@ +a:1:{s:11:"host_params";a:1:{i:0;a:12:{s:4:"host";s:9:"localhost";s:8:"protocol";s:4:"http";s:7:"address";s:9:"localhost";s:4:"port";s:4:"9096";s:10:"url_prefix";s:0:"";s:9:"auth_type";s:5:"basic";s:5:"login";s:5:"admin";s:8:"password";s:5:"admin";s:9:"client_id";N;s:13:"client_secret";N;s:12:"redirect_uri";N;s:5:"scope";N;}}} \ No newline at end of file diff --git a/docker/baculum-web/Config-web-apache/settings.conf b/docker/baculum-web/Config-web-apache/settings.conf new file mode 100644 index 0000000..807fe0d --- /dev/null +++ b/docker/baculum-web/Config-web-apache/settings.conf @@ -0,0 +1,7 @@ +[baculum] +login = "admin" +debug = "0" +lang = "en" + +[users] + diff --git a/docker/baculum-web/Dockerfile b/docker/baculum-web/Dockerfile new file mode 100644 index 0000000..029fff8 --- /dev/null +++ b/docker/baculum-web/Dockerfile @@ -0,0 +1,42 @@ +FROM eftechcombr/bacula:13.0.3-base + +RUN curl https://www.bacula.org/downloads/baculum/baculum.pub | apt-key add - + +COPY baculum.list /etc/apt/sources.list.d/baculum.list + +RUN apt update && \ + apt -y install \ + php-bcmath \ + php*-mbstring \ + php-fpm \ + libapache2-mod-php7.4 \ + baculum-api \ + baculum-api-apache2 \ + baculum-common \ + bacula-console \ + baculum-web \ + baculum-web-apache2 \ + supervisor + +COPY sudoers-baculum /etc/sudoers.d/sudoers-baculum + +RUN usermod -aG bacula www-data && \ + chown -R www-data:bacula /opt/bacula/working /opt/bacula/etc && \ + chmod -R g+rwx /opt/bacula/working /opt/bacula/etc && \ + a2enmod rewrite && \ + a2enmod php7.4 && \ + a2ensite baculum-web + +COPY timezone.ini /etc/php.d/timezone.ini + +COPY confs/supervisord.conf /etc/supervisord.conf + +VOLUME ["/opt/bacula/etc","/etc/baculum"] + +EXPOSE 9095/tcp + +RUN mkdir -p /run/php + +# RUN yum -y clean all && rm -rf /var/cache/yum + +CMD ["/usr/bin/supervisord"] diff --git a/docker/baculum-web/baculum.list b/docker/baculum-web/baculum.list new file mode 100644 index 0000000..b7f6942 --- /dev/null +++ b/docker/baculum-web/baculum.list @@ -0,0 +1,2 @@ +deb [ arch=amd64 ] https://www.bacula.org/downloads/baculum/stable-11/debian bullseye main +deb-src https://www.bacula.org/downloads/baculum/stable-11/debian bullseye main diff --git a/docker/baculum-web/confs/supervisord.conf b/docker/baculum-web/confs/supervisord.conf new file mode 100644 index 0000000..7dafb2f --- /dev/null +++ b/docker/baculum-web/confs/supervisord.conf @@ -0,0 +1,31 @@ +[unix_http_server] +file=/var/run/supervisor.sock ; the path to the socket file + +[supervisord] +logfile=/var/log/supervisord.log +loglevel=info +pidfile=/var/run/supervisord.pid +nodaemon=true +logfile_backups=10 +logfile_maxbytes=50MB + + +[rpcinterface:supervisor] +supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface + + +[supervisorctl] +serverurl=unix:///var/run/supervisor.sock + + +[program:php-fpm7.4] +command=/usr/sbin/php-fpm7.4 --nodaemonize -c /etc/php/7.4/fpm/php-fpm.conf +priority=50 +autorestart=true + + +[program:apache2] +command=/usr/sbin/apache2ctl -D FOREGROUND +priority=50 +autorestart=true + diff --git a/docker/baculum-web/sudoers-baculum b/docker/baculum-web/sudoers-baculum new file mode 100644 index 0000000..5fbaad8 --- /dev/null +++ b/docker/baculum-web/sudoers-baculum @@ -0,0 +1,16 @@ +Defaults:apache "'!'"requiretty +www-data ALL=NOPASSWD: /usr/sbin/bconsole +www-data ALL=NOPASSWD: /usr/sbin/bdirjson +www-data ALL=NOPASSWD: /usr/sbin/bsdjson +www-data ALL=NOPASSWD: /usr/sbin/bfdjson +www-data ALL=NOPASSWD: /usr/sbin/bbconsjson +www-data ALL=(root) NOPASSWD: /usr/bin/systemctl start bacula-dir +www-data ALL=(root) NOPASSWD: /usr/bin/systemctl stop bacula-dir +www-data ALL=(root) NOPASSWD: /usr/bin/systemctl restart bacula-dir +www-data ALL=(root) NOPASSWD: /usr/bin/systemctl start bacula-sd +www-data ALL=(root) NOPASSWD: /usr/bin/systemctl stop bacula-sd +www-data ALL=(root) NOPASSWD: /usr/bin/systemctl restart bacula-sd +www-data ALL=(root) NOPASSWD: /usr/bin/systemctl start bacula-fd +www-data ALL=(root) NOPASSWD: /usr/bin/systemctl stop bacula-fd +www-data ALL=(root) NOPASSWD: /usr/bin/systemctl restart bacula-fd +www-data ALL=(root) NOPASSWD: /opt/bacula/bin/mtx-changer \ No newline at end of file diff --git a/docker/baculum-web/timezone.ini b/docker/baculum-web/timezone.ini new file mode 100644 index 0000000..89636a1 --- /dev/null +++ b/docker/baculum-web/timezone.ini @@ -0,0 +1,2 @@ +[Date] +date.timezone = Etc/UTC ; diff --git a/docker/docker-compose-with-build.yml b/docker/docker-compose-with-build.yml new file mode 100644 index 0000000..e3dd643 --- /dev/null +++ b/docker/docker-compose-with-build.yml @@ -0,0 +1,150 @@ +version: '3.1' +# +services: + + base: + build: bacula-base/ + image: eftechcombr/bacula:13.0.3-base +# + db: + build: bacula-catalog/ + image: eftechcombr/bacula:13.0.3-catalog + restart: unless-stopped + environment: + POSTGRES_PASSWORD: bacula + POSTGRES_USER: bacula + POSTGRES_DB: bacula + # volumes: + # - pgdata:/var/lib/postgresql/data:rw + ports: + - 5432:5432 +# + bacula-dir: + build: bacula-dir/ + image: eftechcombr/bacula:13.0.3-director + restart: unless-stopped + volumes: + - ./etc:/opt/bacula/etc:ro + depends_on: + - db + ports: + - 9101:9101 +# + bacula-sd: + build: bacula-sd/ + image: eftechcombr/bacula:13.0.3-storage + restart: unless-stopped + depends_on: + - bacula-dir + - db + volumes: + - ./etc:/opt/bacula/etc:ro + ports: + - 9103:9103 +# + bacula-fd: + build: bacula-fd/ + image: eftechcombr/bacula:13.0.3-client + restart: unless-stopped + depends_on: + - bacula-sd + - bacula-dir + - db + volumes: + - ./etc:/opt/bacula/etc:ro + ports: + - 9102:9102 +# + # bacula-fd-git: + # build: + # context: bacula-fd/ + # dockerfile: Dockerfile-git + # image: eftechcombr/bacula:13.0.3-client-git + # restart: unless-stopped + # environment: + # USERNAME: + # TOKEN: + # ORG: + # volumes: + # - ./etc:/opt/bacula/etc:ro + # ports: + # - 9202:9102 + + + # bacula-fd-s3fs: + # build: + # context: bacula-fd/ + # dockerfile: Dockerfile-s3fs + # image: eftechcombr/bacula:13.0.3-client-s3fs + # restart: unless-stopped + # cap_add: + # - SYS_ADMIN + # # security_opt: + # # - 'apparmor:unconfined' + # devices: + # - /dev/fuse + # # volumes: + # # - bucket:/opt/s3fs/bucket + # environment: + # AWS_S3_BUCKET: ${AWS_S3_BUCKET} + # AWS_S3_ACCESS_KEY_ID: ${AWS_S3_ACCESS_KEY_ID} + # AWS_S3_SECRET_ACCESS_KEY: ${AWS_S3_SECRET_ACCESS_KEY} + # volumes: + # - ./etc:/opt/bacula/etc:ro + # ports: + # - 9112:9102 + +# + baculum-api: + build: baculum-api/ + image: eftechcombr/baculum:11.0.6-api + restart: unless-stopped + depends_on: + - db + - bacula-dir + volumes: + - ./etc/bconsole.conf:/opt/bacula/etc/bconsole.conf:ro + - ./etc/baculum:/etc/baculum:rw + ports: + - 9096:9096 +# + baculum-web: + build: baculum-web/ + image: eftechcombr/baculum:11.0.6-web + restart: unless-stopped + depends_on: + - baculum-api + volumes: + - ./etc/bconsole.conf:/opt/bacula/etc/bconsole.conf:ro + - ./etc/baculum:/etc/baculum:rw + ports: + - 9095:9095 +# +#volumes: +# pgdata: +# +# gmail: +# image: eftechcombr/postfix:gmail +# restart: unless-stopped +# depends_on: +# - bacula-dir +# # ports: +# # - 30025:25 +# environment: +# GMAIL_USER: xxxxxxxx +# GMAIL_PASS: xxxxxxxx +# +# smtp2tg: +# image: b3vis/docker-smtp2tg +# restart: unless-stopped +# volumes: +# - ./etc/smtp2tg.toml:/config/smtp2tg.toml:ro +# # ports: +# # - "31025:25" +# depends_on: +# - bacula-dir +# +# +# volumes: +# pgdata: +# bucket: diff --git a/docker/docker-compose.yml b/docker/docker-compose.yml new file mode 100644 index 0000000..d5a4760 --- /dev/null +++ b/docker/docker-compose.yml @@ -0,0 +1,101 @@ +version: '3.1' +# +services: + + db: + image: eftechcombr/bacula:13.0.3-catalog + restart: unless-stopped + environment: + POSTGRES_PASSWORD: bacula + POSTGRES_USER: bacula + POSTGRES_DB: bacula + # volumes: + # - pgdata:/var/lib/postgresql/data:rw + ports: + - 5432:5432 +# + bacula-dir: + image: eftechcombr/bacula:13.0.3-director + restart: unless-stopped + volumes: + - ./etc:/opt/bacula/etc:ro + depends_on: + - db + ports: + - 9101:9101 +# + bacula-sd: + image: eftechcombr/bacula:13.0.3-storage + restart: unless-stopped + depends_on: + - bacula-dir + - db + volumes: + - ./etc:/opt/bacula/etc:ro + ports: + - 9103:9103 +# + bacula-fd: + image: eftechcombr/bacula:13.0.3-client + restart: unless-stopped + depends_on: + - bacula-sd + - bacula-dir + - db + volumes: + - ./etc:/opt/bacula/etc:ro + ports: + - 9102:9102 +# +# baculum-api: +# image: eftechcombr/baculum:11.0.6-api +# restart: unless-stopped +# depends_on: +# - db +# - bacula-dir +# volumes: +# - ./etc/bconsole.conf:/opt/bacula/etc/bconsole.conf:ro +# - ./etc/baculum:/etc/baculum:rw +# ports: +# - 9096:9096 + +# # +# baculum-web: +# image: eftechcombr/baculum:11.0.6-web +# restart: unless-stopped +# depends_on: +# - baculum-api +# volumes: +# - ./etc/bconsole.conf:/opt/bacula/etc/bconsole.conf:ro +# - ./etc/baculum:/etc/baculum:rw +# ports: +# - 9095:9095 + +# +#volumes: +# pgdata: +# +# gmail: +# image: eftechcombr/postfix:gmail +# restart: unless-stopped +# depends_on: +# - bacula-dir +# # ports: +# # - 30025:25 +# environment: +# GMAIL_USER: xxxxxxxx +# GMAIL_PASS: xxxxxxxx +# +# smtp2tg: +# image: b3vis/docker-smtp2tg +# restart: unless-stopped +# volumes: +# - ./etc/smtp2tg.toml:/config/smtp2tg.toml:ro +# # ports: +# # - "31025:25" +# depends_on: +# - bacula-dir +# +# +#volumes: +# pgdata: diff --git a/docker/etc/bacula-dir-cloud-aws.conf b/docker/etc/bacula-dir-cloud-aws.conf new file mode 100755 index 0000000..5cdae5d --- /dev/null +++ b/docker/etc/bacula-dir-cloud-aws.conf @@ -0,0 +1,72 @@ +# bacula-dir-cloud.conf +# +# JobDefs +# Job +# Restore +# Pool +# Autochanger +# + + +# Template to store in cloud +JobDefs { + Name = "DefaultJobToCloudAWS" + Type = Backup + Level = Incremental + Client = bacula-fd + FileSet = "Full Set" + Schedule = "WeeklyCycle" + Storage = "CloudS3AWS" + Messages = Standard + Pool = CloudAWS + SpoolAttributes = yes + Priority = 10 + Write Bootstrap = "/opt/bacula/working/%c.bsr" +} + +# Jobs +Job { + Name = "BackupClient1ToCloudAWS" + JobDefs = "DefaultJobToCloudAWS" +} + + + +# Restore +Job { + Name = "RestoreFromCloudAWS" + Type = Restore + Client=bacula-fd + Storage = CloudS3AWS + FileSet="Full Set" + Pool = CloudAWS + Messages = Standard + Where = /tmp/bacula-restores +} + + + +# Cloud Pool definition +Pool { + Name = CloudAWS + Pool Type = Backup + Recycle = no # Bacula can automatically recycle Volumes + AutoPrune = yes # Prune expired volumes + Volume Retention = 365 days # one year + Maximum Volume Jobs = 1 # + # Maximum Volume Bytes = 100M # Limit Volume size to something reasonable + Label Format = "Vol-JobId-${JobId}" # Auto label +} + + +# Autochanger definition +Autochanger { + Name = "CloudS3AWS" +# Do not use "localhost" here + Address = bacula-sd # N.B. Use a fully qualified name here + SDPort = 9103 + Password = "TS8EQJ99iLFSK39oJy33YqkZ98v4ZapjRcA+j1N6ED1n" + Device = "CloudAutoChangerS3" + Media Type = "CloudType" + Maximum Concurrent Jobs = 10 # run up to 10 jobs a the same time +} diff --git a/docker/etc/bacula-dir-cloud.conf b/docker/etc/bacula-dir-cloud.conf new file mode 100755 index 0000000..aa67665 --- /dev/null +++ b/docker/etc/bacula-dir-cloud.conf @@ -0,0 +1,96 @@ +# bacula-dir-cloud.conf +# +# JobDefs +# Job +# Restore +# Pool +# Autochanger +# + + +# Template to store in cloud +JobDefs { + Name = "DefaultJobToCloud" + Type = Backup + Level = Incremental + Client = bacula-fd + FileSet = "Full Set" + Schedule = "WeeklyCycle" + Storage = "CloudS3" + Messages = Standard + Pool = Cloud + SpoolAttributes = yes + Priority = 10 + Write Bootstrap = "/opt/bacula/working/%c.bsr" +} + +# Jobs +Job { + Name = "BackupClient1ToCloud" + JobDefs = "DefaultJobToCloud" +} + + + +# Restore +Job { + Name = "RestoreFromCloud" + Type = Restore + Client=bacula-fd + Storage = CloudS3 + FileSet="Full Set" + Pool = Cloud + Messages = Standard + Where = /tmp/bacula-restores +} + + + +# Cloud Pool definition +Pool { + Name = Cloud + Pool Type = Backup + Recycle = no # Bacula can automatically recycle Volumes + AutoPrune = yes # Prune expired volumes + Volume Retention = 365 days # one year + Maximum Volume Jobs = 1 # + # Maximum Volume Bytes = 100M # Limit Volume size to something reasonable + Label Format = "Vol-JobId-${JobId}" # Auto label +} + + +# Autochanger definition +Autochanger { + Name = "CloudS3" +# Do not use "localhost" here + Address = bacula-sd # N.B. Use a fully qualified name here + SDPort = 9103 + Password = "TS8EQJ99iLFSK39oJy33YqkZ98v4ZapjRcA+j1N6ED1n" + Device = "CloudAutoChanger1" + Media Type = "CloudType" + Maximum Concurrent Jobs = 10 # run up to 10 jobs a the same time +} + +# +#Autochanger { +# Name = "CloudS3-2" +## Do not use "localhost" here +# Address = bacula-sd # N.B. Use a fully qualified name here +# SDPort = 9103 +# Password = "TS8EQJ99iLFSK39oJy33YqkZ98v4ZapjRcA+j1N6ED1n" +# Device = "CloudAutoChanger2" +# Media Type = "CloudType" +# Maximum Concurrent Jobs = 10 # run up to 10 jobs a the same time +#} +# +#Autochanger { +# Name = "CloudS3-3" +## Do not use "localhost" here +# Address = bacula-sd # N.B. Use a fully qualified name here +# SDPort = 9103 +# Password = "TS8EQJ99iLFSK39oJy33YqkZ98v4ZapjRcA+j1N6ED1n" +# Device = "CloudAutoChanger3" +# Media Type = "CloudType" +# Maximum Concurrent Jobs = 10 # run up to 10 jobs a the same time +#} +# diff --git a/docker/etc/bacula-dir.conf b/docker/etc/bacula-dir.conf new file mode 100755 index 0000000..74b83be --- /dev/null +++ b/docker/etc/bacula-dir.conf @@ -0,0 +1,354 @@ +# +# Default Bacula Director Configuration file +# +# The only thing that MUST be changed is to add one or more +# file or directory names in the Include directive of the +# FileSet resource. +# +# For Bacula release 9.4.4 (28 May 2019) -- redhat Enterprise release +# +# You might also want to change the default email address +# from root to your address. See the "mail" and "operator" +# directives in the Messages resource. +# +# Copyright (C) 2000-2017 Kern Sibbald +# License: BSD 2-Clause; see file LICENSE-FOSS +# + +Director { # define myself + Name = bacula-dir + DIRport = 9101 # where we listen for UA connections + QueryFile = "/opt/bacula/scripts/query.sql" + WorkingDirectory = "/opt/bacula/working" + PidDirectory = "/opt/bacula/working" + Maximum Concurrent Jobs = 20 + Password = "XDnaVZYU9F4QhqUGMPxiOXsJaji23mNG3FaAM9Z2q1c/" # Console password + Messages = Daemon +} + +JobDefs { + Name = "DefaultJob" + Type = Backup + Level = Incremental + Client = bacula-fd + FileSet = "Full Set" + Schedule = "WeeklyCycle" + Storage = File1 + Messages = Standard + Pool = File + SpoolAttributes = yes + Priority = 10 + Write Bootstrap = "/opt/bacula/working/%c.bsr" +} + + +# +# Define the main nightly save backup job +# By default, this job will back up to disk in /tmp +Job { + Name = "BackupClient1" + JobDefs = "DefaultJob" +} + +#Job { +# Name = "BackupClient2" +# Client = bacula2-fd +# JobDefs = "DefaultJob" +#} + +#Job { +# Name = "BackupClient1-to-Tape" +# JobDefs = "DefaultJob" +# Storage = LTO-4 +# Spool Data = yes # Avoid shoe-shine +# Pool = Default +#} + +#} + +# Backup the catalog database (after the nightly save) +Job { + Name = "BackupCatalog" + JobDefs = "DefaultJob" + Level = Full + FileSet="Catalog" + Schedule = "WeeklyCycleAfterBackup" + # This creates an ASCII copy of the catalog + # Arguments to make_catalog_backup.pl are: + # make_catalog_backup.pl + ClientRunBeforeJob = "/opt/bacula/scripts/make_catalog_backup.pl MyCatalog" + # This deletes the copy of the catalog + ClientRunAfterJob = "/opt/bacula/scripts/delete_catalog_backup" + Write Bootstrap = "/opt/bacula/working/%n.bsr" + Priority = 11 # run after main backup +} + +# +# Standard Restore template, to be changed by Console program +# Only one such job is needed for all Jobs/Clients/Storage ... +# +Job { + Name = "RestoreFiles" + Type = Restore + Client=bacula-fd + Storage = File1 +# The FileSet and Pool directives are not used by Restore Jobs +# but must not be removed + FileSet="Full Set" + Pool = File + Messages = Standard + Where = /tmp/bacula-restores +} + + +# List of files to be backed up +FileSet { + Name = "Full Set" + Include { + Options { + signature = MD5 + } +# +# Put your list of files here, preceded by 'File =', one per line +# or include an external list with: +# +# File = \" -s \"Bacula: %t %e of %c %l\" %r" +# operatorcommand = "/opt/bacula/bin/bsmtp -h localhost -f \"\(Bacula\) \<%r\>\" -s \"Bacula: Intervention needed for %j\" %r" +# mail = root@localhost = all, !skipped + operator = root@localhost = mount + console = all, !skipped, !saved +# +# WARNING! the following will create a file that you must cycle from +# time to time as it will grow indefinitely. However, it will +# also keep all your messages if they scroll off the console. +# +# append = "/opt/bacula/log/bacula.log" = all, !skipped + stdout = all, !skipped + catalog = all + # Telegram + # mailcommand = "/opt/bacula/bin/bsmtp -h smtp2tg -f \"\(Bacula\) \<%r\>\" -s \"Bacula: %t %e of %c %l\" %r" + # mail = eduardo@smtp2tg = all, !skipped +} + + +# +# Message delivery for daemon messages (no job). +Messages { + Name = Daemon +# mailcommand = "/opt/bacula/bin/bsmtp -h localhost -f \"\(Bacula\) \<%r\>\" -s \"Bacula daemon message\" %r" +# mail = root@localhost = all, !skipped + console = all, !skipped, !saved + stdout = all, !skipped +# append = "/opt/bacula/log/bacula.log" = all, !skipped + # Telegram + # mailcommand = "/opt/bacula/bin/bsmtp -h smtp2tg -f \"\(Bacula\) \<%r\>\" -s \"Bacula: %t %e of %c %l\" %r" + # mail = eduardo@smtp2tg = all, !skipped +} + +# Default pool definition +Pool { + Name = Default + Pool Type = Backup + Recycle = yes # Bacula can automatically recycle Volumes + AutoPrune = yes # Prune expired volumes + Volume Retention = 365 days # one year + Maximum Volume Bytes = 50G # Limit Volume size to something reasonable + Maximum Volumes = 100 # Limit number of Volumes in Pool +} + +# File Pool definition +Pool { + Name = File + Pool Type = Backup + Recycle = yes # Bacula can automatically recycle Volumes + AutoPrune = yes # Prune expired volumes + Volume Retention = 365 days # one year + Maximum Volume Bytes = 50G # Limit Volume size to something reasonable + Maximum Volumes = 100 # Limit number of Volumes in Pool + Label Format = "Vol-" # Auto label +} + + +# Scratch pool definition +Pool { + Name = Scratch + Pool Type = Backup +} + +# +# Restricted console used by tray-monitor to get the status of the director +# +Console { + Name = bacula-mon + Password = "r0V/Hx0TUwQ4TlnX1lyUHf8J8v9XvRBqnHTRW9+CB614" + CommandACL = status, .status +} + +# Include bacula-dir-cloud.conf for Wasabi cloud provider +# @/opt/bacula/etc/bacula-dir-cloud.conf + + +# Include bacula-dir-cloud-aws.conf for AWS S3 cloud provider +@/opt/bacula/etc/bacula-dir-cloud-aws.conf + + + +# Include subfiles associated with configuration of clients. +# # They define the bulk of the Clients, Jobs, and FileSets. +# # Remember to "reload" the Director after adding a client file. +# @|"sh -c 'for f in /opt/bacula/etc/clientdefs/*.conf ; do echo @${f} ; done'" + diff --git a/docker/etc/bacula-fd.conf b/docker/etc/bacula-fd.conf new file mode 100755 index 0000000..44cd96b --- /dev/null +++ b/docker/etc/bacula-fd.conf @@ -0,0 +1,48 @@ +# +# Default Bacula File Daemon Configuration file +# +# For Bacula release 9.4.4 (28 May 2019) -- redhat Enterprise release +# +# There is not much to change here except perhaps the +# File daemon Name to +# +# +# Copyright (C) 2000-2015 Kern Sibbald +# License: BSD 2-Clause; see file LICENSE-FOSS +# + +# +# List Directors who are permitted to contact this File daemon +# +Director { + Name = bacula-dir + Password = "eso80TrxzhXkRgaQVI6ZYrSzAZ4E9KFNp0Y+T1HHVWBi" +} + +# +# Restricted Director, used by tray-monitor to get the +# status of the file daemon +# +Director { + Name = bacula-mon + Password = "nm6na6cCh3NymDV6JteWL0Fir71A5uhrdRjmnRKjnHn5" + Monitor = yes +} + +# +# "Global" File daemon configuration specifications +# +FileDaemon { # this is me + Name = bacula-fd + FDport = 9102 # where we listen for the director + WorkingDirectory = /opt/bacula/working + Pid Directory = /opt/bacula/working + Maximum Concurrent Jobs = 20 + Plugin Directory = /opt/bacula/plugins +} + +# Send all messages except skipped files back to Director +Messages { + Name = Standard + director = bacula-dir = all, !skipped, !restored +} diff --git a/docker/etc/bacula-sd-s3.conf b/docker/etc/bacula-sd-s3.conf new file mode 100755 index 0000000..286074d --- /dev/null +++ b/docker/etc/bacula-sd-s3.conf @@ -0,0 +1,50 @@ +# Define a virtual autochanger for AWS S3 +# +# Change AccessKey and SecretKey on Cloud resource +# + +# Autochangers + +Autochanger { + Name = "CloudAutoChangerS3" + Device = CloudStorageS3 + Changer Command = "" + Changer Device = /dev/null +} + +# Devices + +Device { + Name = "CloudStorageS3" + Device Type = "Cloud" + Cloud = "S3-cloud-us-west-2" + Maximum Part Size = 2M + Maximum File Size = 2M + Media Type = "CloudType" + Archive Device = "/tmp" + LabelMedia = yes + Random Access = yes + AutomaticMount = yes + RemovableMedia = no + AlwaysOpen = no +} + +# Cloud providers +# Hostname see https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region + +Cloud { + Name = "S3-cloud-us-west-2" + Driver = "S3" + HostName = "s3.us-west-2.amazonaws.com" + BucketName = "eftechcombr-bacula" + AccessKey = "AKIA33MZDCX3OLN7A6DD" + SecretKey = "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" + Protocol = HTTPS + UriStyle = "VirtualHost" + Truncate Cache = "AfterUpload" + Upload = "EachPart" + Region = "us-west-2" + MaximumUploadBandwidth = 10MB/s +} +# +# diff --git a/docker/etc/bacula-sd-wasabi.conf b/docker/etc/bacula-sd-wasabi.conf new file mode 100755 index 0000000..d17d482 --- /dev/null +++ b/docker/etc/bacula-sd-wasabi.conf @@ -0,0 +1,129 @@ +# Define a virtual autochanger for Wasabi Cloud +# +# CloudStorage1 => us-east-2 +# CloudStorage2 => eu-central-1 +# CloudStorage3 => us-west-1 +# +# Change AccessKey and SecretKey on Cloud resource +# + +# Autochangers + +Autochanger { + Name = "CloudAutoChanger1" + Device = CloudStorage1 + Changer Command = "" + Changer Device = /dev/null +} +# +#Autochanger { +# Name = "CloudAutoChanger2" +# Device = CloudStorage2 +# Changer Command = "" +# Changer Device = /dev/null +#} +# +#Autochanger { +# Name = "CloudAutoChanger3" +# Device = CloudStorage3 +# Changer Command = "" +# Changer Device = /dev/null +#} +# + + +# Devices + +Device { + Name = "CloudStorage1" + Device Type = "Cloud" + Cloud = "WasabiS3-cloud-us-east-2" + Maximum Part Size = 2M + Maximum File Size = 2M + Media Type = "CloudType" + Archive Device = "/tmp" + LabelMedia = yes + Random Access = yes + AutomaticMount = yes + RemovableMedia = no + AlwaysOpen = no +} + +# +#Device { +# Name = "CloudStorage2" +# Device Type = "Cloud" +# Cloud = "WasabiS3-cloud-eu-central-1" +# Maximum Part Size = 2M +# Maximum File Size = 2M +# Media Type = "CloudType" +# Archive Device = "/tmp" +# LabelMedia = yes +# Random Access = yes +# AutomaticMount = yes +# RemovableMedia = no +# AlwaysOpen = no +#} +# +# +#Device { +# Name = "CloudStorage3" +# Device Type = "Cloud" +# Cloud = "WasabiS3-cloud-us-west-1" +# Maximum Part Size = 2M +# Maximum File Size = 2M +# Media Type = "CloudType" +# Archive Device = "/tmp" +# LabelMedia = yes +# Random Access = yes +# AutomaticMount = yes +# RemovableMedia = no +# AlwaysOpen = no +#} +# + +# Cloud providers + +Cloud { + Name = "WasabiS3-cloud-us-east-2" + Driver = "S3" + HostName = "s3.us-east-2.wasabisys.com" + BucketName = "eftechcombr-backup" + AccessKey = "ABC" + SecretKey = "DEF" + Protocol = HTTPS + UriStyle = "VirtualHost" + Truncate Cache = "AfterUpload" + Upload = "EachPart" + MaximumUploadBandwidth = 10MB/s +} +# +#Cloud { +# Name = "WasabiS3-cloud-eu-central-1" +# Driver = "S3" +# HostName = "s3.eu-central-1.wasabisys.com" +# BucketName = "eftechcombr-backup2" +# AccessKey = "ABC" +# SecretKey = "DEF" +# Protocol = HTTPS +# UriStyle = "VirtualHost" +# Truncate Cache = "AfterUpload" +# Upload = "EachPart" +# MaximumUploadBandwidth = 10MB/s +#} + + +#Cloud { +# Name = "WasabiS3-cloud-us-west-1" +# Driver = "S3" +# HostName = "s3.us-west-1.wasabisys.com" +# BucketName = "eftechcombr-backup3" +# AccessKey = "ABC" +# SecretKey = "DEF" +# Protocol = HTTPS +# UriStyle = "VirtualHost" +# Truncate Cache = "AfterUpload" +# Upload = "EachPart" +# MaximumUploadBandwidth = 10MB/s +#} +# diff --git a/docker/etc/bacula-sd.conf b/docker/etc/bacula-sd.conf new file mode 100755 index 0000000..007b8ec --- /dev/null +++ b/docker/etc/bacula-sd.conf @@ -0,0 +1,344 @@ +# +# Default Bacula Storage Daemon Configuration file +# +# For Bacula release 9.4.4 (28 May 2019) -- redhat Enterprise release +# +# You may need to change the name of your tape drive +# on the "Archive Device" directive in the Device +# resource. If you change the Name and/or the +# "Media Type" in the Device resource, please ensure +# that dird.conf has corresponding changes. +# +# +# Copyright (C) 2000-2017 Kern Sibbald +# License: BSD 2-Clause; see file LICENSE-FOSS +# + +Storage { # definition of myself + Name = bacula-sd + SDPort = 9103 # Director's port + WorkingDirectory = "/opt/bacula/working" + Pid Directory = "/opt/bacula/working" + Plugin Directory = "/opt/bacula/plugins" + Maximum Concurrent Jobs = 20 +} + +# +# List Directors who are permitted to contact Storage daemon +# +Director { + Name = bacula-dir + Password = "TS8EQJ99iLFSK39oJy33YqkZ98v4ZapjRcA+j1N6ED1n" +} + +# +# Restricted Director, used by tray-monitor to get the +# status of the storage daemon +# +Director { + Name = bacula-mon + Password = "5p+emSGBrRv7sdsOJjlXxOjIDIzvivTLzY8ywWCjz02x" + Monitor = yes +} + +# +# Note, for a list of additional Device templates please +# see the directory /examples/devices +# Or follow the following link: +# http://www.bacula.org/git/cgit.cgi/bacula/tree/bacula/examples/devices?h=Branch-7.4 +# + +# +# Devices supported by this Storage daemon +# To connect, the Director's bacula-dir.conf must have the +# same Name and MediaType. +# + +# +# Define a Virtual autochanger +# +Autochanger { + Name = FileChgr1 + Device = FileChgr1-Dev1, FileChgr1-Dev2 + Changer Command = "" + Changer Device = /dev/null +} + +Device { + Name = FileChgr1-Dev1 + Media Type = File1 + Archive Device = /tmp + LabelMedia = yes; # lets Bacula label unlabeled media + Random Access = Yes; + AutomaticMount = yes; # when device opened, read it + RemovableMedia = no; + AlwaysOpen = no; + Maximum Concurrent Jobs = 5 +} + +Device { + Name = FileChgr1-Dev2 + Media Type = File1 + Archive Device = /tmp + LabelMedia = yes; # lets Bacula label unlabeled media + Random Access = Yes; + AutomaticMount = yes; # when device opened, read it + RemovableMedia = no; + AlwaysOpen = no; + Maximum Concurrent Jobs = 5 +} + +# +# Define a second Virtual autochanger +# +Autochanger { + Name = FileChgr2 + Device = FileChgr2-Dev1, FileChgr2-Dev2 + Changer Command = "" + Changer Device = /dev/null +} + +Device { + Name = FileChgr2-Dev1 + Media Type = File2 + Archive Device = /tmp + LabelMedia = yes; # lets Bacula label unlabeled media + Random Access = Yes; + AutomaticMount = yes; # when device opened, read it + RemovableMedia = no; + AlwaysOpen = no; + Maximum Concurrent Jobs = 5 +} + +Device { + Name = FileChgr2-Dev2 + Media Type = File2 + Archive Device = /tmp + LabelMedia = yes; # lets Bacula label unlabeled media + Random Access = Yes; + AutomaticMount = yes; # when device opened, read it + RemovableMedia = no; + AlwaysOpen = no; + Maximum Concurrent Jobs = 5 +} + + + +# +# An autochanger device with two drives +# +#Autochanger { +# Name = Autochanger +# Device = Drive-1 +# Device = Drive-2 +# Changer Command = "/opt/bacula/scripts/mtx-changer %c %o %S %a %d" +# Changer Device = /dev/sg0 +#} + +#Device { +# Name = Drive-1 # +# Drive Index = 0 +# Media Type = DLT-8000 +# Archive Device = /dev/nst0 +# AutomaticMount = yes; # when device opened, read it +# AlwaysOpen = yes; +# RemovableMedia = yes; +# RandomAccess = no; +# AutoChanger = yes +# # +# # New alert command in Bacula 9.0.0 +# # Note: you must have the sg3_utils (rpms) or the +# # sg3-utils (deb) installed on your system. +# # and you must set the correct control device that +# # corresponds to the Archive Device +# Control Device = /dev/sg?? # must be SCSI ctl for /dev/nst0 +# Alert Command = "/opt/bacula/scripts/tapealert %l" +# +# # +# # Enable the Alert command only if you have the mtx package loaded +# # Note, apparently on some systems, tapeinfo resets the SCSI controller +# # thus if you turn this on, make sure it does not reset your SCSI +# # controller. I have never had any problems, and smartctl does +# # not seem to cause such problems. +# # +# Alert Command = "sh -c 'tapeinfo -f %c |grep TapeAlert|cat'" +# If you have smartctl, enable this, it has more info than tapeinfo +# Alert Command = "sh -c 'smartctl -H -l error %c'" +#} + +#Device { +# Name = Drive-2 # +# Drive Index = 1 +# Media Type = DLT-8000 +# Archive Device = /dev/nst1 +# AutomaticMount = yes; # when device opened, read it +# AlwaysOpen = yes; +# RemovableMedia = yes; +# RandomAccess = no; +# AutoChanger = yes +# # Enable the Alert command only if you have the mtx package loaded +# Alert Command = "sh -c 'tapeinfo -f %c |grep TapeAlert|cat'" +# If you have smartctl, enable this, it has more info than tapeinfo +# Alert Command = "sh -c 'smartctl -H -l error %c'" +#} + +# +# A Linux or Solaris LTO-2 tape drive +# +#Device { +# Name = LTO-2 +# Media Type = LTO-2 +# Archive Device = /dev/nst0 +# AutomaticMount = yes; # when device opened, read it +# AlwaysOpen = yes; +# RemovableMedia = yes; +# RandomAccess = no; +# Maximum File Size = 3GB +## Changer Command = "/opt/bacula/scripts/mtx-changer %c %o %S %a %d" +## Changer Device = /dev/sg0 +## AutoChanger = yes +# # Enable the Alert command only if you have the mtx package loaded +## Alert Command = "sh -c 'tapeinfo -f %c |grep TapeAlert|cat'" +## If you have smartctl, enable this, it has more info than tapeinfo +## Alert Command = "sh -c 'smartctl -H -l error %c'" +#} + +# +# A Linux or Solaris LTO-3 tape drive +# +#Device { +# Name = LTO-3 +# Media Type = LTO-3 +# Archive Device = /dev/nst0 +# AutomaticMount = yes; # when device opened, read it +# AlwaysOpen = yes; +# RemovableMedia = yes; +# RandomAccess = no; +# Maximum File Size = 4GB +# Changer Command = "/opt/bacula/scripts/mtx-changer %c %o %S %a %d" +# Changer Device = /dev/sg0 +# AutoChanger = yes +# # +# # New alert command in Bacula 9.0.0 +# # Note: you must have the sg3_utils (rpms) or the +# # sg3-utils (deb) installed on your system. +# # and you must set the correct control device that +# # corresponds to the Archive Device +# Control Device = /dev/sg?? # must be SCSI ctl for /dev/nst0 +# Alert Command = "/opt/bacula/scripts/tapealert %l" +# +# # Enable the Alert command only if you have the mtx package loaded +## Alert Command = "sh -c 'tapeinfo -f %c |grep TapeAlert|cat'" +## If you have smartctl, enable this, it has more info than tapeinfo +## Alert Command = "sh -c 'smartctl -H -l error %c'" +#} + +# +# A Linux or Solaris LTO-4 tape drive +# +#Device { +# Name = LTO-4 +# Media Type = LTO-4 +# Archive Device = /dev/nst0 +# AutomaticMount = yes; # when device opened, read it +# AlwaysOpen = yes; +# RemovableMedia = yes; +# RandomAccess = no; +# Maximum File Size = 5GB +# Changer Command = "/opt/bacula/scripts/mtx-changer %c %o %S %a %d" +# Changer Device = /dev/sg0 +# AutoChanger = yes +# # +# # New alert command in Bacula 9.0.0 +# # Note: you must have the sg3_utils (rpms) or the +# # sg3-utils (deb) installed on your system. +# # and you must set the correct control device that +# # corresponds to the Archive Device +# Control Device = /dev/sg?? # must be SCSI ctl for /dev/nst0 +# Alert Command = "/opt/bacula/scripts/tapealert %l" +# +# # Enable the Alert command only if you have the mtx package loaded +## Alert Command = "sh -c 'tapeinfo -f %c |grep TapeAlert|cat'" +## If you have smartctl, enable this, it has more info than tapeinfo +## Alert Command = "sh -c 'smartctl -H -l error %c'" +#} + +# +# An HP-UX tape drive +# +#Device { +# Name = Drive-1 # +# Drive Index = 0 +# Media Type = DLT-8000 +# Archive Device = /dev/rmt/1mnb +# AutomaticMount = yes; # when device opened, read it +# AlwaysOpen = yes; +# RemovableMedia = yes; +# RandomAccess = no; +# AutoChanger = no +# Two EOF = yes +# Hardware End of Medium = no +# Fast Forward Space File = no +# # +# # New alert command in Bacula 9.0.0 +# # Note: you must have the sg3_utils (rpms) or the +# # sg3-utils (deb) installed on your system. +# # and you must set the correct control device that +# # corresponds to the Archive Device +# Control Device = /dev/sg?? # must be SCSI ctl for /dev/rmt/1mnb +# Alert Command = "/opt/bacula/scripts/tapealert %l" +# +# # +# # Enable the Alert command only if you have the mtx package loaded +# Alert Command = "sh -c 'tapeinfo -f %c |grep TapeAlert|cat'" +# If you have smartctl, enable this, it has more info than tapeinfo +# Alert Command = "sh -c 'smartctl -H -l error %c'" +#} + +# +# A FreeBSD tape drive +# +#Device { +# Name = DDS-4 +# Description = "DDS-4 for FreeBSD" +# Media Type = DDS-4 +# Archive Device = /dev/nsa1 +# AutomaticMount = yes; # when device opened, read it +# AlwaysOpen = yes +# Offline On Unmount = no +# Hardware End of Medium = no +# BSF at EOM = yes +# Backward Space Record = no +# Fast Forward Space File = no +# TWO EOF = yes +# # +# # New alert command in Bacula 9.0.0 +# # Note: you must have the sg3_utils (rpms) or the +# # sg3-utils (deb) installed on your system. +# # and you must set the correct control device that +# # corresponds to the Archive Device +# Control Device = /dev/sg?? # must be SCSI ctl for /dev/nsa1 +# Alert Command = "/opt/bacula/scripts/tapealert %l" +# +# If you have smartctl, enable this, it has more info than tapeinfo +# Alert Command = "sh -c 'smartctl -H -l error %c'" +#} + +# +# Send all messages to the Director, +# mount messages also are sent to the email address +# +Messages { + Name = Standard + director = bacula-dir = all +} + + +# # Include bacula-sd-wasabi.conf for Wasabi Cloud provider +# @/opt/bacula/etc/bacula-sd-wasabi.conf +# + +# # Include bacula-sd-s3.conf for AWS S3 Cloud provider +@/opt/bacula/etc/bacula-sd-s3.conf +# + diff --git a/docker/etc/baculum/Config-api-apache/api.conf b/docker/etc/baculum/Config-api-apache/api.conf new file mode 100755 index 0000000..baa4333 --- /dev/null +++ b/docker/etc/baculum/Config-api-apache/api.conf @@ -0,0 +1,34 @@ +[api] +auth_type = "basic" +debug = "0" +lang = "en" + +[db] +enabled = "1" +type = "pgsql" +name = "bacula" +login = "bacula" +password = "bacula" +ip_addr = "db" +port = "5432" +path = "" + +[bconsole] +enabled = "1" +bin_path = "/opt/bacula/bin/bconsole" +cfg_path = "/opt/bacula/etc/bconsole.conf" +use_sudo = "0" + +[jsontools] +enabled = "1" +use_sudo = "0" +bconfig_dir = "/etc/baculum/" +bdirjson_path = "/opt/bacula/bin/bdirjson" +dir_cfg_path = "/opt/bacula/etc/bacula-dir.conf" +bsdjson_path = "/opt/bacula/bin/bsdjson" +sd_cfg_path = "/opt/bacula/etc/bacula-sd.conf" +bfdjson_path = "/opt/bacula/bin/bfdjson" +fd_cfg_path = "/opt/bacula/etc/bacula-fd.conf" +bbconsjson_path = "/opt/bacula/bin/bbconsjson" +bcons_cfg_path = "/opt/bacula/etc/bconsole.conf" + diff --git a/docker/etc/baculum/Config-api-apache/baculum.users b/docker/etc/baculum/Config-api-apache/baculum.users new file mode 100755 index 0000000..1375f69 --- /dev/null +++ b/docker/etc/baculum/Config-api-apache/baculum.users @@ -0,0 +1 @@ +admin:YWG41BPzVAkN6 \ No newline at end of file diff --git a/docker/etc/baculum/Config-web-apache/baculum.users b/docker/etc/baculum/Config-web-apache/baculum.users new file mode 100755 index 0000000..1375f69 --- /dev/null +++ b/docker/etc/baculum/Config-web-apache/baculum.users @@ -0,0 +1 @@ +admin:YWG41BPzVAkN6 \ No newline at end of file diff --git a/docker/etc/baculum/Config-web-apache/hosts.conf b/docker/etc/baculum/Config-web-apache/hosts.conf new file mode 100755 index 0000000..1e07440 --- /dev/null +++ b/docker/etc/baculum/Config-web-apache/hosts.conf @@ -0,0 +1,13 @@ +[Main] +auth_type = "basic" +login = "admin" +password = "admin" +client_id = "" +client_secret = "" +redirect_uri = "" +scope = "" +protocol = "http" +address = "baculum-api" +port = "9096" +url_prefix = "" + diff --git a/docker/etc/baculum/Config-web-apache/settings.conf b/docker/etc/baculum/Config-web-apache/settings.conf new file mode 100755 index 0000000..b3fb27e --- /dev/null +++ b/docker/etc/baculum/Config-web-apache/settings.conf @@ -0,0 +1,23 @@ +[baculum] +debug = "0" +lang = "en" +max_jobs = "15000" +size_values_unit = "decimal" +time_in_job_log = "0" +date_time_format = "Y-M-D R" +enable_messages_log = "1" +login = "admin" + +[users] + +[auth_basic] +allow_manage_users = "1" +user_file = "/usr/share/baculum/htdocs/protected/Web/Config/baculum.users" +hash_alg = "apr-md5" + +[security] +auth_method = "basic" +def_access = "default_settings" +def_role = "normal" +def_api_host = "Main" + diff --git a/docker/etc/baculum/Config-web-apache/users.conf b/docker/etc/baculum/Config-web-apache/users.conf new file mode 100755 index 0000000..a6da63a --- /dev/null +++ b/docker/etc/baculum/Config-web-apache/users.conf @@ -0,0 +1,9 @@ +[admin] +long_name = "" +description = "" +email = "" +roles = "admin" +api_hosts = "" +enabled = "1" +ips = "" + diff --git a/docker/etc/bconsole.conf b/docker/etc/bconsole.conf new file mode 100755 index 0000000..7553452 --- /dev/null +++ b/docker/etc/bconsole.conf @@ -0,0 +1,14 @@ +# +# Bacula User Agent (or Console) Configuration File +# +# Copyright (C) 2000-2015 Kern Sibbald +# License: BSD 2-Clause; see file LICENSE-FOSS +# + +Director { + Name = bacula-dir + DIRport = 9101 + # address = bacula-standalone + address = bacula-dir + Password = "XDnaVZYU9F4QhqUGMPxiOXsJaji23mNG3FaAM9Z2q1c/" +} diff --git a/docker/etc/clientdefs/ubuntu.conf.sample b/docker/etc/clientdefs/ubuntu.conf.sample new file mode 100755 index 0000000..f06a70a --- /dev/null +++ b/docker/etc/clientdefs/ubuntu.conf.sample @@ -0,0 +1,32 @@ +Job { + Name = "BackupUbuntu" + JobDefs = "DefaultJobToCloudAWS" + FileSet = "ubuntu-fs" + Client = "ubuntu-fd" +} + +Client { + Name = ubuntu-fd + Address = 128.199.45.192 + FDPort = 9102 + Catalog = MyCatalog + Password = "lE-6z_tYeiRRnNLt_5L4w8KplM9Qb43z7" + File Retention = 60 days + Job Retention = 6 months + AutoPrune = yes +} + +FileSet { + Name = "ubuntu-fs" + Include { + Options { + Compression=GZIP + signature=MD5 + } + File = /home + File = /var/lib/mysql + File = /root + File = /share + File = /etc + } +} diff --git a/docker/etc/clientdefs/w2k16.conf.sample b/docker/etc/clientdefs/w2k16.conf.sample new file mode 100755 index 0000000..4421db3 --- /dev/null +++ b/docker/etc/clientdefs/w2k16.conf.sample @@ -0,0 +1,38 @@ +Job { + Name = "BackupW2k16ToAWS" + JobDefs = "DefaultJobToCloudAWS" + Client = "w2k16-fd" + Fileset = "w2k16-fs" +} + +FileSet { + Name = "w2k16-fs" + Include { + Options { + signature = MD5 + compression = GZIP + IgnoreCase = yes + } + File = "C:/documents and settings" + File = "C:/Users" + File = "C:/share" + } + Exclude { + File = "*.mp3" + File = "*.mp4" + File = "*.dll" + File = "*.exe" + File = "*.bin" + } +} + +Client { + Name = w2k16-fd + Address = 40.71.101.166 + FDPort = 9102 + Catalog = MyCatalog + Password = "abc123cde456fgh789" + File Retention = 60 days + Job Retention = 6 months + AutoPrune = yes +} diff --git a/docker/etc/samples/bacula-dir-cloud-aws.conf.sample b/docker/etc/samples/bacula-dir-cloud-aws.conf.sample new file mode 100755 index 0000000..5cdae5d --- /dev/null +++ b/docker/etc/samples/bacula-dir-cloud-aws.conf.sample @@ -0,0 +1,72 @@ +# bacula-dir-cloud.conf +# +# JobDefs +# Job +# Restore +# Pool +# Autochanger +# + + +# Template to store in cloud +JobDefs { + Name = "DefaultJobToCloudAWS" + Type = Backup + Level = Incremental + Client = bacula-fd + FileSet = "Full Set" + Schedule = "WeeklyCycle" + Storage = "CloudS3AWS" + Messages = Standard + Pool = CloudAWS + SpoolAttributes = yes + Priority = 10 + Write Bootstrap = "/opt/bacula/working/%c.bsr" +} + +# Jobs +Job { + Name = "BackupClient1ToCloudAWS" + JobDefs = "DefaultJobToCloudAWS" +} + + + +# Restore +Job { + Name = "RestoreFromCloudAWS" + Type = Restore + Client=bacula-fd + Storage = CloudS3AWS + FileSet="Full Set" + Pool = CloudAWS + Messages = Standard + Where = /tmp/bacula-restores +} + + + +# Cloud Pool definition +Pool { + Name = CloudAWS + Pool Type = Backup + Recycle = no # Bacula can automatically recycle Volumes + AutoPrune = yes # Prune expired volumes + Volume Retention = 365 days # one year + Maximum Volume Jobs = 1 # + # Maximum Volume Bytes = 100M # Limit Volume size to something reasonable + Label Format = "Vol-JobId-${JobId}" # Auto label +} + + +# Autochanger definition +Autochanger { + Name = "CloudS3AWS" +# Do not use "localhost" here + Address = bacula-sd # N.B. Use a fully qualified name here + SDPort = 9103 + Password = "TS8EQJ99iLFSK39oJy33YqkZ98v4ZapjRcA+j1N6ED1n" + Device = "CloudAutoChangerS3" + Media Type = "CloudType" + Maximum Concurrent Jobs = 10 # run up to 10 jobs a the same time +} diff --git a/docker/etc/samples/bacula-dir-cloud.conf.sample b/docker/etc/samples/bacula-dir-cloud.conf.sample new file mode 100755 index 0000000..aa67665 --- /dev/null +++ b/docker/etc/samples/bacula-dir-cloud.conf.sample @@ -0,0 +1,96 @@ +# bacula-dir-cloud.conf +# +# JobDefs +# Job +# Restore +# Pool +# Autochanger +# + + +# Template to store in cloud +JobDefs { + Name = "DefaultJobToCloud" + Type = Backup + Level = Incremental + Client = bacula-fd + FileSet = "Full Set" + Schedule = "WeeklyCycle" + Storage = "CloudS3" + Messages = Standard + Pool = Cloud + SpoolAttributes = yes + Priority = 10 + Write Bootstrap = "/opt/bacula/working/%c.bsr" +} + +# Jobs +Job { + Name = "BackupClient1ToCloud" + JobDefs = "DefaultJobToCloud" +} + + + +# Restore +Job { + Name = "RestoreFromCloud" + Type = Restore + Client=bacula-fd + Storage = CloudS3 + FileSet="Full Set" + Pool = Cloud + Messages = Standard + Where = /tmp/bacula-restores +} + + + +# Cloud Pool definition +Pool { + Name = Cloud + Pool Type = Backup + Recycle = no # Bacula can automatically recycle Volumes + AutoPrune = yes # Prune expired volumes + Volume Retention = 365 days # one year + Maximum Volume Jobs = 1 # + # Maximum Volume Bytes = 100M # Limit Volume size to something reasonable + Label Format = "Vol-JobId-${JobId}" # Auto label +} + + +# Autochanger definition +Autochanger { + Name = "CloudS3" +# Do not use "localhost" here + Address = bacula-sd # N.B. Use a fully qualified name here + SDPort = 9103 + Password = "TS8EQJ99iLFSK39oJy33YqkZ98v4ZapjRcA+j1N6ED1n" + Device = "CloudAutoChanger1" + Media Type = "CloudType" + Maximum Concurrent Jobs = 10 # run up to 10 jobs a the same time +} + +# +#Autochanger { +# Name = "CloudS3-2" +## Do not use "localhost" here +# Address = bacula-sd # N.B. Use a fully qualified name here +# SDPort = 9103 +# Password = "TS8EQJ99iLFSK39oJy33YqkZ98v4ZapjRcA+j1N6ED1n" +# Device = "CloudAutoChanger2" +# Media Type = "CloudType" +# Maximum Concurrent Jobs = 10 # run up to 10 jobs a the same time +#} +# +#Autochanger { +# Name = "CloudS3-3" +## Do not use "localhost" here +# Address = bacula-sd # N.B. Use a fully qualified name here +# SDPort = 9103 +# Password = "TS8EQJ99iLFSK39oJy33YqkZ98v4ZapjRcA+j1N6ED1n" +# Device = "CloudAutoChanger3" +# Media Type = "CloudType" +# Maximum Concurrent Jobs = 10 # run up to 10 jobs a the same time +#} +# diff --git a/docker/etc/samples/bacula-sd-s3.conf.sample b/docker/etc/samples/bacula-sd-s3.conf.sample new file mode 100755 index 0000000..e80628b --- /dev/null +++ b/docker/etc/samples/bacula-sd-s3.conf.sample @@ -0,0 +1,50 @@ +# Define a virtual autochanger for AWS S3 +# +# Change AccessKey and SecretKey on Cloud resource +# + +# Autochangers + +Autochanger { + Name = "CloudAutoChangerS3" + Device = CloudStorageS3 + Changer Command = "" + Changer Device = /dev/null +} + +# Devices + +Device { + Name = "CloudStorageS3" + Device Type = "Cloud" + Cloud = "S3-cloud-us-west-2" + Maximum Part Size = 2M + Maximum File Size = 2M + Media Type = "CloudType" + Archive Device = "/tmp" + LabelMedia = yes + Random Access = yes + AutomaticMount = yes + RemovableMedia = no + AlwaysOpen = no +} + +# Cloud providers +# Hostname see https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region + +Cloud { + Name = "S3-cloud-us-west-2" + Driver = "S3" + HostName = "s3.us-west-2.amazonaws.com" + BucketName = "eftechcombr-backup" + AccessKey = "ABC" + SecretKey = "DEF" + Protocol = HTTPS + UriStyle = "VirtualHost" + Truncate Cache = "AfterUpload" + Upload = "EachPart" + Region = "us-west-2" + MaximumUploadBandwidth = 10MB/s +} +# +# diff --git a/docker/etc/samples/bacula-sd-wasabi.conf.sample b/docker/etc/samples/bacula-sd-wasabi.conf.sample new file mode 100755 index 0000000..d17d482 --- /dev/null +++ b/docker/etc/samples/bacula-sd-wasabi.conf.sample @@ -0,0 +1,129 @@ +# Define a virtual autochanger for Wasabi Cloud +# +# CloudStorage1 => us-east-2 +# CloudStorage2 => eu-central-1 +# CloudStorage3 => us-west-1 +# +# Change AccessKey and SecretKey on Cloud resource +# + +# Autochangers + +Autochanger { + Name = "CloudAutoChanger1" + Device = CloudStorage1 + Changer Command = "" + Changer Device = /dev/null +} +# +#Autochanger { +# Name = "CloudAutoChanger2" +# Device = CloudStorage2 +# Changer Command = "" +# Changer Device = /dev/null +#} +# +#Autochanger { +# Name = "CloudAutoChanger3" +# Device = CloudStorage3 +# Changer Command = "" +# Changer Device = /dev/null +#} +# + + +# Devices + +Device { + Name = "CloudStorage1" + Device Type = "Cloud" + Cloud = "WasabiS3-cloud-us-east-2" + Maximum Part Size = 2M + Maximum File Size = 2M + Media Type = "CloudType" + Archive Device = "/tmp" + LabelMedia = yes + Random Access = yes + AutomaticMount = yes + RemovableMedia = no + AlwaysOpen = no +} + +# +#Device { +# Name = "CloudStorage2" +# Device Type = "Cloud" +# Cloud = "WasabiS3-cloud-eu-central-1" +# Maximum Part Size = 2M +# Maximum File Size = 2M +# Media Type = "CloudType" +# Archive Device = "/tmp" +# LabelMedia = yes +# Random Access = yes +# AutomaticMount = yes +# RemovableMedia = no +# AlwaysOpen = no +#} +# +# +#Device { +# Name = "CloudStorage3" +# Device Type = "Cloud" +# Cloud = "WasabiS3-cloud-us-west-1" +# Maximum Part Size = 2M +# Maximum File Size = 2M +# Media Type = "CloudType" +# Archive Device = "/tmp" +# LabelMedia = yes +# Random Access = yes +# AutomaticMount = yes +# RemovableMedia = no +# AlwaysOpen = no +#} +# + +# Cloud providers + +Cloud { + Name = "WasabiS3-cloud-us-east-2" + Driver = "S3" + HostName = "s3.us-east-2.wasabisys.com" + BucketName = "eftechcombr-backup" + AccessKey = "ABC" + SecretKey = "DEF" + Protocol = HTTPS + UriStyle = "VirtualHost" + Truncate Cache = "AfterUpload" + Upload = "EachPart" + MaximumUploadBandwidth = 10MB/s +} +# +#Cloud { +# Name = "WasabiS3-cloud-eu-central-1" +# Driver = "S3" +# HostName = "s3.eu-central-1.wasabisys.com" +# BucketName = "eftechcombr-backup2" +# AccessKey = "ABC" +# SecretKey = "DEF" +# Protocol = HTTPS +# UriStyle = "VirtualHost" +# Truncate Cache = "AfterUpload" +# Upload = "EachPart" +# MaximumUploadBandwidth = 10MB/s +#} + + +#Cloud { +# Name = "WasabiS3-cloud-us-west-1" +# Driver = "S3" +# HostName = "s3.us-west-1.wasabisys.com" +# BucketName = "eftechcombr-backup3" +# AccessKey = "ABC" +# SecretKey = "DEF" +# Protocol = HTTPS +# UriStyle = "VirtualHost" +# Truncate Cache = "AfterUpload" +# Upload = "EachPart" +# MaximumUploadBandwidth = 10MB/s +#} +# diff --git a/docker/etc/samples/clientdefs/ubuntu.conf.sample b/docker/etc/samples/clientdefs/ubuntu.conf.sample new file mode 100755 index 0000000..f06a70a --- /dev/null +++ b/docker/etc/samples/clientdefs/ubuntu.conf.sample @@ -0,0 +1,32 @@ +Job { + Name = "BackupUbuntu" + JobDefs = "DefaultJobToCloudAWS" + FileSet = "ubuntu-fs" + Client = "ubuntu-fd" +} + +Client { + Name = ubuntu-fd + Address = 128.199.45.192 + FDPort = 9102 + Catalog = MyCatalog + Password = "lE-6z_tYeiRRnNLt_5L4w8KplM9Qb43z7" + File Retention = 60 days + Job Retention = 6 months + AutoPrune = yes +} + +FileSet { + Name = "ubuntu-fs" + Include { + Options { + Compression=GZIP + signature=MD5 + } + File = /home + File = /var/lib/mysql + File = /root + File = /share + File = /etc + } +} diff --git a/docker/etc/samples/clientdefs/w2k16.conf.sample b/docker/etc/samples/clientdefs/w2k16.conf.sample new file mode 100755 index 0000000..4421db3 --- /dev/null +++ b/docker/etc/samples/clientdefs/w2k16.conf.sample @@ -0,0 +1,38 @@ +Job { + Name = "BackupW2k16ToAWS" + JobDefs = "DefaultJobToCloudAWS" + Client = "w2k16-fd" + Fileset = "w2k16-fs" +} + +FileSet { + Name = "w2k16-fs" + Include { + Options { + signature = MD5 + compression = GZIP + IgnoreCase = yes + } + File = "C:/documents and settings" + File = "C:/Users" + File = "C:/share" + } + Exclude { + File = "*.mp3" + File = "*.mp4" + File = "*.dll" + File = "*.exe" + File = "*.bin" + } +} + +Client { + Name = w2k16-fd + Address = 40.71.101.166 + FDPort = 9102 + Catalog = MyCatalog + Password = "abc123cde456fgh789" + File Retention = 60 days + Job Retention = 6 months + AutoPrune = yes +} diff --git a/docker/etc/smtp2tg.toml b/docker/etc/smtp2tg.toml new file mode 100755 index 0000000..145b265 --- /dev/null +++ b/docker/etc/smtp2tg.toml @@ -0,0 +1,12 @@ +[bot] +token = "xxxxxTokenxxxxx" + +[receivers] +"*" = "xxxxxChatIDxxxxx" + +[smtp] +listen = "0.0.0.0:25" +name = "smtp2tg" + +[logging] +debug = true diff --git a/kubernetes/configmap-bacula-dir.yaml b/kubernetes/configmap-bacula-dir.yaml new file mode 100644 index 0000000..5d3c37d --- /dev/null +++ b/kubernetes/configmap-bacula-dir.yaml @@ -0,0 +1,418 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: bacula-dir + namespace: backup +data: + bacula-dir.conf: |- + # + # Default Bacula Director Configuration file + # + # The only thing that MUST be changed is to add one or more + # file or directory names in the Include directive of the + # FileSet resource. + # + # For Bacula release 9.4.4 (28 May 2019) -- redhat Enterprise release + # + # You might also want to change the default email address + # from root to your address. See the "mail" and "operator" + # directives in the Messages resource. + # + # Copyright (C) 2000-2017 Kern Sibbald + # License: BSD 2-Clause; see file LICENSE-FOSS + # + Director { # define myself + Name = bacula-dir + DIRport = 9101 # where we listen for UA connections + QueryFile = "/opt/bacula/scripts/query.sql" + WorkingDirectory = "/opt/bacula/working" + PidDirectory = "/opt/bacula/working" + Maximum Concurrent Jobs = 20 + Password = "XDnaVZYU9F4QhqUGMPxiOXsJaji23mNG3FaAM9Z2q1c/" # Console password + Messages = Daemon + } + # + JobDefs { + Name = "DefaultJob" + Type = Backup + Level = Incremental + Client = bacula-fd + FileSet = "Full Set" + Schedule = "WeeklyCycle" + Storage = File1 + Messages = Standard + Pool = File + SpoolAttributes = yes + Priority = 10 + Write Bootstrap = "/opt/bacula/working/%c.bsr" + } + # + # Define the main nightly save backup job + # By default, this job will back up to disk in /tmp + Job { + Name = "BackupClient1" + JobDefs = "DefaultJob" + } + # + # Backup the catalog database (after the nightly save) + Job { + Name = "BackupCatalog" + JobDefs = "DefaultJob" + Level = Full + FileSet="Catalog" + Schedule = "WeeklyCycleAfterBackup" + # This creates an ASCII copy of the catalog + # Arguments to make_catalog_backup.pl are: + # make_catalog_backup.pl + ClientRunBeforeJob = "/opt/bacula/scripts/make_catalog_backup.pl MyCatalog" + # This deletes the copy of the catalog + ClientRunAfterJob = "/opt/bacula/scripts/delete_catalog_backup" + Write Bootstrap = "/opt/bacula/working/%n.bsr" + Priority = 11 # run after main backup + } + # + # Standard Restore template, to be changed by Console program + # Only one such job is needed for all Jobs/Clients/Storage ... + # + Job { + Name = "RestoreFiles" + Type = Restore + Client=bacula-fd + Storage = File1 + # The FileSet and Pool directives are not used by Restore Jobs + # but must not be removed + FileSet="Full Set" + Pool = File + Messages = Standard + Where = /tmp/bacula-restores + } + # List of files to be backed up + FileSet { + Name = "Full Set" + Include { + Options { + signature = MD5 + } + File = /opt/bacula/bin + File = /opt/bacula + File = /opt/bacula/etc + } + # + # + # If you backup the root directory, the following two excluded + # files can be useful + # + Exclude { + File = /opt/bacula/working + File = /tmp + File = /proc + File = /tmp + File = /sys + File = /.journal + File = /.fsck + } + } + # + # + # When to do the backups, full backup on first sunday of the month, + # differential (i.e. incremental since full) every other sunday, + # and incremental backups other days + Schedule { + Name = "WeeklyCycle" + Run = Full 1st sun at 23:05 + Run = Differential 2nd-5th sun at 23:05 + Run = Incremental mon-sat at 23:05 + } + # + # This schedule does the catalog. It starts after the WeeklyCycle + Schedule { + Name = "WeeklyCycleAfterBackup" + Run = Full sun-sat at 23:10 + } + # + # This is the backup of the catalog + FileSet { + Name = "Catalog" + Include { + Options { + signature = MD5 + } + File = "/opt/bacula/working/bacula.sql" + } + } + # Client (File Services) to backup + Client { + Name = bacula-fd + Address = bacula-fd + FDPort = 9102 + Catalog = MyCatalog + Password = "eso80TrxzhXkRgaQVI6ZYrSzAZ4E9KFNp0Y+T1HHVWBi" # password for FileDaemon + File Retention = 60 days # 60 days + Job Retention = 6 months # six months + AutoPrune = yes # Prune expired Jobs/Files + } + # + # Definition of file Virtual Autochanger device + Autochanger { + Name = File1 + # Do not use "localhost" here + Address = bacula-sd # N.B. Use a fully qualified name here + SDPort = 9103 + Password = "TS8EQJ99iLFSK39oJy33YqkZ98v4ZapjRcA+j1N6ED1n" + Device = FileChgr1 + Media Type = File1 + Maximum Concurrent Jobs = 10 # run up to 10 jobs a the same time + Autochanger = File1 # point to ourself + } + # Definition of a second file Virtual Autochanger device + # Possibly pointing to a different disk drive + Autochanger { + Name = File2 + # Do not use "localhost" here + Address = bacula-sd # N.B. Use a fully qualified name here + SDPort = 9103 + Password = "TS8EQJ99iLFSK39oJy33YqkZ98v4ZapjRcA+j1N6ED1n" + Device = FileChgr2 + Media Type = File2 + Autochanger = File2 # point to ourself + Maximum Concurrent Jobs = 10 # run up to 10 jobs a the same time + } + # Generic catalog service + Catalog { + Name = MyCatalog + dbname = "bacula" + dbuser = "bacula" + dbpassword = "bacula" + DB address = "postgresql-headless.backup.svc.cluster.local" + } + # Reasonable message delivery -- send most everything to email address + # and to the console + Messages { + Name = Standard + # + # NOTE! If you send to two email or more email addresses, you will need + # to replace the %r in the from field (-f part) with a single valid + # email address in both the mailcommand and the operatorcommand. + # What this does is, it sets the email address that emails would display + # in the FROM field, which is by default the same email as they're being + # sent to. However, if you send email to more than one address, then + # you'll have to set the FROM address manually, to a single address. + # for example, a 'no-reply@mydomain.com', is better since that tends to + # tell (most) people that its coming from an automated source. + # + # mailcommand = "/opt/bacula/bin/bsmtp -h localhost -f \"\(Bacula\) \<%r\>\" -s \"Bacula: %t %e of %c %l\" %r" + # operatorcommand = "/opt/bacula/bin/bsmtp -h localhost -f \"\(Bacula\) \<%r\>\" -s \"Bacula: Intervention needed for %j\" %r" + # mail = root@localhost = all, !skipped + # operator = root@localhost = mount + console = all, !skipped, !saved + # + # WARNING! the following will create a file that you must cycle from + # time to time as it will grow indefinitely. However, it will + # also keep all your messages if they scroll off the console. + # + # append = "/opt/bacula/log/bacula.log" = all, !skipped + stdout = all, !skipped + catalog = all + # Telegram + # mailcommand = "/opt/bacula/bin/bsmtp -h smtp2tg -f \"\(Bacula\) \<%r\>\" -s \"Bacula: %t %e of %c %l\" %r" + # mail = eduardo@smtp2tg = all, !skipped + } + # + # Message delivery for daemon messages (no job). + Messages { + Name = Daemon + # mailcommand = "/opt/bacula/bin/bsmtp -h localhost -f \"\(Bacula\) \<%r\>\" -s \"Bacula daemon message\" %r" + # mail = root@localhost = all, !skipped + console = all, !skipped, !saved + stdout = all, !skipped + # append = "/opt/bacula/log/bacula.log" = all, !skipped + # Telegram + # mailcommand = "/opt/bacula/bin/bsmtp -h smtp2tg -f \"\(Bacula\) \<%r\>\" -s \"Bacula: %t %e of %c %l\" %r" + # mail = eduardo@smtp2tg = all, !skipped + } + # Default pool definition + Pool { + Name = Default + Pool Type = Backup + Recycle = yes # Bacula can automatically recycle Volumes + AutoPrune = yes # Prune expired volumes + Volume Retention = 365 days # one year + Maximum Volume Bytes = 50G # Limit Volume size to something reasonable + Maximum Volumes = 100 # Limit number of Volumes in Pool + } + # File Pool definition + Pool { + Name = File + Pool Type = Backup + Recycle = yes # Bacula can automatically recycle Volumes + AutoPrune = yes # Prune expired volumes + Volume Retention = 365 days # one year + Maximum Volume Bytes = 50G # Limit Volume size to something reasonable + Maximum Volumes = 100 # Limit number of Volumes in Pool + Label Format = "Vol-" # Auto label + } + # Scratch pool definition + # Pool { + # Name = Scratch + # Pool Type = Backup + # } + # + # Restricted console used by tray-monitor to get the status of the director + # + Console { + Name = bacula-mon + Password = "r0V/Hx0TUwQ4TlnX1lyUHf8J8v9XvRBqnHTRW9+CB614" + CommandACL = status, .status + } + # Include subfiles associated with configuration of clients. + # # They define the bulk of the Clients, Jobs, and FileSets. + # # Remember to "reload" the Director after adding a client file. + @|"sh -c 'for f in /opt/bacula/etc/bacula-dir.d/*.conf ; do echo @${f} ; done'" + # + # bacula-dir-cloud-aws.conf + # + # JobDefs + # Job + # Restore + # Pool + # Autochanger + # + # Template to store in cloud + JobDefs { + Name = "DefaultJobToCloudAWS" + Type = Backup + Level = Incremental + Client = bacula-fd + FileSet = "Full Set" + Schedule = "WeeklyCycle" + Storage = "CloudS3AWS" + Messages = Standard + Pool = CloudAWS + SpoolAttributes = yes + Priority = 10 + Write Bootstrap = "/opt/bacula/working/%c.bsr" + } + # Jobs + Job { + Name = "BackupClient1ToCloudAWS" + JobDefs = "DefaultJobToCloudAWS" + } + # Restore + Job { + Name = "RestoreFromCloudAWS" + Type = Restore + Client=bacula-fd + Storage = CloudS3AWS + FileSet="Full Set" + Pool = CloudAWS + Messages = Standard + Where = /tmp/bacula-restores + } + # Cloud Pool definition + Pool { + Name = CloudAWS + Pool Type = Backup + Recycle = no # Bacula can automatically recycle Volumes + AutoPrune = yes # Prune expired volumes + Volume Retention = 365 days # one year + Maximum Volume Jobs = 1 # + # Maximum Volume Bytes = 100M # Limit Volume size to something reasonable + Label Format = "Vol-JobId-${JobId}" # Auto label + } + # Autochanger definition + Autochanger { + Name = "CloudS3AWS" + # Do not use "localhost" here + Address = bacula-sd # N.B. Use a fully qualified name here + SDPort = 9103 + Password = "TS8EQJ99iLFSK39oJy33YqkZ98v4ZapjRcA+j1N6ED1n" + Device = "CloudAutoChangerS3" + Media Type = "CloudType" + Maximum Concurrent Jobs = 10 # run up to 10 jobs a the same time + } + # bacula-dir-cloud.conf + # + # JobDefs + # Job + # Restore + # Pool + # Autochanger + # + # Template to store in cloud + JobDefs { + Name = "DefaultJobToCloud" + Type = Backup + Level = Incremental + Client = bacula-fd + FileSet = "Full Set" + Schedule = "WeeklyCycle" + Storage = "CloudS3" + Messages = Standard + Pool = Cloud + SpoolAttributes = yes + Priority = 10 + Write Bootstrap = "/opt/bacula/working/%c.bsr" + } + # Jobs + Job { + Name = "BackupClient1ToCloud" + JobDefs = "DefaultJobToCloud" + } + # Restore + Job { + Name = "RestoreFromCloud" + Type = Restore + Client=bacula-fd + Storage = CloudS3 + FileSet="Full Set" + Pool = Cloud + Messages = Standard + Where = /tmp/bacula-restores + } + # Cloud Pool definition + Pool { + Name = Cloud + Pool Type = Backup + Recycle = no # Bacula can automatically recycle Volumes + AutoPrune = yes # Prune expired volumes + Volume Retention = 365 days # one year + Maximum Volume Jobs = 1 # + # Maximum Volume Bytes = 100M # Limit Volume size to something reasonable + Label Format = "Vol-JobId-${JobId}" # Auto label + } + # Autochanger definition + Autochanger { + Name = "CloudS3" + # Do not use "localhost" here + Address = bacula-sd # N.B. Use a fully qualified name here + SDPort = 9103 + Password = "TS8EQJ99iLFSK39oJy33YqkZ98v4ZapjRcA+j1N6ED1n" + Device = "CloudAutoChanger1" + Media Type = "CloudType" + Maximum Concurrent Jobs = 10 # run up to 10 jobs a the same time + } + # + #Autochanger { + # Name = "CloudS3-2" + ## Do not use "localhost" here + # Address = bacula-sd # N.B. Use a fully qualified name here + # SDPort = 9103 + # Password = "TS8EQJ99iLFSK39oJy33YqkZ98v4ZapjRcA+j1N6ED1n" + # Device = "CloudAutoChanger2" + # Media Type = "CloudType" + # Maximum Concurrent Jobs = 10 # run up to 10 jobs a the same time + #} + # + #Autochanger { + # Name = "CloudS3-3" + ## Do not use "localhost" here + # Address = bacula-sd # N.B. Use a fully qualified name here + # SDPort = 9103 + # Password = "TS8EQJ99iLFSK39oJy33YqkZ98v4ZapjRcA+j1N6ED1n" + # Device = "CloudAutoChanger3" + # Media Type = "CloudType" + # Maximum Concurrent Jobs = 10 # run up to 10 jobs a the same time + #} + # + + diff --git a/kubernetes/configmap-bacula-fd.yaml b/kubernetes/configmap-bacula-fd.yaml new file mode 100644 index 0000000..0c2bcf4 --- /dev/null +++ b/kubernetes/configmap-bacula-fd.yaml @@ -0,0 +1,54 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: bacula-fd + namespace: backup +data: + bacula-fd.conf: |- + # + # Default Bacula File Daemon Configuration file + # + # For Bacula release 9.4.4 (28 May 2019) -- redhat Enterprise release + # + # There is not much to change here except perhaps the + # File daemon Name to + # + # + # Copyright (C) 2000-2015 Kern Sibbald + # License: BSD 2-Clause; see file LICENSE-FOSS + # + # + # List Directors who are permitted to contact this File daemon + # + Director { + Name = bacula-dir + Password = "eso80TrxzhXkRgaQVI6ZYrSzAZ4E9KFNp0Y+T1HHVWBi" + } + # + # + # Restricted Director, used by tray-monitor to get the + # status of the file daemon + # + Director { + Name = bacula-mon + Password = "nm6na6cCh3NymDV6JteWL0Fir71A5uhrdRjmnRKjnHn5" + Monitor = yes + } + # + # + # "Global" File daemon configuration specifications + # + FileDaemon { # this is me + Name = bacula-fd + FDport = 9102 # where we listen for the director + WorkingDirectory = /opt/bacula/working + Pid Directory = /opt/bacula/working + Maximum Concurrent Jobs = 20 + Plugin Directory = /opt/bacula/plugins + } + # + # Send all messages except skipped files back to Director + Messages { + Name = Standard + director = bacula-dir = all, !skipped, !restored + } diff --git a/kubernetes/configmap-bacula-sd.yaml b/kubernetes/configmap-bacula-sd.yaml new file mode 100644 index 0000000..845b188 --- /dev/null +++ b/kubernetes/configmap-bacula-sd.yaml @@ -0,0 +1,530 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: bacula-sd + namespace: backup +data: + bacula-sd.conf: |- + # + # Default Bacula Storage Daemon Configuration file + # + # For Bacula release 9.4.4 (28 May 2019) -- redhat Enterprise release + # + # You may need to change the name of your tape drive + # on the "Archive Device" directive in the Device + # resource. If you change the Name and/or the + # "Media Type" in the Device resource, please ensure + # that dird.conf has corresponding changes. + # + # + # Copyright (C) 2000-2017 Kern Sibbald + # License: BSD 2-Clause; see file LICENSE-FOSS + # + + Storage { # definition of myself + Name = bacula-sd + SDPort = 9103 # Director's port + WorkingDirectory = "/opt/bacula/working" + Pid Directory = "/opt/bacula/working" + Plugin Directory = "/opt/bacula/plugins" + Maximum Concurrent Jobs = 20 + } + + # + # List Directors who are permitted to contact Storage daemon + # + Director { + Name = bacula-dir + Password = "TS8EQJ99iLFSK39oJy33YqkZ98v4ZapjRcA+j1N6ED1n" + } + + # + # Restricted Director, used by tray-monitor to get the + # status of the storage daemon + # + Director { + Name = bacula-mon + Password = "5p+emSGBrRv7sdsOJjlXxOjIDIzvivTLzY8ywWCjz02x" + Monitor = yes + } + + # + # Note, for a list of additional Device templates please + # see the directory /examples/devices + # Or follow the following link: + # http://www.bacula.org/git/cgit.cgi/bacula/tree/bacula/examples/devices?h=Branch-7.4 + # + + # + # Devices supported by this Storage daemon + # To connect, the Director's bacula-dir.conf must have the + # same Name and MediaType. + # + + # + # Define a Virtual autochanger + # + Autochanger { + Name = FileChgr1 + Device = FileChgr1-Dev1, FileChgr1-Dev2 + Changer Command = "" + Changer Device = /dev/null + } + + Device { + Name = FileChgr1-Dev1 + Media Type = File1 + Archive Device = /tmp + LabelMedia = yes; # lets Bacula label unlabeled media + Random Access = Yes; + AutomaticMount = yes; # when device opened, read it + RemovableMedia = no; + AlwaysOpen = no; + Maximum Concurrent Jobs = 5 + } + + Device { + Name = FileChgr1-Dev2 + Media Type = File1 + Archive Device = /tmp + LabelMedia = yes; # lets Bacula label unlabeled media + Random Access = Yes; + AutomaticMount = yes; # when device opened, read it + RemovableMedia = no; + AlwaysOpen = no; + Maximum Concurrent Jobs = 5 + } + + # + # Define a second Virtual autochanger + # + Autochanger { + Name = FileChgr2 + Device = FileChgr2-Dev1, FileChgr2-Dev2 + Changer Command = "" + Changer Device = /dev/null + } + + Device { + Name = FileChgr2-Dev1 + Media Type = File2 + Archive Device = /tmp + LabelMedia = yes; # lets Bacula label unlabeled media + Random Access = Yes; + AutomaticMount = yes; # when device opened, read it + RemovableMedia = no; + AlwaysOpen = no; + Maximum Concurrent Jobs = 5 + } + + Device { + Name = FileChgr2-Dev2 + Media Type = File2 + Archive Device = /tmp + LabelMedia = yes; # lets Bacula label unlabeled media + Random Access = Yes; + AutomaticMount = yes; # when device opened, read it + RemovableMedia = no; + AlwaysOpen = no; + Maximum Concurrent Jobs = 5 + } + + + + # + # An autochanger device with two drives + # + #Autochanger { + # Name = Autochanger + # Device = Drive-1 + # Device = Drive-2 + # Changer Command = "/opt/bacula/scripts/mtx-changer %c %o %S %a %d" + # Changer Device = /dev/sg0 + #} + + #Device { + # Name = Drive-1 # + # Drive Index = 0 + # Media Type = DLT-8000 + # Archive Device = /dev/nst0 + # AutomaticMount = yes; # when device opened, read it + # AlwaysOpen = yes; + # RemovableMedia = yes; + # RandomAccess = no; + # AutoChanger = yes + # # + # # New alert command in Bacula 9.0.0 + # # Note: you must have the sg3_utils (rpms) or the + # # sg3-utils (deb) installed on your system. + # # and you must set the correct control device that + # # corresponds to the Archive Device + # Control Device = /dev/sg?? # must be SCSI ctl for /dev/nst0 + # Alert Command = "/opt/bacula/scripts/tapealert %l" + # + # # + # # Enable the Alert command only if you have the mtx package loaded + # # Note, apparently on some systems, tapeinfo resets the SCSI controller + # # thus if you turn this on, make sure it does not reset your SCSI + # # controller. I have never had any problems, and smartctl does + # # not seem to cause such problems. + # # + # Alert Command = "sh -c 'tapeinfo -f %c |grep TapeAlert|cat'" + # If you have smartctl, enable this, it has more info than tapeinfo + # Alert Command = "sh -c 'smartctl -H -l error %c'" + #} + + #Device { + # Name = Drive-2 # + # Drive Index = 1 + # Media Type = DLT-8000 + # Archive Device = /dev/nst1 + # AutomaticMount = yes; # when device opened, read it + # AlwaysOpen = yes; + # RemovableMedia = yes; + # RandomAccess = no; + # AutoChanger = yes + # # Enable the Alert command only if you have the mtx package loaded + # Alert Command = "sh -c 'tapeinfo -f %c |grep TapeAlert|cat'" + # If you have smartctl, enable this, it has more info than tapeinfo + # Alert Command = "sh -c 'smartctl -H -l error %c'" + #} + + # + # A Linux or Solaris LTO-2 tape drive + # + #Device { + # Name = LTO-2 + # Media Type = LTO-2 + # Archive Device = /dev/nst0 + # AutomaticMount = yes; # when device opened, read it + # AlwaysOpen = yes; + # RemovableMedia = yes; + # RandomAccess = no; + # Maximum File Size = 3GB + ## Changer Command = "/opt/bacula/scripts/mtx-changer %c %o %S %a %d" + ## Changer Device = /dev/sg0 + ## AutoChanger = yes + # # Enable the Alert command only if you have the mtx package loaded + ## Alert Command = "sh -c 'tapeinfo -f %c |grep TapeAlert|cat'" + ## If you have smartctl, enable this, it has more info than tapeinfo + ## Alert Command = "sh -c 'smartctl -H -l error %c'" + #} + + # + # A Linux or Solaris LTO-3 tape drive + # + #Device { + # Name = LTO-3 + # Media Type = LTO-3 + # Archive Device = /dev/nst0 + # AutomaticMount = yes; # when device opened, read it + # AlwaysOpen = yes; + # RemovableMedia = yes; + # RandomAccess = no; + # Maximum File Size = 4GB + # Changer Command = "/opt/bacula/scripts/mtx-changer %c %o %S %a %d" + # Changer Device = /dev/sg0 + # AutoChanger = yes + # # + # # New alert command in Bacula 9.0.0 + # # Note: you must have the sg3_utils (rpms) or the + # # sg3-utils (deb) installed on your system. + # # and you must set the correct control device that + # # corresponds to the Archive Device + # Control Device = /dev/sg?? # must be SCSI ctl for /dev/nst0 + # Alert Command = "/opt/bacula/scripts/tapealert %l" + # + # # Enable the Alert command only if you have the mtx package loaded + ## Alert Command = "sh -c 'tapeinfo -f %c |grep TapeAlert|cat'" + ## If you have smartctl, enable this, it has more info than tapeinfo + ## Alert Command = "sh -c 'smartctl -H -l error %c'" + #} + + # + # A Linux or Solaris LTO-4 tape drive + # + #Device { + # Name = LTO-4 + # Media Type = LTO-4 + # Archive Device = /dev/nst0 + # AutomaticMount = yes; # when device opened, read it + # AlwaysOpen = yes; + # RemovableMedia = yes; + # RandomAccess = no; + # Maximum File Size = 5GB + # Changer Command = "/opt/bacula/scripts/mtx-changer %c %o %S %a %d" + # Changer Device = /dev/sg0 + # AutoChanger = yes + # # + # # New alert command in Bacula 9.0.0 + # # Note: you must have the sg3_utils (rpms) or the + # # sg3-utils (deb) installed on your system. + # # and you must set the correct control device that + # # corresponds to the Archive Device + # Control Device = /dev/sg?? # must be SCSI ctl for /dev/nst0 + # Alert Command = "/opt/bacula/scripts/tapealert %l" + # + # # Enable the Alert command only if you have the mtx package loaded + ## Alert Command = "sh -c 'tapeinfo -f %c |grep TapeAlert|cat'" + ## If you have smartctl, enable this, it has more info than tapeinfo + ## Alert Command = "sh -c 'smartctl -H -l error %c'" + #} + + # + # An HP-UX tape drive + # + #Device { + # Name = Drive-1 # + # Drive Index = 0 + # Media Type = DLT-8000 + # Archive Device = /dev/rmt/1mnb + # AutomaticMount = yes; # when device opened, read it + # AlwaysOpen = yes; + # RemovableMedia = yes; + # RandomAccess = no; + # AutoChanger = no + # Two EOF = yes + # Hardware End of Medium = no + # Fast Forward Space File = no + # # + # # New alert command in Bacula 9.0.0 + # # Note: you must have the sg3_utils (rpms) or the + # # sg3-utils (deb) installed on your system. + # # and you must set the correct control device that + # # corresponds to the Archive Device + # Control Device = /dev/sg?? # must be SCSI ctl for /dev/rmt/1mnb + # Alert Command = "/opt/bacula/scripts/tapealert %l" + # + # # + # # Enable the Alert command only if you have the mtx package loaded + # Alert Command = "sh -c 'tapeinfo -f %c |grep TapeAlert|cat'" + # If you have smartctl, enable this, it has more info than tapeinfo + # Alert Command = "sh -c 'smartctl -H -l error %c'" + #} + + # + # A FreeBSD tape drive + # + #Device { + # Name = DDS-4 + # Description = "DDS-4 for FreeBSD" + # Media Type = DDS-4 + # Archive Device = /dev/nsa1 + # AutomaticMount = yes; # when device opened, read it + # AlwaysOpen = yes + # Offline On Unmount = no + # Hardware End of Medium = no + # BSF at EOM = yes + # Backward Space Record = no + # Fast Forward Space File = no + # TWO EOF = yes + # # + # # New alert command in Bacula 9.0.0 + # # Note: you must have the sg3_utils (rpms) or the + # # sg3-utils (deb) installed on your system. + # # and you must set the correct control device that + # # corresponds to the Archive Device + # Control Device = /dev/sg?? # must be SCSI ctl for /dev/nsa1 + # Alert Command = "/opt/bacula/scripts/tapealert %l" + # + # If you have smartctl, enable this, it has more info than tapeinfo + # Alert Command = "sh -c 'smartctl -H -l error %c'" + #} + + # + # Send all messages to the Director, + # mount messages also are sent to the email address + # + Messages { + Name = Standard + director = bacula-dir = all + } + + + # # Include bacula-sd-wasabi.conf for Wasabi Cloud provider + # @/opt/bacula/etc/bacula-sd-wasabi.conf + # + + # # Include bacula-sd-s3.conf for AWS S3 Cloud provider + # @/opt/bacula/etc/bacula-sd-s3.conf + # + # Define a virtual autochanger for Wasabi Cloud + # + # CloudStorage1 => us-east-2 + # CloudStorage2 => eu-central-1 + # CloudStorage3 => us-west-1 + # + # Change AccessKey and SecretKey on Cloud resource + # + + # Autochangers + + Autochanger { + Name = "CloudAutoChanger1" + Device = CloudStorage1 + Changer Command = "" + Changer Device = /dev/null + } + # + #Autochanger { + # Name = "CloudAutoChanger2" + # Device = CloudStorage2 + # Changer Command = "" + # Changer Device = /dev/null + #} + # + #Autochanger { + # Name = "CloudAutoChanger3" + # Device = CloudStorage3 + # Changer Command = "" + # Changer Device = /dev/null + #} + # + + + # Devices + + Device { + Name = "CloudStorage1" + Device Type = "Cloud" + Cloud = "WasabiS3-cloud-us-east-2" + Maximum Part Size = 2M + Maximum File Size = 2M + Media Type = "CloudType" + Archive Device = "/tmp" + LabelMedia = yes + Random Access = yes + AutomaticMount = yes + RemovableMedia = no + AlwaysOpen = no + } + + # + #Device { + # Name = "CloudStorage2" + # Device Type = "Cloud" + # Cloud = "WasabiS3-cloud-eu-central-1" + # Maximum Part Size = 2M + # Maximum File Size = 2M + # Media Type = "CloudType" + # Archive Device = "/tmp" + # LabelMedia = yes + # Random Access = yes + # AutomaticMount = yes + # RemovableMedia = no + # AlwaysOpen = no + #} + # + # + #Device { + # Name = "CloudStorage3" + # Device Type = "Cloud" + # Cloud = "WasabiS3-cloud-us-west-1" + # Maximum Part Size = 2M + # Maximum File Size = 2M + # Media Type = "CloudType" + # Archive Device = "/tmp" + # LabelMedia = yes + # Random Access = yes + # AutomaticMount = yes + # RemovableMedia = no + # AlwaysOpen = no + #} + # + + # Cloud providers + + Cloud { + Name = "WasabiS3-cloud-us-east-2" + Driver = "S3" + HostName = "s3.us-east-2.wasabisys.com" + BucketName = "eftechcombr-backup" + AccessKey = "ABC" + SecretKey = "DEF" + Protocol = HTTPS + UriStyle = "VirtualHost" + Truncate Cache = "AfterUpload" + Upload = "EachPart" + MaximumUploadBandwidth = 10MB/s + } + # + #Cloud { + # Name = "WasabiS3-cloud-eu-central-1" + # Driver = "S3" + # HostName = "s3.eu-central-1.wasabisys.com" + # BucketName = "eftechcombr-backup2" + # AccessKey = "ABC" + # SecretKey = "DEF" + # Protocol = HTTPS + # UriStyle = "VirtualHost" + # Truncate Cache = "AfterUpload" + # Upload = "EachPart" + # MaximumUploadBandwidth = 10MB/s + #} + + + #Cloud { + # Name = "WasabiS3-cloud-us-west-1" + # Driver = "S3" + # HostName = "s3.us-west-1.wasabisys.com" + # BucketName = "eftechcombr-backup3" + # AccessKey = "ABC" + # SecretKey = "DEF" + # Protocol = HTTPS + # UriStyle = "VirtualHost" + # Truncate Cache = "AfterUpload" + # Upload = "EachPart" + # MaximumUploadBandwidth = 10MB/s + #} + # + # Define a virtual autochanger for AWS S3 + # + # Change AccessKey and SecretKey on Cloud resource + # + + # Autochangers + + Autochanger { + Name = "CloudAutoChangerS3" + Device = CloudStorageS3 + Changer Command = "" + Changer Device = /dev/null + } + + # Devices + + Device { + Name = "CloudStorageS3" + Device Type = "Cloud" + Cloud = "S3-cloud-us-west-2" + Maximum Part Size = 2M + Maximum File Size = 2M + Media Type = "CloudType" + Archive Device = "/tmp" + LabelMedia = yes + Random Access = yes + AutomaticMount = yes + RemovableMedia = no + AlwaysOpen = no + } + + # Cloud providers + # Hostname see https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region + + Cloud { + Name = "S3-cloud-us-west-2" + Driver = "S3" + HostName = "s3.us-west-2.amazonaws.com" + BucketName = "eftechcombr-bacula" + AccessKey = "AKIA33MZDCX3OLN7A6DD" + SecretKey = "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" + Protocol = HTTPS + UriStyle = "VirtualHost" + Truncate Cache = "AfterUpload" + Upload = "EachPart" + Region = "us-west-2" + MaximumUploadBandwidth = 10MB/s + } + # + # + diff --git a/kubernetes/configmap-baculum-api.yaml b/kubernetes/configmap-baculum-api.yaml new file mode 100644 index 0000000..a55fbfe --- /dev/null +++ b/kubernetes/configmap-baculum-api.yaml @@ -0,0 +1,47 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: baculum-api + namespace: backup +data: + baculum.users: |- + admin:YWG41BPzVAkN6 + + + api.conf: |- + [api] + auth_type = "basic" + debug = "0" + lang = "en" + + [db] + enabled = "1" + type = "pgsql" + name = "bacula" + login = "bacula" + password = "bacula" + ip_addr = "postgresql-headless" + port = "5432" + path = "" + + [bconsole] + enabled = "1" + bin_path = "/opt/bacula/bin/bconsole" + cfg_path = "/opt/bacula/etc/bconsole.conf" + use_sudo = "0" + + [jsontools] + enabled = "1" + use_sudo = "0" + bconfig_dir = "/etc/baculum/" + bdirjson_path = "/opt/bacula/bin/bdirjson" + dir_cfg_path = "/opt/bacula/etc/bacula-dir.conf" + bsdjson_path = "/opt/bacula/bin/bsdjson" + sd_cfg_path = "/opt/bacula/etc/bacula-sd.conf" + bfdjson_path = "/opt/bacula/bin/bfdjson" + fd_cfg_path = "/opt/bacula/etc/bacula-fd.conf" + bbconsjson_path = "/opt/bacula/bin/bbconsjson" + bcons_cfg_path = "/opt/bacula/etc/bconsole.conf" + + + \ No newline at end of file diff --git a/kubernetes/configmap-baculum-web.yaml b/kubernetes/configmap-baculum-web.yaml new file mode 100644 index 0000000..bf9bbb3 --- /dev/null +++ b/kubernetes/configmap-baculum-web.yaml @@ -0,0 +1,58 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: baculum-web + namespace: backup +data: + baculum.users: |- + admin:YWG41BPzVAkN6 + + + hosts.conf: |- + [Main] + auth_type = "basic" + login = "admin" + password = "admin" + client_id = "" + client_secret = "" + redirect_uri = "" + scope = "" + protocol = "http" + address = "baculum-api" + port = "9096" + url_prefix = "" + + settings.conf: |- + [baculum] + debug = "0" + lang = "en" + max_jobs = "15000" + size_values_unit = "decimal" + time_in_job_log = "0" + date_time_format = "Y-M-D R" + enable_messages_log = "1" + login = "admin" + + [users] + + [auth_basic] + allow_manage_users = "1" + user_file = "/etc/baculum/Config-web-apache/baculum.users" + hash_alg = "apr-md5" + + [security] + auth_method = "basic" + def_access = "default_settings" + def_role = "normal" + def_api_host = "Main" + + users.conf: |- + [admin] + long_name = "" + description = "" + email = "" + roles = "admin" + api_hosts = "" + enabled = "1" + ips = "" + diff --git a/kubernetes/configmap-bconsole.yaml b/kubernetes/configmap-bconsole.yaml new file mode 100644 index 0000000..1207878 --- /dev/null +++ b/kubernetes/configmap-bconsole.yaml @@ -0,0 +1,20 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: bconsole + namespace: backup +data: + bconsole.conf: |- + # + # Bacula User Agent (or Console) Configuration File + # + # Copyright (C) 2000-2015 Kern Sibbald + # License: BSD 2-Clause; see file LICENSE-FOSS + # + Director { + Name = bacula-dir + DIRport = 9101 + address = bacula-dir + Password = "XDnaVZYU9F4QhqUGMPxiOXsJaji23mNG3FaAM9Z2q1c/" + } + \ No newline at end of file diff --git a/kubernetes/deployment-bacula-dir.yaml b/kubernetes/deployment-bacula-dir.yaml new file mode 100644 index 0000000..b7277f0 --- /dev/null +++ b/kubernetes/deployment-bacula-dir.yaml @@ -0,0 +1,69 @@ + +############################################################################### +# +############################################################################### + +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app: bacula-dir + name: bacula-dir + namespace: backup +spec: + replicas: 1 + selector: + matchLabels: + app: bacula-dir + strategy: {} + template: + metadata: + labels: + app: bacula-dir + spec: + containers: + - image: docker.io/eftechcombr/bacula:13.0.3-director + name: bacula-dir + ports: + - containerPort: 9101 + volumeMounts: + - name: bacula-dir + mountPath: "/opt/bacula/etc/bacula-dir.conf" + subPath: bacula-dir.conf + readOnly: true + - name: bconsole + mountPath: "/opt/bacula/etc/bconsole.conf" + subPath: bconsole.conf + readOnly: true + resources: {} + volumes: + - name: bacula-dir + configMap: + name: bacula-dir + - name: bconsole + configMap: + name: bconsole +status: {} + + +############################################################################### +# +############################################################################### +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app: bacula-dir + name: bacula-dir + namespace: backup +spec: + ports: + - port: 9101 + protocol: TCP + targetPort: 9101 + selector: + app: bacula-dir +status: + loadBalancer: {} diff --git a/kubernetes/deployment-bacula-fd.yaml b/kubernetes/deployment-bacula-fd.yaml new file mode 100644 index 0000000..0e98aad --- /dev/null +++ b/kubernetes/deployment-bacula-fd.yaml @@ -0,0 +1,54 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app: bacula-fd + name: bacula-fd + namespace: backup +spec: + replicas: 1 + selector: + matchLabels: + app: bacula-fd + strategy: {} + template: + metadata: + labels: + app: bacula-fd + spec: + containers: + - image: docker.io/eftechcombr/bacula:13.0.3-client + name: bacula-fd + ports: + - containerPort: 9102 + volumeMounts: + - name: bacula-fd + mountPath: "/opt/bacula/etc" + readOnly: true + resources: {} + volumes: + - name: bacula-fd + configMap: + name: bacula-fd +status: {} + + + +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app: bacula-fd + name: bacula-fd + namespace: backup +spec: + ports: + - port: 9102 + protocol: TCP + targetPort: 9102 + selector: + app: bacula-fd +status: + loadBalancer: {} diff --git a/kubernetes/deployment-bacula-sd.yaml b/kubernetes/deployment-bacula-sd.yaml new file mode 100644 index 0000000..82404d3 --- /dev/null +++ b/kubernetes/deployment-bacula-sd.yaml @@ -0,0 +1,54 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app: bacula-sd + name: bacula-sd + namespace: backup +spec: + replicas: 1 + selector: + matchLabels: + app: bacula-sd + strategy: {} + template: + metadata: + labels: + app: bacula-sd + spec: + containers: + - image: docker.io/eftechcombr/bacula:13.0.3-storage + name: bacula-sd + ports: + - containerPort: 9103 + volumeMounts: + - name: bacula-sd + mountPath: "/opt/bacula/etc" + readOnly: true + resources: {} + volumes: + - name: bacula-sd + configMap: + name: bacula-sd +status: {} + + +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app: bacula-sd + name: bacula-sd + namespace: backup +spec: + ports: + - port: 9103 + protocol: TCP + targetPort: 9103 + selector: + app: bacula-sd +status: + loadBalancer: {} + diff --git a/kubernetes/deployment-baculum-api.yaml b/kubernetes/deployment-baculum-api.yaml new file mode 100644 index 0000000..7467c95 --- /dev/null +++ b/kubernetes/deployment-baculum-api.yaml @@ -0,0 +1,97 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app: baculum-api + name: baculum-api + namespace: backup +spec: + replicas: 1 + selector: + matchLabels: + app: baculum-api + strategy: {} + template: + metadata: + labels: + app: baculum-api + spec: + initContainers: + - image: docker.io/eftechcombr/baculum:11.0.6-api + name: baculum-init + volumeMounts: + - name: baculum-api + mountPath: "/tmp/baculum/Config-api-apache" + readOnly: true + - name: etc-baculum-api + mountPath: "/etc/baculum" + command: + - bash + - -c + - "cp -Rf /tmp/baculum/Config-api-apache /etc/baculum && chmod a+w /etc/baculum/Config-api-apache" + containers: + - image: docker.io/eftechcombr/baculum:11.0.6-api + name: baculum-api + ports: + - containerPort: 9096 + volumeMounts: + - name: etc-baculum-api + mountPath: "/etc/baculum" + - name: bconsole + mountPath: "/opt/bacula/etc/bconsole.conf" + subPath: bconsole.conf + readOnly: true + - name: bacula-dir + mountPath: "/opt/bacula/etc/bacula-dir.conf" + subPath: bacula-dir.conf + readOnly: true + - name: bacula-fd + mountPath: "/opt/bacula/etc/bacula-fd.conf" + subPath: bacula-fd.conf + readOnly: true + - name: bacula-sd + mountPath: "/opt/bacula/etc/bacula-sd.conf" + subPath: bacula-sd.conf + readOnly: true + resources: {} + volumes: + - name: bacula-sd + configMap: + name: bacula-sd + - name: bacula-dir + configMap: + name: bacula-dir + - name: bacula-fd + configMap: + name: bacula-fd + - name: baculum-api + configMap: + name: baculum-api + - name: bconsole + configMap: + name: bconsole + - name: etc-baculum-api + emptyDir: {} +status: {} + + + +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app: baculum-api + name: baculum-api + namespace: backup +spec: + ports: + - port: 9096 + protocol: TCP + targetPort: 9096 + selector: + app: baculum-api +status: + loadBalancer: {} + diff --git a/kubernetes/deployment-baculum-web.yaml b/kubernetes/deployment-baculum-web.yaml new file mode 100644 index 0000000..a24429d --- /dev/null +++ b/kubernetes/deployment-baculum-web.yaml @@ -0,0 +1,71 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app: baculum-web + name: baculum-web + namespace: backup +spec: + replicas: 1 + selector: + matchLabels: + app: baculum-web + strategy: {} + template: + metadata: + labels: + app: baculum-web + spec: + initContainers: + - image: docker.io/eftechcombr/baculum:11.0.6-web + name: baculum-init + volumeMounts: + - name: baculum-web + mountPath: "/tmp/baculum/Config-web-apache" + readOnly: true + - name: etc-baculum-web + mountPath: "/etc/baculum" + command: + - bash + - -c + - "cp -Rf /tmp/baculum/Config-web-apache /etc/baculum && chmod a+w /etc/baculum/Config-web-apache" + containers: + - image: docker.io/eftechcombr/baculum:11.0.6-web + name: baculum-web + ports: + - containerPort: 9095 + volumeMounts: + - name: etc-baculum-web + mountPath: "/etc/baculum" + resources: {} + volumes: + - name: baculum-web + configMap: + name: baculum-web + - name: etc-baculum-web + emptyDir: {} + +status: {} + + + +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app: baculum-web + name: baculum-web + namespace: backup +spec: + ports: + - port: 9095 + protocol: TCP + targetPort: 9095 + selector: + app: baculum-web +status: + loadBalancer: {} + + diff --git a/kubernetes/namespace.yaml b/kubernetes/namespace.yaml new file mode 100644 index 0000000..7d96681 --- /dev/null +++ b/kubernetes/namespace.yaml @@ -0,0 +1,6 @@ +apiVersion: v1 +kind: Namespace +metadata: + labels: + kubernetes.io/metadata.name: backup + name: backup diff --git a/kubernetes/statefulset-postgresql.yaml b/kubernetes/statefulset-postgresql.yaml new file mode 100644 index 0000000..1470507 --- /dev/null +++ b/kubernetes/statefulset-postgresql.yaml @@ -0,0 +1,139 @@ +--- +apiVersion: apps/v1 +kind: StatefulSet +metadata: + labels: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: backup + app.kubernetes.io/name: postgresql + name: postgresql + namespace: backup +spec: + podManagementPolicy: OrderedReady + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app.kubernetes.io/instance: backup + app.kubernetes.io/name: postgresql + role: primary + serviceName: postgresql-headless + template: + metadata: + labels: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: backup + app.kubernetes.io/name: postgresql + role: primary + name: postgresql + spec: + affinity: + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchLabels: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: backup + app.kubernetes.io/name: postgresql + namespaces: + - backup + topologyKey: kubernetes.io/hostname + weight: 1 + containers: + - env: + - name: POSTGRES_PASSWORD + value: "bacula" + - name: POSTGRES_USER + value: "bacula" + - name: POSTGRES_DB + value: "bacula" + - name: POSTGRES_INITDB_ARGS + value: '--encoding=SQL_ASCII --lc-collate=C --lc-ctype=C' + image: docker.io/eftechcombr/bacula:13.0.3-catalog + imagePullPolicy: IfNotPresent + name: postgresql + ports: + - containerPort: 5432 + name: tcp-postgresql + protocol: TCP + resources: + requests: + cpu: 250m + memory: 256Mi + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/lib/postgresql/data + name: data + dnsPolicy: ClusterFirst + restartPolicy: Always + terminationGracePeriodSeconds: 30 + volumes: + - emptyDir: + name: data + updateStrategy: + type: RollingUpdate +status: + replicas: 1 + +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app.kubernetes.io/instance: backup + app.kubernetes.io/name: postgresql + service.alpha.kubernetes.io/tolerate-unready-endpoints: "true" + name: postgresql-headless + namespace: backup +spec: + clusterIP: None + clusterIPs: + - None + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: tcp-postgresql + port: 5432 + protocol: TCP + targetPort: tcp-postgresql + publishNotReadyAddresses: true + selector: + app.kubernetes.io/instance: backup + app.kubernetes.io/name: postgresql + sessionAffinity: None + type: ClusterIP +status: + loadBalancer: {} + +--- +apiVersion: v1 +kind: Service +metadata: + annotations: + meta.helm.sh/release-name: backup + meta.helm.sh/release-namespace: backup + labels: + app.kubernetes.io/instance: backup + app.kubernetes.io/name: postgresql + name: postgresql + namespace: backup +spec: + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: tcp-postgresql + port: 5432 + protocol: TCP + targetPort: tcp-postgresql + selector: + app.kubernetes.io/instance: backup + app.kubernetes.io/name: postgresql + role: primary + sessionAffinity: None + type: ClusterIP +status: + loadBalancer: {} \ No newline at end of file