- file {
- "/etc/bacula/conf.d/$client.conf":
- content => template("bacula/per-client.conf.erb"),
- mode => 440,
- group => bacula,
- notify => Exec["bacula-director restart"]
- ;
- }
- }
+ @ferm::rule { 'dsa-bacula-dir':
+ domain => '(ip ip6)',
+ description => 'Allow bacula access from localhost',
+ rule => "proto tcp mod state state (NEW) dport (bacula-dir) saddr (${bacula_director_address} localhost) ACCEPT",
+ }
+
+ $clients = ['berlioz.debian.org', 'biber.debian.org', 'draghi.debian.org', 'widor.debian.org', 'wolkenstein.debian.org']
+ bacula::node { $clients: }