- file {
- "/etc/bacula/conf.d/${name}.conf":
- content => template("bacula/per-client.conf.erb"),
- mode => 440,
- group => bacula,
- notify => Exec["bacula-director restart"]
- ;
- }
- }
-# $allhosts = keys($site::allnodeinfo)
- $allhosts = [ "berlioz.debian.org", "biber.debian.org", "draghi.debian.org" ]
- bacula_client { $allhosts: }
+ @ferm::rule { 'dsa-bacula-dir':
+ domain => '(ip ip6)',
+ description => 'Allow bacula access from localhost',
+ rule => "proto tcp mod state state (NEW) dport (bacula-dir) saddr (${bacula_director_address} localhost) ACCEPT",
+ }