summaryrefslogtreecommitdiffstats
path: root/roles/bacula-sd
diff options
context:
space:
mode:
Diffstat (limited to 'roles/bacula-sd')
-rw-r--r--roles/bacula-sd/files/etc/systemd/system/bacula-sd.service.d/override.conf (renamed from roles/bacula-sd/files/etc/systemd/system/bacula-sd.service)14
-rw-r--r--roles/bacula-sd/tasks/main.yml14
2 files changed, 10 insertions, 18 deletions
diff --git a/roles/bacula-sd/files/etc/systemd/system/bacula-sd.service b/roles/bacula-sd/files/etc/systemd/system/bacula-sd.service.d/override.conf
index 61ba01d..e4ed970 100644
--- a/roles/bacula-sd/files/etc/systemd/system/bacula-sd.service
+++ b/roles/bacula-sd/files/etc/systemd/system/bacula-sd.service.d/override.conf
@@ -1,14 +1,4 @@
[Unit]
-Description=Bacula Storage Daemon service
-After=network.target
-
-[Service]
-Type=simple
-StandardOutput=syslog
-User=bacula
-Group=tape
-ExecStart=/usr/sbin/bacula-sd -f -c /etc/bacula/bacula-sd.conf
-
# Hardening
NoNewPrivileges=yes
PrivateDevices=yes
@@ -16,12 +6,8 @@ ProtectHome=yes
ProtectSystem=strict
ReadWriteDirectories=-/var/lib/bacula
ReadWriteDirectories=/mnt/backup/bacula
-RuntimeDirectory=bacula
PrivateDevices=yes
ProtectControlGroups=yes
ProtectKernelModules=yes
ProtectKernelTunables=yes
RestrictAddressFamilies=AF_INET AF_INET6
-
-[Install]
-WantedBy=multi-user.target
diff --git a/roles/bacula-sd/tasks/main.yml b/roles/bacula-sd/tasks/main.yml
index 93958a8..f30fe7f 100644
--- a/roles/bacula-sd/tasks/main.yml
+++ b/roles/bacula-sd/tasks/main.yml
@@ -1,7 +1,7 @@
- name: Install bacula-sd
apt: pkg=bacula-sd
-# Create with:
+# Populate with:
# echo $director-dir $(pwgen -sn 64 1) | sudo tee -a /etc/bacula/passwords-sd
- name: Ensure /etc/bacula/passwords-sd exists
file: path=/etc/bacula/passwords-sd
@@ -17,9 +17,15 @@
notify:
- Restart bacula-sd
-- name: Copy bacula-sd.service
- copy: src=etc/systemd/system/bacula-sd.service
- dest=/etc/systemd/system/bacula-sd.service
+- name: Create /etc/systemd/system/bacula-sd.service.d
+ file: path=/etc/systemd/system/bacula-sd.service.d
+ state=directory
+ owner=root group=root
+ mode=0755
+
+- name: Copy bacula-sd.service override
+ copy: src=etc/systemd/system/bacula-sd.service.d/override.conf
+ dest=/etc/systemd/system/bacula-sd.service.d/override.conf
owner=root group=root
mode=0644
notify:
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-22 05:14:16 +0000