1 /*
2    BAREOS® - Backup Archiving REcovery Open Sourced
3 
4    Copyright (C) 2000-2007 Free Software Foundation Europe e.V.
5    Copyright (C) 2011-2012 Planets Communications B.V.
6    Copyright (C) 2013-2020 Bareos GmbH & Co. KG
7 
8    This program is Free Software; you can redistribute it and/or
9    modify it under the terms of version three of the GNU Affero General Public
10    License as published by the Free Software Foundation and included
11    in the file LICENSE.
12 
13    This program is distributed in the hope that it will be useful, but
14    WITHOUT ANY WARRANTY; without even the implied warranty of
15    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16    Affero General Public License for more details.
17 
18    You should have received a copy of the GNU Affero General Public License
19    along with this program; if not, write to the Free Software
20    Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
21    02110-1301, USA.
22 */
23 /*
24  * Bareos File Daemon specific configuration
25  *
26  * Kern Sibbald, Sep MM
27  */
28 
29 #ifndef BAREOS_FILED_FILED_CONF_H_
30 #define BAREOS_FILED_FILED_CONF_H_ 1
31 
32 #include "lib/messages_resource.h"
33 #include "lib/tls_conf.h"
34 
35 class alist;
36 class dlist;
37 
38 namespace filedaemon {
39 
40 static const std::string default_config_filename("bareos-fd.conf");
41 
42 /*
43  * Resource codes -- they must be sequential for indexing
44  */
45 enum
46 {
47   R_DIRECTOR = 1001,
48   R_CLIENT,
49   R_MSGS,
50   R_STORAGE,
51   R_JOB,
52   R_FIRST = R_DIRECTOR,
53   R_LAST = R_JOB /* keep this updated */
54 };
55 
56 /*
57  * Some resource attributes
58  */
59 enum
60 {
61   R_NAME = 1020,
62   R_ADDRESS,
63   R_PASSWORD,
64   R_TYPE
65 };
66 
67 /* Definition of the contents of each Resource */
68 class DirectorResource
69     : public BareosResource
70     , public TlsResource {
71  public:
72   char* address = nullptr;          /* Director address or zero */
73   uint32_t port = 0;                /* Director port */
74   bool conn_from_dir_to_fd = false; /* Allow incoming connections */
75   bool conn_from_fd_to_dir = false; /* Connect to director */
76   bool monitor; /* Have only access to status and .status functions */
77   alist* allowed_script_dirs
78       = nullptr; /* Only allow to run scripts in this directories */
79   alist* allowed_job_cmds = nullptr; /* Only allow the following Job commands to
80                               be executed */
81   uint64_t max_bandwidth_per_job = 0; /* Bandwidth limitation (per director) */
82 
83   DirectorResource() = default;
84   virtual ~DirectorResource() = default;
85 };
86 
87 class ClientResource
88     : public BareosResource
89     , public TlsResource {
90  public:
91   ClientResource() = default;
92   virtual ~ClientResource() = default;
93 
94   dlist* FDaddrs = nullptr;
95   dlist* FDsrc_addr = nullptr; /* Address to source connections from */
96   char* working_directory = nullptr;
97   char* pid_directory = nullptr;
98   char* subsys_directory = nullptr;
99   char* plugin_directory = nullptr; /* Plugin directory */
100   alist* plugin_names = nullptr;
101   char* scripts_directory = nullptr;
102   MessagesResource* messages = nullptr; /* Daemon message handler */
103   uint32_t MaxConcurrentJobs = 0;
104   uint32_t MaxConnections = 0;
105   utime_t SDConnectTimeout = {0};       /* Timeout in seconds */
106   utime_t heartbeat_interval = {0};     /* Interval to send heartbeats */
107   uint32_t max_network_buffer_size = 0; /* Max network buf size */
108   uint32_t jcr_watchdog_time = 0;       /* Absolute time after which a Job gets
109                                        terminated       regardless of its progress */
110   bool compatible = false;              /* Support old protocol keywords */
111   bool allow_bw_bursting = false; /* Allow bursting with bandwidth limiting */
112   bool pki_sign
113       = false; /* Enable Data Integrity Verification via Digital Signatures */
114   bool pki_encrypt = false;                        /* Enable Data Encryption */
115   char* pki_keypair_file = nullptr;                /* PKI Key Pair File */
116   alist* pki_signing_key_files = nullptr;          /* PKI Signing Key Files */
117   alist* pki_master_key_files = nullptr;           /* PKI Master Key Files */
118   crypto_cipher_t pki_cipher = CRYPTO_CIPHER_NONE; /* PKI Cipher to use */
119   bool always_use_lmdb = false; /* Use LMDB for accurate data */
120   uint32_t lmdb_threshold = 0;  /* Switch to using LDMD when number of accurate
121                                entries exceeds treshold. */
122   X509_KEYPAIR* pki_keypair = nullptr; /* Shared PKI Public/Private Keypair */
123   alist* pki_signers = nullptr;        /* Shared PKI Trusted Signers */
124   alist* pki_recipients = nullptr;     /* Shared PKI Recipients */
125   alist* allowed_script_dirs
126       = nullptr; /* Only allow to run scripts in this directories */
127   alist* allowed_job_cmds = nullptr; /* Only allow the following Job commands to
128                                 be executed */
129   char* verid = nullptr;             /* Custom Id to print in version command */
130   char* secure_erase_cmdline = nullptr; /* Cmdline to execute to perform secure
131                                   erase of file */
132   char* log_timestamp_format = nullptr; /* Timestamp format to use in generic
133                                  logging messages */
134   uint64_t max_bandwidth_per_job = 0;   /* Bandwidth limitation (global) */
135 };
136 
137 
138 ConfigurationParser* InitFdConfig(const char* configfile, int exit_code);
139 bool PrintConfigSchemaJson(PoolMem& buffer);
140 
141 } /* namespace filedaemon */
142 #endif /* BAREOS_FILED_FILED_CONF_H_ */
143