1 /* 2 BAREOS® - Backup Archiving REcovery Open Sourced 3 4 Copyright (C) 2000-2007 Free Software Foundation Europe e.V. 5 Copyright (C) 2011-2012 Planets Communications B.V. 6 Copyright (C) 2013-2020 Bareos GmbH & Co. KG 7 8 This program is Free Software; you can redistribute it and/or 9 modify it under the terms of version three of the GNU Affero General Public 10 License as published by the Free Software Foundation and included 11 in the file LICENSE. 12 13 This program is distributed in the hope that it will be useful, but 14 WITHOUT ANY WARRANTY; without even the implied warranty of 15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 16 Affero General Public License for more details. 17 18 You should have received a copy of the GNU Affero General Public License 19 along with this program; if not, write to the Free Software 20 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 21 02110-1301, USA. 22 */ 23 /* 24 * Bareos File Daemon specific configuration 25 * 26 * Kern Sibbald, Sep MM 27 */ 28 29 #ifndef BAREOS_FILED_FILED_CONF_H_ 30 #define BAREOS_FILED_FILED_CONF_H_ 1 31 32 #include "lib/messages_resource.h" 33 #include "lib/tls_conf.h" 34 35 class alist; 36 class dlist; 37 38 namespace filedaemon { 39 40 static const std::string default_config_filename("bareos-fd.conf"); 41 42 /* 43 * Resource codes -- they must be sequential for indexing 44 */ 45 enum 46 { 47 R_DIRECTOR = 1001, 48 R_CLIENT, 49 R_MSGS, 50 R_STORAGE, 51 R_JOB, 52 R_FIRST = R_DIRECTOR, 53 R_LAST = R_JOB /* keep this updated */ 54 }; 55 56 /* 57 * Some resource attributes 58 */ 59 enum 60 { 61 R_NAME = 1020, 62 R_ADDRESS, 63 R_PASSWORD, 64 R_TYPE 65 }; 66 67 /* Definition of the contents of each Resource */ 68 class DirectorResource 69 : public BareosResource 70 , public TlsResource { 71 public: 72 char* address = nullptr; /* Director address or zero */ 73 uint32_t port = 0; /* Director port */ 74 bool conn_from_dir_to_fd = false; /* Allow incoming connections */ 75 bool conn_from_fd_to_dir = false; /* Connect to director */ 76 bool monitor; /* Have only access to status and .status functions */ 77 alist* allowed_script_dirs 78 = nullptr; /* Only allow to run scripts in this directories */ 79 alist* allowed_job_cmds = nullptr; /* Only allow the following Job commands to 80 be executed */ 81 uint64_t max_bandwidth_per_job = 0; /* Bandwidth limitation (per director) */ 82 83 DirectorResource() = default; 84 virtual ~DirectorResource() = default; 85 }; 86 87 class ClientResource 88 : public BareosResource 89 , public TlsResource { 90 public: 91 ClientResource() = default; 92 virtual ~ClientResource() = default; 93 94 dlist* FDaddrs = nullptr; 95 dlist* FDsrc_addr = nullptr; /* Address to source connections from */ 96 char* working_directory = nullptr; 97 char* pid_directory = nullptr; 98 char* subsys_directory = nullptr; 99 char* plugin_directory = nullptr; /* Plugin directory */ 100 alist* plugin_names = nullptr; 101 char* scripts_directory = nullptr; 102 MessagesResource* messages = nullptr; /* Daemon message handler */ 103 uint32_t MaxConcurrentJobs = 0; 104 uint32_t MaxConnections = 0; 105 utime_t SDConnectTimeout = {0}; /* Timeout in seconds */ 106 utime_t heartbeat_interval = {0}; /* Interval to send heartbeats */ 107 uint32_t max_network_buffer_size = 0; /* Max network buf size */ 108 uint32_t jcr_watchdog_time = 0; /* Absolute time after which a Job gets 109 terminated regardless of its progress */ 110 bool compatible = false; /* Support old protocol keywords */ 111 bool allow_bw_bursting = false; /* Allow bursting with bandwidth limiting */ 112 bool pki_sign 113 = false; /* Enable Data Integrity Verification via Digital Signatures */ 114 bool pki_encrypt = false; /* Enable Data Encryption */ 115 char* pki_keypair_file = nullptr; /* PKI Key Pair File */ 116 alist* pki_signing_key_files = nullptr; /* PKI Signing Key Files */ 117 alist* pki_master_key_files = nullptr; /* PKI Master Key Files */ 118 crypto_cipher_t pki_cipher = CRYPTO_CIPHER_NONE; /* PKI Cipher to use */ 119 bool always_use_lmdb = false; /* Use LMDB for accurate data */ 120 uint32_t lmdb_threshold = 0; /* Switch to using LDMD when number of accurate 121 entries exceeds treshold. */ 122 X509_KEYPAIR* pki_keypair = nullptr; /* Shared PKI Public/Private Keypair */ 123 alist* pki_signers = nullptr; /* Shared PKI Trusted Signers */ 124 alist* pki_recipients = nullptr; /* Shared PKI Recipients */ 125 alist* allowed_script_dirs 126 = nullptr; /* Only allow to run scripts in this directories */ 127 alist* allowed_job_cmds = nullptr; /* Only allow the following Job commands to 128 be executed */ 129 char* verid = nullptr; /* Custom Id to print in version command */ 130 char* secure_erase_cmdline = nullptr; /* Cmdline to execute to perform secure 131 erase of file */ 132 char* log_timestamp_format = nullptr; /* Timestamp format to use in generic 133 logging messages */ 134 uint64_t max_bandwidth_per_job = 0; /* Bandwidth limitation (global) */ 135 }; 136 137 138 ConfigurationParser* InitFdConfig(const char* configfile, int exit_code); 139 bool PrintConfigSchemaJson(PoolMem& buffer); 140 141 } /* namespace filedaemon */ 142 #endif /* BAREOS_FILED_FILED_CONF_H_ */ 143