1 /*
2    BAREOS® - Backup Archiving REcovery Open Sourced
3 
4    Copyright (C) 2000-2007 Free Software Foundation Europe e.V.
5    Copyright (C) 2011-2012 Planets Communications B.V.
6    Copyright (C) 2013-2016 Bareos GmbH & Co. KG
7 
8    This program is Free Software; you can redistribute it and/or
9    modify it under the terms of version three of the GNU Affero General Public
10    License as published by the Free Software Foundation and included
11    in the file LICENSE.
12 
13    This program is distributed in the hope that it will be useful, but
14    WITHOUT ANY WARRANTY; without even the implied warranty of
15    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16    Affero General Public License for more details.
17 
18    You should have received a copy of the GNU Affero General Public License
19    along with this program; if not, write to the Free Software
20    Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
21    02110-1301, USA.
22 */
23 /*
24  * Bareos File Daemon specific configuration
25  *
26  * Kern Sibbald, Sep MM
27  */
28 
29 #ifndef BAREOS_FILED_FILED_CONF_H_
30 #define BAREOS_FILED_FILED_CONF_H_ 1
31 
32 namespace filedaemon {
33 
34 static const std::string default_config_filename("bareos-fd.conf");
35 
36 /*
37  * Resource codes -- they must be sequential for indexing
38  */
39 enum {
40    R_DIRECTOR = 1001,
41    R_CLIENT,
42    R_MSGS,
43    R_STORAGE,
44    R_JOB,
45    R_FIRST = R_DIRECTOR,
46    R_LAST = R_JOB                    /* keep this updated */
47 };
48 
49 /*
50  * Some resource attributes
51  */
52 enum {
53    R_NAME = 1020,
54    R_ADDRESS,
55    R_PASSWORD,
56    R_TYPE
57 };
58 
59 /* Definition of the contents of each Resource */
60 class DirectorResource : public TlsResource {
61 public:
62    char *address;                     /* Director address or zero */
63    uint32_t port;                     /* Director port */
64    bool conn_from_dir_to_fd;          /* Allow incoming connections */
65    bool conn_from_fd_to_dir;          /* Connect to director */
66    bool monitor;                      /* Have only access to status and .status functions */
67    alist *allowed_script_dirs;        /* Only allow to run scripts in this directories */
68    alist *allowed_job_cmds;           /* Only allow the following Job commands to be executed */
69    uint64_t max_bandwidth_per_job;    /* Bandwidth limitation (per director) */
70 
DirectorResource()71    DirectorResource() : TlsResource() {}
72 };
73 
74 class ClientResource : public TlsResource {
75 public:
76    dlist *FDaddrs;
77    dlist *FDsrc_addr;                 /* Address to source connections from */
78    char *working_directory;
79    char *pid_directory;
80    char *subsys_directory;
81    char *plugin_directory;            /* Plugin directory */
82    alist *plugin_names;
83    char *scripts_directory;
84    MessagesResource *messages;                 /* Daemon message handler */
85    uint32_t MaxConcurrentJobs;
86    uint32_t MaxConnections;
87    utime_t SDConnectTimeout;          /* Timeout in seconds */
88    utime_t heartbeat_interval;        /* Interval to send heartbeats */
89    uint32_t max_network_buffer_size;  /* Max network buf size */
90    uint32_t jcr_watchdog_time;        /* Absolute time after which a Job gets terminated regardless of its progress */
91    bool compatible;                   /* Support old protocol keywords */
92    bool allow_bw_bursting;            /* Allow bursting with bandwidth limiting */
93    bool pki_sign;                     /* Enable Data Integrity Verification via Digital Signatures */
94    bool pki_encrypt;                  /* Enable Data Encryption */
95    char *pki_keypair_file;            /* PKI Key Pair File */
96    alist *pki_signing_key_files;      /* PKI Signing Key Files */
97    alist *pki_master_key_files;       /* PKI Master Key Files */
98    crypto_cipher_t pki_cipher;        /* PKI Cipher to use */
99    bool nokeepalive;                  /* Don't use SO_KEEPALIVE on sockets */
100    bool always_use_lmdb;              /* Use LMDB for accurate data */
101    uint32_t lmdb_threshold;           /* Switch to using LDMD when number of accurate entries exceeds treshold. */
102    X509_KEYPAIR *pki_keypair;         /* Shared PKI Public/Private Keypair */
103    alist *pki_signers;                /* Shared PKI Trusted Signers */
104    alist *pki_recipients;             /* Shared PKI Recipients */
105    alist *allowed_script_dirs;        /* Only allow to run scripts in this directories */
106    alist *allowed_job_cmds;           /* Only allow the following Job commands to be executed */
107    char *verid;                       /* Custom Id to print in version command */
108    char *secure_erase_cmdline;        /* Cmdline to execute to perform secure erase of file */
109    char *log_timestamp_format;        /* Timestamp format to use in generic logging messages */
110    uint64_t max_bandwidth_per_job;    /* Bandwidth limitation (global) */
111 
ClientResource()112    ClientResource() : TlsResource() {}
113 };
114 
115 /* Define the Union of all the above
116  * resource structure definitions.
117  */
118 union UnionOfResources {
119    DirectorResource res_dir;
120    ClientResource res_client;
121    MessagesResource res_msgs;
122    CommonResourceHeader hdr;
123 
UnionOfResources()124    UnionOfResources() {new(&hdr) CommonResourceHeader();}
~UnionOfResources()125    ~UnionOfResources() {}
126 };
127 
128 ConfigurationParser *InitFdConfig(const char *configfile, int exit_code);
129 bool PrintConfigSchemaJson(PoolMem &buffer);
130 
131 } /* namespace filedaemon */
132 #endif /* BAREOS_FILED_FILED_CONF_H_ */
133