othman.suseno/calypso
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
852825e0add0c6387513042c1c243bd6b09906a2
calypso/docs/alpha/components/bacula/Bacula-Installation-Guide.md
Othman H. Suseno 70b7841d1a add sources
2026-01-15 17:39:32 +07:00

193 lines
7.2 KiB
Markdown
Raw Blame History

# Bacula Installation and Configuration Guide for Ubuntu 24.04
## 1. Introduction
This guide provides step-by-step instructions for installing and configuring Bacula on Ubuntu 24.04. The configuration files will be moved to a custom directory: `/opt/calypso/conf/bacula`.
## 2. Installation
First, update the package lists and install the Bacula components and a PostgreSQL database backend.
```bash
sudo apt-get update
sudo apt-get install -y bacula-director bacula-sd bacula-fd postgresql
```
During the installation, you may be prompted to configure a mail server. You can choose "No configuration" for now.
### 2.1. Install Bacula Console
Install the Bacula console, which provides the `bconsole` command-line utility for interacting with the Bacula Director.
```bash
sudo apt-get install -y bacula-console
```
## 3. Database Configuration
Create the Bacula database and user.
```bash
sudo -u postgres createuser -P bacula
sudo -u postgres createdb -O bacula bacula
```
When prompted, enter a password for the `bacula` user. You will need this password later.
Now, grant privileges to the `bacula` user on the `bacula` database.
```bash
sudo -u postgres psql -c "GRANT ALL PRIVILEGES ON DATABASE bacula TO bacula;"
```
Bacula provides scripts to create the necessary tables in the database.
```bash
sudo /usr/share/bacula-director/make_postgresql_tables.sql | sudo -u postgres psql bacula
```
## 4. Configuration File Migration
Create the new configuration directory and copy the default configuration files.
```bash
sudo mkdir -p /opt/calypso/conf/bacula
sudo cp /etc/bacula/* /opt/calypso/conf/bacula/
sudo chown -R bacula:bacula /opt/calypso/conf/bacula
```
## 5. Systemd Service Configuration
Create override files for the `bacula-director` and `bacula-sd` services to point to the new configuration file locations.
### 5.1. Bacula Director
```bash
sudo mkdir -p /etc/systemd/system/bacula-director.service.d
sudo bash -c 'cat > /etc/systemd/system/bacula-director.service.d/override.conf <<EOF
[Service]
ExecStart=
ExecStart=/usr/sbin/bacula-dir -f -c /opt/calypso/conf/bacula/bacula-dir.conf
EOF'
```
### 5.2. Bacula Storage Daemon
```bash
sudo mkdir -p /etc/systemd/system/bacula-sd.service.d
sudo bash -c 'cat > /etc/systemd/system/bacula-sd.service.d/override.conf <<EOF
[Service]
ExecStart=
ExecStart=/usr/sbin/bacula-sd -f -c /opt/calypso/conf/bacula/bacula-sd.conf
EOF'
```
### 5.3. Bacula File Daemon
```bash
sudo mkdir -p /etc/systemd/system/bacula-fd.service.d
sudo bash -c 'cat > /etc/systemd/system/bacula-fd.service.d/override.conf <<EOF
[Service]
ExecStart=
ExecStart=/usr/sbin/bacula-fd -f -c /opt/calypso/conf/bacula/bacula-fd.conf
EOF'
```
Reload the systemd daemon to apply the changes.
```bash
sudo systemctl daemon-reload
```
## 6. Bacula Configuration
Update the `bacula-dir.conf` and `bacula-sd.conf` files to use the new paths and settings.
### 6.1. Bacula Director Configuration
Edit `/opt/calypso/conf/bacula/bacula-dir.conf` and make the following changes:
* In the `Storage` resource, update the `address` to point to the correct IP address or hostname.
* In the `Catalog` resource, update the `dbuser` and `dbpassword` with the values you set in step 3.
* Update any other paths as necessary.
### 6.2. Bacula Storage Daemon Configuration
Edit `/opt/calypso/conf/bacula/bacula-sd.conf` and make the following changes:
* In the `Storage` resource, update the `SDAddress` to point to the correct IP address or hostname.
* Create a directory for the storage device and set the correct permissions.
```bash
sudo mkdir -p /var/lib/bacula/storage
sudo chown -R bacula:tape /var/lib/bacula/storage
```
* In the `Device` resource, update the `Archive Device` to point to the storage directory you just created. For example:
```
Device {
Name = FileStorage
Media Type = File
Archive Device = /var/lib/bacula/storage
LabelMedia = yes;
Random Access = Yes;
AutomaticMount = yes;
RemovableMedia = no;
AlwaysOpen = no;
}
```
## 7. Starting and Verifying Services
Start the Bacula services and check their status.
```bash
sudo systemctl start bacula-director bacula-sd bacula-fd
sudo systemctl status bacula-director bacula-sd bacula-fd
```
## 8. SELinux/AppArmor
If you are using SELinux or AppArmor, you may need to adjust the security policies to allow Bacula to access the new configuration directory and storage directory. The specific steps will depend on your security policy.
## 9. Calypso Bacula Agent Registration Flow
The Calypso Director exposes a REST API that allows a lightweight Bacula agent to register itself, report its capability matrix, and receive UI-driven capability pushes.
### 9.1. Authenticate with Calypso
1. Log in against `POST /api/v1/auth/login` with a Calypso user that has the `bacula-admin` role. The same JWT token is used for all subsequent agent calls.
2. Store the token (and refresh it whenever a 401 is returned) so the agent can re-authenticate automatically.
### 9.2. Register the client
- Call `POST /api/v1/bacula/clients/register` with the following payload:
```json
{
"hostname": "backup-client-01",
"ip_address": "10.0.0.15",
"agent_version": "1.0.0",
"backup_types": ["files", "database"],
"metadata": {
"platform": "ubuntu",
"location": "datacenter-1"
}
}
```
- Store the returned `id` (client identifier) so the agent can re-register subsequently.
- Include the `status` string (`online`, `maintenance`, etc.) as part of the payload so the Director knows the client state.
### 9.3. Responding to UI-driven capability pushes
- The Calypso console exposes a `Bacula Clients` page (see the new navigation entry in the web UI) where operators can edit the backup types.
- When an operator submits a change, the UI calls `POST /api/v1/bacula/clients/{id}/capabilities`. This request is gated by the `bacula-admin` role and records an audit entry via the `bacula_client_capability_history` table.
- The agent should poll `GET /api/v1/bacula/clients/{id}/pending-update`. The endpoint never expires a pending list and returns the full desired `backup_types`, the operator notes, and who requested the change. Once the agent re-registers and matches the desired list, the pending update is cleared automatically.
- Each registration (agent push or UI trigger) appends a history row so the console can surface the last few changes for auditing.
### 9.4. Heartbeats and status updates
- Use `POST /api/v1/bacula/clients/{id}/ping` to refresh the agent's `last_seen` timestamp and propagate `status` changes without altering the capability matrix.
- If the agent needs to push new metadata (e.g., a new `agent_version` or additional `backup_types`), simply call `POST /api/v1/bacula/clients/register` again with the updated values. The same endpoint handles both initial registration and re-registration, and it clears pending capability pushes once the requested list matches the agent's `backup_types`.
### 9.5. Agent configuration location
- Store agent settings under `/opt/calypso/conf/bacula/agent.yaml` and keep the JWT token, Calypso API URL, and desired backup types there so the service can re-run after restarts. The installation script should add a systemd service that runs the agent and ensures it restarts on failure.
Reference in New Issue View Git Blame Copy Permalink