Bacula Setup

=How to set up Bacula=

These instructions are for adding a new machine to bacula.


 * 1) Add it to /etc/bacula/bacula-dir.conf on persephone.  You can do this by adding the "bacula" class to the machine in Configurator, and then re-generating the bacula director config with generate_bacula_director
 * 2) Install the software on the machine.  You may need to use packages in our Apt Repository so that they have PKI support.
 * 3) Create a keypair on the machine- see below.
 * 4) Remove the existing bacula-fd.conf so that cfengine will create a new one
 * 5) Add the appropriate lines to host-exclude/machine and host-include/machine in demeter:/srv/cfengine/hosts/bacula-fd.  In particular, you need to include filesystems that aren't on the root partition.  A quick way to look for these is run `df` on the target machine and see what comes up.  By default, / and /boot are backed up- anything else needs a line in host-include.
 * 6) Run cfengine to create bacula-fd.conf and copy over the other relevant files.

You should be ready to start using Bacula! I would recommend running a full backup, and then checking its size when it is finished. If the size seems too small, you may have forgotten a filesystem- in this case, add it and re-run the backup.

Create a keypair
As root, run: machine=machine_name openssl genrsa -out ${machine}-fd.key 1024 chmod 600 ${machine}-fd.key openssl req -new -key ${machine}-fd.key -x509 -out ${machine}-fd.cert cat ${machine}-fd.key ${machine}-fd.cert > ${machine}-fd.pem chown bacula:bacula ${machine}-fd.pem && chmod 600 ${machine}-fd.pem

For the certificate, use US/California/Pasadena/UGCS/backups, cn=

If you use a key with more than 2048 bits, backups will be really slow. I recommend 1024 as it is a good tradeoff between security (not realistically going to be cracked *easily*) and speed.