single: Customizing the Configuration
Each Bareos component (Director, Client, Storage, Console) has its own configuration containing a set of resource definitions. These resources are very similar from one service to another, but may contain different directives (records) depending on the component. For example, in the Director configuration, the DirectorResourceDirector defines the name of the Director, a number of global Director parameters and his password. In the File daemon configuration, the ClientResourceDirector specifies which Directors are permitted to use the File daemon.
If you install all Bareos daemons (Director, Storage and File Daemon) onto one system, the Bareos package tries its best to generate a working configuration as a basis for your individual configuration.
The details of each resource and the directives permitted therein are described in the following chapters.
The following configuration files must be present:
DirectorChapter– to define the resources necessary for the Director. You define all the Clients and Storage daemons that you use in this configuration file.StoredConfChapter– to define the resources to be used by each Storage daemon. Normally, you will have a single Storage daemon that controls your disk storage or tape drives. However, if you have tape drives on several machines, you will have at least one Storage daemon per machine.FiledConfChapter– to define the resources for each client to be backed up. That is, you will have a separate Client resource file on each machine that runs a File daemon.ConsoleConfChapter– to define the resources for the Console program (user interface to the Director). It defines which Directors are available so that you may interact with them.
pair: Configuration; Directories
pair: Configuration; Subdirectories
When a Bareos component starts, it reads its configuration. In Bareos < 16.2.2 only configuration files (which optionally can include other files) are supported. Since Bareos \sinceVersion{}{Subdirectory Configuration Scheme}{16.2.2} also configuration subdirectories are supported.
In this section, the following naming is used:
CONFIGDIRrefers to the base configuration directory. Bareos Linux packages use\configPathUnix.- A component is one of the following Bareos programs:
- bareos-dir
- bareos-sd
- bareos-fd
- bareos-traymonitor
- bconsole
- bat (only legacy config file: bat.conf)
- Bareos tools, like
section-VolumeUtilityCommandsand others.
COMPONENTrefers to one of the listed components.
When starting a Bareos component, it will look for its configuration. Bareos components allow the configuration file/directory to be specified as a command line parameter -c PATH.
- configuration path parameter is not given (default)
CONFIGDIR/COMPONENT.confis a file- the configuration is read from the file
CONFIGDIR/COMPONENT.conf
- the configuration is read from the file
CONFIGDIR/COMPONENT.d/is a directory- the configuration is read from
CONFIGDIR/COMPONENT.d/*/*.conf(subdirectory configuration)
- the configuration is read from
- configuration path parameter is given (
-c PATH)PATHis a file- the configuration is read from the file specified in
PATH
- the configuration is read from the file specified in
PATHis a directory- the configuration is read from
PATH/COMPONENT.d/*/*.conf(subdirectory configuration)
- the configuration is read from
As the CONFIGDIR differs between platforms or is overwritten by the path parameter, the documentation will often refer to the configuration without the leading path (e.g. COMPONENT.d/*/*.conf instead of CONFIGDIR/COMPONENT.d/*/*.conf).
When subdirectory configuration is used, all files matching PATH/COMPONENT.d/*/*.conf will be read, see section-ConfigurationSubdirectories.
| Bareos component | ||
| (default path on Unix) | ||
| (default path on Unix) | ||
| since Bareos > = 16.2.2 | ||
| bareos-dir | \file{bar
eos-dir.conf} |
\file{bar
eos-dir.d} |
\nameref{
DirectorChapter} |
(\configF
ileDirUnix) |
(\configD
irectoryDirUnix) |
| bareos-sd | \file{bar
eos-sd.conf} |
\file{bar
eos-sd.d} |
\nameref{
StoredConfChapter} |
(\configF
ileSdUnix) |
(\configD
irectorySdUnix) |
| bareos-fd | \file{bar
eos-fd.conf} |
\file{bar
eos-fd.d} |
\nameref{
FiledConfChapter} |
(\configF
ileFdUnix) |
(\configD
irectoryFdUnix) |
| bconsole | \file{bco
nsole.conf} |
\file{bco
nsole.d} |
\nameref{
ConsoleConfChapter} |
(\configF
ileBconsoleUnix) |
(\configD
irectoryBconsoleUnix ) |
| bareos-traymonitor | \file{tra
y-monitor.conf} |
\file{tra
y-monitor.d} |
\nameref{
section-MonitorConfig
} |
(\configF
ileTrayMonitorUnix) |
(\configD
irectoryTrayMonitorUn
ix) |
| bat | \file{bat
.conf} |
(not supported) |
(\configF
ileBatUnix) |
||
\nameref{
section-VolumeUtility
Commands} |
\file{bar
eos-sd.conf} |
\file{bar
eos-sd.d} |
| (use the bareos-sd configuration) | (\configF
ileSdUnix) |
(\configD
irectorySdUnix) |
If the subdirectory configuration is used, instead of a single configuration file, all files matching COMPONENT.d/*/*.conf are read as a configuration, see section-ConfigurationFileOrConfigurationSubDirectories.
In Bareos < 16.2.2, Bareos uses one configuration file per component.
Most larger Bareos environments split their configuration into separate files, making it easier to manage the configuration.
Also some extra packages (bareos-webui, plugins, ...) require a configuration, which must be included into the or configuration. The subdirectory approach makes it easier to add or modify the configuration resources of different Bareos packages.
The Bareos configure <section-bcommandConfigure> command requires a configuration directory structure, as provided by the subdirectory approach.
From Bareos \sinceVersion{}{Subdirectory Configuration Scheme used as Default}{16.2.4} on, new installations will use configuration subdirectories by default.
- Each configuration resource has to use its own configuration file.
- The path of a resource file is
COMPONENT.d/RESOURCETYPE/RESOURCENAME.conf. - The name of the configuration file is identical with the resource name:
- e.g.
bareos-dir.d/director/bareos-dir.confbareos-dir.d/pool/Full.conf
- Exceptions:
- The resource file
bareos-fd.d/client/myself.confalways has the file namemyself.conf, while the name is normally set to the hostname of the system.
- The resource file
- e.g.
- Example resource files:
- Additional packages can contain configuration files that are automatically included. However, most additional configuration resources require configuration. When a resource file requires configuration, it has to be included as an example file:
CONFIGDIR/COMPONENT.d/RESOURCE/NAME.conf.example- For example, the :raw-latex:`bareosWebui `entails one config resource and one config resource example for the :
CONFIGDIR/bareos-director.d/profile/webui-admin.confCONFIGDIR/bareos-director.d/console/admin.conf.example
- Additional packages can contain configuration files that are automatically included. However, most additional configuration resources require configuration. When a resource file requires configuration, it has to be included as an example file:
- extbfsection-deleteConfigurationResourceFilesDisable/remove configuration resource files:
- Normally you should not remove resources that are already in use (jobs, clients, ...). Instead you should disable them by adding the directive
\configline{Enable = no}. Otherwise you take the risk that orphaned entries are kept in the Bareos catalog. However, if a resource has not been used or all references have been cleared from the database, they can also be removed from the configuration.\warning{If you want to remove a configuration resource that is part of a Bareos package, replace the resource configuration file by an empty file. This prevents the resource from reappearing in the course of a package update.}
- Normally you should not remove resources that are already in use (jobs, clients, ...). Instead you should disable them by adding the directive
- The Subdirectories Configuration Scheme is used by default from Bareos
\sinceVersion{}{Subdirectory Configuration Scheme used as Default}{16.2.4}onwards. - They will be usable immediately after installing a Bareos component.
- If additional packages entail example configuration files (
NAME.conf.example), copy them toNAME.conf, modify it as required and reload or restart the component.
- When updating to a Bareos version containing the Subdirectories Configuration, the existing configuration will not be touched and is still the default configuration.
Best create a copy of your configuration directory before updating Bareos and modify your existing configuration file to use that other directory.- warning{Problems can occur if you have implemented an own wildcard mechanism to load your configuration
from the same subdirectories as used by the new packages (verb). In this case, newly installed configuration resource files can alter your current configuration by adding resources.}
- As long as the old configuration file (
CONFIGDIR/COMPONENT.conf) exists, it will be used. - The correct way of migrating to the new configuration scheme would be to split the configuration file into resources, store them in the resource directories and then remove the original configuration file.
For migrating the configuration, the script
\bareosMigrateConfigSh `exists. Being called, it connects via :program:`bconsoleto a running and creates subdirectories with the resource configuration files.{commands}{\bareosMigrateConfigSh} # prepare temporary directory mkdir /tmp/baroes-dir.d cd /tmp/baroes-dir.d # download migration script wget https://raw.githubusercontent.com/bareos/bareos-contrib/master/misc/bareos-migrate-config/bareos-migrate-config.sh # execute the script bash bareos-migrate-config.sh # backup old configuration mv /etc/bareos/bareos-dir.conf /etc/bareos/bareos-dir.conf.bak mv /etc/bareos/bareos-dir.d /etc/bareos/bareos-dir.d.bak # make sure, that all packaged configuration resources exists, # otherwise they will be added when updating Bareos. for i in `find /etc/bareos/bareos-dir.d.bak/ -name *.conf -type f -printf "%P\n"`; do touch "$i"; done # install newly generated configuration cp -a /tmp/bareos-dir.d /etc/bareos/Restart the and verify your configuration. Also make sure, that all resource configuration files coming from Bareos packages exists, in doubt as empty files, see remove configuration resource files.
- Another way, without splitting the configuration into resource files is:
{commands}{move configuration to subdirectory} mkdir CONFIGDIR/COMPONENT.d/migrate && mv CONFIGDIR/COMPONENT.conf CONFIGDIR/COMPONENT.d/migrate- Resources defined in both, the new configuration directory scheme and the old configuration file, must be removed from one of the places, best from the old configuration file, after verifying that the settings are identical with the new settings.
A configuration file consists of one or more resources (see section-ConfigurationResourceFormat).
Bareos programs can work with
- all resources defined in one configuration file
- configuration files that include other configuration files (see
Includes) section-ConfigurationSubdirectories, where each configuration file contains exactly one resource definition
single: Character Sets Bareos is designed to
handle most character sets of the world, US ASCII, German, French, Chinese, ... However, it does this by encoding everything in UTF-8, and it expects all configuration files (including those read on Win32 machines) to be in UTF-8 format. UTF-8 is typically the default on Linux machines, but not on all Unix machines, nor on Windows, so you must take some care to ensure that your locale is set properly before starting Bareos.
triple: Windows; Configuration Files; UTF-8; To
ensure that Bareos configuration files can be correctly read including foreign characters, the LANG environment variable must end in .UTF-8. A full example is en_US.UTF-8. The exact syntax may vary a bit from OS to OS, so that the way you have to define it will differ from the example. On most newer Win32 machines you can use notepad to edit the conf files, then choose output encoding UTF-8.
Bareos assumes that all filenames are in UTF-8 format on Linux and Unix machines. On Win32 they are in Unicode (UTF-16) and will hence be automatically converted to UTF-8 format.
pair: Configuration; Comments
When reading a configuration, blank lines are ignored and everything after a hash sign (#) until the end of the line is taken to be a comment.
A semicolon (;) is a logical end of line and anything after the semicolon is considered as the next statement. If a statement appears on a line by itself, a semicolon is not necessary to terminate it, so generally in the examples in this manual, you will not see many semicolons.
single: Including other Configuration Files
pair: Files; Including other Configuration
pair: Configuration; Including Files
If you wish to break your configuration file into smaller pieces, you can do so by including other files using the syntax \configdirective{@filename} where \file{filename} is the full path and filename of another file. The \configdirective{@filename} specification can be given anywhere a primitive token would appear.
{bconfig}{include a configuration file}
@/etc/bareos/extra/clients.confSince Bareos \sinceVersion{}{Including configuration files by wildcard}{16.2.1} wildcards in pathes are supported:
{bconfig}{include multiple configuration files}
@/etc/bareos/extra/*.confBy using \configdirective{@|command} it is also possible to include the output of a script as a configuration:
{bconfig}{use the output of a script as configuration}
@|"/etc/bareos/generate_configuration_to_stdout.sh"or if a parameter should be used:
{bconfig}{use the output of a script with parameter as a configuration}
@|"sh -c '/etc/bareos/generate_client_configuration_to_stdout.sh clientname=client1.example.com'"The scripts are called at the start of the daemon. You should use this with care.
pair: Configuration; Resource
A resource is defined as the resource type (see ResTypes), followed by an open brace ({), a number of section-ConfigurationResourceDirective`s, and
ended by a closing brace (}`)
Each resource definition MUST contain a \configdirective{Name} directive. It can contain a \configdirective{Description} directive. The \configdirective{Name} directive is used to uniquely identify the resource. The \configdirective{Description} directive can be used during the display of the Resource to provide easier human recognition. For example:
{bconfig}{Resource example}
Director {
Name = "bareos-dir"
Description = "Main Bareos Director"
Query File = "/usr/lib/bareos/scripts/query.sql"
}defines the Director resource with the name \parameter{bareos-dir} and a query file \file{/usr/lib/bareos/scripts/query.sql}.
pair: Configuration; Naming Convention
When naming resources, for some resource types naming conventions should be applied:
- Client
names should be postfixed with
\name{-fd}- Storage
names should be postfixed with
\name{-sd}- Director
names should be postfixed with
\name{-dir}
These conventions helps a lot when reading log messages.
Each directive contained within the resource (within the curly braces {}) is composed of a section-ConfigurationResourceDirectiveKeyword followed by an equal sign (=) followed by a section-ConfigurationResourceDirectiveValue. The keywords must be one of the known Bareos resource record keywords.
A resource directive keyword is the part before the equal sign (=) in a section-ConfigurationResourceDirective. The following sections will list all available directives by Bareos component resources.
Case (upper/lower) and spaces are ignored in the resource directive keywords.
Within the keyword (i.e. before the equal sign), spaces are not significant. Thus the keywords: name, Name, and N a m e are all identical.
A resource directive value is the part after the equal sign (=) in a section-ConfigurationResourceDirective.
Spaces after the equal sign and before the first character of the value are ignored. Other spaces within a value may be significant (not ignored) and may require quoting.
In general, if you want spaces in a name to the right of the first equal sign (=), you must enclose that name within double quotes. Otherwise quotes are not generally necessary because once defined, quoted strings and unquoted strings are all equal.
Within a quoted string, any character following a backslash () is taken as itself (handy for inserting backslashes and double quotes (")).
\warning{If the configure directive is used to define a number, the number is never to be put between surrounding quotes.
This is even true if the number is specified together with its unit, like \parameter{365 days}}.
Numbers are not to be quoted, see section-Quotes. Also do not prepend numbers by zeros (0), as these are not parsed in the expected manner (write 1 instead of 01).
pair: Configuration; Data Types
single: Data Type
When parsing the resource directives, Bareos classifies the data according to the types listed below.
- acl
pair: Data Type; acl
Depending on the type of the ACL, the regular expressions can be either resource names, paths or console commands.
Since Bareos
\sinceVersion{dir}{ACL: strict regular expression handling}{16.2.4}regular expression are handled more strictly. Before also substring matches has been accepted.{bconfig}{Allow only the help command} Command ACL = help{bconfig}{Allow the help and the list command} Command ACL = help, list{bconfig}{Allow the help and the (not existing) iDoNotExist command} Command ACL = help, iDoNotExist{bconfig}{Allow all commands (special keyword)} Command ACL = *all*{bconfig}{Allow all commands except sqlquery and commands starting with u} Command ACL = !sqlquery, !u.*, *all*Same:
{bconfig}{Some as above. Specifying it in multiple lines doesn't change the meaning} Command ACL = !sqlquery, !u.* Command ACL = *all*{bconfig}{Additional deny the setip and setdebug commands} Command ACL = !sqlquery Command ACL = !u.* Comamnd ACL = !set(ip|debug) Comamnd ACL = *all*warning{ ACL checking stops at the first match. So the following definition allows all commands, which might not be what you expected: }
{bconfig}{Wrong: Allows all commands} # WARNING: this configuration ignores !sqlquery, as *all* is matched before. Command ACL = *all*, !sqlquery- auth-type
pair: Data Type; auth-type
The following values are allowed:
- None
- Use no password
- Clear
- Use clear text password
- MD5
- Use MD5 hashing
- integer
pair: Data Type; integer
Don’t use quotes around the number, see
section-Quotes.- long integer
pair: Data Type; long integer
Don’t use quotes around the number, see
section-Quotes.- job protocol
pair: Data Type; job protocol
The protocol to run a the job. Following protocols are available:
- Native
Native Bareos job protocol.
- NDMP
Deprecated. Alias for
\NdmpBareos.- NDMP_BAREOS
Since Bareos
\sinceVersion{dir}{NDMP BAREOS}{17.2.3}. Seesection-NdmpBareos.- NDMP_NATIVE
Since Bareos
\sinceVersion{dir}{NDMP NATIVE}{17.2.3}. Seesection-NdmpNative.
- name
pair: Data Type; name
Please note that Bareos resource names as well as certain other names (e.g. Volume names) must contain only letters (including ISO accented letters), numbers, and a few special characters (space, underscore, ...). All other characters and punctuation are invalid.
- password
pair: Data Type; password
- path
pair: Data Type; path
- positive integer
pair: Data Type; positive integer
Don’t use quotes around the number, see
section-Quotes.- speed
pair: Data Type; speed
Don’t use quotes around the parameter, see
section-Quotes.- string
pair: Data Type; string
- string-list
pair: Data Type; string list
- strname
pair: Data Type; strname
- net-address
pair: Data Type; net-address
- net-addresses
pair: Data Type; net-addresses
{bconfig}{net-addresses} Addresses = { ip = { addr = 1.2.3.4; port = 1205;} ipv4 = { addr = 1.2.3.4; port = http;} ipv6 = { addr = 1.2.3.4; port = 1205; } ip = { addr = 1.2.3.4 port = 1205 } ip = { addr = 1.2.3.4 } ip = { addr = 201:220:222::2 } ip = { addr = server.example.com } }where ip, ip4, ip6, addr, and port are all keywords. Note, that the address can be specified as either a dotted quadruple, or in IPv6 colon notation, or as a symbolic name (only in the ip specification). Also, the port can be specified as a number or as the mnemonic value from the
\file{/etc/services}file. If a port is not specified, the default one will be used. If an ip section is specified, the resolution can be made either by IPv4 or IPv6. If ip4 is specified, then only IPv4 resolutions will be permitted, and likewise with ip6.- net-port
pair: Data Type; net-port
Don’t use quotes around the parameter, see
section-Quotes.- resource
pair: Data Type; resource
- size
pair: Data Type; size
- time
pair: Data Type; time
- audit-command-list
pair: Data Type; audit command list
{bconfig}{} Audit Events = label Audit Events = restoreBased on the type
\dtStringList.\yesnopair: Data Type; yesno
pair: Data Type; boolean
Depending on the directive, Bareos will expand to the following variables:
When labeling a new volume (see \linkResourceDirective{Dir}{Pool}{Label Format}), following Bareos internal variables can be used:
| Internal Variable | Description |
| $Year | Year |
| $Month | Month: 1-12 |
| $Day | Day: 1-31 |
| $Hour | Hour: 0-24 |
| $Minute | Minute: 0-59 |
| $Second | Second: 0-59 |
| $WeekDay | Day of the week: 0-6, using 0 for Sunday |
| $Job | Name of the Job |
| $Dir | Name of the Director |
| $Level | Job Level |
| $Type | Job Type |
| $JobId | JobId |
| $JobName | unique name of a job |
| $Storage | Name of the Storage Daemon |
| $Client | Name of the Clients |
| $NumVols | Numbers of volumes in the pool |
| $Pool | Name of the Pool |
| $Catalog | Name of the Catalog |
| $MediaType | Type of the media |
Additional, normal environment variables can be used, e.g. $HOME oder $HOSTNAME.
With the exception of Job specific variables, you can trigger the variable expansion by using the var command <var>.
At the configuration of autochanger commands the following variables can be used:
| Variable | Description |
\parameter{\%a} |
Archive Device Name |
\parameter{\%c} |
Changer Device Name |
\parameter{\%d} |
Changer Drive Index |
\parameter{\%f} |
Client’s Name |
\parameter{\%j} |
Job Name |
\parameter{\%o} |
Command |
\parameter{\%s} |
Slot Base 0 |
| :raw-latex:parameter{%S} | Slot Base 1 |
| :raw-latex:parameter{%v} | Volume Name |
At the configuration of mount commands the following variables can be used:
| Variable | Description |
\parameter{\%a} |
Archive Device Name |
\parameter{\%e} |
Erase |
\parameter{\%n} |
Part Number |
| :raw-latex:parameter{%m} | Mount Point |
| :raw-latex:parameter{%v} | Last Part Name |
Variable Expansion on RunScripts is described at \linkResourceDirective{Dir}{Job}{Run Script}.
At the configuration of mail and operator commands the following variables can be used:
| Variable | Description |
\parameter{\%c} |
Client’s Name |
\parameter{\%d} |
Director’s Name |
\parameter{\%e} |
Job Exit Code |
\parameter{\%i} |
JobId |
\parameter{\%j} |
Unique Job Id |
\parameter{\%l} |
Job Level |
\parameter{\%n} |
Unadorned Job Name |
\parameter{\%s} |
Since Time |
\parameter{\%t} |
Job Type (Backup, ...) |
\parameter{\%r} |
Recipients |
\parameter{\%v} |
Read Volume Name |
\parameter{\%V} |
Write Volume Name |
\parameter{\%b} |
Job Bytes |
\parameter{\%B} |
Job Bytes in human readable format |
\parameter{\%F} |
Job Files |
pair: Types; Resource
single: Resource Types
The following table lists all current Bareos resource types. It shows what resources must be defined for each service (daemon). The default configuration files will already contain at least one example of each permitted resource.
|
|
|
|
|
|---|---|---|---|---|
| Autochanger |
|
|||
| Catalog |
|
|||
| Client |
|
|
||
| Console |
|
|
||
| Device |
|
|||
| Director |
|
|
|
|
| FileSet |
|
|||
| Job |
|
|||
| JobDefs |
|
|||
| Message |
|
|
|
|
| NDMP |
|
|||
| Pool |
|
|||
| Profile |
|
|||
| Schedule |
|
|||
| Storage |
|
|
pair: Authorization; Names and Passwords
single: Passwords
In order for one daemon to contact another daemon, it must authorize itself with a password. In most cases, the password corresponds to a particular name, so both the name and the password must match to be authorized. Passwords are plain text, any text. They are not generated by any special process; just use random text.
The default configuration files are automatically defined for correct authorization with random passwords. If you add to or modify these files, you will need to take care to keep them consistent.
In the left column, you can see the Director, Storage, and Client resources and their corresponding names and passwords – these are all in \file{bareos-dir.conf}. In the right column the corresponding values in the Console, Storage daemon (SD), and File daemon (FD) configuration files are shown.
Please note that the address \host{fw-sd}, that appears in the Storage resource of the Director, is passed to the File daemon in symbolic form. The File daemon then resolves it to an IP address. For this reason you must use either an IP address or a resolvable fully qualified name. A name such as \host{localhost}, not being a fully qualified name, will resolve in the File daemon to the \host{localhost} of the File daemon, which is most likely not what is desired. The password used for the File daemon to authorize with the Storage daemon is a temporary password unique to each Job created by the daemons and is not specified in any .conf file.