Director and Storage Daemon on Different Hosts

Let’s consider the “darkstart-dir” director on “darkstar.example.com” and the “caladan-sd” Storage Daemon running on “caladan.example.com”.

• In bacula-dir.conf:

Storage {
    Name = VTL-storage
    SD Port = 9113
    Address = caladan.example.com
    Password = "password"
    Device = "Virtual Tape Library"
    Autochanger = yes
    Media Type = VTL
    Maximum Concurrent Jobs = 30
    TLS Enable = yes
    TLS Require = yes
    TLS CA Certificate File = /usr/local/bacula/etc/ssl/certs/root_cert.pem
    TLS Certificate = /usr/local/bacula/etc/ssl/certs/darkstar_cert.pem
    TLS Key = /usr/local/bacula/etc/ssl/keys/darkstar_key.pem
}

• In bacula-sd.conf:

Director {
    Name = darkstar-dir
    Password = "password"
    TLS Enable = yes
    TLS Require = yes
    TLS Verify Peer = yes
    TLS Allowed CN = caladan.example.com
    TLS CA Certificate File = /usr/local/bacula/etc/ssl/certs/root_cert.pem
    TLS Certificate = /usr/local/bacula/etc/ssl/certs/caladan_cert.pem
    TLS Key = /usr/local/bacula/etc/ssl/keys/caladan_key.pem
}

See also

Previous articles:

• Director and Storage Daemon on the Same "darkstar" Host

Go back to: Enable TLS Communications Encryption between Director and Storage Daemon.