Instalação e Configuração do Bacula no CentOS 6.4

Prepare o seu sistema com o seguinte script http://wiki.douglasqsantos.com.br/doku.php/confinicialcentos6_en para que não falte nenhum pacote ou configuração.

O que eu vou utilizar:

  • CentOS 6.4
    • Bacula Server
    • IP: 192.168.0.80/24
    • Hostname: bacula.douglasqsantos.com.br
  • CentOS 6.4
    • Bacula Client
    • IP: 192.168.0.81/24
    • Hostname: centos.douglasqsantos.com.br
  • Debian Squeeze
    • Bacula Client
    • IP: 192.168.0.82/24
    • Hostname: squeeze.douglasqsantos.com.br
  • Debian Wheezy
    • Bacula Client
    • IP: 192.168.0.83/24
    • Hostname: wheezy.douglasqsantos.com.br
  • FreeBSD 9.1
    • Bacula Client
    • IP: 192.168.0.84
    • Hostname: freebsd.douglasqsantos.com.br
  • OpenBSD 5.3
    • Bacula Client
    • IP: 192.168.0.85/24
    • Hostname: openbsd.douglasqsantos.com.br
  • Windows 2008 R2
    • Bacula Client
    • IP: 192.168.0.86/24
    • Hostname: win2k8R2.douglasqsantos.com.br
  • Windows 2012
    • Bacula Client
    • IP: 192.168.0.87/24
    • Hostname: win2k12.douglasqsantos.com.br

Vamos ajustar o /etc/hosts pois não estou utilizando dns, porém pode ser utilizado o serviço de dns para identificar os cliente

vim /etc/hosts
[...]
192.168.0.80  bacula.douglasqsantos.com.br  bacula
192.168.0.81  centos.douglasqsantos.com.br  centos
192.168.0.82  squeeze.douglasqsantos.com.br squeeze
192.168.0.83  wheezy.douglasqsantos.com.br  wheezy
192.168.0.84  freebsd.douglasqsantos.com.br freebsd
192.168.0.85  openbsd.douglasqsantos.com.br openbsd
192.168.0.86  win2k8R2.douglasqsantos.com.br win2k8R2
192.168.0.87  win2k12.douglasqsantos.com.br win2k12

Vamos atualizar os repositório e vamos fazer um upgrade do sistema

yum check-update && yum update -y

Agora vamos instalar os pacotes para a configuração do postgreSQL

yum install postgresql postgresql-contrib postgresql-devel postgresql-docs postgresql-libs postgresql-server perl-Class-DBI-Pg -y

Agora vamos instalar os pacotes que vamos precisar para compilar o Bacula

yum install readline-devel readline-static readline zlib zlib-devel zlib-static libmcrypto-devel openssl-devel -y

Agora vamos instalar os pacotes que vamos precisar para o webmin

yum install perl-Net-SSLeay perl-Crypt-SSLeay perl-IO-Pty-Easy perl-Authen-PAM perl-ExtUtils-PkgConfig -y

Agora vamos inserir o postgreSQL na inicialização do CentOS

chkconfig --add postgresql
chkconfig postgresql on

Agora vamos iniciar o banco postgreSQL

/etc/init.d/postgresql initdb

Agora vamos deixar o listen_address do postgreSQL da seguinte forma

vim /var/lib/pgsql/data/postgresql.conf
[...]
listen_addresses = '*'
[...]

Agora vamos deixar a ultima linha do pg_hda com autenticação do tipo md5 que o bacula vai utilizar

vim /var/lib/pgsql/data/pg_hba.conf
[...]
host    all         all         ::1/128               md5

Agora vamos reiniciar o postgreSQL

/etc/init.d/postgresql restart

Agora vamos criar um arquivo com os dados que precisamos importar no postgreSQL

vim /tmp/base.sql
ALTER USER postgres WITH PASSWORD 'senha';
CREATE USER bacula WITH PASSWORD 'senha';
CREATE DATABASE bacula WITH OWNER bacula ENCODING 'SQL_ASCII' TEMPLATE=template0;

Agora vamos importar o arquivo para o postgreSQL

su postgres -c 'psql -f /tmp/base.sql'

Agora vamos criar os diretórios para o bacula

mkdir /var/lib/bacula
mkdir /var/run/bacula
mkdir /var/log/bacula
mkdir -p /etc/bacula/scripts
mkdir /etc/bacula/clientes
mkdir -p /etc/bacula/keys/clientes
mkdir /srv/backup

Agora vamos criar um usuário

useradd -s /bin/bash -d /var/lib/bacula  bacula

Agora vamos ajustar as permissões dos diretórios

chown -R bacula:bacula /var/lib/bacula /var/run/bacula /var/log/bacula /etc/bacula

Agora vamos acessar o diretório /usr/src

cd /usr/src

Agora vamos obter o bacula

wget -c http://wiki.douglasqsantos.com.br/Downloads/bacula/bacula-5.2.13.tar.gz

Agora vamos desempacotar o bacula

tar -xzvf bacula-5.2.13.tar.gz

Agora vamos acessar o diretório dos fontes do bacula

cd bacula-5.2.13/

Agora vamos gerar a configuração do bacula

CFLAGS="-g -Wall" ./configure --with-openssl=yes --enable-smartalloc --with-postgresql  --with-db-name=bacula --with-db-user=bacula --with-db-password=senha --with-db-port=5432 --with-working-dir=/var/lib/bacula --with-pid-dir=/var/run/bacula --with-logdir=/var/log/bacula --with-readline=/usr/include/readline  --disable-conio --with-scriptdir=/etc/bacula/scripts

Agora vamos compilar o bacula e mandar instalar ele

make && make install && make install-autostart

Agora vamos ajustar as permissões do diretório do bacula

chown -R bacula:bacula /etc/bacula

Agora vamos popular o banco de dados do bacula

su - bacula -c '/etc/bacula/scripts/make_postgresql_tables -U bacula -d bacula'

Agora vamos desativar o bash do bacula

usermod -s /bin/false bacula

Agora vamos criar um diretório para armazenar os arquivos do bacula

mkdir /usr/src/olds

Agora vamos copiar os arquivos

cp -Rfa /etc/bacula /usr/src/olds/bacula

Agora vamos configurar o bacula-dir.conf que vai ser a base do nosso bacula

vim /etc/bacula/bacula-dir.conf
############################################
# ARQUIVO DE CONFIGURACAO PADRAO DO BACULA #
############################################

# DEFININDO O 'DIRECTOR' #

Director {
  Name = bacula-dir
  DIRport = 9101                                      # Porta de Comunicacao do Bacula
  QueryFile = "/etc/bacula/scripts/query.sql"         # Script de Query
  WorkingDirectory = "/var/lib/bacula"                # Diretório de Trabalho do Bacula
  PidDirectory = "/var/run/bacula"                    # PID do Bacula
  Maximum Concurrent Jobs = 1                         # Maximo de Backups em Execucao
  Password = "Cv70F6pf1t6pBopT4vQOnigDrR0v3L"         # Senha para ajustar no Bconsole
  Messages = Daemon                                   # Nivel de mensagens
}

# DEFINICOES DE CLIENTES E JOBS #
# ARQUIVO ONDE SERA CONFIGURADO E AJUSTADO OS CLIENTES E JOBS DO BACULA #

@/etc/bacula/bacula-dir-clients-and-jobs.conf

# DEFINICOES DE ARQUIVOS PARA BACKUP - (FILE SETS)#
# ARQUIVO ONDE SERA CONFIGURADO E AJUSTADO OS 'FILE SETS' DO BACULA #

@/etc/bacula/bacula-dir-filesets.conf


# DEFINICOES DE AGENDAMENTO DOS BACKUPS #
@/etc/bacula/bacula-dir-agendamento.conf


# DEFINICOES DE DISPOSITIVO DE ARMAZENAMENTO #
# AQUI DEFINIMOS O STORAGE A SER UTILIZADO PELO BACULA #


Storage {
  Name = File
  Address = bacula.douglasqsantos.com.br                       # Pode ser usado Nome ou IP
  SDPort = 9103                                      # Porta de Comunicação do Storage
  Password = "LE_T_-c_55qu1f777Dm52map-s3xpgR4q"     # Senha Storage Bacula
  Device = FileStorage                               # Device de Storage
  Media Type = File                                  # Tipo de Midia (Fita, DVD, HD)
  Maximum Concurrent Jobs = 10                       # Num. Maximo de Jobs executados nessa Storage.
}

# Generic catalog service
Catalog {
  Name = Catalogo            # Nome do Catalogo
  dbname = "bacula"; dbaddress = "localhost";  dbuser = "bacula"; dbpassword = "senha"  # Configuracoes do POSTGRESQL

}

# Reasonable message delivery -- send most everything to email address
#  and to the console
Messages {
  Name = Standard

# ABAIXO E POSSIVEL AJUSTAR COMO O BACULA ENVIARA MENSAGENS AO ADMINISTRADOR #

  mailcommand = "/sbin/bsmtp -h localhost -f \"\(Bacula\) \<%r\>\" -s \"Bacula: %t %e of %c %l\" %r"
  operatorcommand = "/sbin/bsmtp -h localhost -f \"\(Bacula\) \<%r\>\" -s \"Bacula: Intervention needed for %j\" %r"
  mail = root@localhost = all, !skipped
  operator = root@localhost = mount
  console = all, !skipped, !saved
  append = "/var/log/bacula/bacula.log" = all, !skipped
  catalog = all
}

# Message delivery for daemon messages (no job).
Messages {
  Name = Daemon
  mailcommand = "/sbin/bsmtp -h localhost -f \"\(Bacula\) \<%r\>\" -s \"Bacula daemon message\" %r"
  mail = root@localhost = all, !skipped
  console = all, !skipped, !saved
  append = "/var/log/bacula/bacula.log" = all, !skipped
}

# POOL PADRAO DEFINIDO
Pool {
  Name = File                         # o Job de Backup por padrao aponta para o 'File'
  Pool Type = Backup          # O Tipo do Pool = Backup, Restore, Etc.
  Recycle = yes                       # Bacula can automatically recycle Volumes
  AutoPrune = yes                     # Prune expired volumes
  Volume Retention = 1 month          # Retencao de Volume = 1 Mes
  Volume Use Duration = 23 hours      # Duracao de um volume aberto
  Maximum Volume Bytes = 20 Gb        # Tamanho maximo de um volume
  Maximum Volumes      = 10           # Volume Bytes X Volumes <= Dispositivo de backup
  LabelFormat          = "volume"     # Nome Default do Volume
}


# Scratch pool definition
# Volumes que serao emprestado a alguma Pool temporariamente
Pool {
  Name = Scratch
  Pool Type = Backup
}

#
# Restricted console used by tray-monitor to get the status of the director
Console {
  Name = bacula-mon
  Password = "aNy+nof5uHWBvO3tv8YRy5OJo3YVDsuAuET06WRmDcuw"
  CommandACL = status, .status
}

Agora vamos criar o arquivo que vai armazenar os clientes e o jobs

vim /etc/bacula/bacula-dir-clients-and-jobs.conf
###################################################
## ARQUIVO DE CONFIGURACAO PARA CLIENTES E JOBS  ##
###################################################

# JOB PADRAO PARA O BACULA SERVER #
JobDefs {
        Name = "DefaultJobs"                            # Nome do Job Padrao
        Type = Backup                                   # Tipo de Job (Backup, Restore, Verificacao)
        Level = Incremental                             # Nivel do Job (Full, Incremental, Diferencial)
        Client = bacula-fd                              # Nome do Cliente FD
        FileSet = "Full Set"                            # File Set Definido para Esse Job
        Schedule = "WeeklyCycle"                        # Agendamento Definido para Esse Job
        Storage = File                                  # Define Storage
        Messages = Standard                             # Nivel de mensagens
        Pool = File                                     # Define a Pool
        Priority = 10                                   # Qual o nivel de Prioridade
        Write Bootstrap = "/var/lib/bacula/%c.bsr"      # Arquivo gerado pelo Bacula para armazenar informacoes de backups feitos em seus clientes.
# AS OPCOES ABAIXO EVITAM QUE SEJAM DUPLICADO JOBS NO SERVIDOR, CASO TENHA UM JOB DUPLICADO O MESMO E CANCELADO
        Allow Duplicate Jobs = no                       # Permite Jobs Duplicados
        Cancel Lower Level Duplicates = yes             # Cancela niveis inferiores duplicados
}

# JOB DE BACKUP PARA OS SERVIDORES WINDOWS SERVER #
JobDefs {
        Name = "DefaultWindows"                         # Nome do Job Para Servidores Windows
        Type = Backup                                   # Tipo de Job (Backup, Restore, Verificacao)
        Level = Incremental                             # Nivel do Job (Full, Incremental, Diferencial)
        Client = bacula-fd                              # Nome do Cliente FD
        FileSet = "WindowsFS"                           # File Set Definido para Esse Job
        Schedule = "CicloBackupWindows"                 # Agendamento Definido para Esse Job
        Storage = File                                  # Define Storage
        Messages = Standard                             # Nivel de mensagens
        Pool = File                                     # Define a Pool
        Priority = 10                                   # Qual o nivel de Prioridade
        Write Bootstrap = "/var/lib/bacula/%c.bsr"      # Arquivo gerado pelo Bacula para armazenar informacoes de backups feitos em seus clientes.
# AS OPCOES ABAIXO EVITAM QUE SEJAM DUPLICADO JOBS NO SERVIDOR, CASO TENHA UM JOB DUPLICADO O MESMO E CANCELADO
        Allow Duplicate Jobs = no                       # Permite Jobs Duplicados
        Cancel Lower Level Duplicates = yes             # Cancela niveis inferiores duplicados
}

# JOB DE BACKUP DO CATALOGO #
Job {
        Name = "BackupCatalogo"                                                    # Nome do Job Para Backup do Catalogo
        JobDefs = "DefaultJobs"                                                    # JobDefs usado para operacao
        Level = Full                                                               # Nivel do Job (Full, Incremental, Diferencial)
        FileSet = "Catalogo"                                                       # File Set Definido para Esse Job
        Schedule = "WeeklyCycleAfterBackup"                                        # Agendamento Definido para Esse Job
        RunBeforeJob = "/etc/bacula/scripts/make_catalog_backup.pl Catalogo"       # Acao executada antes da operacao
        Write Bootstrap = "/var/lib/bacula/%c.bsr"                                 # Arquivo gerado pelo Bacula para armazenar informacoes de backups feitos em seus clientes.
        Priority = 11                                                              # Executar depois do Backup - ajustar prioridade
}

# JOB DE RESTAURACAO - (RESTORE) - SO E PRECISO ESSE JOBS PARA RESTAURACAO DE BACKUP #
Job {
        Name = "RestoreFiles"                                                 # Nome do Job Para Restore
        Type = Restore                                                        # Tipo de Job (Backup, Restore, Verificacao)
        Client = bacula-fd                                                    # Nome do Cliente FD
        FileSet = "Full Set"                                                  # File Set Definido para Esse Job
        Storage = File                                                        # Agendamento Definido para Esse Job
        Pool = File                                                           # Define a Pool
        Messages = Standard                                                   # Nivel de mensagens
        Where = /tmp/bacula-restores                                          # Diretorio onde o bacula ira restaurar os arquivos nos clientes
}

#######################################################################
## AQUI VAMOS DEFINIR OS CLIENTES E JOBS PARA CADA CLIENTE ADICIONADO #
#######################################################################

## ------------------------------------------------------------------- ##
# JOB DE BACKUP PARA O DIRECTOR DO BACULA
# HOSTNAME: bacula.douglasqsantos.com.br
# IP: localhost

Job {
        Name = "BackupDirector"                           # Nome do Job para Backup do Director (Proprio Servidor Bacula)
        JobDefs = "DefaultJobs"                           # JObDefs Definido
        Client = bacula-fd                                # Cliente fd
}

Client {
  Name = bacula-fd                                        # Cliente fd
  Address = bacula.douglasqsantos.com.br                            # Ajustado no /etc/hosts
  Password = "ExgYbEinJWMf7lsWPBcpffZaNMmiGcbgp"          # Senha do Director do Bacula
  @/etc/bacula/clientes/basic-client  # Arquivo onde contem informacoes sobre o cliente.
}
## -------------------------------------------------------------------- ##

Agora vamos criar o arquivo que vai controlar os filesets que vão ser os arquivos/diretório que vão ser copiados

vim /etc/bacula/bacula-dir-filesets.conf
###################################################
## ARQUIVO DE CONFIGURACAO PARA CLIENTES E JOBS  ##
###################################################

# LISTA DOS ARQUIVOS QUE SERAO COPIADOS

FileSet {
        Name = "Full Set"                                       # Nome do FileSets
# Arquivos que serao incluidos para serem copiados ao backup
        Include {
                Options {
                        signature = SHA1
                        compression = GZIP
                        verify = pin1
                        onefs = no
                }
                File = /etc
                File = /root
                File = /var/log
                File = /home
                File = /etc/bacula/
                }
# Arquivos que serao ignorados ao backup
        Exclude {
                File = /var/lib/bacula
                File = /proc
                File = /tmp
                File = /.journal
                File = /.fsck
                }
}

# LISTA DOS ARQUIVOS QUE SERAO COPIADOS - CATALOGO #

FileSet {
        Name = "Catalogo"
# Arquivos que serao incluidos para serem copiados ao backup
        Include {
                Options {
                        signature = SHA1
                        compression = GZIP
                        verify = pin1
                        onefs = no
                }
                File = "/var/lib/bacula/bacula.sql"
                }
}

# LISTA DOS ARQUIVOS QUE SERAO COPIADOS - SISTEMA WINDOWS SERVER #

FileSet {
        Name = "WindowsFS"
  #Habilita o Volume shadow copy service
  Enable VSS = yes
# Arquivos que serao incluidos para serem copiados ao backup
        Include {
#               Plugin = "alldrivers"
                        Options {
                                signature = SHA1
                                Compression = GZIP1
                                OneFS = no
                                }
                        File = "C:/"
                }
}

Arquivo de controle dos agendamentos

vim /etc/bacula/bacula-dir-agendamento.conf
#################################################################
## ARQUIVO DE CONFIGURACAO DE AGENDAMENTO DE TAREFAS DO BACULA ##
#################################################################
# DEFINICOES DE AGENDAMENTO DOS BACKUPS #

# AGENDAMENTO PADRAO DO BACULA - CICLO SEMANAL DE BACKUP #
Schedule {
  Name = "WeeklyCycle"                          # Ciclo Semanal de Backup
  Run = Level=Full 1st sun at 23:05                   # Backup Full no Primeiro Domingo do Mes as 23:05 hrs
  Run = Level=Differential 2nd-5th sun at 16:50       # Backup Diferencial de Seg. a Sabado as 23:05 hrs
  Run = Level=Incremental mon-sat at 10:30            # Backup Incremental de Seg. a Sabado as 23:05 hrs
}

# AGENDAMENTO PARA SERVIDOR LINUX - CICLO SEMANAL DE BACKUP #
Schedule {
  Name = CicloBackupProxy
  Run = Level=Full 1st sun at 23:00
  Run = Level=Full mon-sat at 10:00
}

# AGENDAMENTO PARA SERVIDOR WINDOWS SERVER - CICLO SEMANAL DE BACKUP #
Schedule {
  Name = "CicloBackupWindows"                          # Ciclo Semanal de Backup
  Run = Level=Full 1st sun at 23:00                          # Backup Full no Primeiro Domingo do Mes as 23:05 hrs
  Run = Level=Differential 2nd-5th sun at 14:10              # Backup Diferencial de Seg. a Sabado as 11:40 hrs
  Run = Level=Full mon-sat at 10:00                          # Backup Incremental de Seg. a Sabado as 11:25
}

# DEFINICOES DE AGENDAMENTO DO BACKUP DOS CATALOGOS #
#        FEITO SEMPRE DEPOIS DOS BACKUPS            #
Schedule {
  Name = "WeeklyCycleAfterBackup"
  Run = Level=Full sun-sat at 09:15
}

Agora vamos criar o arquivo de configuração da storage aonde vai ser armazenados os backups

vim /etc/bacula/bacula-sd.conf
##############################################################
# ARQUIVO PADRAO DE CONFIGURACAO DE STORAGE DO BACULA      #
##############################################################

Storage {
  Name = bacula-sd                                # Nome do Storage
  SDPort = 9103                                   # Porta do Director
  WorkingDirectory = "/var/lib/bacula"            # Diretorio de Trabalho
  Pid Directory = "/var/run/bacula"               # Pid do Bacula
  Maximum Concurrent Jobs = 20                    # Maximo de Backups em Execucao
  SDAddress = bacula.douglasqsantos.com.br                  # Nome ou IP do Storage do Bacula
  SDAddress = 0.0.0.0                           # Comentar ou remover essa Linha para nao fazer loopback
}

#
# List Directors who are permitted to contact Storage daemon
#
Director {
  Name = bacula-dir
  Password = "LE_T_-c_55qu1f777Dm52map-s3xpgR4q"
}

#
# Restricted Director, used by tray-monitor to get the
#   status of the storage daemon
# Usado pelo tray-monitor do bacula para obter status do servidor
Director {
  Name = bacula-mon
  Password = "kNuOgEZUq2pqP6hRqPHMHm7UyxCOG1LBf"
  Monitor = yes
}


# ABAIXO DEFINIMOS O NOME, TIPO, E O DIRETÓRIO DE ARQUIVOS DO BACULA

Device {
  Name = FileStorage                      # Nome do Device
  Media Type = File                       # Tipo de Midia (DVD, CD, HD, FITA)
  Archive Device = /srv/backup            # Diretorio onde serao salvos os volumes de backup
  LabelMedia = yes;                       # Midias de Etiquetamento do Bacula
  Random Access = Yes;                    #
  AutomaticMount = yes;                   # Montar Automaticamente
  RemovableMedia = no;                    # Midia Removivel
  AlwaysOpen = no;                        # Manter Sempre Aberto
}

#
# Send all messages to the Director,
# mount messages also are sent to the email address
#
Messages {
  Name = Standard
  director = bacula-dir = all
}

Agora vamos criar o arquivo de configuração do cliente bacula, pois o nosso servidor bacula tambem vai ser cliente

vim /etc/bacula/bacula-fd.conf
##############################################################
# ARQUIVO DE CONFIGURACAO DO FILE DAEMON DO BACULA           #
##############################################################

#
# List Directors who are permitted to contact this File daemon
#
Director {
  Name = bacula-dir                                  # Nome do Director
  Password = "ExgYbEinJWMf7lsWPBcpffZaNMmiGcbgp"     # ESTA SENHA ESTA DEFINIDA NO ARQUIVO DE CLIENTE EM /ETC/BACULA/BACULA-DIR-CLIENTS-AND-JOBS.CONF
}

#
# Restricted Director, used by tray-monitor to get the
#   status of the file daemon
#
Director {
  Name = bacula-mon
  Password = "z27BNYXA9dx1SZWk1vp-kSZ8azwz2HMS8"    # ESTA SENHA E UTILIZADO PELO BACULA-MONITOR
  Monitor = yes
}

#
# "Global" File daemon configuration specifications
#
FileDaemon {
  Name = bacula-fd                                  # Nome do Bacula-fd
  FDport = 9102                                     # Porta de Comunicacao do bacula-fd
  WorkingDirectory = /var/lib/bacula                # Diretorio de trabalho
  Pid Directory = /var/run/bacula                   # Diretorio de Pid
  Maximum Concurrent Jobs = 20                      # Numero maximo de jobs executados no bacula
  FDAddress = 0.0.0.0                     # COMENTAR OU REMOVER ESSA LINHA PARA QUE ELE POSSA 'OUVIR' CONEXOES EM TODAS AS INTERFACES
}

# Send all messages except skipped files back to Director
Messages {
  Name = Standard
  director = bacula-dir = all, !skipped, !restored        # AS MENSAGEM SAO ENCAMINHADAS PARA O 'BACULA-DIR' DEFINIDO NESSA LINHA
}

Agora vamos criar um arquivo de controle generico para os clientes

vim /etc/bacula/clientes/basic-client
##########################################################
## ARQUIVO PARA CONFIGURACAO DE CLIENTE LINUX NO BACULA ##
##########################################################

        Catalog = Catalogo        # Nome do Catalogo definido
        File Retention = 30 days                        # Tempo de Retencao do Backup
        Job Retention = 6 months                        # Tempo de Retencao do Job
        AutoPrune = yes                                 # Prune de Jobs/Arquivos Expirados

Agora vamos ajustar o arquivo do bconsole que é um cliente em modo texto para operar o bacula

vim /etc/bacula/bconsole.conf
#Configuração do Bacula console (bconsole)
Director {
  Name = bacula-dir #Nome do servidor que é o bacula director
  DIRport = 9101 #Porta que o bacula director está escutando
  address = bacula #endereço do servidor bacula director
  Password = "Cv70F6pf1t6pBopT4vQOnigDrR0v3L" #senha do bacula director
}

Agora vamos ajustar as permissões dos diretório que vão armazenar os backups

chown bacula:tape /srv/backup
chown -R bacula:bacula /etc/bacula

Agora vamos inserir o bacula na inicialização do sistema

chkconfig --add bacula-dir
chkconfig bacula-dir on
chkconfig --add bacula-sd
chkconfig bacula-sd on
chkconfig --add bacula-fd
chkconfig bacula-fd on

Agora vamos iniciar o serviço do bacula

/etc/init.d/bacula-dir start
/etc/init.d/bacula-sd start
/etc/init.d/bacula-fd start

Agora vamos se conectar no bconsole

bconsole
Connecting to Director bacula:9101
1000 OK: bacula-dir Version: 5.2.13 (19 February 2013)
Enter a period to cancel a command.
*

Agora vamos conferir o status do nosso director

*status director 
bacula-dir Version: 5.2.13 (19 February 2013) x86_64-unknown-linux-gnu redhat 
Daemon started 11-Mai-13 17:49. Jobs: run=0, running=0 mode=0,0
 Heap: heap=258,048 smbytes=57,667 max_bytes=88,987 bufs=224 max_bufs=378

Scheduled Jobs:
Level          Type     Pri  Scheduled          Name               Volume
===================================================================================
Full           Backup    11  12-Mai-13 09:15    BackupCatalogo     *unknown*
Differential   Backup    10  12-Mai-13 16:50    BackupDirector     *unknown*
====

Running Jobs:
Console connected at 11-Mai-13 17:51
No Jobs running.
====
No Terminated Jobs.
====

Como podemos notar até o momento não temos nenhum backup do nosso Bacula

Vamos fazer o backup do catalog dele primeiro.

*run
Automatically selected Catalog: Catalogo
Using Catalog "Catalogo"
A job name must be specified.
The defined Job resources are:
     1: BackupCatalogo
     2: RestoreFiles
     3: BackupDirector
Select Job resource (1-3): 1
Run Backup job
JobName:  BackupCatalogo
Level:    Full
Client:   bacula-fd
FileSet:  Catalogo
Pool:     File (From Job resource)
Storage:  File (From Job resource)
When:     2013-05-11 17:53:11
Priority: 11
OK to run? (yes/mod/no): yes
Job queued. JobId=1

Agora vamos listar os nosso jobs

*list jobs
+-------+----------------+---------------------+------+-------+----------+----------+-----------+
| jobid | name           | starttime           | type | level | jobfiles | jobbytes | jobstatus |
+-------+----------------+---------------------+------+-------+----------+----------+-----------+
|     1 | BackupCatalogo | 2013-05-11 17:53:14 | B    | F     |        1 |   43,545 | T         |
+-------+----------------+---------------------+------+-------+----------+----------+-----------+
You have messages.

Note que temos uma mensagem vamos visualizar ela

*mes
11-Mai 17:55 bacula-dir JobId 1: shell command: run BeforeJob "/etc/bacula/scripts/make_catalog_backup.pl Catalogo"
11-Mai 17:55 bacula-dir JobId 1: Start Backup JobId 2, Job=BackupCatalogo.2013-05-11_17.55.06_06
11-Mai 17:55 bacula-dir JobId 1: Using Device "FileStorage" to write.
11-Mai 17:55 bacula-sd JobId 1: Volume "volume0001" previously written, moving to end of data.
11-Mai 17:55 bacula-sd JobId 1: Ready to append to end of Volume "volume0001" size=44303
11-Mai 17:55 bacula-sd JobId 1: Elapsed time=00:00:01, Transfer rate=7.062 K Bytes/second
11-Mai 17:55 bacula-dir JobId 1: Bacula bacula-dir 5.2.13 (19Jan13):
  Build OS:               x86_64-unknown-linux-gnu redhat 
  JobId:                  1
  Job:                    BackupCatalogo.2013-05-11_17.55.06_06
  Backup Level:           Full
  Client:                 "bacula-fd" 5.2.13 (19Jan13) x86_64-unknown-linux-gnu,redhat,
  FileSet:                "Catalogo" 2013-05-11 17:53:12
  Pool:                   "File" (From Job resource)
  Catalog:                "Catalogo" (From Client resource)
  Storage:                "File" (From Job resource)
  Scheduled time:         11-Mai-2013 17:55:02
  Start time:             11-Mai-2013 17:55:09
  End time:               11-Mai-2013 17:55:09
  Elapsed time:           0 secs
  Priority:               11
  FD Files Written:       1
  SD Files Written:       1
  FD Bytes Written:       6,949 (6.949 KB)
  SD Bytes Written:       7,062 (7.062 KB)
  Rate:                   0.0 KB/s
  Software Compression:   85.1 %
  VSS:                    no
  Encryption:             no
  Accurate:               no
  Volume name(s):         volume0001
  Volume Session Id:      2
  Volume Session Time:    1368305134
  Last Volume Bytes:      51,805 (51.80 KB)
  Non-fatal FD errors:    0
  SD Errors:              0
  FD termination status:  OK
  SD termination status:  OK
  Termination:            Backup OK

11-Mai 17:55 bacula-dir JobId 1: Begin pruning Jobs older than 6 months .
11-Mai 17:55 bacula-dir JobId 1: No Jobs found to prune.
11-Mai 17:55 bacula-dir JobId 1: Begin pruning Files.
11-Mai 17:55 bacula-dir JobId 1: No Files found to prune.
11-Mai 17:55 bacula-dir JobId 1: End auto prune.

O que precisamos notar aqui é Software Compression: 85.1 % tivemos uma boa compressão eu usei o formato GZIP para compactar os dados o padrão dele é GZIP6 chegando no máximo até o GZIP9 porém quando mais compressão mais processamento. Note também que eu setei a assinatura dos dados ou seja a sua criptografia mais não foi feita nosso parâmetro de consulta é Encryption: no

Agora que já fizemos um backup do catalogo que é o banco de dados do bacula que armazena as informações sobre cliente, storage, volumes e afins agora vamos fazer um backup dos dados do nosso Bacula

*run
A job name must be specified.
The defined Job resources are:
     1: BackupCatalogo
     2: RestoreFiles
     3: BackupDirector
Select Job resource (1-3): 3
Run Backup job
JobName:  BackupDirector
Level:    Incremental
Client:   bacula-fd
FileSet:  Full Set
Pool:     File (From Job resource)
Storage:  File (From Job resource)
When:     2013-05-11 17:59:21
Priority: 10
OK to run? (yes/mod/no): yes
Job queued. JobId=3
You have messages.

Agora vamos consultar os jobs

*list jobs
+-------+----------------+---------------------+------+-------+----------+-----------+-----------+
| jobid | name           | starttime           | type | level | jobfiles | jobbytes  | jobstatus |
+-------+----------------+---------------------+------+-------+----------+-----------+-----------+
|     1 | BackupCatalogo | 2013-05-11 17:53:14 | B    | F     |        1 |    43,545 | T         |
|     2 | BackupCatalogo | 2013-05-11 17:55:09 | B    | F     |        1 |     6,949 | T         |
|     3 | BackupDirector | 2013-05-11 17:59:24 | B    | F     |    1,249 | 8,040,840 | T         |
+-------+----------------+---------------------+------+-------+----------+-----------+-----------+

Note que já terminou o meu backup foi rápido, agora vamos consultar a mensagem a respeito do nosso backup

*mes
11-Mai 17:59 bacula-dir JobId 3: No prior Full backup Job record found.
11-Mai 17:59 bacula-dir JobId 3: No prior or suitable Full backup found in catalog. Doing FULL backup.
11-Mai 17:59 bacula-dir JobId 3: Start Backup JobId 3, Job=BackupDirector.2013-05-11_17.59.22_07
11-Mai 17:59 bacula-dir JobId 3: Using Device "FileStorage" to write.
11-Mai 17:59 bacula-sd JobId 3: Volume "volume0001" previously written, moving to end of data.
11-Mai 17:59 bacula-sd JobId 3: Ready to append to end of Volume "volume0001" size=51805
11-Mai 17:59 bacula-sd JobId 3: Elapsed time=00:00:04, Transfer rate=2.047 M Bytes/second
11-Mai 17:59 bacula-dir JobId 3: Bacula bacula-dir 5.2.13 (19Jan13):
  Build OS:               x86_64-unknown-linux-gnu redhat 
  JobId:                  3
  Job:                    BackupDirector.2013-05-11_17.59.22_07
  Backup Level:           Full (upgraded from Incremental)
  Client:                 "bacula-fd" 5.2.13 (19Jan13) x86_64-unknown-linux-gnu,redhat,
  FileSet:                "Full Set" 2013-05-11 17:59:22
  Pool:                   "File" (From Job resource)
  Catalog:                "Catalogo" (From Client resource)
  Storage:                "File" (From Job resource)
  Scheduled time:         11-Mai-2013 17:59:21
  Start time:             11-Mai-2013 17:59:24
  End time:               11-Mai-2013 17:59:28
  Elapsed time:           4 secs
  Priority:               10
  FD Files Written:       1,249
  SD Files Written:       1,249
  FD Bytes Written:       8,040,840 (8.040 MB)
  SD Bytes Written:       8,188,087 (8.188 MB)
  Rate:                   2010.2 KB/s
  Software Compression:   65.8 %
  VSS:                    no
  Encryption:             no
  Accurate:               no
  Volume name(s):         volume0001
  Volume Session Id:      3
  Volume Session Time:    1368305134
  Last Volume Bytes:      8,283,388 (8.283 MB)
  Non-fatal FD errors:    0
  SD Errors:              0
  FD termination status:  OK
  SD termination status:  OK
  Termination:            Backup OK

11-Mai 17:59 bacula-dir JobId 3: Begin pruning Jobs older than 6 months .
11-Mai 17:59 bacula-dir JobId 3: No Jobs found to prune.
11-Mai 17:59 bacula-dir JobId 3: Begin pruning Files.
11-Mai 17:59 bacula-dir JobId 3: No Files found to prune.
11-Mai 17:59 bacula-dir JobId 3: End auto prune.

* quit

Note que o nosso backup está ok com uma compressão de 65.8% porém nada de criptografia :(

Vamos ajustar isso.

Vamos acessar o diretório que vai conter as chaves

cd /etc/bacula/keys

Vamos gerar a chave do nosso servidor bacula

openssl genrsa -out master.key 2048

Agora vamos assinar ela

openssl req -new -key master.key -x509 -out master.cert
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:BR
State or Province Name (full name) []:Parana
Locality Name (eg, city) [Default City]:Curitiba
Organization Name (eg, company) [Default Company Ltd]:Douglas
Organizational Unit Name (eg, section) []:IT
Common Name (eg, your name or your server's hostname) []:bacula.douglasqsantos.com.br
Email Address []:douglas@douglasqsantos.com.br

Agora vamos acessar o diretório que vai conter as chaves dos nossos clientes

cd /etc/bacula/keys/clientes

Agora vamos a key do nosso cliente

openssl genrsa -out bacula-fd.key 2048

Agora vamos assinar a nossa chave

openssl req -new -key bacula-fd.key -x509 -out bacula-fd.cert
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:BR
State or Province Name (full name) []:Parana
Locality Name (eg, city) [Default City]:Curitiba
Organization Name (eg, company) [Default Company Ltd]:Douglas
Organizational Unit Name (eg, section) []:IT
Common Name (eg, your name or your server's hostname) []:bacula.douglasqsantos.com.br
Email Address []:douglas@douglasqsantos.com.br

Agora vamos colocar as .key e a .cert do cliente em uma chave .pem

cat bacula-fd.key bacula-fd.cert > bacula-fd.pem

Explicação da bacula para isso: Note, there seems to be a lot of confusion around the file extensions given to these keys. For example, a .pem file can contain all the following: private keys (RSA and DSA), public keys (RSA and DSA) and (x509) certificates. It is the default format for OpenSSL. It stores data Base64 encoded DER format, surrounded by ASCII headers, so is suitable for text mode transfers between systems. A .pem file may contain any number of keys either public or private. We use it in cases where there is both a public and a private key.

Agora vamos configurar o bacula-fd.conf para ajustar as nossas chaves

vim /etc/bacula/bacula-fd.conf
##############################################################
# ARQUIVO DE CONFIGURACAO DO FILE DAEMON DO BACULA           #
##############################################################

#
# List Directors who are permitted to contact this File daemon
#
Director {
  Name = bacula-dir                                  # Nome do Director
  Password = "ExgYbEinJWMf7lsWPBcpffZaNMmiGcbgp"     # ESTA SENHA ESTA DEFINIDA NO ARQUIVO DE CLIENTE EM /ETC/BACULA/BACULA-DIR-CLIENTS-AND-JOBS.CONF
}

#
# Restricted Director, used by tray-monitor to get the
#   status of the file daemon
#
Director {
  Name = bacula-mon
  Password = "z27BNYXA9dx1SZWk1vp-kSZ8azwz2HMS8"    # ESTA SENHA E UTILIZADO PELO BACULA-MONITOR
  Monitor = yes
}

#
# "Global" File daemon configuration specifications
#
FileDaemon {
  Name = bacula-fd                                  # Nome do Bacula-fd
  FDport = 9102                                     # Porta de Comunicacao do bacula-fd
  WorkingDirectory = /var/lib/bacula                # Diretorio de trabalho
  Pid Directory = /var/run/bacula                   # Diretorio de Pid
  Maximum Concurrent Jobs = 20                      # Numero maximo de jobs executados no bacula
  FDAddress = 0.0.0.0
  PKI Signatures = Yes            # Habilita a assinatura dos dados
  PKI Encryption = Yes            # Habilita a criptografia dos dados
  PKI Keypair = "/etc/bacula/keys/clientes/bacula-fd.pem"    # Arquivo que contem a chave publica e privada
  PKI Master Key = "/etc/bacula/keys/master.cert"    # Arquivo com a chave publica do servidor

}

# Send all messages except skipped files back to Director
Messages {
  Name = Standard
  director = bacula-dir = all, !skipped, !restored        # AS MENSAGEM SAO ENCAMINHADAS PARA O 'BACULA-DIR' DEFINIDO NESSA LINHA
}

Agora vamos reiniciar o bacula-fd para que ele reconheça a sua nova configuração

/etc/init.d/bacula-fd restart

Agora vamos no bconsole novamente fazer o backup do catalogo

bconsole
Connecting to Director bacula:9101
1000 OK: bacula-dir Version: 5.2.13 (19 February 2013)
Enter a period to cancel a command.
*run
Automatically selected Catalog: Catalogo
Using Catalog "Catalogo"
A job name must be specified.
The defined Job resources are:
     1: BackupCatalogo
     2: RestoreFiles
     3: BackupDirector
Select Job resource (1-3): 1
Run Backup job
JobName:  BackupCatalogo
Level:    Full
Client:   bacula-fd
FileSet:  Catalogo
Pool:     File (From Job resource)
Storage:  File (From Job resource)
When:     2013-05-11 18:11:59
Priority: 11
OK to run? (yes/mod/no): yes
Job queued. JobId=4

Agora vamos listar a nossa mensagem de backup

*mes
11-Mai 18:12 bacula-dir JobId 4: shell command: run BeforeJob "/etc/bacula/scripts/make_catalog_backup.pl Catalogo"
11-Mai 18:12 bacula-dir JobId 4: Start Backup JobId 4, Job=BackupCatalogo.2013-05-11_18.12.00_10
11-Mai 18:12 bacula-dir JobId 4: Using Device "FileStorage" to write.
11-Mai 18:12 bacula-sd JobId 4: Volume "volume0001" previously written, moving to end of data.
11-Mai 18:12 bacula-sd JobId 4: Ready to append to end of Volume "volume0001" size=8283388
11-Mai 18:12 bacula-sd JobId 4: Elapsed time=00:00:01, Transfer rate=61.44 K Bytes/second
11-Mai 18:12 bacula-dir JobId 4: Bacula bacula-dir 5.2.13 (19Jan13):
  Build OS:               x86_64-unknown-linux-gnu redhat 
  JobId:                  4
  Job:                    BackupCatalogo.2013-05-11_18.12.00_10
  Backup Level:           Full
  Client:                 "bacula-fd" 5.2.13 (19Jan13) x86_64-unknown-linux-gnu,redhat,
  FileSet:                "Catalogo" 2013-05-11 17:53:12
  Pool:                   "File" (From Job resource)
  Catalog:                "Catalogo" (From Client resource)
  Storage:                "File" (From Job resource)
  Scheduled time:         11-Mai-2013 18:11:59
  Start time:             11-Mai-2013 18:12:02
  End time:               11-Mai-2013 18:12:03
  Elapsed time:           1 sec
  Priority:               11
  FD Files Written:       1
  SD Files Written:       1
  FD Bytes Written:       61,008 (61.00 KB)
  SD Bytes Written:       61,443 (61.44 KB)
  Rate:                   61.0 KB/s
  Software Compression:   68.2 %
  VSS:                    no
  Encryption:             yes
  Accurate:               no
  Volume name(s):         volume0001
  Volume Session Id:      4
  Volume Session Time:    1368305134
  Last Volume Bytes:      8,345,331 (8.345 MB)
  Non-fatal FD errors:    0
  SD Errors:              0
  FD termination status:  OK
  SD termination status:  OK
  Termination:            Backup OK

11-Mai 18:12 bacula-dir JobId 4: Begin pruning Jobs older than 6 months .
11-Mai 18:12 bacula-dir JobId 4: No Jobs found to prune.
11-Mai 18:12 bacula-dir JobId 4: Begin pruning Files.
11-Mai 18:12 bacula-dir JobId 4: No Files found to prune.
11-Mai 18:12 bacula-dir JobId 4: End auto prune.

Note que agora temos 68.2% de compactação e o nosso Encryption está como yes

Agora vamos fazer um backup novamente dos arquivos do bacula

*run
A job name must be specified.
The defined Job resources are:
     1: BackupCatalogo
     2: RestoreFiles
     3: BackupDirector
Select Job resource (1-3): 3
Run Backup job
JobName:  BackupDirector
Level:    Incremental
Client:   bacula-fd
FileSet:  Full Set
Pool:     File (From Job resource)
Storage:  File (From Job resource)
When:     2013-05-11 18:16:34
Priority: 10
OK to run? (yes/mod/no): mod
Parameters to modify:
     1: Level
     2: Storage
     3: Job
     4: FileSet
     5: Client
     6: When
     7: Priority
     8: Pool
     9: Plugin Options
Select parameter to modify (1-9): 1
Levels:
     1: Full
     2: Incremental
     3: Differential
     4: Since
     5: VirtualFull
Select level (1-5): 1
Run Backup job
JobName:  BackupDirector
Level:    Full
Client:   bacula-fd
FileSet:  Full Set
Pool:     File (From Job resource)
Storage:  File (From Job resource)
When:     2013-05-11 18:16:34
Priority: 10
OK to run? (yes/mod/no): yes
Job queued. JobId=5

Agora vamos consultar os nossos jobs

*list jobs
+-------+----------------+---------------------+------+-------+----------+-----------+-----------+
| jobid | name           | starttime           | type | level | jobfiles | jobbytes  | jobstatus |
+-------+----------------+---------------------+------+-------+----------+-----------+-----------+
|     1 | BackupCatalogo | 2013-05-11 17:53:14 | B    | F     |        1 |    43,545 | T         |
|     2 | BackupCatalogo | 2013-05-11 17:55:09 | B    | F     |        1 |     6,949 | T         |
|     3 | BackupDirector | 2013-05-11 17:59:24 | B    | F     |    1,249 | 8,040,840 | T         |
|     4 | BackupCatalogo | 2013-05-11 18:12:02 | B    | F     |        1 |    61,008 | T         |
|     5 | BackupDirector | 2013-05-11 18:16:43 | B    | F     |    1,259 | 8,617,936 | T         |
+-------+----------------+---------------------+------+-------+----------+-----------+-----------+
You have messages.

Agora vamos consultar as mensagens

*mes
11-Mai 18:16 bacula-dir JobId 5: Start Backup JobId 5, Job=BackupDirector.2013-05-11_18.16.41_11
11-Mai 18:16 bacula-dir JobId 5: Using Device "FileStorage" to write.
11-Mai 18:16 bacula-sd JobId 5: Volume "volume0001" previously written, moving to end of data.
11-Mai 18:16 bacula-sd JobId 5: Ready to append to end of Volume "volume0001" size=8345331
11-Mai 18:16 bacula-sd JobId 5: Elapsed time=00:00:05, Transfer rate=1.808 M Bytes/second
11-Mai 18:16 bacula-dir JobId 5: Bacula bacula-dir 5.2.13 (19Jan13):
  Build OS:               x86_64-unknown-linux-gnu redhat 
  JobId:                  5
  Job:                    BackupDirector.2013-05-11_18.16.41_11
  Backup Level:           Full
  Client:                 "bacula-fd" 5.2.13 (19Jan13) x86_64-unknown-linux-gnu,redhat,
  FileSet:                "Full Set" 2013-05-11 17:59:22
  Pool:                   "File" (From Job resource)
  Catalog:                "Catalogo" (From Client resource)
  Storage:                "File" (From Job resource)
  Scheduled time:         11-Mai-2013 18:16:34
  Start time:             11-Mai-2013 18:16:43
  End time:               11-Mai-2013 18:16:48
  Elapsed time:           5 secs
  Priority:               10
  FD Files Written:       1,259
  SD Files Written:       1,259
  FD Bytes Written:       8,617,936 (8.617 MB)
  SD Bytes Written:       9,043,662 (9.043 MB)
  Rate:                   1723.6 KB/s
  Software Compression:   63.4 %
  VSS:                    no
  Encryption:             yes
  Accurate:               no
  Volume name(s):         volume0001
  Volume Session Id:      5
  Volume Session Time:    1368305134
  Last Volume Bytes:      17,464,157 (17.46 MB)
  Non-fatal FD errors:    0
  SD Errors:              0
  FD termination status:  OK
  SD termination status:  OK
  Termination:            Backup OK

11-Mai 18:16 bacula-dir JobId 5: Begin pruning Jobs older than 6 months .
11-Mai 18:16 bacula-dir JobId 5: No Jobs found to prune.
11-Mai 18:16 bacula-dir JobId 5: Begin pruning Files.
11-Mai 18:16 bacula-dir JobId 5: No Files found to prune.
11-Mai 18:16 bacula-dir JobId 5: End auto prune.

Note que agora temos 63.4% de compressão em nosso backup e temos a flag de Encryption como yes :D

Configuração de um Cliente CentOS

Prepare o seu sistema com o seguinte script http://wiki.douglasqsantos.com.br/doku.php?id=confinicialcentos6 para que não falte nenhum pacote ou configuração.

Vamos instalar os pré-requisitos para podermos compilar o bacula

yum install readline-devel readline-static readline zlib zlib-devel zlib-static libmcrypto-devel openssl-devel -y

Agora vamos criar os diretórios para o bacula

mkdir /var/lib/bacula
mkdir /var/run/bacula
mkdir /var/log/bacula
mkdir -p /etc/bacula/scripts
mkdir -p /etc/bacula/keys

Agora vamos criar o usuário bacula

useradd -s /bin/false -d /var/lib/bacula  bacula

Agora vamos ajustar as permissões dos diretórios

chown -R bacula:bacula /var/lib/bacula /var/run/bacula /var/log/bacula /etc/bacula

Agora vamos obter o pacote do bacula

cd /usr/src
wget -c http://wiki.douglasqsantos.com.br/Downloads/bacula/bacula-5.2.13.tar.gz

Agora vamos desempacotar o bacula

tar -xzvf bacula-5.2.13.tar.gz

Agora vamos acessar a pasta do bacula

cd bacula-5.2.13/

Agora vamos preparar o pacote do bacula

CFLAGS="-g -Wall" ./configure --enable-client-only --with-openssl=yes --enable-smartalloc --with-working-dir=/var/lib/bacula --with-pid-dir=/var/run/bacula --with-logdir=/var/log/bacula  --with-scriptdir=/etc/bacula/scripts --with-readline=/usr/include/readline  --disable-conio

Agora vamos mandar compilar o bacula e instalar o bacula client

make && make install && make install-autostart

Agora vamos ajustar as permissões dos arquivos

chown -R bacula:bacula /etc/bacula

Agora vamos ajustar o /etc/hosts do cliente

vim /etc/hosts
127.0.0.1       localhost
192.168.0.81    centos.douglasqsantos.com.br      centos
192.168.0.80    bacula.douglasqsantos.com.br      bacula
[...]

Vamos remover dois scripts que não são necessários

rm -rf /etc/init.d/bacula-sd
rm -rf /etc/init.d/bacula-dir

Agora vamos fazer o backup dos arquivos de configuração do bacula

mkdir /usr/src/olds
cp -Rfa /etc/bacula /usr/src/olds

Agora vamos configurar o cliente

vim /etc/bacula/bacula-fd.conf
#
# Default  Bacula File Daemon Configuration file
#
#  For Bacula release 5.2.13 (19 February 2013) -- redhat 
#
# There is not much to change here except perhaps the
# File daemon Name to
#

#
# List Directors who are permitted to contact this File daemon
#
Director {
  Name = bacula-dir #Mudar essa linha para bacula-dir
  Password = "Mvgs2vnIjGHG7aL2U+bLbdi3k2pl6mKofPXVShaj5Z2V"
}

#
# Restricted Director, used by tray-monitor to get the
#   status of the file daemon
#
Director {
  Name = bacula-mon #Mudar essa linha para bacula-mon
  Password = "9n0G0z0u4+cPhxuBaYfAtsIIln0HPEi7CXoTG7u9jNy8"
  Monitor = yes
}

#
# "Global" File daemon configuration specifications
#
FileDaemon {                          # this is me
  Name = centos-fd
  FDport = 9102                  # where we listen for the director
  WorkingDirectory = /var/lib/bacula
  Pid Directory = /var/run/bacula
  Maximum Concurrent Jobs = 20
  FDAddress = 0.0.0.0
  PKI Signatures = Yes            # Habilita a assinatura dos dados
  PKI Encryption = Yes            # Habilita a criptografia dos dados
  PKI Keypair = "/etc/bacula/keys/centos-fd.pem"    # Arquivo que contem a chave publica e privada
  PKI Master Key = "/etc/bacula/keys/master.cert"    # Arquivo com a chave publica do servidor
}

# Send all messages except skipped files back to Director
Messages {
  Name = Standard
  director = bacula-dir = all, !skipped, !restored
}

Aqui não podemos deixar de mudar em Director o Name para bacula-dir e no segundo Director o Name para bacula-mon e por ultimo em Messages mudar o Name para bacula-dir, depois temos que adicionar as configurações da criptografia, já vamos gerar as chaves.

Agora vamos ajustar o arquivo do bconsole que é como vamos conectar no bacula para fazer backup pela linha de comando

vim /etc/bacula/bconsole.conf
#
# Bacula User Agent (or Console) Configuration File
#

Director {
  Name = bacula-dir
  DIRport = 9101
  address = bacula.douglasqsantos.com.br
  Password = "Cv70F6pf1t6pBopT4vQOnigDrR0v3L" #Senha do bacula director
}

Agora no servidor bacula precisamos gerar as chaves para o CentOS

cd /etc/bacula/keys/clientes

Gerando a key

openssl genrsa -out centos-fd.key 2048

Agora vamos assinar a nossa chave

openssl req -new -key centos-fd.key -x509 -out centos-fd.cert
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:BR
State or Province Name (full name) []:Parana
Locality Name (eg, city) [Default City]:Curitiba
Organization Name (eg, company) [Default Company Ltd]:Douglas
Organizational Unit Name (eg, section) []:IT
Common Name (eg, your name or your server's hostname) []:centos.douglasqsantos.com.br
Email Address []:douglas@douglasqsantos.com.br

Agora vamos inserir a .key e a .cert em um arquivo .pem

cat centos-fd.key centos-fd.cert > centos-fd.pem

Agora vamos copiar as chaves para o CentOS client

scp centos-fd.pem ../master.cert centos.douglasqsantos.com.br:/etc/bacula/keys/
[...]
root@centos.douglasqsantos.com.br's password: 
centos-fd.pem
master.cert 

Agora no cliente CentOS vamos ajustar as permissões das chaves

chown -R bacula:bacula /etc/bacula/keys

Agora vamos iniciar o serviço do bacula-fd

/etc/init.d/bacula-fd restart

Agora vamos listar verificar se o bacula está escutando

netstat -natu | egrep 9102
tcp        0      0 0.0.0.0:9102            0.0.0.0:*               OUÇA 

Agora no servidor bacula vamos ajustar a configuração do novo cliente

vim /etc/bacula/bacula-dir-clients-and-jobs.conf
[...]
#Inserir no final do arquivo
Job {
        Name = "BackupCentOS"                           # Nome do Job para Backup do Director (Proprio Servidor Bacula)
        JobDefs = "DefaultJobs"                           # JObDefs Definido
        Client = centos-fd                                # Cliente fd
}

Client {
  Name = centos-fd                                        # Cliente fd
  Address = centos.douglasqsantos.com.br                            # Ajustado no /etc/hosts
  Password = "Mvgs2vnIjGHG7aL2U+bLbdi3k2pl6mKofPXVShaj5Z2V"     # Senha do Director do Bacula que foi configurado no cliente na primeira sessão Director
  @/etc/bacula/clientes/basic-client  # Arquivo onde contem informacoes sobre o cliente.
}

Aqui não esquecer de deixar a senha Password da sessão Client a mesma que esta na primeira sessão Director no bacula-fd.conf do cliente.

Agora vamos recarregar o bacula

bconsole
Connecting to Director bacula:9101
1000 OK: bacula-dir Version: 5.2.13 (19 February 2013)
Enter a period to cancel a command.
*reload

Agora vamos consultar o nosso novo cliente no bconsole

*status client=centos-fd 
Connecting to Client centos-fd at centos.douglasqsantos.com.br:9102

centos-fd Version: 5.2.13 (19 February 2013)  x86_64-unknown-linux-gnu redhat 
Daemon started 11-Mai-13 19:10. Jobs: run=0 running=0.
 Heap: heap=135,168 smbytes=24,561 max_bytes=24,708 bufs=65 max_bufs=66
 Sizeof: boffset_t=8 size_t=8 debug=0 trace=0 
Running Jobs:
Director connected at: 11-Mai-13 19:13
No Jobs running.
====

Terminated Jobs:
====
*

Agora vamos fazer um backup do nosso cliente

*run
Automatically selected Catalog: Catalogo
Using Catalog "Catalogo"
A job name must be specified.
The defined Job resources are:
     1: BackupCatalogo
     2: RestoreFiles
     3: BackupDirector
     4: BackupCentOS
Select Job resource (1-4): 4
Run Backup job
JobName:  BackupCentOS
Level:    Incremental
Client:   centos-fd
FileSet:  Full Set
Pool:     File (From Job resource)
Storage:  File (From Job resource)
When:     2013-05-11 19:14:22
Priority: 10
OK to run? (yes/mod/no): yes
Job queued. JobId=6
You have messages.

Agora vamos listar os nosso jobs

*list jobs
+-------+----------------+---------------------+------+-------+----------+-----------+-----------+
| jobid | name           | starttime           | type | level | jobfiles | jobbytes  | jobstatus |
+-------+----------------+---------------------+------+-------+----------+-----------+-----------+
|     1 | BackupCatalogo | 2013-05-11 17:53:14 | B    | F     |        1 |    43,545 | T         |
|     2 | BackupCatalogo | 2013-05-11 17:55:09 | B    | F     |        1 |     6,949 | T         |
|     3 | BackupDirector | 2013-05-11 17:59:24 | B    | F     |    1,249 | 8,040,840 | T         |
|     4 | BackupCatalogo | 2013-05-11 18:12:02 | B    | F     |        1 |    61,008 | T         |
|     5 | BackupDirector | 2013-05-11 18:16:43 | B    | F     |    1,259 | 8,617,936 | T         |
|     6 | BackupCentOS   | 2013-05-11 19:14:25 | B    | F     |    1,189 | 8,546,112 | T         |
+-------+----------------+---------------------+------+-------+----------+-----------+-----------+

O backup já foi finalizado agora vamos ver a mensagem do nosso backup

*mes
11-Mai 19:14 bacula-dir JobId 6: No prior Full backup Job record found.
11-Mai 19:14 bacula-dir JobId 6: No prior or suitable Full backup found in catalog. Doing FULL backup.
11-Mai 19:14 bacula-dir JobId 6: Start Backup JobId 6, Job=BackupCentOS.2013-05-11_19.14.23_13
11-Mai 19:14 bacula-dir JobId 6: Using Device "FileStorage" to write.
11-Mai 19:14 bacula-sd JobId 6: Volume "volume0001" previously written, moving to end of data.
11-Mai 19:14 bacula-sd JobId 6: Ready to append to end of Volume "volume0001" size=17464157
11-Mai 19:14 bacula-sd JobId 6: Elapsed time=00:00:06, Transfer rate=1.490 M Bytes/second
11-Mai 19:14 bacula-dir JobId 6: Bacula bacula-dir 5.2.13 (19Jan13):
  Build OS:               x86_64-unknown-linux-gnu redhat 
  JobId:                  6
  Job:                    BackupCentOS.2013-05-11_19.14.23_13
  Backup Level:           Full (upgraded from Incremental)
  Client:                 "centos-fd" 5.2.13 (19Jan13) x86_64-unknown-linux-gnu,redhat,
  FileSet:                "Full Set" 2013-05-11 17:59:22
  Pool:                   "File" (From Job resource)
  Catalog:                "Catalogo" (From Client resource)
  Storage:                "File" (From Job resource)
  Scheduled time:         11-Mai-2013 19:14:22
  Start time:             11-Mai-2013 19:14:25
  End time:               11-Mai-2013 19:14:32
  Elapsed time:           7 secs
  Priority:               10
  FD Files Written:       1,189
  SD Files Written:       1,189
  FD Bytes Written:       8,546,112 (8.546 MB)
  SD Bytes Written:       8,944,824 (8.944 MB)
  Rate:                   1220.9 KB/s
  Software Compression:   63.6 %
  VSS:                    no
  Encryption:             yes
  Accurate:               no
  Volume name(s):         volume0001
  Volume Session Id:      6
  Volume Session Time:    1368305134
  Last Volume Bytes:      26,479,817 (26.47 MB)
  Non-fatal FD errors:    0
  SD Errors:              0
  FD termination status:  OK
  SD termination status:  OK
  Termination:            Backup OK

11-Mai 19:14 bacula-dir JobId 6: Begin pruning Jobs older than 6 months .
11-Mai 19:14 bacula-dir JobId 6: No Jobs found to prune.
11-Mai 19:14 bacula-dir JobId 6: Begin pruning Files.
11-Mai 19:14 bacula-dir JobId 6: No Files found to prune.
11-Mai 19:14 bacula-dir JobId 6: End auto prune.

Aqui nós tivemos uma compactação de 63.6% e a nossa flag de criptografia está como yes :D

Configuração de um Cliente Debian Squeeze

Prepare o seu sistema com o seguinte script http://wiki.douglasqsantos.com.br/doku.php?id=confinicialsqueeze para que não falte nenhum pacote ou configuração.

Vamos instalar os pré-requisitos para podermos compilar o bacula

aptitude install libreadline-dev libreadline6-dev libreadline6-dev libreadline6 libreadline6 libreadline6-dev zlib1g-dev libcurl4-openssl-dev build-essential -y

Agora vamos criar os diretórios para o bacula

mkdir /var/lib/bacula
mkdir /var/run/bacula
mkdir /var/log/bacula
mkdir -p /etc/bacula/scripts
mkdir -p /etc/bacula/keys

Agora vamos criar o usuário bacula

useradd -s /bin/false -d /var/lib/bacula  bacula

Agora vamos ajustar as permissões dos diretórios

chown -R bacula:bacula /var/lib/bacula /var/run/bacula /var/log/bacula /etc/bacula

Agora vamos obter o pacote do bacula

cd /usr/src
wget -c http://wiki.douglasqsantos.com.br/Downloads/bacula/bacula-5.2.13.tar.gz

Agora vamos desempacotar o bacula

tar -xzvf bacula-5.2.13.tar.gz

Agora vamos acessar a pasta do bacula

cd bacula-5.2.13/

Agora vamos preparar o pacote do bacula

CFLAGS="-g -Wall" ./configure --enable-client-only --with-openssl=yes --enable-smartalloc --with-working-dir=/var/lib/bacula --with-pid-dir=/var/run/bacula --with-logdir=/var/log/bacula  --with-scriptdir=/etc/bacula/scripts --with-readline=/usr/include/readline  --disable-conio

Agora vamos mandar compilar o bacula e instalar o bacula client

make && make install && make install-autostart

Agora vamos ajustar as permissões dos arquivos

chown -R bacula:bacula /etc/bacula

Agora vamos ajustar o /etc/hosts do cliente

vim /etc/hosts
127.0.0.1       localhost
192.168.0.82    squeeze.douglasqsantos.com.br     squeeze
192.168.0.80    bacula.douglasqsantos.com.br      bacula
[...]

Vamos remover dois scripts que não são necessários

rm -rf /etc/init.d/bacula-sd
rm -rf /etc/init.d/bacula-dir

Agora vamos fazer o backup dos arquivos de configuração do bacula

mkdir /usr/src/olds
cp -Rfa /etc/bacula /usr/src/olds

Agora vamos configurar o cliente

vim /etc/bacula/bacula-fd.conf
#
# Default  Bacula File Daemon Configuration file
#
#  For Bacula release 5.2.13 (19 February 2013) -- debian 6.0.7
#
# There is not much to change here except perhaps the
# File daemon Name to
#

#
# List Directors who are permitted to contact this File daemon
#
Director {
  Name = bacula-dir
  Password = "B0ISfMxVNEXhpsPQj7v095eWPBjK4J3N8xPuhPuZyVRw"
}

#
# Restricted Director, used by tray-monitor to get the
#   status of the file daemon
#
Director {
  Name = bacula-mon
  Password = "Fu6iH9kZuvoye6haHAr6gB73NyLIu4DN9V9Me65w7Wxx"
  Monitor = yes
}

#
# "Global" File daemon configuration specifications
#
FileDaemon {                          # this is me
  Name = squeeze-fd
  FDport = 9102                  # where we listen for the director
  WorkingDirectory = /var/lib/bacula
  Pid Directory = /var/run/bacula
  Maximum Concurrent Jobs = 20
  FDAddress = 0.0.0.0
  PKI Signatures = Yes            # Habilita a assinatura dos dados
  PKI Encryption = Yes            # Habilita a criptografia dos dados
  PKI Keypair = "/etc/bacula/keys/squeeze-fd.pem"    # Arquivo que contem a chave publica e privada
  PKI Master Key = "/etc/bacula/keys/master.cert"    # Arquivo com a chave publica do servidor
}

# Send all messages except skipped files back to Director
Messages {
  Name = Standard
  director = bacula-dir = all, !skipped, !restored
}

Aqui não podemos deixar de mudar em Director o Name para bacula-dir e no segundo Director o Name para bacula-mon e por ultimo em Messages mudar o Name para bacula-dir, depois temos que adicionar as configurações da criptografia, já vamos gerar as chaves.

Agora vamos ajustar o arquivo do bconsole que é como vamos conectar no bacula para fazer backup pela linha de comando

vim /etc/bacula/bconsole.conf
#
# Bacula User Agent (or Console) Configuration File
#

Director {
  Name = bacula-dir
  DIRport = 9101
  address = bacula.douglasqsantos.com.br
  Password = "Cv70F6pf1t6pBopT4vQOnigDrR0v3L" #Senha do bacula director
}

Agora no servidor bacula precisamos gerar as chaves para o Squeeze

cd /etc/bacula/keys/clientes

Gerando a key

openssl genrsa -out squeeze-fd.key 2048

Agora vamos assinar a nossa chave

openssl req -new -key squeeze-fd.key -x509 -out squeeze-fd.cert
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:BR
State or Province Name (full name) []:Parana
Locality Name (eg, city) [Default City]:Curitiba
Organization Name (eg, company) [Default Company Ltd]:Douglas
Organizational Unit Name (eg, section) []:IT
Common Name (eg, your name or your server's hostname) []:squeeze.douglasqsantos.com.br
Email Address []:douglas@douglasqsantos.com.br

Agora vamos inserir a .key e a .cert em um arquivo .pem

cat squeeze-fd.key squeeze-fd.cert > squeeze-fd.pem

Agora vamos copiar as chaves para o Squeeze client

scp squeeze-fd.pem ../master.cert squeeze.douglasqsantos.com.br:/etc/bacula/keys/
[...]
root@squeeze.douglasqsantos.com.br's password: 
squeeze-fd.pem
master.cert 

Agora no cliente Squeeze vamos ajustar as permissões das chaves

chown -R bacula:bacula /etc/bacula/keys

Agora vamos iniciar o serviço do bacula-fd

/etc/init.d/bacula-fd restart

Agora vamos listar verificar se o bacula está escutando

netstat -natu | egrep 9102
tcp        0      0 0.0.0.0:9102            0.0.0.0:*               OUÇA 

Agora no servidor bacula vamos ajustar a configuração do novo cliente

vim /etc/bacula/bacula-dir-clients-and-jobs.conf
[...]
#Inserir no final do arquivo
Job {
        Name = "BackupSqueeze"                           # Nome do Job para Backup do Director (Proprio Servidor Bacula)
        JobDefs = "DefaultJobs"                           # JObDefs Definido
        Client = squeeze-fd                                # Cliente fd
}

Client {
  Name = squeeze-fd                                        # Cliente fd
  Address = squeeze.douglasqsantos.com.br                            # Ajustado no /etc/hosts
  Password = "B0ISfMxVNEXhpsPQj7v095eWPBjK4J3N8xPuhPuZyVRw"     # Senha do Director do Bacula que foi configurado no cliente na primeira sessão Director
  @/etc/bacula/clientes/basic-client  # Arquivo onde contem informacoes sobre o cliente.
}

Aqui não esquecer de deixar a senha Password da sessão Client a mesma que esta na primeira sessão Director no bacula-fd.conf do cliente.

Agora vamos recarregar o bacula

bconsole
Connecting to Director bacula:9101
1000 OK: bacula-dir Version: 5.2.13 (19 February 2013)
Enter a period to cancel a command.
*reload

Agora vamos consultar o nosso novo cliente no bconsole

*status client=squeeze-fd 
Connecting to Client squeeze-fd at squeeze.douglasqsantos.com.br:9102

squeeze-fd Version: 5.2.13 (19 February 2013)  x86_64-unknown-linux-gnu debian 6.0.7
Daemon started 11-Mai-13 19:26. Jobs: run=0 running=0.
 Heap: heap=270,336 smbytes=24,484 max_bytes=24,631 bufs=65 max_bufs=66
 Sizeof: boffset_t=8 size_t=8 debug=0 trace=0 
Running Jobs:
Director connected at: 11-Mai-13 19:39
No Jobs running.
====

Terminated Jobs:
====
*

Agora vamos fazer um backup do nosso cliente

*run
Automatically selected Catalog: Catalogo
Using Catalog "Catalogo"
A job name must be specified.
The defined Job resources are:
     1: BackupCatalogo
     2: RestoreFiles
     3: BackupDirector
     4: BackupCentOS
     5: BackupSqueeze
Select Job resource (1-5): 5
Run Backup job
JobName:  BackupSqueeze
Level:    Incremental
Client:   squeeze-fd
FileSet:  Full Set
Pool:     File (From Job resource)
Storage:  File (From Job resource)
When:     2013-05-11 19:38:21
Priority: 10
OK to run? (yes/mod/no): yes
Job queued. JobId=7
You have messages.

Agora vamos listar os nosso jobs

*list jobs
+-------+----------------+---------------------+------+-------+----------+-----------+-----------+
| jobid | name           | starttime           | type | level | jobfiles | jobbytes  | jobstatus |
+-------+----------------+---------------------+------+-------+----------+-----------+-----------+
|     1 | BackupCatalogo | 2013-05-11 17:53:14 | B    | F     |        1 |    43,545 | T         |
|     2 | BackupCatalogo | 2013-05-11 17:55:09 | B    | F     |        1 |     6,949 | T         |
|     3 | BackupDirector | 2013-05-11 17:59:24 | B    | F     |    1,249 | 8,040,840 | T         |
|     4 | BackupCatalogo | 2013-05-11 18:12:02 | B    | F     |        1 |    61,008 | T         |
|     5 | BackupDirector | 2013-05-11 18:16:43 | B    | F     |    1,259 | 8,617,936 | T         |
|     6 | BackupCentOS   | 2013-05-11 19:14:25 | B    | F     |    1,189 | 8,546,112 | T         |
|     7 | BackupSqueeze  | 2013-05-11 19:38:24 | B    | F     |    1,490 | 5,780,720 | T         |
+-------+----------------+---------------------+------+-------+----------+-----------+-----------+

O backup já foi finalizado agora vamos ver a mensagem do nosso backup

*mes
11-Mai 19:38 bacula-dir JobId 7: No prior Full backup Job record found.
11-Mai 19:38 bacula-dir JobId 7: No prior or suitable Full backup found in catalog. Doing FULL backup.
11-Mai 19:38 bacula-dir JobId 7: Start Backup JobId 7, Job=BackupSqueeze.2013-05-11_19.38.22_15
11-Mai 19:38 bacula-dir JobId 7: Using Device "FileStorage" to write.
11-Mai 19:38 bacula-sd JobId 7: Volume "volume0001" previously written, moving to end of data.
11-Mai 19:38 bacula-sd JobId 7: Ready to append to end of Volume "volume0001" size=26479817
11-Mai 19:38 bacula-sd JobId 7: Elapsed time=00:00:04, Transfer rate=1.548 M Bytes/second
11-Mai 19:38 bacula-dir JobId 7: Bacula bacula-dir 5.2.13 (19Jan13):
  Build OS:               x86_64-unknown-linux-gnu redhat 
  JobId:                  7
  Job:                    BackupSqueeze.2013-05-11_19.38.22_15
  Backup Level:           Full (upgraded from Incremental)
  Client:                 "squeeze-fd" 5.2.13 (19Jan13) x86_64-unknown-linux-gnu,debian,6.0.7
  FileSet:                "Full Set" 2013-05-11 17:59:22
  Pool:                   "File" (From Job resource)
  Catalog:                "Catalogo" (From Client resource)
  Storage:                "File" (From Job resource)
  Scheduled time:         11-Mai-2013 19:38:21
  Start time:             11-Mai-2013 19:38:24
  End time:               11-Mai-2013 19:38:28
  Elapsed time:           4 secs
  Priority:               10
  FD Files Written:       1,490
  SD Files Written:       1,490
  FD Bytes Written:       5,780,720 (5.780 MB)
  SD Bytes Written:       6,195,022 (6.195 MB)
  Rate:                   1445.2 KB/s
  Software Compression:   65.1 %
  VSS:                    no
  Encryption:             yes
  Accurate:               no
  Volume name(s):         volume0001
  Volume Session Id:      7
  Volume Session Time:    1368305134
  Last Volume Bytes:      32,743,809 (32.74 MB)
  Non-fatal FD errors:    0
  SD Errors:              0
  FD termination status:  OK
  SD termination status:  OK
  Termination:            Backup OK

11-Mai 19:38 bacula-dir JobId 7: Begin pruning Jobs older than 6 months .
11-Mai 19:38 bacula-dir JobId 7: No Jobs found to prune.
11-Mai 19:38 bacula-dir JobId 7: Begin pruning Files.
11-Mai 19:38 bacula-dir JobId 7: No Files found to prune.
11-Mai 19:38 bacula-dir JobId 7: End auto prune.

Aqui nós tivemos uma compactação de 65.1% e a nossa flag de criptografia está como yes :D

Configuração de um Cliente Debian Wheezy

Prepare o seu sistema com o seguinte script http://wiki.douglasqsantos.com.br/doku.php?id=confinicialwheezy para que não falte nenhum pacote ou configuração.

Vamos instalar os pré-requisitos para podermos compilar o bacula

aptitude install libreadline-dev libreadline6-dev libreadline6-dev libreadline6 libreadline6 libreadline6-dev zlib1g-dev libcurl4-openssl-dev build-essential -y

Agora vamos criar os diretórios para o bacula

mkdir /var/lib/bacula
mkdir /var/run/bacula
mkdir /var/log/bacula
mkdir -p /etc/bacula/scripts
mkdir -p /etc/bacula/keys

Agora vamos criar o usuário bacula

useradd -s /bin/false -d /var/lib/bacula  bacula

Agora vamos ajustar as permissões dos diretórios

chown -R bacula:bacula /var/lib/bacula /var/run/bacula /var/log/bacula /etc/bacula

Agora vamos obter o pacote do bacula

cd /usr/src
wget -c http://wiki.douglasqsantos.com.br/Downloads/bacula/bacula-5.2.13.tar.gz

Agora vamos desempacotar o bacula

tar -xzvf bacula-5.2.13.tar.gz

Agora vamos acessar a pasta do bacula

cd bacula-5.2.13/

Agora vamos preparar o pacote do bacula

CFLAGS="-g -Wall" ./configure --enable-client-only --with-openssl=yes --enable-smartalloc --with-working-dir=/var/lib/bacula --with-pid-dir=/var/run/bacula --with-logdir=/var/log/bacula  --with-scriptdir=/etc/bacula/scripts --with-readline=/usr/include/readline  --disable-conio

Agora vamos mandar compilar o bacula e instalar o bacula client

make && make install && make install-autostart

Agora vamos ajustar as permissões dos arquivos

chown -R bacula:bacula /etc/bacula

Agora vamos ajustar o /etc/hosts do cliente

vim /etc/hosts
127.0.0.1       localhost
192.168.0.83    wheezy.douglasqsantos.com.br      wheezy
192.168.0.80    bacula.douglasqsantos.com.br      bacula
[...]

Vamos remover dois scripts que não são necessários

rm -rf /etc/init.d/bacula-sd
rm -rf /etc/init.d/bacula-dir

Agora vamos fazer o backup dos arquivos de configuração do bacula

mkdir /usr/src/olds
cp -Rfa /etc/bacula /usr/src/olds

Agora vamos configurar o cliente

vim /etc/bacula/bacula-fd.conf
#
# Default  Bacula File Daemon Configuration file
#
#  For Bacula release 5.2.13 (19 February 2013) -- debian 7.0
#
# There is not much to change here except perhaps the
# File daemon Name to
#

#
# List Directors who are permitted to contact this File daemon
#
Director {
  Name = bacula-dir
  Password = "ldA/FW/6HktODjky55jBF9xdfWremQ8ZP6HBC1yD9lco"
}

#
# Restricted Director, used by tray-monitor to get the
#   status of the file daemon
#
Director {
  Name = bacula-mon
  Password = "unMs7FDbYottD65tMc1BKR8r+PvA03UAx5x0U1InjizE"
  Monitor = yes
}

#
# "Global" File daemon configuration specifications
#
FileDaemon {                          # this is me
  Name = wheezy-fd
  FDport = 9102                  # where we listen for the director
  WorkingDirectory = /var/lib/bacula
  Pid Directory = /var/run/bacula
  Maximum Concurrent Jobs = 20
  FDAddress = 0.0.0.0
  PKI Signatures = Yes            # Habilita a assinatura dos dados
  PKI Encryption = Yes            # Habilita a criptografia dos dados
  PKI Keypair = "/etc/bacula/keys/wheezy-fd.pem"    # Arquivo que contem a chave publica e privada
  PKI Master Key = "/etc/bacula/keys/master.cert"    # Arquivo com a chave publica do servidor
}

# Send all messages except skipped files back to Director
Messages {
  Name = Standard
  director = bacula-dir = all, !skipped, !restored
}

Aqui não podemos deixar de mudar em Director o Name para bacula-dir e no segundo Director o Name para bacula-mon e por ultimo em Messages mudar o Name para bacula-dir, depois temos que adicionar as configurações da criptografia, já vamos gerar as chaves.

Agora vamos ajustar o arquivo do bconsole que é como vamos conectar no bacula para fazer backup pela linha de comando

vim /etc/bacula/bconsole.conf
#
# Bacula User Agent (or Console) Configuration File
#

Director {
  Name = bacula-dir
  DIRport = 9101
  address = bacula.douglasqsantos.com.br
  Password = "Cv70F6pf1t6pBopT4vQOnigDrR0v3L" #Senha do bacula director
}

Agora no servidor bacula precisamos gerar as chaves para o Wheezy

cd /etc/bacula/keys/clientes

Gerando a key

openssl genrsa -out wheezy-fd.key 2048

Agora vamos assinar a nossa chave

openssl req -new -key wheezy-fd.key -x509 -out wheezy-fd.cert
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:BR
State or Province Name (full name) []:Parana
Locality Name (eg, city) [Default City]:Curitiba
Organization Name (eg, company) [Default Company Ltd]:Douglas
Organizational Unit Name (eg, section) []:IT
Common Name (eg, your name or your server's hostname) []:wheezy.douglasqsantos.com.br
Email Address []:douglas@douglasqsantos.com.br

Agora vamos inserir a .key e a .cert em um arquivo .pem

cat wheezy-fd.key wheezy-fd.cert > wheezy-fd.pem

Agora vamos copiar as chaves para o Wheezy client

scp wheezy-fd.pem ../master.cert wheezy.douglasqsantos.com.br:/etc/bacula/keys/
[...]
root@wheezy.douglasqsantos.com.br's password: 
wheezy-fd.pem
master.cert 

Agora no cliente Wheezy vamos ajustar as permissões das chaves

chown -R bacula:bacula /etc/bacula/keys

Agora vamos iniciar o serviço do bacula-fd

/etc/init.d/bacula-fd restart

Agora vamos listar verificar se o bacula está escutando

netstat -natu | egrep 9102
tcp        0      0 0.0.0.0:9102            0.0.0.0:*               OUÇA 

Agora no servidor bacula vamos ajustar a configuração do novo cliente

vim /etc/bacula/bacula-dir-clients-and-jobs.conf
[...]
#Inserir no final do arquivo
Job {
        Name = "BackupWheezy"                             # Nome do Job para Backup do Cliente
        JobDefs = "DefaultJobs"                           # JObDefs Definido
        Client = wheezy-fd                                # Cliente fd
}

Client {
  Name = wheezy-fd                                        # Cliente fd
  Address = wheezy.douglasqsantos.com.br                            # Ajustado no /etc/hosts
  Password = "ldA/FW/6HktODjky55jBF9xdfWremQ8ZP6HBC1yD9lco"     # Senha do Director do Bacula que foi configurado no cliente na primeira sessão Director
  @/etc/bacula/clientes/basic-client  # Arquivo onde contem informacoes sobre o cliente.
}

Aqui não esquecer de deixar a senha Password da sessão Client a mesma que esta na primeira sessão Director no bacula-fd.conf do cliente.

Agora vamos recarregar o bacula

bconsole
Connecting to Director bacula:9101
1000 OK: bacula-dir Version: 5.2.13 (19 February 2013)
Enter a period to cancel a command.
*reload

Agora vamos consultar o nosso novo cliente no bconsole

*status client=wheezy-fd 
Connecting to Client wheezy-fd at wheezy.douglasqsantos.com.br:9102

wheezy-fd Version: 5.2.13 (19 February 2013)  x86_64-unknown-linux-gnu debian 7.0
Daemon started 11-Mai-13 19:49. Jobs: run=0 running=0.
 Heap: heap=270,336 smbytes=24,561 max_bytes=24,708 bufs=65 max_bufs=66
 Sizeof: boffset_t=8 size_t=8 debug=0 trace=0 
Running Jobs:
Director connected at: 11-Mai-13 19:51
No Jobs running.
====

Terminated Jobs:
====
*

Agora vamos fazer um backup do nosso cliente

*run
Automatically selected Catalog: Catalogo
Using Catalog "Catalogo"
A job name must be specified.
The defined Job resources are:
     1: BackupCatalogo
     2: RestoreFiles
     3: BackupDirector
     4: BackupCentOS
     5: BackupSqueeze
     6: BackupWheezy
Select Job resource (1-6): 6
Run Backup job
JobName:  BackupWheezy
Level:    Incremental
Client:   wheezy-fd
FileSet:  Full Set
Pool:     File (From Job resource)
Storage:  File (From Job resource)
When:     2013-05-11 19:50:30
Priority: 10
OK to run? (yes/mod/no): yes
Job queued. JobId=8
You have messages.

Agora vamos listar os nosso jobs

*list jobs
+-------+----------------+---------------------+------+-------+----------+-----------+-----------+
| jobid | name           | starttime           | type | level | jobfiles | jobbytes  | jobstatus |
+-------+----------------+---------------------+------+-------+----------+-----------+-----------+
|     1 | BackupCatalogo | 2013-05-11 17:53:14 | B    | F     |        1 |    43,545 | T         |
|     2 | BackupCatalogo | 2013-05-11 17:55:09 | B    | F     |        1 |     6,949 | T         |
|     3 | BackupDirector | 2013-05-11 17:59:24 | B    | F     |    1,249 | 8,040,840 | T         |
|     4 | BackupCatalogo | 2013-05-11 18:12:02 | B    | F     |        1 |    61,008 | T         |
|     5 | BackupDirector | 2013-05-11 18:16:43 | B    | F     |    1,259 | 8,617,936 | T         |
|     6 | BackupCentOS   | 2013-05-11 19:14:25 | B    | F     |    1,189 | 8,546,112 | T         |
|     7 | BackupSqueeze  | 2013-05-11 19:38:24 | B    | F     |    1,490 | 5,780,720 | T         |
|     8 | BackupWheezy   | 2013-05-11 19:50:33 | B    | F     |    1,706 | 6,359,136 | T         |
+-------+----------------+---------------------+------+-------+----------+-----------+-----------+

O backup já foi finalizado agora vamos ver a mensagem do nosso backup

*mes
11-Mai 19:50 bacula-dir JobId 8: No prior Full backup Job record found.
11-Mai 19:50 bacula-dir JobId 8: No prior or suitable Full backup found in catalog. Doing FULL backup.
11-Mai 19:50 bacula-dir JobId 8: Start Backup JobId 8, Job=BackupWheezy.2013-05-11_19.50.31_17
11-Mai 19:50 bacula-dir JobId 8: Using Device "FileStorage" to write.
11-Mai 19:50 bacula-sd JobId 8: Volume "volume0001" previously written, moving to end of data.
11-Mai 19:50 bacula-sd JobId 8: Ready to append to end of Volume "volume0001" size=32743809
11-Mai 19:50 bacula-sd JobId 8: Elapsed time=00:00:04, Transfer rate=1.693 M Bytes/second
11-Mai 19:50 bacula-dir JobId 8: Bacula bacula-dir 5.2.13 (19Jan13):
  Build OS:               x86_64-unknown-linux-gnu redhat 
  JobId:                  8
  Job:                    BackupWheezy.2013-05-11_19.50.31_17
  Backup Level:           Full (upgraded from Incremental)
  Client:                 "wheezy-fd" 5.2.13 (19Jan13) x86_64-unknown-linux-gnu,debian,7.0
  FileSet:                "Full Set" 2013-05-11 17:59:22
  Pool:                   "File" (From Job resource)
  Catalog:                "Catalogo" (From Client resource)
  Storage:                "File" (From Job resource)
  Scheduled time:         11-Mai-2013 19:50:30
  Start time:             11-Mai-2013 19:50:33
  End time:               11-Mai-2013 19:50:37
  Elapsed time:           4 secs
  Priority:               10
  FD Files Written:       1,706
  SD Files Written:       1,706
  FD Bytes Written:       6,359,136 (6.359 MB)
  SD Bytes Written:       6,774,314 (6.774 MB)
  Rate:                   1589.8 KB/s
  Software Compression:   65.5 %
  VSS:                    no
  Encryption:             yes
  Accurate:               no
  Volume name(s):         volume0001
  Volume Session Id:      8
  Volume Session Time:    1368305134
  Last Volume Bytes:      39,585,635 (39.58 MB)
  Non-fatal FD errors:    0
  SD Errors:              0
  FD termination status:  OK
  SD termination status:  OK
  Termination:            Backup OK

11-Mai 19:50 bacula-dir JobId 8: Begin pruning Jobs older than 6 months .
11-Mai 19:50 bacula-dir JobId 8: No Jobs found to prune.
11-Mai 19:50 bacula-dir JobId 8: Begin pruning Files.
11-Mai 19:50 bacula-dir JobId 8: No Files found to prune.
11-Mai 19:50 bacula-dir JobId 8: End auto prune.

*

Aqui nós tivemos uma compactação de 65.5% e a nossa flag de criptografia está como yes :D

Configuração de um Cliente FreeBSD 9.1

A minha configuração do FreeBSD 9.1 está como em http://wiki.douglasqsantos.com.br/doku.php/instalacao_e_configuracao_inicial_do_freebsd_9.0_pt_br para que não tenha nenhum problema pelos menos confira o processo da sua instalação

Vamos procurar o ports do nosso bacula

Vamos acessar o nosso ports

cd /usr/ports

Agora vamos pesquisar o bacula-client

make search key=bacula-client
[...]
Port: bacula-client-5.2.12
Path: /usr/ports/sysutils/bacula-client
Info: Network backup solution (client)
Maint:  dan@langille.org
B-deps: gettext-0.18.1.1_1 libiconv-1.14_1
R-deps: gettext-0.18.1.1_1 libiconv-1.14_1
WWW:  http://www.bacula.org/
[...]

Agora vamos acessar o nosso ports

cd /usr/ports/sysutils/bacula-client

Agora vamos compilar ele

make && make install clean

Deixe as opções de compilações como default

Agora vamos ajustar o /etc/hosts do cliente

vim /etc/hosts
127.0.0.1       localhost
192.168.0.84    freebsd.douglasqsantos.com.br     freebsd
192.168.0.80    bacula.douglasqsantos.com.br      bacula
[...]

Agora vamos consultar o parâmetro para colocar o bacula-fd na inicialização do sistema

/usr/local/etc/rc.d/bacula-fd rcvar
# bacula_fd
#
bacula_fd_enable="NO"
#   (default: "")

Vamos colocar ele na inicialização do sistema

echo 'bacula_fd_enable="YES"' >> /etc/rc.conf

No FreeBSD os arquivos de configuração do bacula ficam em /usr/local/etc

cd /usr/local/etc

Vamos criar o diretório para armazenar as chaves

mkdir -p /usr/local/etc/bacula/keys

Agora vamos utilizar os arquivos de exemplo do bacula

cp bacula-fd.conf.sample bacula-fd.conf
cp bconsole.conf.sample bconsole.conf

Agora vamos configurar o cliente

vim /usr/local/etc/bacula-fd.conf
#
# Default  Bacula File Daemon Configuration file
#
#  For Bacula release 5.2.12 (12 September 2012) -- freebsd 9.1-RELEASE-p3
#
# There is not much to change here except perhaps the
# File daemon Name to
#

#
# List Directors who are permitted to contact this File daemon
#
Director {
  Name = bacula-dir
  Password = "pRXNyJE0As8z4LHTggYEH19zTo8GRoZEZUeQtYYK5NpF"
}

#
# Restricted Director, used by tray-monitor to get the
#   status of the file daemon
#
Director {
  Name = bacula-mon
  Password = "RQfVIdPfqleAwPxTyF0Fiu1R85BUHF43KQKV+/rk9+JW"
  Monitor = yes
}

#
# "Global" File daemon configuration specifications
#
FileDaemon {                          # this is me
  Name = freebsd-fd
  FDport = 9102                  # where we listen for the director
  WorkingDirectory = /var/db/bacula
  Pid Directory = /var/run
  Maximum Concurrent Jobs = 20
  FDAddress = 0.0.0.0
  PKI Signatures = Yes            # Habilita a assinatura dos dados
  PKI Encryption = Yes            # Habilita a criptografia dos dados
  PKI Keypair = "/usr/local/etc/bacula/keys/freebsd-fd.pem"    # Arquivo que contem a chave publica e privada
  PKI Master Key = "/usr/local/etc/bacula/keys/master.cert"    # Arquivo com a chave publica do servidor
}

# Send all messages except skipped files back to Director
Messages {
  Name = Standard
  director = bacula-dir = all, !skipped, !restored
}

Aqui não podemos deixar de mudar em Director o Name para bacula-dir e no segundo Director o Name para bacula-mon e por ultimo em Messages mudar o Name para bacula-dir, depois temos que adicionar as configurações da criptografia, já vamos gerar as chaves.

Agora vamos ajustar o arquivo do bconsole que é como vamos conectar no bacula para fazer backup pela linha de comando

vim /usr/local/etc/bconsole.conf
#
# Bacula User Agent (or Console) Configuration File
#

Director {
  Name = bacula-dir
  DIRport = 9101
  address = bacula.douglasqsantos.com.br
  Password = "Cv70F6pf1t6pBopT4vQOnigDrR0v3L" #Senha do bacula director
}

Agora no servidor bacula precisamos gerar as chaves para o FreeBSD

cd /etc/bacula/keys/clientes

Gerando a key

openssl genrsa -out freebsd-fd.key 2048

Agora vamos assinar a nossa chave

openssl req -new -key freebsd-fd.key -x509 -out freebsd-fd.cert
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:BR
State or Province Name (full name) []:Parana
Locality Name (eg, city) [Default City]:Curitiba
Organization Name (eg, company) [Default Company Ltd]:Douglas
Organizational Unit Name (eg, section) []:IT
Common Name (eg, your name or your server's hostname) []:freebsd.douglasqsantos.com.br
Email Address []:douglas@douglasqsantos.com.br

Agora vamos inserir a .key e a .cert em um arquivo .pem

cat freebsd-fd.key freebsd-fd.cert > freebsd-fd.pem

Agora vamos copiar as chaves para o FreeBSD client

scp freebsd-fd.pem ../master.cert freebsd.douglasqsantos.com.br:/usr/local/etc/bacula/keys/
[...]
root@freebsd.douglasqsantos.com.br's password: 
freebsd-fd.pem
master.cert 

Agora no cliente FreeBSD vamos ajustar as permissões das chaves

chown -R bacula:bacula /usr/local/etc/bacula/keys

Agora vamos iniciar o serviço do bacula-fd

/usr/local/etc/rc.d/bacula-fd restart

Agora vamos listar verificar se o bacula está escutando

netstat -na | egrep 9102
tcp4       0      0 *.9102                 *.*                    LISTEN

Agora no servidor bacula vamos ajustar a configuração do novo cliente

vim /etc/bacula/bacula-dir-clients-and-jobs.conf
[...]
#Inserir no final do arquivo
Job {
        Name = "BackupFreeBSD"                             # Nome do Job para Backup do Cliente
        JobDefs = "DefaultJobs"                           # JObDefs Definido
        Client = freebsd-fd                                # Cliente fd
}

Client {
  Name = freebsd-fd                                        # Cliente fd
  Address = freebsd.douglasqsantos.com.br                            # Ajustado no /etc/hosts
  Password = "pRXNyJE0As8z4LHTggYEH19zTo8GRoZEZUeQtYYK5NpF"     # Senha do Director do Bacula que foi configurado no cliente na primeira sessão Director
  @/etc/bacula/clientes/basic-client  # Arquivo onde contem informacoes sobre o cliente.
}

Aqui não esquecer de deixar a senha Password da sessão Client a mesma que esta na primeira sessão Director no bacula-fd.conf do cliente.

Agora vamos recarregar o bacula

bconsole
Connecting to Director bacula:9101
1000 OK: bacula-dir Version: 5.2.13 (19 February 2013)
Enter a period to cancel a command.
*reload

Agora vamos consultar o nosso novo cliente no bconsole

*status client=freebsd-fd 
Connecting to Client freebsd-fd at freebsd.douglasqsantos.com.br:9102

freebsd-fd Version: 5.2.12 (12 September 2012)  amd64-portbld-freebsd9.1 freebsd 9.1-RELEASE-p3
Daemon started 11-May-13 20:12. Jobs: run=0 running=0.
 Heap: heap=0 smbytes=22,885 max_bytes=23,032 bufs=65 max_bufs=66
 Sizeof: boffset_t=8 size_t=8 debug=0 trace=0 
Running Jobs:
Director connected at: 11-May-13 20:15
No Jobs running.
====

Terminated Jobs:
====
*

Agora vamos fazer um backup do nosso cliente

*run
Automatically selected Catalog: Catalogo
Using Catalog "Catalogo"
A job name must be specified.
The defined Job resources are:
     1: BackupCatalogo
     2: RestoreFiles
     3: BackupDirector
     4: BackupCentOS
     5: BackupSqueeze
     6: BackupWheezy
     7: BackupFreeBSD
Select Job resource (1-7): 7
Run Backup job
JobName:  BackupFreeBSD
Level:    Incremental
Client:   freebsd-fd
FileSet:  Full Set
Pool:     File (From Job resource)
Storage:  File (From Job resource)
When:     2013-05-11 20:14:11
Priority: 10
OK to run? (yes/mod/no): yes
Job queued. JobId=9
You have messages.

Agora vamos listar os nosso jobs

*list jobs
+-------+----------------+---------------------+------+-------+----------+-----------+-----------+
| jobid | name           | starttime           | type | level | jobfiles | jobbytes  | jobstatus |
+-------+----------------+---------------------+------+-------+----------+-----------+-----------+
|     1 | BackupCatalogo | 2013-05-11 17:53:14 | B    | F     |        1 |    43,545 | T         |
|     2 | BackupCatalogo | 2013-05-11 17:55:09 | B    | F     |        1 |     6,949 | T         |
|     3 | BackupDirector | 2013-05-11 17:59:24 | B    | F     |    1,249 | 8,040,840 | T         |
|     4 | BackupCatalogo | 2013-05-11 18:12:02 | B    | F     |        1 |    61,008 | T         |
|     5 | BackupDirector | 2013-05-11 18:16:43 | B    | F     |    1,259 | 8,617,936 | T         |
|     6 | BackupCentOS   | 2013-05-11 19:14:25 | B    | F     |    1,189 | 8,546,112 | T         |
|     7 | BackupSqueeze  | 2013-05-11 19:38:24 | B    | F     |    1,490 | 5,780,720 | T         |
|     8 | BackupWheezy   | 2013-05-11 19:50:33 | B    | F     |    1,706 | 6,359,136 | T         |
|     9 | BackupFreeBSD  | 2013-05-11 20:14:14 | B    | F     |      417 |   729,136 | T         |
+-------+----------------+---------------------+------+-------+----------+-----------+-----------+

O backup já foi finalizado agora vamos ver a mensagem do nosso backup

*mes
11-Mai 20:14 bacula-dir JobId 9: No prior Full backup Job record found.
11-Mai 20:14 bacula-dir JobId 9: No prior or suitable Full backup found in catalog. Doing FULL backup.
11-Mai 20:14 bacula-dir JobId 9: Start Backup JobId 9, Job=BackupFreeBSD.2013-05-11_20.14.12_19
11-Mai 20:14 bacula-dir JobId 9: Using Device "FileStorage" to write.
11-Mai 20:14 bacula-sd JobId 9: Volume "volume0001" previously written, moving to end of data.
11-Mai 20:14 bacula-sd JobId 9: Ready to append to end of Volume "volume0001" size=39585635
11-Mai 20:15 freebsd-fd JobId 9:      Could not stat "/etc/bacula/": ERR=No such file or directory
11-Mai 20:14 bacula-sd JobId 9: Elapsed time=00:00:02, Transfer rate=448.7 K Bytes/second
11-Mai 20:14 bacula-dir JobId 9: Bacula bacula-dir 5.2.13 (19Jan13):
  Build OS:               x86_64-unknown-linux-gnu redhat 
  JobId:                  9
  Job:                    BackupFreeBSD.2013-05-11_20.14.12_19
  Backup Level:           Full (upgraded from Incremental)
  Client:                 "freebsd-fd" 5.2.12 (12Sep12) amd64-portbld-freebsd9.1,freebsd,9.1-RELEASE-p3
  FileSet:                "Full Set" 2013-05-11 17:59:22
  Pool:                   "File" (From Job resource)
  Catalog:                "Catalogo" (From Client resource)
  Storage:                "File" (From Job resource)
  Scheduled time:         11-Mai-2013 20:14:11
  Start time:             11-Mai-2013 20:14:14
  End time:               11-Mai-2013 20:14:16
  Elapsed time:           2 secs
  Priority:               10
  FD Files Written:       417
  SD Files Written:       417
  FD Bytes Written:       729,136 (729.1 KB)
  SD Bytes Written:       897,504 (897.5 KB)
  Rate:                   364.6 KB/s
  Software Compression:   58.3 %
  VSS:                    no
  Encryption:             yes
  Accurate:               no
  Volume name(s):         volume0001
  Volume Session Id:      9
  Volume Session Time:    1368305134
  Last Volume Bytes:      40,512,041 (40.51 MB)
  Non-fatal FD errors:    1
  SD Errors:              0
  FD termination status:  OK
  SD termination status:  OK
  Termination:            Backup OK -- with warnings

11-Mai 20:14 bacula-dir JobId 9: Begin pruning Jobs older than 6 months .
11-Mai 20:14 bacula-dir JobId 9: No Jobs found to prune.
11-Mai 20:14 bacula-dir JobId 9: Begin pruning Files.
11-Mai 20:14 bacula-dir JobId 9: No Files found to prune.
11-Mai 20:14 bacula-dir JobId 9: End auto prune.

Aqui nós tivemos uma compactação de 58.3% e a nossa flag de criptografia está como yes :D Note que neste backup tivemos um warn pois o FileSet que estou utilizando faz backup do /etc/bacula e no freebsd o bacula fica em /usr/local/etc

Configuração de um Cliente OpenBSD 5.3

A minha configuração do OpenBSD 5.3 está como em http://wiki.douglasqsantos.com.br/doku.php/confinicialopenbsd56_en para que não tenha nenhum problema pelos menos confira o processo da sua instalação

Vamos instalar o bacula com o pkg_add

pkg_add -r bacula-client

Deixe as opções de compilações como default

Agora vamos ajustar o /etc/hosts do cliente

vim /etc/hosts
127.0.0.1       localhost
192.168.0.85    openbsd.douglasqsantos.com.br     openbsd
192.168.0.80    bacula.douglasqsantos.com.br      bacula
[...]

Vamos colocar ele na inicialização do sistema

vim /etc/rc.conf
[...]
pkg_scripts="bacula_fd"
[...]

Vamos criar o diretório para armazenar as chaves

mkdir -p /etc/bacula/keys

Vamos fazer um backup dos arquivos de configuração do Bacula

mkdir /usr/src/olds
cp -Rp /etc/bacula /usr/local/olds

Agora vamos configurar o cliente

vim /usr/local/etc/bacula-fd.conf
#
# Default  Bacula File Daemon Configuration file
#
#  For Bacula release 5.2.12 (12 September 2012) -- openbsd 5.3
#
# There is not much to change here except perhaps the
# File daemon Name to
#

#
# List Directors who are permitted to contact this File daemon
#
Director {
  Name = bacula-dir
  Password = "4r2yU39x4jV2VypEJWiHiulET1DgwgMvS8EdoT2PjdDP"
}

#
# Restricted Director, used by tray-monitor to get the
#   status of the file daemon
#
Director {
  Name = bacula-mon
  Password = "zKEsmzbGu1k6dIjZloS8v/r8edqmfc1P0NGlOQXs3kUt"
  Monitor = yes
}

#
# "Global" File daemon configuration specifications
#
FileDaemon {                          # this is me
  Name = openbsd-fd
  FDport = 9102                  # where we listen for the director
  WorkingDirectory = /var/bacula
  Pid Directory = /var/run
  Maximum Concurrent Jobs = 20
  FDAddress = 0.0.0.0
  PKI Signatures = Yes            # Habilita a assinatura dos dados
  PKI Encryption = Yes            # Habilita a criptografia dos dados
  PKI Keypair = "/etc/bacula/keys/openbsd-fd.pem"    # Arquivo que contem a chave publica e privada
  PKI Master Key = "/etc/bacula/keys/master.cert"    # Arquivo com a chave publica do servidor
}

# Send all messages except skipped files back to Director
Messages {
  Name = Standard
  director = bacula-dir = all, !skipped, !restored
}

Aqui no OpenBSD vem por padrão os Names como bacula-dir, bacula-mon e bacula-fd aqui precisamos so mudar o bacula-fd para openbsd-fd, depois temos que adicionar as configurações da criptografia, já vamos gerar as chaves.

Agora vamos ajustar o arquivo do bconsole que é como vamos conectar no bacula para fazer backup pela linha de comando

vim /etc/bacula/bconsole.conf
#
# Bacula User Agent (or Console) Configuration File
#

Director {
  Name = bacula-dir
  DIRport = 9101
  address = bacula.douglasqsantos.com.br
  Password = "Cv70F6pf1t6pBopT4vQOnigDrR0v3L" #Senha do bacula director
}

Agora no servidor bacula precisamos gerar as chaves para o OpenBSD

cd /etc/bacula/keys/clientes

Gerando a key

openssl genrsa -out openbsd-fd.key 2048

Agora vamos assinar a nossa chave

openssl req -new -key openbsd-fd.key -x509 -out openbsd-fd.cert
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:BR
State or Province Name (full name) []:Parana
Locality Name (eg, city) [Default City]:Curitiba
Organization Name (eg, company) [Default Company Ltd]:Douglas
Organizational Unit Name (eg, section) []:IT
Common Name (eg, your name or your server's hostname) []:openbsd.douglasqsantos.com.br
Email Address []:douglas@douglasqsantos.com.br

Agora vamos inserir a .key e a .cert em um arquivo .pem

cat openbsd-fd.key openbsd-fd.cert > openbsd-fd.pem

Agora vamos copiar as chaves para o OpenBSD client

scp openbsd-fd.pem ../master.cert openbsd.douglasqsantos.com.br:/etc/bacula/keys/
[...]
root@openbsd.douglasqsantos.com.br's password: 
openbsd-fd.pem
master.cert 

Agora no cliente OpenBSD vamos ajustar as permissões das chaves

chown -R root:_bacula /etc/bacula/keys

Agora vamos iniciar o serviço do bacula-fd

/etc/rc.d/bacula_fd restart

Agora vamos listar verificar se o bacula está escutando

netstat -na | egrep 9102
tcp       0      0 *.9102                 *.*                    LISTEN

Agora no servidor bacula vamos ajustar a configuração do novo cliente

vim /etc/bacula/bacula-dir-clients-and-jobs.conf
[...]
#Inserir no final do arquivo
Job {
        Name = "BackupOpenBSD"                             # Nome do Job para Backup do Cliente
        JobDefs = "DefaultJobs"                           # JObDefs Definido
        Client = openbsd-fd                                # Cliente fd
}

Client {
  Name = openbsd-fd                                        # Cliente fd
  Address = openbsd.douglasqsantos.com.br                            # Ajustado no /etc/hosts
  Password = "4r2yU39x4jV2VypEJWiHiulET1DgwgMvS8EdoT2PjdDP"     # Senha do Director do Bacula que foi configurado no cliente na primeira sessão Director
  @/etc/bacula/clientes/basic-client  # Arquivo onde contem informacoes sobre o cliente.
}

Aqui não esquecer de deixar a senha Password da sessão Client a mesma que esta na primeira sessão Director no bacula-fd.conf do cliente.

Agora vamos recarregar o bacula

bconsole
Connecting to Director bacula:9101
1000 OK: bacula-dir Version: 5.2.13 (19 February 2013)
Enter a period to cancel a command.
*reload

Agora vamos consultar o nosso novo cliente no bconsole

*status client=openbsd-fd 
Connecting to Client openbsd-fd at openbsd.douglasqsantos.com.br:9102

openbsd-fd Version: 5.2.12 (12 September 2012)  x86_64-unknown-openbsd5.3 openbsd 5.3
Daemon started 11-May-13 17:53. Jobs: run=0 running=0.
 Heap: heap=0 smbytes=15,230 max_bytes=15,377 bufs=60 max_bufs=61
 Sizeof: boffset_t=8 size_t=8 debug=0 trace=0 
Running Jobs:
Director connected at: 11-May-13 17:55
No Jobs running.
====

Terminated Jobs:
====
*

Agora vamos fazer um backup do nosso cliente

*run
Automatically selected Catalog: Catalogo
Using Catalog "Catalogo"
A job name must be specified.
The defined Job resources are:
     1: BackupCatalogo
     2: RestoreFiles
     3: BackupDirector
     4: BackupCentOS
     5: BackupSqueeze
     6: BackupWheezy
     7: BackupFreeBSD
     8: BackupOpenBSD
Select Job resource (1-8): 8
Run Backup job
JobName:  BackupOpenBSD
Level:    Incremental
Client:   openbsd-fd
FileSet:  Full Set
Pool:     File (From Job resource)
Storage:  File (From Job resource)
When:     2013-05-11 20:55:56
Priority: 10
OK to run? (yes/mod/no): yes
Job queued. JobId=10
You have messages.

Agora vamos listar os nosso jobs

*list jobs
+-------+----------------+---------------------+------+-------+----------+------------+-----------+
| jobid | name           | starttime           | type | level | jobfiles | jobbytes   | jobstatus |
+-------+----------------+---------------------+------+-------+----------+------------+-----------+
|     1 | BackupCatalogo | 2013-05-11 17:53:14 | B    | F     |        1 |     43,545 | T         |
|     2 | BackupCatalogo | 2013-05-11 17:55:09 | B    | F     |        1 |      6,949 | T         |
|     3 | BackupDirector | 2013-05-11 17:59:24 | B    | F     |    1,249 |  8,040,840 | T         |
|     4 | BackupCatalogo | 2013-05-11 18:12:02 | B    | F     |        1 |     61,008 | T         |
|     5 | BackupDirector | 2013-05-11 18:16:43 | B    | F     |    1,259 |  8,617,936 | T         |
|     6 | BackupCentOS   | 2013-05-11 19:14:25 | B    | F     |    1,189 |  8,546,112 | T         |
|     7 | BackupSqueeze  | 2013-05-11 19:38:24 | B    | F     |    1,490 |  5,780,720 | T         |
|     8 | BackupWheezy   | 2013-05-11 19:50:33 | B    | F     |    1,706 |  6,359,136 | T         |
|     9 | BackupFreeBSD  | 2013-05-11 20:14:14 | B    | F     |      417 |    729,136 | T         |
|    10 | BackupOpenBSD  | 2013-05-11 20:55:59 | B    | F     |      408 | 13,669,424 | T         |
+-------+----------------+---------------------+------+-------+----------+------------+-----------+

O backup já foi finalizado agora vamos ver a mensagem do nosso backup

*mes
11-Mai 20:55 bacula-dir JobId 10: No prior Full backup Job record found.
11-Mai 20:55 bacula-dir JobId 10: No prior or suitable Full backup found in catalog. Doing FULL backup.
11-Mai 20:55 bacula-dir JobId 10: Start Backup JobId 10, Job=BackupOpenBSD.2013-05-11_20.55.57_22
11-Mai 20:55 bacula-dir JobId 10: Using Device "FileStorage" to write.
11-Mai 20:55 bacula-sd JobId 10: Volume "volume0001" previously written, moving to end of data.
11-Mai 20:55 bacula-sd JobId 10: Ready to append to end of Volume "volume0001" size=40512041
11-Mai 20:56 bacula-sd JobId 10: Elapsed time=00:00:03, Transfer rate=4.607 M Bytes/second
11-Mai 20:56 bacula-dir JobId 10: Bacula bacula-dir 5.2.13 (19Jan13):
  Build OS:               x86_64-unknown-linux-gnu redhat 
  JobId:                  10
  Job:                    BackupOpenBSD.2013-05-11_20.55.57_22
  Backup Level:           Full (upgraded from Incremental)
  Client:                 "openbsd-fd" 5.2.12 (12Sep12) x86_64-unknown-openbsd5.3,openbsd,5.3
  FileSet:                "Full Set" 2013-05-11 17:59:22
  Pool:                   "File" (From Job resource)
  Catalog:                "Catalogo" (From Client resource)
  Storage:                "File" (From Job resource)
  Scheduled time:         11-Mai-2013 20:55:56
  Start time:             11-Mai-2013 20:55:59
  End time:               11-Mai-2013 20:56:02
  Elapsed time:           3 secs
  Priority:               10
  FD Files Written:       408
  SD Files Written:       408
  FD Bytes Written:       13,669,424 (13.66 MB)
  SD Bytes Written:       13,821,260 (13.82 MB)
  Rate:                   4556.5 KB/s
  Software Compression:   18.2 %
  VSS:                    no
  Encryption:             yes
  Accurate:               no
  Volume name(s):         volume0001
  Volume Session Id:      10
  Volume Session Time:    1368305134
  Last Volume Bytes:      54,369,283 (54.36 MB)
  Non-fatal FD errors:    0
  SD Errors:              0
  FD termination status:  OK
  SD termination status:  OK
  Termination:            Backup OK

11-Mai 20:56 bacula-dir JobId 10: Begin pruning Jobs older than 6 months .
11-Mai 20:56 bacula-dir JobId 10: No Jobs found to prune.
11-Mai 20:56 bacula-dir JobId 10: Begin pruning Files.
11-Mai 20:56 bacula-dir JobId 10: No Files found to prune.
11-Mai 20:56 bacula-dir JobId 10: End auto prune.

Aqui nós tivemos uma compactação de 18.2% e a nossa flag de criptografia está como yes :D

Configuração do Cliente Windows 2008 R2

Agora vamos instalar um cliente Windows eu vou utilizar um Windows Server 2008 R2 Enterprise

Podemos obter o cliente em http://wiki.douglasqsantos.com.br/Downloads/bacula/bacula-win64-5.2.10.exe

Agora vamos instalar ele

  • Mande executar o bacula-win64-5.2.10.exe com direito administrativos
  • Agora selecione Next
  • Agora selecione I Agree
  • Agora selecione Automatic
  • Agora selecione Next
  • Agora vamos informar os dados do bacula-dir:
    • Em DIR Name informe: bacula-dir
    • Em DIR Password informe: Cv70F6pf1t6pBopT4vQOnigDrR0v3L que é a senha do bacula-dir
    • Em DIR Address informe: bacula.douglasqsantos.com.br
  • Agora selecione Install
  • Agora selecione Next
  • Agora selecione Finish

Agora vamos ajustar o c:\Windows\System32\Drivers\etc\hosts

notepad c:\Windows\System32\Drivers\etc\hosts
[...]
#No final do arquivo insira a seguinte linha
192.168.0.80 bacula.douglasqsantos.com.br

Agora vamos criar um diretório chamado keys em c:\Windows\%ProgramFiles%\Bacula\

mkdir "%ProgramFiles%\Bacula\keys"

Agora vamos deixar o backup-fd.conf da seguinte forma

notepad "%ProgramFiles%\Bacula\bacula-fd.conf"
# Default  Bacula File Daemon Configuration file
#
#  For Bacula release 5.2.6 (02/21/12) -- Windows MinGW32
#
# There is not much to change here except perhaps the
# File daemon Name
#
 
#
# "Global" File daemon configuration specifications
#
FileDaemon {                            
  Name = win2k8R2-fd                                                        # Nome do cliente-fd
  FDport = 9102                                                        # Porta de Comunicacao
  WorkingDirectory = "C:\\Program Files\\Bacula\\working"              # Diretorio de Trabalho
  Pid Directory = "C:\\Program Files\\Bacula\\working"                 # Diretorio de PID
# Plugin Directory = "C:\\Program Files\\Bacula\\plugins"              # Diretorio de Plugins
  Maximum Concurrent Jobs = 10                                         # Numero Maximo de Jobs em execucao
  FDAddress = 0.0.0.0
  PKI Signatures = Yes            # Habilita a assinatura dos dados
  PKI Encryption = Yes            # Habilita a criptografia dos dados
  PKI Keypair = "C:\\Program Files\\Bacula\\keys\\win2k8R2-fd.pem"    # Arquivo que contem a chave publica e privada
  PKI Master Key = "C:\\Program Files\\Bacula\\keys\\master.cert"    # Arquivo com a chave publica do servidor
}
 
#
# List Directors who are permitted to contact this File daemon
#
Director {
  Name = bacula-dir         # ALTERAR PARA O NOME DO 'DIRECTOR' DO BACULA
  Password = "a0wDKVckyaTacqItfkCxddJxyBLwAXFn7"  # SENHA PARA COMUNICACAO COM ARQUIVO CLIENTS-AND-JOBS.CONF
}
 
#
# Restricted Director, used by tray-monitor to get the
#   status of the file daemon
# UTILIZADO PELO BACULA MONITOR
Director {
  Name = bacula-mon
  Password = "yQevDJfJg7fBgp8PfOxWTKqTqhUUTvAMn"
  Monitor = yes
}
 
# Send all messages except skipped files back to Director
Messages {
  Name = Standard
  director = bacula-dir = all, !skipped, !restored
}

Agora para podermos efetuar backup do c: do Windows precisamos importar a seguinte chave do resgistro

notepad bacula.reg
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wbengine]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wbengine\SystemStateBackup]
"ALlowSSBToAny"=dword:00000001

Agora no servidor bacula vamos criar um novo cliente

vim /etc/bacula/bacula-dir-clients-and-jobs.conf
[...]
#Inserir no final do arquivo
Job {
        Name = "BackupWin2008"                           # Nome do Job para Backup do Director (Proprio Servidor Bacula)
        JobDefs = "DefaultWindows"                           # JObDefs Definido
        Client = win2k8R2-fd                                # Cliente fd
}

Client {
  Name = win2k8R2-fd                                        # Cliente fd
  Address = win2k8R2.douglasqsantos.com.br                            # Ajustado no /etc/hosts
  Password = "a0wDKVckyaTacqItfkCxddJxyBLwAXFn7"          # Senha do Director do Bacula que foi definida no cliente
  @/etc/bacula/clientes/basic-client  # Arquivo onde contem informacoes sobre o cliente.
}

Agora no servidor bacula precisamos gerar as chaves para o Windows Server 2008 R2

cd /etc/bacula/keys/clientes

Gerando a key

openssl genrsa -out win2k8R2-fd.key 2048

Agora vamos assinar a nossa chave

openssl req -new -key win2k8R2-fd.key -x509 -out win2k8R2-fd.cert
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:BR
State or Province Name (full name) []:Parana
Locality Name (eg, city) [Default City]:Curitiba
Organization Name (eg, company) [Default Company Ltd]:Douglas
Organizational Unit Name (eg, section) []:IT
Common Name (eg, your name or your server's hostname) []:win2k8R2.douglasqsantos.com.br
Email Address []:douglas@douglasqsantos.com.br

Agora vamos inserir a .key e a .cert em um arquivo .pem

cat win2k8R2-fd.key win2k8R2-fd.cert > win2k8R2-fd.pem

Agora vamos copiar as chaves para o Windows 2008 R2 isso pode ser feito com o WinSCP

Precisamos copiar a chave win2k8R2.pem e master.cert para o diretório keys do bacula

Agora precisamos mandar iniciar o serviço Detecção de Serviços Interativos (Interactive Services Detection) esse serviço pode mudar para ser iniciado automáticamente e o serviço do bacula e o serviço

Agora para o bacula conseguir chegar no cliente precisamos liberar a porta 9102 no servidor Windows(Liberar a porta 9102 no Firewall).

Agora vamos listar verificar se o bacula está escutando

netstat -na
tcp       0.0.0.0:9102                0.0.0.0:0                    LISTENING

Agora vamos recarregar o bacula

bconsole
Connecting to Director bacula:9101
1000 OK: bacula-dir Version: 5.2.13 (19 February 2013)
Enter a period to cancel a command.
*reload

Agora vamos consultar o nosso novo cliente no bconsole

*status client=win2k8R2-fd 
Connecting to Client win2k8R2-fd at win2k8R2.douglasqsantos.com.br:9102

win2k8r2-fd Version: 5.2.10 (28 June 2012)  VSS Linux Cross-compile Win64
Daemon started 11-May-13 21:38. Jobs: run=0 running=0.
Microsoft Windows Server 2008 R2 Enterprise Edition Service Pack 1 (build 7601), 64-bit
 Heap: heap=0 smbytes=17,978 max_bytes=18,125 bufs=65 max_bufs=66
 Sizeof: boffset_t=8 size_t=8 debug=0 trace=1 
Running Jobs:
Director connected at: 11-May-13 21:42
No Jobs running.
====

Terminated Jobs:
====
*

Agora vamos fazer um backup do nosso cliente

*run
Automatically selected Catalog: Catalogo
Using Catalog "Catalogo"
A job name must be specified.
The defined Job resources are:
     1: BackupCatalogo
     2: RestoreFiles
     3: BackupDirector
     4: BackupCentOS
     5: BackupSqueeze
     6: BackupWheezy
     7: BackupFreeBSD
     8: BackupOpenBSD
     9: BackupWin2008
Select Job resource (1-9): 9
Run Backup job
JobName:  BackupWin2008
Level:    Incremental
Client:   win2k8R2-fd
FileSet:  WindowsFS
Pool:     File (From Job resource)
Storage:  File (From Job resource)
When:     2013-05-11 21:43:16
Priority: 10
OK to run? (yes/mod/no): yes
Job queued. JobId=11
You have messages.

Agora vamos listar os nosso jobs

*list jobs
+-------+----------------+---------------------+------+-------+----------+------------+-----------+
| jobid | name           | starttime           | type | level | jobfiles | jobbytes   | jobstatus |
+-------+----------------+---------------------+------+-------+----------+------------+-----------+
|     1 | BackupCatalogo | 2013-05-11 17:53:14 | B    | F     |        1 |     43,545 | T         |
|     2 | BackupCatalogo | 2013-05-11 17:55:09 | B    | F     |        1 |      6,949 | T         |
|     3 | BackupDirector | 2013-05-11 17:59:24 | B    | F     |    1,249 |  8,040,840 | T         |
|     4 | BackupCatalogo | 2013-05-11 18:12:02 | B    | F     |        1 |     61,008 | T         |
|     5 | BackupDirector | 2013-05-11 18:16:43 | B    | F     |    1,259 |  8,617,936 | T         |
|     6 | BackupCentOS   | 2013-05-11 19:14:25 | B    | F     |    1,189 |  8,546,112 | T         |
|     7 | BackupSqueeze  | 2013-05-11 19:38:24 | B    | F     |    1,490 |  5,780,720 | T         |
|     8 | BackupWheezy   | 2013-05-11 19:50:33 | B    | F     |    1,706 |  6,359,136 | T         |
|     9 | BackupFreeBSD  | 2013-05-11 20:14:14 | B    | F     |      417 |    729,136 | T         |
|    10 | BackupOpenBSD  | 2013-05-11 20:55:59 | B    | F     |      408 | 13,669,424 | T         |
|    11 | BackupWin2008  | 2013-05-11 21:43:20 | B    | F     |        0 |          0 | R         |
+-------+----------------+---------------------+------+-------+----------+------------+-----------+

Galera o backup do Windows demora dependendo do que ele tem armazenado e no final vamos ter o mesmo processo do Linux o percentual de compactação e a flag de criptografia

Configuração do cliente Windows 2012

Agora vamos instalar um cliente Windows eu vou utilizar um Windows Server 2012 Stardard

Podemos obter o cliente em http://wiki.douglasqsantos.com.br/Downloads/bacula/bacula-win64-5.2.10.exe

Agora vamos instalar ele

  • Mande executar o bacula-win64-5.2.10.exe com direito administrativos
  • Agora selecione Next
  • Agora selecione I Agree
  • Agora selecione Automatic
  • Agora selecione Next
  • Agora vamos informar os dados do bacula-dir:
    • Em DIR Name informe: bacula-dir
    • Em DIR Password informe: Cv70F6pf1t6pBopT4vQOnigDrR0v3L que é a senha do bacula-dir
    • Em DIR Address informe: bacula.douglasqsantos.com.br
  • Agora selecione Install
  • Agora selecione Next
  • Agora selecione Finish

Agora vamos ajustar o c:\Windows\System32\Drivers\etc\hosts

notepad c:\Windows\System32\Drivers\etc\hosts
[...]
#No final do arquivo insira a seguinte linha
192.168.0.80 bacula.douglasqsantos.com.br

Agora vamos criar um diretório chamado keys em c:\Windows\%ProgramFiles%\Bacula\

mkdir "%ProgramFiles%\Bacula\keys"

Agora vamos deixar o backup-fd.conf da seguinte forma

notepad "%ProgramFiles%\Bacula\bacula-fd.conf"
# Default  Bacula File Daemon Configuration file
#
#  For Bacula release 5.2.6 (02/21/12) -- Windows MinGW32
#
# There is not much to change here except perhaps the
# File daemon Name
#
 
#
# "Global" File daemon configuration specifications
#
FileDaemon {                            
  Name = Win2012-fd                                                        # Nome do cliente-fd
  FDport = 9102                                                        # Porta de Comunicacao
  WorkingDirectory = "C:\\Program Files\\Bacula\\working"              # Diretorio de Trabalho
  Pid Directory = "C:\\Program Files\\Bacula\\working"                 # Diretorio de PID
# Plugin Directory = "C:\\Program Files\\Bacula\\plugins"              # Diretorio de Plugins
  Maximum Concurrent Jobs = 10                                         # Numero Maximo de Jobs em execucao
  FDAddress = 0.0.0.0
  PKI Signatures = Yes            # Habilita a assinatura dos dados
  PKI Encryption = Yes            # Habilita a criptografia dos dados
  PKI Keypair = "C:\\Program Files\\Bacula\\keys\\win2k12-fd.pem"    # Arquivo que contem a chave publica e privada
  PKI Master Key = "C:\\Program Files\\Bacula\\keys\\master.cert"    # Arquivo com a chave publica do servidor
  
}
 
#
# List Directors who are permitted to contact this File daemon
#
Director {
  Name = bacula-dir         # ALTERAR PARA O NOME DO 'DIRECTOR' DO BACULA
  Password = "a0wDKVckyaTacqItfkCxddJxyBLwAXFn7"  # SENHA PARA COMUNICACAO COM ARQUIVO CLIENTS-AND-JOBS.CONF
}
 
#
# Restricted Director, used by tray-monitor to get the
#   status of the file daemon
# UTILIZADO PELO BACULA MONITOR
Director {
  Name = bacula-mon
  Password = "yQevDJfJg7fBgp8PfOxWTKqTqhUUTvAMn"
  Monitor = yes
}
 
# Send all messages except skipped files back to Director
Messages {
  Name = Standard
  director = bacula-dir = all, !skipped, !restored
}

Agora para podermos efetuar backup do c: do Windows precisamos importar a seguinte chave do resgistro

notepad bacula.reg
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wbengine]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wbengine\SystemStateBackup]
"ALlowSSBToAny"=dword:00000001

Como estamos utilizando o Windows 2012 como cliente precisamos habilitar a descoberta de serviços interativos no registro do Windows:

  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Windows\NoInteractiveServices

Precisamos mudar essa chave para o valor 0.

Agora precisamos mandar iniciar o serviço do bacula e o serviço Detecção de Serviços Interativos.

Agora para o bacula conseguir chegar no cliente precisamos liberar a porta 9102 no servidor Windows.

Agora no servidor bacula vamos criar um novo cliente

vim /etc/bacula/bacula-dir-clients-and-jobs.conf
[...]
#Inserir no final do arquivo
Job {
        Name = "BackupWin2012"                           # Nome do Job para Backup do Director (Proprio Servidor Bacula)
        JobDefs = "DefaultWindows"                           # JObDefs Definido
        Client = win2k12-fd                                # Cliente fd
}

Client {
  Name = win2k12-fd                                        # Cliente fd
  Address = win2k12.douglasqsantos.com.br                            # Ajustado no /etc/hosts
  Password = "a0wDKVckyaTacqItfkCxddJxyBLwAXFn7"          # Senha do Director do Bacula que foi definida no cliente
  @/etc/bacula/clientes/basic-client  # Arquivo onde contem informacoes sobre o cliente.
}

Agora no servidor bacula precisamos gerar as chaves para o Windows 2012

cd /etc/bacula/keys/clientes

Gerando a key

openssl genrsa -out win2k12-fd.key 2048

Agora vamos assinar a nossa chave

openssl req -new -key win2k12-fd.key -x509 -out win2k12-fd.cert
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:BR
State or Province Name (full name) []:Parana
Locality Name (eg, city) [Default City]:Curitiba
Organization Name (eg, company) [Default Company Ltd]:Douglas
Organizational Unit Name (eg, section) []:IT
Common Name (eg, your name or your server's hostname) []:win2k12.douglasqsantos.com.br
Email Address []:douglas@douglasqsantos.com.br

Agora vamos inserir a .key e a .cert em um arquivo .pem

cat win2k12-fd.key win2k12-fd.cert > win2k12-fd.pem

Agora vamos copiar as chaves para o Windows 2012 isso pode ser feito com o WinSCP

Precisamos copiar a chave win2k12.pem e master.cert para o diretório keys do bacula

Agora precisamos mandar iniciar o serviço Detecção de Serviços Interativos (Interactive Services Detection) esse serviço pode mudar para ser iniciado automáticamente e o serviço do bacula e o serviço

Agora para o bacula conseguir chegar no cliente precisamos liberar a porta 9102 no servidor Windows(Liberar a porta 9102 no Firewall).

Agora vamos listar verificar se o bacula está escutando

netstat -na
tcp       0.0.0.0:9102                0.0.0.0:0                    LISTENING

Agora vamos recarregar o bacula

bconsole
Connecting to Director bacula:9101
1000 OK: bacula-dir Version: 5.2.13 (19 February 2013)
Enter a period to cancel a command.
*reload

Agora vamos consultar o nosso novo cliente no bconsole

*status client=win2012-fd 
Connecting to Client win2k12-fd at win2k12.douglasqsantos.com.br:9102
 
Win2012-fd Version: 5.2.10 (28 June 2012)  VSS Linux Cross-compile Win64
Daemon started 12-Apr-13 14:06. Jobs: run=0 running=0.
Microsoft Standard Edition (build 9200), 64-bit
 Heap: heap=0 smbytes=18,754 max_bytes=18,901 bufs=53 max_bufs=54
 Sizeof: boffset_t=8 size_t=8 debug=0 trace=1 
Running Jobs:
Director connected at: 11-May-13 21:52
No Jobs running.
====

Terminated Jobs:
====
*

Agora vamos fazer um backup do nosso cliente

*run
Automatically selected Catalog: Catalogo
Using Catalog "Catalogo"
A job name must be specified.
The defined Job resources are:
     1: BackupCatalogo
     2: RestoreFiles
     3: BackupDirector
     4: BackupCentOS
     5: BackupSqueeze
     6: BackupWheezy
     7: BackupFreeBSD
     8: BackupOpenBSD
     9: BackupWin2008
     10: BackupWin2012
Select Job resource (1-9): 10
Run Backup job
JobName:  BackupWin2012
Level:    Incremental
Client:   win2k10-fd
FileSet:  WindowsFS
Pool:     File (From Job resource)
Storage:  File (From Job resource)
When:     2013-05-11 21:53:16
Priority: 10
OK to run? (yes/mod/no): yes
Job queued. JobId=11
You have messages.

Agora vamos listar os nosso jobs

*list jobs
+-------+----------------+---------------------+------+-------+----------+------------+-----------+
| jobid | name           | starttime           | type | level | jobfiles | jobbytes   | jobstatus |
+-------+----------------+---------------------+------+-------+----------+------------+-----------+
|     1 | BackupCatalogo | 2013-05-11 17:53:14 | B    | F     |        1 |     43,545 | T         |
|     2 | BackupCatalogo | 2013-05-11 17:55:09 | B    | F     |        1 |      6,949 | T         |
|     3 | BackupDirector | 2013-05-11 17:59:24 | B    | F     |    1,249 |  8,040,840 | T         |
|     4 | BackupCatalogo | 2013-05-11 18:12:02 | B    | F     |        1 |     61,008 | T         |
|     5 | BackupDirector | 2013-05-11 18:16:43 | B    | F     |    1,259 |  8,617,936 | T         |
|     6 | BackupCentOS   | 2013-05-11 19:14:25 | B    | F     |    1,189 |  8,546,112 | T         |
|     7 | BackupSqueeze  | 2013-05-11 19:38:24 | B    | F     |    1,490 |  5,780,720 | T         |
|     8 | BackupWheezy   | 2013-05-11 19:50:33 | B    | F     |    1,706 |  6,359,136 | T         |
|     9 | BackupFreeBSD  | 2013-05-11 20:14:14 | B    | F     |      417 |    729,136 | T         |
|    10 | BackupOpenBSD  | 2013-05-11 20:55:59 | B    | F     |      408 | 13,669,424 | T         |
|    11 | BackupWin2008  | 2013-05-11 21:43:20 | B    | F     |        0 |          0 | R         |
|    11 | BackupWin2012  | 2013-05-11 21:53:20 | B    | F     |        0 |          0 | R         |
+-------+----------------+---------------------+------+-------+----------+------------+-----------+

Galera o backup do Windows demora dependendo do que ele tem armazenado e no final vamos ter o mesmo processo do Linux o percentual de compactação e a flag de criptografia

Instalando e configurando o Webmin para o Bacula

Agora vamos instalar o webmin para o gerenciamento do webmin

rpm -Uvh http://ufpr.dl.sourceforge.net/project/webadmin/webmin/1.620/webmin-1.620-1.noarch.rpm

Agora vamos acessar http://192.168.0.80:10000

Vamos ter uma tela como a abaixo.

Aqui precisamor informar o usuário root e a senha do usuário root

Aqui nesta tela temos que selecionar Bacula Backup System

Vamos ter o seguinte erro

Aqui selecione Module Config

Vamos ter a seguinte tela

Aqui precisamos informar a senha para o bacula como senha se foi seguido o padrão que eu utilizei e em bacula database server informe localhost e save

Pronto aqui é so administratar o bacula pelo webmin.

Instalação do Bat para Windows 7

Agora vamos instalar em um cliente Windows 7

Podemos obter o cliente em http://wiki.douglasqsantos.com.br/Downloads/bacula/bacula-win64-5.2.10.exe

Agora vamos instalar ele

  • Mande executar o bacula-win64-5.2.10.exe com direito administrativos
  • Agora selecione Next
  • Agora selecione I Agree
  • Agora selecione Automatic
  • Agora selecione Next
  • Agora vamos informar os dados do bacula-dir:
    • Em DIR Name informe: bacula-dir
    • Em DIR Password informe: Cv70F6pf1t6pBopT4vQOnigDrR0v3L que é a senha do bacula-dir
    • Em DIR Address informe: bacula.douglasqsantos.com.br
  • Agora selecione Install
  • Agora selecione Next
  • Agora selecione Finish

Agora no menu iniciar/todos os programas/Bacula/Bat temos a nossa console de administração para o Bacula

Referências