CFEngine templating example

The CFengine devs would apparently rather see their whole product fail than to bother write good examples for templating.

Fuck that, here you go.

 

 

This is an old-style template.

"any" blocks are rendered on any condition and, thusly, any OS

the OS specific paths are put in OS-dependent parts.

Anything ${ } is a variable I define externally.

Director {
[%CFEngine any:: %]
  Name     = ${generic_variable_definition.baculaserver_name}
  Password = "$( client.password )"
  TLS Enable = yes
  TLS Require = yes
  TLS Verify Peer = yes
  TLS CA Certificate File = /etc/ssl/certs/ca-cert-CAcert_signing_CA.pem
  TLS Certificate = /etc/ssl/certs/${sys.fqhost}.crt
  TLS Key = /etc/ssl/private/${sys.fqhost}.key
}

FileDaemon {
  Name      = ${sys.fqhost}
  FDAddress = ${sys.ipv4}
  FDport    = 9102
[%CFEngine freebsd:: %]
  WorkingDirectory = /var/db/bacula
  Pid Directory    = /var/run
[%CFEngine debian:: %]
  WorkingDirectory = /var/lib/bacula
  Pid Directory    = /var/run/bacula
[%CFEngine alpinelinux:: %]
  WorkingDirectory = /var/lib/bacula
  Pid Directory    = /var/run
[%CFEngine any:: %]
  Maximum Concurrent Jobs = 20
  SDConnectTimeout   = 600s
  Heartbeat Interval = 60s
  Maximum Network Buffer Size = 32768
  TLS Enable = yes
  TLS Require = yes
  TLS CA Certificate File = /etc/ssl/certs/ca-cert-CAcert_signing_CA.pem
  TLS Certificate = /etc/ssl/certs/${sys.fqhost}.crt
  TLS Key = /etc/ssl/private/${sys.fqhost}.key
}


Messages {
  Name = Standard
  director = ${generic_variable_definition.baculaserver_name} = all, !skipped, !restored
}