How to Install bareos in a TrueNAS/FreeBSD Jail with bareos-webui

*NOTE: These are quick notes for when I've been installing the software - they're not extensive, its more for record and to help anyway else.

Software : bareos

Planform : TrueNAS CORE 12.0-U5

Jail : Release 12.2

Purpose : Backup local virtual machines and remote computers/files/sql

Login to Jail

1. SSH to TrueNAS 
2. type iocage list
3. find the jail and type iocage console <name> i.e. iocage console bareos

Install pre-reqs

1. pkg install -y wget postgresql12-server libxml2 nano php74 curl ZendFramework-php74 mod_php74
2. Setup postgresql
1. sysrc postgresql_enable=yes
2. /usr/local/etc/rc.d/postgresql initdb
3. service postgresql start
3. Setup php
1. ln -s /usr/local/etc/php.ini-production /usr/local/etc/php.ini
2. sysrc php_fpm_enable=yes
3. service php-fpm start
4. Edit /usr/local/etc/php.ini
1. nano /usr/local/etc/php.ini
2. Under the section ;Paths and Directories add
1. include_path = ".:/usr/local/share/ZendFramework/library"
3. service php-fpm restart

Install bareos

1. Install bareos using script below
1. nano install_bareos.sh (copy paste script below)
2. chmod +x install_bareos.sh
3. ./install_bareos.sh

<<SCRIPT>> - start

#!/bin/sh

# See https://download.bareos.org/bareos/release/

# for applicable releases and distributions

DIST=FreeBSD_12.2

# or

# DIST=FreeBSD_12.1

# DIST=FreeBSD_11.4

RELEASE=release/20

# or

# RELEASE=experimental/nightly

URL=https://download.bareos.org/bareos/$RELEASE/$DIST

# add the Bareos repository

cd /etc/pkg

wget -q $URL/bareos.conf

# install Bareos packages

pkg install --yes bareos.com-director bareos.com-storage bareos.com-filedaemon bareos.com-database-postgresql bareos.com-bconsole

# setup the Bareos database

su postgres -c /usr/lib/bareos/scripts/create_bareos_database

su postgres -c /usr/lib/bareos/scripts/make_bareos_tables

su postgres -c /usr/lib/bareos/scripts/grant_bareos_privileges

# enable services

sysrc bareosdir_enable=YES

sysrc bareossd_enable=YES

sysrc bareosfd_enable=YES

# start services

service bareos-dir start

service bareos-sd start

service bareos-fd start

<<SCRIPT>> - end

 

Post Install Tasks

1. Update bconsole password
2. Copy password cat /usr/local/etc/bareos/bareos-dir.d/director/bareos-dir.conf
3. Insert into /usr/local/etc/bareos/bconsole.conf
4. test by typing bconsole should show successful connection

Installing bareos web-ui (apache24)

1. pkg install -y apache24
2. sysrc apache24_enable=yes
3. service apache24 start
1. NOTE * If you get an error talking about "Could not reliably determine the servers's fully qualified domain name" you'll need to edit /usr/local/etc/apache24/httpd.conf and search for ServerName and update as directed. i.e. i didn't have a FQDN so put my local ip address.
4. pkg install -y bareos-webui
5. edit /usr/local/etc/apache24/httpd.conf
1. backup defeault httpd.conf mv /usr/local/etc/apache24/httpd.conf /usr/local/etc/apache24/httpd.conf.bck
2. Create new httpd.conf file nano httpd.conf
1. add the below test and edit the ServerName to reflect the servers IP
3. restart the service service apache24 restart
4. open a broswers and go to http://<serverip>/bareos-webui
5. Login with
1. username : admin
2. password : admin
3. NOTE* if you get a login error 
1. run bconsole
2. run reload
4. try logging back in
6. Update BackupCatalog job to refresh bvfs cache - this is to show the files within the webui there is an issue if you don't run this after the job that no files show up.
1. nano /usr/local/etc/bareos/bareos-dir.d/job/BackupCatalog.conf
2. under RunAfterJob input the following.

  Run Script {

    Console = ".bvfs_update"

    RunsWhen = After

    RunsOnClient = No

  }

NOTE : Changing the ALIAS within the httpd.conf file from bareos-webui breaks the rewrite you'll also need to update the RewriteBase value in httpd.conf to.

FILE httpd.conf

ServerRoot "/usr/local"

Listen 80

LoadModule mpm_prefork_module libexec/apache24/mod_mpm_prefork.so

LoadModule authn_file_module libexec/apache24/mod_authn_file.so

LoadModule authn_core_module libexec/apache24/mod_authn_core.so

LoadModule authz_host_module libexec/apache24/mod_authz_host.so

LoadModule authz_groupfile_module libexec/apache24/mod_authz_groupfile.so

LoadModule authz_user_module libexec/apache24/mod_authz_user.so

LoadModule authz_core_module libexec/apache24/mod_authz_core.so

LoadModule access_compat_module libexec/apache24/mod_access_compat.so

LoadModule auth_basic_module libexec/apache24/mod_auth_basic.so

LoadModule reqtimeout_module libexec/apache24/mod_reqtimeout.so

LoadModule filter_module libexec/apache24/mod_filter.so

LoadModule mime_module libexec/apache24/mod_mime.so

LoadModule log_config_module libexec/apache24/mod_log_config.so

LoadModule env_module libexec/apache24/mod_env.so

LoadModule headers_module libexec/apache24/mod_headers.so

LoadModule setenvif_module libexec/apache24/mod_setenvif.so

LoadModule version_module libexec/apache24/mod_version.so

LoadModule unixd_module libexec/apache24/mod_unixd.so

LoadModule status_module libexec/apache24/mod_status.so

LoadModule autoindex_module libexec/apache24/mod_autoindex.so

<IfModule !mpm_prefork_module>

        #LoadModule cgid_module libexec/apache24/mod_cgid.so

</IfModule>

<IfModule mpm_prefork_module>

        #LoadModule cgi_module libexec/apache24/mod_cgi.so

</IfModule>

LoadModule dir_module libexec/apache24/mod_dir.so

LoadModule alias_module libexec/apache24/mod_alias.so

LoadModule php7_module        libexec/apache24/libphp7.so

LoadModule rewrite_module libexec/apache24/mod_rewrite.so

 

# Third party modules

IncludeOptional etc/apache24/modules.d/[0-9][0-9][0-9]_*.conf

User www

Group www

ServerAdmin you@example.com

ServerName 192.168.1.210

# Bareos WebUI Apache configuration file

#

# Environment Variable for Application Debugging

# Set to "development" to turn on debugging mode or

# "production" to turn off debugging mode.

<IfModule env_module>

        SetEnv "APPLICATION_ENV" "production"

</IfModule>

Alias /bareos-webui  /usr/local/www/bareos/public

<Directory /usr/local/www/bareos/public>

        Options FollowSymLinks

        AllowOverride None

        # Following module checks are only done to support

        # Apache 2.2,

        # Apache 2.4 with mod_access_compat and

        # Apache 2.4 without mod_access_compat

        # in the same configuration file.

        # Feel free to adapt it to your needs.

        # Apache 2.4

        <IfModule mod_authz_core.c>

                <IfModule mod_access_compat.c>

                    Order deny,allow

                </IfModule>

                Require all granted

        </IfModule>

        <IfModule mod_rewrite.c>

                RewriteEngine on

                RewriteBase /bareos-webui

                RewriteCond %{REQUEST_FILENAME} -s [OR]

                RewriteCond %{REQUEST_FILENAME} -l [OR]

                RewriteCond %{REQUEST_FILENAME} -d

                RewriteRule ^.*$ - [NC,L]

                RewriteRule ^.*$ index.php [NC,L]

        </IfModule>

        <IfModule mod_php5.c>

                php_flag magic_quotes_gpc off

                php_flag register_globals off

        </IfModule>

<IfModule dir_module>

    DirectoryIndex index.php

</IfModule>

</Directory>

<Files ".ht*">

    Require all denied

</Files>

#

# ErrorLog: The location of the error log file.

# If you do not specify an ErrorLog directive within a <VirtualHost>

# container, error messages relating to that virtual host will be

# logged here.  If you *do* define an error logfile for a <VirtualHost>

# container, that host's errors will be logged there and not here.

#

ErrorLog "/var/log/httpd-error.log"

#

# LogLevel: Control the number of messages logged to the error_log.

# Possible values include: debug, info, notice, warn, error, crit,

# alert, emerg.

#

LogLevel warn

<IfModule log_config_module>

    #

    # The following directives define some format nicknames for use with

    # a CustomLog directive (see below).

    #

    LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined

    LogFormat "%h %l %u %t \"%r\" %>s %b" common

    <IfModule logio_module>

      # You need to enable mod_logio.c to use %I and %O

      LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio

    </IfModule>

    #

    # The location and format of the access logfile (Common Logfile Format).

    # If you do not define any access logfiles within a <VirtualHost>

    # container, they will be logged here.  Contrariwise, if you *do*

    # define per-<VirtualHost> access logfiles, transactions will be

    # logged therein and *not* in this file.

    #

    CustomLog "/var/log/httpd-access.log" common

    #

    # If you prefer a logfile with access, agent, and referer information

    # (Combined Logfile Format) you can use the following directive.

    #

    #CustomLog "/var/log/httpd-access.log" combined

</IfModule>

<IfModule alias_module>

    #

    # Redirect: Allows you to tell clients about documents that used to

    # exist in your server's namespace, but do not anymore. The client

    # will make a new request for the document at its new location.

    # Example:

    # Redirect permanent /foo http://www.example.com/bar

    #

    # Alias: Maps web paths into filesystem paths and is used to

    # access content that does not live under the DocumentRoot.

    # Example:

    # Alias /webpath /full/filesystem/path

    #

    # If you include a trailing / on /webpath then the server will

    # require it to be present in the URL.  You will also likely

    # need to provide a <Directory> section to allow access to

    # the filesystem path.

    #

    # ScriptAlias: This controls which directories contain server scripts.

    # ScriptAliases are essentially the same as Aliases, except that

    # documents in the target directory are treated as applications and

    # run by the server when requested rather than as documents sent to the

    # client.  The same rules about trailing "/" apply to ScriptAlias

    # directives as to Alias.

    #

    ScriptAlias /cgi-bin/ "/usr/local/www/apache24/cgi-bin/"

</IfModule>

<IfModule cgid_module>

    #

    # ScriptSock: On threaded servers, designate the path to the UNIX

    # socket used to communicate with the CGI daemon of mod_cgid.

    #

    #Scriptsock cgisock

</IfModule>

#

# "/usr/local/www/apache24/cgi-bin" should be changed to whatever your ScriptAliased

# CGI directory exists, if you have that configured.

#

<Directory "/usr/local/www/apache24/cgi-bin">

    AllowOverride None

    Options None

    Require all granted

</Directory>

<IfModule headers_module>

    #

    # Avoid passing HTTP_PROXY environment to CGI's on this or any proxied

    # backend servers which have lingering "httpoxy" defects.

    # 'Proxy' request header is undefined by the IETF, not listed by IANA

    #

    RequestHeader unset Proxy early

</IfModule>

<IfModule mime_module>

    #

    # TypesConfig points to the file containing the list of mappings from

    # filename extension to MIME-type.

    #

    TypesConfig etc/apache24/mime.types

    #

    # AddType allows you to add to or override the MIME configuration

    # file specified in TypesConfig for specific file types.

    #

    #AddType application/x-gzip .tgz

    #

    # AddEncoding allows you to have certain browsers uncompress

    # information on the fly. Note: Not all browsers support this.

    #

    #AddEncoding x-compress .Z

    #AddEncoding x-gzip .gz .tgz

    #

    # If the AddEncoding directives above are commented-out, then you

    # probably should define those extensions to indicate media types:

    #

    AddType application/x-compress .Z

    AddType application/x-gzip .gz .tgz

    #

    # AddHandler allows you to map certain file extensions to "handlers":

    # actions unrelated to filetype. These can be either built into the server

    # or added with the Action directive (see below)

    #

    # To use CGI scripts outside of ScriptAliased directories:

    # (You will also need to add "ExecCGI" to the "Options" directive.)

    #

    #AddHandler cgi-script .cgi

    # For type maps (negotiated resources):

    #AddHandler type-map var

    #

    # Filters allow you to process content before it is sent to the client.

    #

    # To parse .shtml files for server-side includes (SSI):

    # (You will also need to add "Includes" to the "Options" directive.)

    #

    #AddType text/html .shtml

    #AddOutputFilter INCLUDES .shtml

</IfModule>

#

# The mod_mime_magic module allows the server to use various hints from the

# contents of the file itself to determine its type.  The MIMEMagicFile

# directive tells the module where the hint definitions are located.

#

#MIMEMagicFile etc/apache24/magic

#

# Customizable error responses come in three flavors:

# 1) plain text 2) local redirects 3) external redirects

#

# Some examples:

#ErrorDocument 500 "The server made a boo boo."

#ErrorDocument 404 /missing.html

#ErrorDocument 404 "/cgi-bin/missing_handler.pl"

#ErrorDocument 402 http://www.example.com/subscription_info.html

#

#

# MaxRanges: Maximum number of Ranges in a request before

# returning the entire resource, or one of the special

# values 'default', 'none' or 'unlimited'.

# Default setting is to accept 200 Ranges.

#MaxRanges unlimited

#

# EnableMMAP and EnableSendfile: On systems that support it,

# memory-mapping or the sendfile syscall may be used to deliver

# files.  This usually improves server performance, but must

# be turned off when serving from networked-mounted

# filesystems or if support for these functions is otherwise

# broken on your system.

# Defaults: EnableMMAP On, EnableSendfile Off

#

#EnableMMAP off

#EnableSendfile on

# Supplemental configuration

#

# The configuration files in the etc/apache24/extra/ directory can be

# included to add extra features or to modify the default configuration of

# the server, or you may simply copy their contents here and change as

# necessary.

# Server-pool management (MPM specific)

#Include etc/apache24/extra/httpd-mpm.conf

# Multi-language error messages

#Include etc/apache24/extra/httpd-multilang-errordoc.conf

# Fancy directory listings

#Include etc/apache24/extra/httpd-autoindex.conf

# Language settings

#Include etc/apache24/extra/httpd-languages.conf

# User home directories

#Include etc/apache24/extra/httpd-userdir.conf

# Real-time info on requests and configuration

#Include etc/apache24/extra/httpd-info.conf

# Virtual hosts

#Include etc/apache24/extra/httpd-vhosts.conf

# Local access to the Apache HTTP Server Manual

#Include etc/apache24/extra/httpd-manual.conf

# Distributed authoring and versioning (WebDAV)

#Include etc/apache24/extra/httpd-dav.conf

# Various default settings

#Include etc/apache24/extra/httpd-default.conf

# Configure mod_proxy_html to understand HTML4/XHTML1

<IfModule proxy_html_module>

Include etc/apache24/extra/proxy-html.conf

</IfModule>

# Secure (SSL/TLS) connections

#Include etc/apache24/extra/httpd-ssl.conf

#

# Note: The following must must be present to support

#       starting without SSL on platforms with no /dev/random equivalent

#       but a statically compiled-in mod_ssl.

#

<IfModule ssl_module>

SSLRandomSeed startup builtin

SSLRandomSeed connect builtin

</IfModule>

Include etc/apache24/Includes/*.conf

<FilesMatch "\.php$">

    SetHandler application/x-httpd-php

</FilesMatch>

<FilesMatch "\.phps$">

    SetHandler application/x-httpd-php-source

</FilesMatch>