Cole, I am also playing around in proxmox, and separately, with bacula windows FDs. This topic is interesting to me and obviously merits attention for anyone seeking to deploy bacula FDs on a broader basis in windows.
I hadn't previously dug into automated windows bacula FD installation, so last night I probed around a bit. I was unable to get the installer for the windows bacula 15.0.2 FD that is in my testing VM to print any installation options at the command prompt by appending /? or --help. I opened the installer in notepad++ to look for interesting strings indicating which installer they used (inno, etc), and didn't see anything. I opened the installer itself as an archive in 7zip and found that the files inside were organized in a much more user friendly way than I would usually expect for a windows installer. This indicates to me that the bacula community team may be using a relatively simple installation utility with few customization options, and likely no unattended installation features. On the upside, it does look like manually extracting the files from the installer for a manual installation using a script should be fairly straightforward. The configuration tasks, those I don't know how to do. I don't know what the bacula community team has used for an installer, but I suspect that it doesn't have unattended installation instructions. I googled this and found a bacula enterprise page discussing installation of bacula enterprise windows FDs. They discussed a tool called BIM (Bacula Installation Manager). This tool appears to provide a commandline wizard for configuring a windows bacula FD. It is possible that this BIM tool could be scripted for automated installation, but I'm not sure if this is possible, and because the tool is discussed on the bacula enterprise side of things, it may not function with bacula community. For an automated installation, I believe the largest challenge lies in getting the director password into the bacula-fd.conf file, and in automatically extracting the auto-generated FD password from the same file. While is comparatively easy to insert a director password into an automated installation process (one to many), it is much harder to extract many FD passwords and report them to a central host (many to one). Workarounds like rolling out a default bacula-fd.conf file with a standard bacula FD password pose a security risk because all FD clients at that enterprise would have the same password, and theoretically an attacker could use credentials harvested from one FD to exfiltrate data from all other FDs. The bacula FD may also use a custom-generated encryption keys or certifications, so if this is the case any keys or certs should also be re-generated so as to be unique on each FD. Throughout this process I saw several mentions that there are many ways to install the bacula windows FD, and that the installer is the simplest. I think that one possible way forward for an unattended installation could be to script a manual installation process. Alternatively, if an organization uses a base system image, the bacula FD could be installed into the system image, with an image customization script replacing the default FD password in the bacula-fd.conf file with a randomly generated password, and re-generating any encryption certs / keys, as appropriate. The system image customization script could also handle reporting the generating FD password back to a central host, solving that problem. Proxmox does have VM templating features. I also think that an autohotkey script could be useful for automating the clicks needed to operate the bacula FD installer. In that case we could write an AHK script that successfully walks through the clicks and keypresses required to perform the installation automatically, then compile that script into a standalone executable that could do the job without the need to install AHK on each system. I have written simple AHK scripts before, but haven't compiled them into standalone executable form. I'm not sure how AHK could report an FD password back to a central host, though I imagine it should be possible. Maybe the installation process would launch the AHK script and the bacula installer, finish the installation process, and then send a copy of the bacula-fd.conf file up to a server somewhere for later processing? Hopefully someone else here has better ideas than what I have proposed. Regards, Robert Gerber 402-237-8692 r...@craeon.net On Tue, Mar 25, 2025 at 10:13 PM Cole Graham <colegraham...@gmail.com> wrote: > Good afternoon, > > I have been attempting to automate the Windows executable for the file > daemon. The version of Bacula I'm using are the Windows Binaries executable > of version 15, and I'm attempting this on Windows 11. > > Whenever I attempt to write a powershell script or .bat file to automate > the file daemon installation, I am met with an empty shell of bacula being > installed (just two empty folders, the license file and the uninstall > executable). > > This is kind of a last ditch effort from me praying for a solution. On my > test proxmox server I got every component of bacula working for testing, > however automating the file daemon process will be critical in my > situation, so being unable to is quite difficult. > > To anyone reading (if anyone), I appreciate your consideration and time. > Any assistance would be greatly appreciated. > > Thank you > _______________________________________________ > Bacula-users mailing list > Bacula-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/bacula-users >
_______________________________________________ Bacula-users mailing list Bacula-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bacula-users
