#LISTEN 127.0.0.1 3493 # Network UPS Tools: example upsd configuration file # # This file contains access control data, you should keep it secure. # # It should only be readable by the user that upsd becomes. See the FAQ. # # Each entry below provides usage and default value. # # For more information, refer to upsd.conf manual page. # ======================================================================= # MAXAGE # MAXAGE 15 # # This defaults to 15 seconds. After a UPS driver has stopped updating # the data for this many seconds, upsd marks it stale and stops making # that information available to clients. After all, the only thing worse # than no data is bad data. # # You should only use this if your driver has difficulties keeping # the data fresh within the normal 15 second interval. Watch the syslog # for notifications from upsd about staleness. # ======================================================================= # TRACKINGDELAY # TRACKINGDELAY 3600 # # This defaults to 1 hour. When instant commands and variables setting status # tracking is enabled, status execution information are kept during this # amount of time, and then cleaned up. # ======================================================================= # ALLOW_NO_DEVICE # ALLOW_NO_DEVICE true # # Normally upsd requires that at least one device section is defined in ups.conf # when the daemon starts, to serve its data. For automatically managed services # it may be preferred to have upsd always running, and reload the configuration # when power devices become defined. # # Boolean values 'true', 'yes', 'on' and '1' mean that the server would not # refuse to start with zero device sections found in ups.conf. # # Boolean values 'false', 'no', 'off' and '0' mean that the server should refuse # to start if zero device sections were found in ups.conf. This is the default. # ======================================================================= # STATEPATH # STATEPATH /var/run/nut # # Tell upsd to look for the driver state sockets in 'path' rather # than the default that was compiled into the program. # ======================================================================= # LISTEN [] # LISTEN 127.0.0.1 3493 # LISTEN ::1 3493 # LISTEN myhostname 83493 # LISTEN myhostname.mydomain # # With no LISTEN statement, the default is localhost and port 3493. # In case of IP v4 or v6 disabled kernel, only the available one will # be used. # Note that it is not true for Windows platforms. You shouldn't use IPv6 in # your configuration files unless you have IPv6 installed. # # As a special case, `LISTEN * ` (with an asterisk) will try # to listen on "ANY" IP address for both IPv6 (::0) and IPv4 (0.0.0.0), # subject to `upsd` command-line arguments, or system configuration. # Note that if the system supports IPv4-mapped IPv6 addressing per RFC-3493, # and does not allow to disable this mode, then there may be one listening # socket to handle both address families. # # One or more LISTEN statements give the IP address (or name that # resolves to such an address) for upsd to listen on, optionally with # a port number. # # As an example, a machine with a LAN and a WAN interface that also # functions as a router and firewall might be configured to listen # only on the LAN interface. # # This will only be read at startup of upsd. If you make changes here, # you'll need to restart upsd, as reload will have no effect. # # Please note that older NUT releases could have been using the IPv4-mapped # IPv6 addressing (sometimes also known as "dual-stack") mode, if provided # by the system. Current versions (since NUT v2.8.1 release) explicitly try # to restrict their listening sockets to only support one address family on # each socket, and so avoid IPv4-mapped mode where possible. # ======================================================================= # MAXCONN # MAXCONN 1024 # # This defaults to maximum number allowed on your system. Each UPS, each # LISTEN address and each client count as one connection. If the server # runs out of connections, it will no longer accept new incoming client # connections. Only set this if you know exactly what you're doing. # ======================================================================= # CERTFILE # CERTFILE /usr/local/ups/etc/upsd.pem # # When compiled with SSL support with OpenSSL backend, # you can enter the certificate file here. # The certificates must be in PEM format and must be sorted starting with # the subject's certificate (server certificate), followed by intermediate # CA certificates (if applicable_ and the highest level (root) CA. It should # end with the server key. See 'docs/security.txt' or the Security chapter of # NUT user manual for more information on the SSL support in NUT. # # See 'docs/security.txt' or the Security chapter of NUT user manual # for more information on the SSL support in NUT. # ======================================================================= # CERTPATH # CERTPATH /usr/local/ups/etc/cert/upsd # # When compiled with SSL support with NSS backend, # you can enter the certificate path here. # Certificates are stored in a dedicated database (split into 3 files). # Specify the path of the database directory. # # See 'docs/security.txt' or the Security chapter of NUT user manual # for more information on the SSL support in NUT. # ======================================================================= # CERTIDENT # CERTIDENT "my nut server" "MyPasSw0rD" # # When compiled with SSL support with NSS backend, # you can specify the certificate name to retrieve from database to # authenticate itself and the password # required to access certificate related private key. # # See 'docs/security.txt' or the Security chapter of NUT user manual # for more information on the SSL support in NUT. # ======================================================================= # CERTREQUEST # CERTREQUEST REQUIRE # # When compiled with SSL support with NSS backend and client certificate # validation (disabled by default, see 'docs/security.txt'), # you can specify if upsd requests or requires client's' certificates. # Possible values are : # - 0 to not request to clients to provide any certificate # - 1 to require to all clients a certificate # - 2 to require to all clients a valid certificate # # See 'docs/security.txt' or the Security chapter of NUT user manual # for more information on the SSL support in NUT. # ======================================================================= # DISABLE_WEAK_SSL # DISABLE_WEAK_SSL true # # Tell upsd to disable older/weak SSL/TLS protocols and ciphers. # # With relatively recent versions of OpenSSL or NSS it will be restricted # to TLSv1.2 or better. # # Unless you have really ancient clients, you probably want to enable this. # Currently disabled by default to ensure compatibility with existing setups. # ======================================================================= # DEBUG_MIN # DEBUG_MIN 2 # # Optionally specify a minimum debug level for `upsd` data daemon, e.g. for # troubleshooting a deployment, without impacting foreground or background # running mode directly, and without need to edit init-scripts or service # unit definitions. Note that command-line option `-D` can only increase # this verbosity level. # # NOTE: if the running daemon receives a `reload` command, presence of the # `DEBUG_MIN NUMBER` value in the configuration file can be used to tune # debugging verbosity in the running service daemon (it is recommended to # comment it away or set the minimum to explicit zero when done, to avoid # huge journals and I/O system abuse). Keep in mind that for this run-time # tuning, the `DEBUG_MIN` value *present* in *reloaded* configuration files # is applied instantly and overrides any previously set value, from file # or CLI options, regardless of older logging level being higher or lower # than the newly found number; a missing (or commented away) value however # does not change the previously active logging verbosity.