# Network UPS Tools: example upsd configuration file # # This file contains access control data, you should keep it secure. # # It should only be readable by the user that upsd becomes. See the FAQ. # # Each entry below provides usage and default value. # # For more information, refer to upsd.conf manual page. # ======================================================================= # MAXAGE # MAXAGE 15 # # This defaults to 15 seconds. After a UPS driver has stopped updating # the data for this many seconds, upsd marks it stale and stops making # that information available to clients. After all, the only thing worse # than no data is bad data. # # You should only use this if your driver has difficulties keeping # the data fresh within the normal 15 second interval. Watch the syslog # for notifications from upsd about staleness. # ======================================================================= # TRACKINGDELAY # TRACKINGDELAY 3600 # # This defaults to 1 hour. When instant commands and variables setting status # tracking is enabled, status execution information are kept during this # amount of time, and then cleaned up. # ======================================================================= # ALLOW_NO_DEVICE # ALLOW_NO_DEVICE true # # Normally upsd requires that at least one device section is defined in ups.conf # when the daemon starts, to serve its data. For automatically managed services # it may be preferred to have upsd always running, and reload the configuration # when power devices become defined. # # Boolean values 'true', 'yes', 'on' and '1' mean that the server would not # refuse to start with zero device sections found in ups.conf. # # Boolean values 'false', 'no', 'off' and '0' mean that the server should refuse # to start if zero device sections were found in ups.conf. This is the default. # ======================================================================= # STATEPATH # STATEPATH /var/run/nut # # Tell upsd to look for the driver state sockets in 'path' rather # than the default that was compiled into the program. # ======================================================================= # LISTEN [] # LISTEN 127.0.0.1 3493 # LISTEN ::1 3493 # LISTEN myhostname 83493 # LISTEN myhostname.mydomain # # This defaults to the localhost listening addresses and port 3493. # In case of IP v4 or v6 disabled kernel, only the available one will be used. # # You may specify each interface IP address or name that you want upsd to # listen on for connections, optionally with a port number. # # You may need this if you have multiple interfaces on your machine and # you don't want upsd to listen to all interfaces (for instance on a # firewall, you may not want to listen to the external interface). # # This will only be read at startup of upsd. If you make changes here, # you'll need to restart upsd, reload will have no effect. # ======================================================================= # MAXCONN # MAXCONN 1024 # # This defaults to maximum number allowed on your system. Each UPS, each # LISTEN address and each client count as one connection. If the server # runs out of connections, it will no longer accept new incoming client # connections. Only set this if you know exactly what you're doing. # ======================================================================= # CERTFILE # CERTFILE /usr/local/ups/etc/upsd.pem # # When compiled with SSL support with OpenSSL backend, # you can enter the certificate file here. # The certificates must be in PEM format and must be sorted starting with # the subject's certificate (server certificate), followed by intermediate # CA certificates (if applicable_ and the highest level (root) CA. It should # end with the server key. See 'docs/security.txt' or the Security chapter of # NUT user manual for more information on the SSL support in NUT. # # See 'docs/security.txt' or the Security chapter of NUT user manual # for more information on the SSL support in NUT. # ======================================================================= # CERTPATH # CERTPATH /usr/local/ups/etc/cert/upsd # # When compiled with SSL support with NSS backend, # you can enter the certificate path here. # Certificates are stored in a dedicated database (split into 3 files). # Specify the path of the database directory. # # See 'docs/security.txt' or the Security chapter of NUT user manual # for more information on the SSL support in NUT. # ======================================================================= # CERTIDENT # CERTIDENT "my nut server" "MyPasSw0rD" # # When compiled with SSL support with NSS backend, # you can specify the certificate name to retrieve from database to # authenticate itself and the password # required to access certificate related private key. # # See 'docs/security.txt' or the Security chapter of NUT user manual # for more information on the SSL support in NUT. # ======================================================================= # CERTREQUEST # CERTREQUEST REQUIRE # # When compiled with SSL support with NSS backend and client certificate # validation (disabled by default, see 'docs/security.txt'), # you can specify if upsd requests or requires client's' certificates. # Possible values are : # - 0 to not request to clients to provide any certificate # - 1 to require to all clients a certificate # - 2 to require to all clients a valid certificate # # See 'docs/security.txt' or the Security chapter of NUT user manual # for more information on the SSL support in NUT. # ======================================================================= # DISABLE_WEAK_SSL # DISABLE_WEAK_SSL true # # Tell upsd to disable older/weak SSL/TLS protocols and ciphers. # # With relatively recent versions of OpenSSL or NSS it will be restricted # to TLSv1.2 or better. # # Unless you have really ancient clients, you probably want to enable this. # Currently disabled by default to ensure compatibility with existing setups. # ======================================================================= # DEBUG_MIN # DEBUG_MIN 2 # # Optionally specify a minimum debug level for `upsd` data daemon, e.g. for # troubleshooting a deployment, without impacting foreground or background # running mode directly, and without need to edit init-scripts or service # unit definitions. Note that command-line option `-D` can only increase # this verbosity level. # # NOTE: if the running daemon receives a `reload` command, presence of the # `DEBUG_MIN NUMBER` value in the configuration file can be used to tune # debugging verbosity in the running service daemon (it is recommended to # comment it away or set the minimum to explicit zero when done, to avoid # huge journals and I/O system abuse). Keep in mind that for this run-time # tuning, the `DEBUG_MIN` value *present* in *reloaded* configuration files # is applied instantly and overrides any previously set value, from file # or CLI options, regardless of older logging level being higher or lower # than the newly found number; a missing (or commented away) value however # does not change the previously active logging verbosity.