UPSD.CONF(5) NUT Manual UPSD.CONF(5)NAMEupsd.conf - Configuration for Network UPS Tools upsd
DESCRIPTION
upsd uses this file to control access to the server and set some other
miscellaneous configuration values. This file contains details on
access controls, so keep it secure. Ideally, only the upsd process
should be able to read it.
CONFIGURATION DIRECTIVES
"MAXAGE seconds"
upsd usually allows a driver to stop responding for up to 15
seconds before declaring the data "stale". If your driver takes a
very long time to process updates but is otherwise operational, you
can use MAXAGE to make upsd wait longer.
Most users should leave this at the default value.
"STATEPATH path"
Tell upsd to look for the driver state sockets in path rather than
the default that was compiled into the program.
"LISTEN interface port"
Bind a listening port to the interface specified by its Internet
address. This may be useful on hosts with multiple interfaces. You
should not rely exclusively on this for security, as it can be
subverted on many systems.
Listen on TCP port port instead of the default value which was
compiled into the code. This overrides any value you may have set
with configure --with-port. If you don’t change it with configure
or this value, upsd will listen on port 3493 for this interface.
Multiple LISTEN addresses may be specified. The default is to bind
to 127.0.0.1 if no LISTEN addresses are specified (and ::1 if IPv6
support is compiled in).
LISTEN 127.0.0.1
LISTEN 192.168.50.1
LISTEN ::1
LISTEN 2001:0db8:1234:08d3:1319:8a2e:0370:7344
This parameter will only be read at startup. You’ll need to restart
(rather than reload) upsd to apply any changes made here.
"MAXCONN connections"
This defaults to maximum number allowed on your system. Each UPS,
each LISTEN address and each client count as one connection. If the
server runs out of connections, it will no longer accept new
incoming client connections. Only set this if you know exactly what
you’re doing.
"CERTFILE certificate file"
When compiled with SSL support with OpenSSL backend, you can enter
the certificate file here. The certificates must be in PEM format
and must be sorted starting with the subject’s certificate (server
certificate), followed by intermediate CA certificates (if
applicable_ and the highest level (root) CA. It should end with the
server key. See docs/security.txt or the Security chapter of NUT
user manual for more information on the SSL support in NUT.
"CERTPATH certificate database"
When compiled with SSL support with NSS backend, you can enter the
certificate path here. Certificates are stored in a dedicated
database (splitted in 3 files). Specify the path of the database
directory.
"CERTIDENT certificate name database password"
When compiled with SSL support with NSS backend, you can specify
the certificate name to retrieve from database to authenticate
itself and the password required to access certificate related
private key.
"CERTREQUEST certificate request level"
When compiled with SSL support with NSS backend and client
certificate validation (disabled by default, see
docs/security.txt), you can specify if upsd requests or requires
client’s' certificates. Possible values are :
· 0 to not request to clients to provide any certificate
· 1 to require to all clients a certificate
· 2 to require to all clients a valid certificate
SEE ALSOupsd(8), nutupsdrv(8), upsd.users(5)INTERNET RESOURCES
The NUT (Network UPS Tools) home page: http://www.networkupstools.org/
Network UPS Tools 2.7.3 04/17/2015 UPSD.CONF(5)