safekeep.conf(5)

1SAFEKEEP.CONF(5)         SafeKeep Server Configuration        SAFEKEEP.CONF(5)
2
3
4

NAME

6       safekeep.conf - Configuration file for 'safekeep(1)'
7

SYNOPSIS

9       This file resides in /etc/safekeep/, or optionally in ~/.safekeep/ for
10       non-root users, from where it will be automatically picked up by
11       safekeep(1).
12

DESCRIPTION

14       This configuration file holds safekeep global settings. The format of
15       the file is a simple key-value pair similar to Java properties files:
16       lines starting with # are ignored as comments, keys are separated from
17       values by =, and leading and trailing spaces are ignored.
18

PARAMETERS

20       backup.user
21           The Unix user under which the server will run. If not specified,
22           safekeep will just run under the current user.
23
24       base.dir
25           The base directory for date repository relative paths. If not
26           specified, it defaults to the home directory of the backup user.
27
28       client.user
29           The default Unix user which will be used on the client. This can be
30           overridden on a host by host basis in the .backup file. If not
31           specified, it defaults to root.
32
33       email.format
34           If specified generate multipart MIME email messages. If not
35           specified then a non-MIME message is created. The format options
36           are text or html to generate parts of that type. NB: The log of
37           safekeep is always sent as text.
38
39       email.from
40           The email address to be used as sender when sending the logs. If
41           not specified safekeep will use SafeKeep@<hostname fqdn>.
42
43       email.to
44           In addition to writing the session logs on the standard output,
45           safekeep can also send the logs via email to a number of
46           recipients. This comma-separated list of emails designates the
47           recipients of the logs. If not specified, safekeep will not attempt
48           to email the logs.
49
50       email.smtp.port
51           Specifies the port to use to connect to the SMTP server. If not
52           specified, safekeep will use the system default value, normally
53           port 25/tcp.
54
55       email.smtp.server
56           Specifies the SMTP server used for sending mails if the email.to
57           specifies any recipients. If not specified, safekeep will just use
58           /usr/sbin/sendmail to deliver the mail.
59
60       email.summary
61           Generate a summary part at the start of the email. Possible options
62           are true, yes or 1. Anything elses as taken as false. NB: This
63           requires email.format set and currently only used for server and
64           list run types.
65
66       nice.adjustment
67           The default nice level adjustment for safekeep. It specifies an
68           integer to be added to the current nice level. Nicenesses range
69           from -20 (most favorable scheduling) to 19 (least favorable). To
70           disable nice, set this value to 0. If no nice level is specified,
71           safekeep is niced at +10.
72
73       nice.adjustment.server
74           The nice level adjustment for safekeep, used on the server side. It
75           overrides the generic setting in nice.adjustment.
76
77       nice.adjustment.client
78           The default nice adjustment for the client. This settings is
79           normally not all that important, as most of the load is on the
80           server side. You can also set the remove nice level on a per-client
81           basis in the .backup file (see /backup/host/@nice). NB: if you
82           change this value, you will have to re-deploy the auth keys.
83
84       ionice.adjustment
85           The default IO nice level adjustment for safekeep. It can be either
86           none, idle, or an integer between 0-7 (with 0 being higher
87           priority). See ionice(1) for more information. This is currently
88           being used only on the server side, where IO load tends to be a
89           problem. NB: this depends on the availability of ionice(1) on the
90           system where the server is running. If ionice cannot be found, this
91           setting is ignored. If no level is specified, it defaults to idle.
92
93       bandwidth.overall
94           This is the default bandwidth limit for both upload and download
95           for all the clients. It is an integer number of KB/s (see NOTES
96           section for more information). This value is optional.
97
98       bandwidth.download
99           This is the default bandwidth limit for download across all
100           clients. If specified (with a value greater than 0) it will
101           override the value set in bandwidth.overall (refer to it for more
102           informatio). This value is optional.
103
104       bandwidth.upload
105           This is the default bandwidth limit for upload across all clients.
106           If specified (with a value greater than 0) it will override the
107           value set in bandwidth.overall (refer to it for more information).
108           This value is optional.
109
110       snapshot.size
111           This is the default size to be used for any snapshots without a
112           size value specified. It is passed to lvcreate(8) (LVM2), including
113           the specification of a percentage (%). If not otherwise specified,
114           the percentage is based on unallocated space (i.e. LVM2 %FREE),
115           which is different to the interpretation within the <snapshot>
116           option. This value is optional, it defaults to 20%FREE.
117
118       ssh.keygen.type
119           The SSH private key type to generate when safekeep --keys is used.
120           This is passed to ssh-keygen(1) and not all valid types may be
121           accepted on all systems. Only SSH protocol version 2 keys are
122           accepted. This value is optional, it defaults to rsa.
123
124       ssh.keygen.bits
125           Specifies the number of bits in the SSH private key to create. This
126           is passed to ssh-keygen(1) and only certain sizes are accepted,
127           depending of the key type. If no value is required, e.g. for ecdsa
128           key type, give this option with no corresponding bit size. This
129           value is optional, it defaults to 4096.
130
131       ssh.strict_hostkey_checking
132           Specifies if StrictHostKeyChecking should be performed by the ssh
133           client when connecting to the remote host. This value is optional,
134           it defaults to ask. Set to yes if you sign host keys with a CA key
135           or manage host keys by other means (FreeIPA/sssd, Ansible,,,).
136           Setting this to no is a bit unsafe as new hosts are automatically
137           added to known_hosts without any validation.
138

NOTES

140       Safekeep uses trickle to implement bandwidth throttling (see
141       http://monkey.org/~marius/pages/?page=trickle for more information).
142       You will need to install it separately to use this feature (most Linux
143       distributions have it packaged as trickle).
144
145       The bandwidth is calculated as an average over a 256KB window, and it
146       is expressed as an integer number of kilo-bytes per second (e.g. 100,
147       meaning 100KB/s). Bandwidth limits of zero are ignored.
148
149       The bandwidth throtlling can be customized for both download and upload
150       (see bandwidth.download and bandwidth.upload) as well as on a
151       per-client basis (see safekeep.backup(5) for more information).
152

FILES

154           /etc/safekeep/safekeep.conf
155           ~/.safekeep/safekeep.conf
156

AUTHOR

162       This man page was originally written by Dimi Paun
163       <dimi@lattica.com[1]>.
164

NOTES

166        1. dimi@lattica.com
167           mailto:dimi@lattica.com
168
169
170
171safekeep                          02/23/2019                  SAFEKEEP.CONF(5)