1SAFEKEEP.CONF(5) SafeKeep Server Configuration SAFEKEEP.CONF(5)
2
3
4
6 safekeep.conf - Configuration file for 'safekeep(1)'
7
9 This file resides in /etc/safekeep/, or optionally in ~/.safekeep/ for
10 non-root users, from where it will be automatically picked up by
11 safekeep(1).
12
14 This configuration file holds safekeep global settings. The format of
15 the file is a simple key-value pair similar to Java properties files:
16 lines starting with # are ignored as comments, keys are separated from
17 values by =, and leading and trailing spaces are ignored.
18
20 backup.user
21 The Unix user under which the server will run. If not specified,
22 safekeep will just run under the current user.
23
24 backup.tempdir
25 Specifes a TEMPDIR for use with ‘rdiff-backup’. This can be
26 overridden by a commandline argument to ‘safekeep’.
27
28 base.dir
29 The base directory for date repository relative paths. If not
30 specified, it defaults to the home directory of the backup user.
31
32 client.user
33 The default Unix user which will be used on the client. This can be
34 overridden on a host by host basis in the .backup file. If not
35 specified, it defaults to root.
36
37 email.format
38 If specified generate multipart MIME email messages. If not
39 specified then a non-MIME message is created. The format options
40 are text or html to generate parts of that type. NB: The log of
41 safekeep is always sent as text.
42
43 email.from
44 The email address to be used as sender when sending the logs. If
45 not specified safekeep will use SafeKeep@<hostname fqdn>.
46
47 email.to
48 In addition to writing the session logs on the standard output,
49 safekeep can also send the logs via email to a number of
50 recipients. This comma-separated list of emails designates the
51 recipients of the logs. If not specified, safekeep will not attempt
52 to email the logs.
53
54 email.smtp.port
55 Specifies the port to use to connect to the SMTP server. If not
56 specified, safekeep will use the system default value, normally
57 port 25/tcp.
58
59 email.smtp.server
60 Specifies the SMTP server used for sending mails if the email.to
61 specifies any recipients. If not specified, safekeep will just use
62 /usr/sbin/sendmail to deliver the mail.
63
64 email.summary
65 Generate a summary part at the start of the email. Possible options
66 are true, yes or 1. Anything elses as taken as false. NB: This
67 requires email.format set and currently only used for server and
68 list run types.
69
70 nice.adjustment
71 The default nice level adjustment for safekeep. It specifies an
72 integer to be added to the current nice level. Nicenesses range
73 from -20 (most favorable scheduling) to 19 (least favorable). To
74 disable nice, set this value to 0. If no nice level is specified,
75 safekeep is niced at +10.
76
77 nice.adjustment.server
78 The nice level adjustment for safekeep, used on the server side. It
79 overrides the generic setting in nice.adjustment.
80
81 nice.adjustment.client
82 The default nice adjustment for the client. This settings is
83 normally not all that important, as most of the load is on the
84 server side. You can also set the remove nice level on a per-client
85 basis in the .backup file (see /backup/host/@nice). NB: if you
86 change this value, you will have to re-deploy the auth keys.
87
88 ionice.adjustment
89 The default IO nice level adjustment for safekeep. It can be either
90 none, idle, or an integer between 0-7 (with 0 being higher
91 priority). See ionice(1) for more information. This is currently
92 being used only on the server side, where IO load tends to be a
93 problem. NB: this depends on the availability of ionice(1) on the
94 system where the server is running. If ionice cannot be found, this
95 setting is ignored. If no level is specified, it defaults to idle.
96
97 bandwidth.overall
98 This is the default bandwidth limit for both upload and download
99 for all the clients. It is an integer number of KB/s (see NOTES
100 section for more information). This value is optional.
101
102 bandwidth.download
103 This is the default bandwidth limit for download across all
104 clients. If specified (with a value greater than 0) it will
105 override the value set in bandwidth.overall (refer to it for more
106 informatio). This value is optional.
107
108 bandwidth.upload
109 This is the default bandwidth limit for upload across all clients.
110 If specified (with a value greater than 0) it will override the
111 value set in bandwidth.overall (refer to it for more information).
112 This value is optional.
113
114 snapshot.size
115 This is the default size to be used for any snapshots without a
116 size value specified. It is passed to lvcreate(8) (LVM2), including
117 the specification of a percentage (%). If not otherwise specified,
118 the percentage is based on unallocated space (i.e. LVM2 %FREE),
119 which is different to the interpretation within the <snapshot>
120 option. This value is optional, it defaults to 20%FREE.
121
122 ssh.keygen.type
123 The SSH private key type to generate when safekeep --keys is used.
124 This is passed to ssh-keygen(1) and not all valid types may be
125 accepted on all systems. Only SSH protocol version 2 keys are
126 accepted. This value is optional, it defaults to rsa.
127
128 ssh.keygen.bits
129 Specifies the number of bits in the SSH private key to create. This
130 is passed to ssh-keygen(1) and only certain sizes are accepted,
131 depending of the key type. If no value is required, e.g. for ecdsa
132 key type, give this option with no corresponding bit size. This
133 value is optional, it defaults to 4096.
134
135 ssh.strict_hostkey_checking
136 Specifies if StrictHostKeyChecking should be performed by the ssh
137 client when connecting to the remote host. This value is optional,
138 it defaults to ask. Set to yes if you sign host keys with a CA key
139 or manage host keys by other means (FreeIPA/sssd, Ansible,,,).
140 Setting this to no is a bit unsafe as new hosts are automatically
141 added to known_hosts without any validation.
142
144 Safekeep uses trickle to implement bandwidth throttling (see
145 http://monkey.org/~marius/pages/?page=trickle for more information).
146 You will need to install it separately to use this feature (most Linux
147 distributions have it packaged as trickle).
148
149 The bandwidth is calculated as an average over a 256KB window, and it
150 is expressed as an integer number of kilo-bytes per second (e.g. 100,
151 meaning 100KB/s). Bandwidth limits of zero are ignored.
152
153 The bandwidth throtlling can be customized for both download and upload
154 (see bandwidth.download and bandwidth.upload) as well as on a
155 per-client basis (see safekeep.backup(5) for more information).
156
158 /etc/safekeep/safekeep.conf
159 ~/.safekeep/safekeep.conf
160
162 safekeep(1), safekeep.backup(5), rdiff-backup(1), trickle(1),
163 lvcreate(8), ssh-keygen(1)
164
166 This man page was originally written by Dimi Paun
167 <dimi@lattica.com[1]>.
168
170 1. dimi@lattica.com
171 mailto:dimi@lattica.com
172
173
174
175safekeep 07/23/2021 SAFEKEEP.CONF(5)