1UPSD.CONF(5)                      NUT Manual                      UPSD.CONF(5)
2
3
4

NAME

6       upsd.conf - Configuration for Network UPS Tools upsd
7

DESCRIPTION

9       upsd uses this file to control access to the server and set some other
10       miscellaneous configuration values. This file contains details on
11       access controls, so keep it secure. Ideally, only the upsd process
12       should be able to read it.
13

CONFIGURATION DIRECTIVES

15       "MAXAGE seconds"
16           upsd usually allows a driver to stop responding for up to 15
17           seconds before declaring the data "stale". If your driver takes a
18           very long time to process updates but is otherwise operational, you
19           can use MAXAGE to make upsd wait longer.
20
21           Most users should leave this at the default value.
22
23       "TRACKINGDELAY seconds"
24           When instant commands and variables setting status tracking is
25           enabled, status execution information are kept during this amount
26           of time, and then cleaned up. This defaults to 3600 (1 hour).
27
28       "ALLOW_NO_DEVICE Boolean"
29           Normally upsd requires that at least one device section is defined
30           in ups.conf when the daemon starts, to serve its data. For
31           automatically managed services it may be preferred to have upsd
32           always running, and reload the configuration when power devices
33           become defined.
34
35           Boolean values true, yes, on and 1 mean that the server would not
36           refuse to start with zero device sections found in ups.conf.
37
38           Boolean values false, no, off and 0 mean that the server should
39           refuse to start if zero device sections were found in ups.conf.
40           This is the default, unless the calling environment sets a
41           same-named variable to enforce a value for the current run. One way
42           this can happen is somebody un-commenting it in the nut.conf file
43           used by init-scripts and service unit method scripts.
44
45       "STATEPATH path"
46           Tell upsd to look for the driver state sockets in path rather than
47           the default that was compiled into the program.
48
49       "LISTEN interface port"
50           Bind a listening port to the interface specified by its Internet
51           address or name. This may be useful on hosts with multiple
52           interfaces. You should not rely exclusively on this for security,
53           as it can be subverted on many systems.
54
55           Optionally listen on TCP port port instead of the default value
56           which was compiled into the code. This overrides any value you may
57           have set with configure --with-port. If you don’t change it with
58           configure or this value, upsd will listen on port 3493 for this
59           interface.
60
61           Multiple LISTEN addresses may be specified. The default is to bind
62           to 127.0.0.1 if no LISTEN addresses are specified (and ::1 if IPv6
63           support is compiled in).
64
65           To listen on all available interfaces, you may also use 0.0.0.0 for
66           IPv4 and and :: for IPv6.
67
68               LISTEN 127.0.0.1
69               LISTEN 192.168.50.1
70               LISTEN myhostname.mydomain
71               LISTEN ::1
72               LISTEN 2001:0db8:1234:08d3:1319:8a2e:0370:7344
73
74           This parameter will only be read at startup. You’ll need to restart
75           (rather than reload) upsd to apply any changes made here.
76
77       "MAXCONN connections"
78           This defaults to maximum number allowed on your system. Each UPS,
79           each LISTEN address and each client count as one connection. If the
80           server runs out of connections, it will no longer accept new
81           incoming client connections. Only set this if you know exactly what
82           you’re doing.
83
84       "CERTFILE certificate file"
85           When compiled with SSL support with OpenSSL backend, you can enter
86           the certificate file here. The certificates must be in PEM format
87           and must be sorted starting with the subject’s certificate (server
88           certificate), followed by intermediate CA certificates (if
89           applicable_ and the highest level (root) CA. It should end with the
90           server key. See docs/security.txt or the Security chapter of NUT
91           user manual for more information on the SSL support in NUT.
92
93       "CERTPATH certificate database"
94           When compiled with SSL support with NSS backend, you can enter the
95           certificate path here. Certificates are stored in a dedicated
96           database (data split in 3 files). Specify the path of the database
97           directory.
98
99       "CERTIDENT certificate name database password"
100           When compiled with SSL support with NSS backend, you can specify
101           the certificate name to retrieve from database to authenticate
102           itself and the password required to access certificate related
103           private key.
104
105       "CERTREQUEST certificate request level"
106           When compiled with SSL support with NSS backend and client
107           certificate validation (disabled by default, see
108           docs/security.txt), you can specify if upsd requests or requires
109           client’s' certificates. Possible values are :
110
111           •   0 to not request to clients to provide any certificate
112
113           •   1 to require to all clients a certificate
114
115           •   2 to require to all clients a valid certificate
116
117       "DISABLE_WEAK_SSL BOOLEAN"
118           Tell upsd to disable older/weak SSL/TLS protocols and ciphers. With
119           relatively recent versions of OpenSSL or NSS it will be restricted
120           to TLSv1.2 or better. Unless you have really ancient clients, you
121           probably want to enable this. Currently disabled by default to
122           ensure compatibility with existing setups.
123
124       "DEBUG_MIN INTEGER"
125           Optionally specify a minimum debug level for upsd data daemon, e.g.
126           for troubleshooting a deployment, without impacting foreground or
127           background running mode directly. Command-line option -D can only
128           increase this verbosity level.
129
130               Note
131               if the running daemon receives a reload command, presence of
132               the DEBUG_MIN NUMBER value in the configuration file can be
133               used to tune debugging verbosity in the running service daemon
134               (it is recommended to comment it away or set the minimum to
135               explicit zero when done, to avoid huge journals and I/O system
136               abuse). Keep in mind that for this run-time tuning, the
137               DEBUG_MIN value present in reloaded configuration files is
138               applied instantly and overrides any previously set value, from
139               file or CLI options, regardless of older logging level being
140               higher or lower than the newly found number; a missing (or
141               commented away) value however does not change the previously
142               active logging verbosity.
143

SEE ALSO

145       upsd(8), nutupsdrv(8), upsd.users(5)
146
147   Internet resources:
148       The NUT (Network UPS Tools) home page: http://www.networkupstools.org/
149
150
151
152Network UPS Tools 2.8.0           04/26/2022                      UPSD.CONF(5)