maybe chmod 0644 'avahi/avahi-daemon.conf'
maybe chmod 0644 'avahi/hosts'
maybe chmod 0755 'avahi/services'
+maybe chmod 0644 'avahi/services/nut.service'
maybe chmod 0644 'avahi/services/udisks.service'
maybe chmod 0644 'avrdude.conf'
maybe chmod 0644 'avserver.conf'
maybe chmod 0755 'init.d/nfs-kernel-server'
maybe chmod 0755 'init.d/nmbd'
maybe chmod 0755 'init.d/ntp'
+maybe chmod 0755 'init.d/nut-client'
+maybe chmod 0755 'init.d/nut-server'
maybe chmod 0755 'init.d/ondemand'
maybe chmod 0755 'init.d/openbsd-inetd'
maybe chmod 0755 'init.d/openvpn'
maybe chmod 0644 'letsencrypt/csr/3837_csr-certbot.pem'
maybe chmod 0644 'letsencrypt/csr/3838_csr-certbot.pem'
maybe chmod 0644 'letsencrypt/csr/3839_csr-certbot.pem'
+maybe chmod 0644 'letsencrypt/csr/3840_csr-certbot.pem'
maybe chmod 0700 'letsencrypt/keys'
maybe chmod 0600 'letsencrypt/keys/0000_key-certbot.pem'
maybe chmod 0600 'letsencrypt/keys/0001_key-certbot.pem'
maybe chmod 0600 'letsencrypt/keys/3838_key-certbot.pem'
maybe chmod 0600 'letsencrypt/keys/3839_key-certbot.pem'
maybe chmod 0600 'letsencrypt/keys/3840_key-certbot.pem'
+maybe chmod 0600 'letsencrypt/keys/3841_key-certbot.pem'
maybe chmod 0755 'letsencrypt/live'
maybe chmod 0755 'letsencrypt/live/ccu.hoellein.online'
maybe chmod 0644 'letsencrypt/live/ccu.hoellein.online/README'
maybe chmod 0644 'nginx/snippets/loolwsd.conf'
maybe chmod 0644 'nsswitch.conf'
maybe chmod 0644 'ntp.conf'
+maybe chgrp 'nut' 'nut'
+maybe chmod 0755 'nut'
+maybe chgrp 'nut' 'nut/nut.conf'
+maybe chmod 0640 'nut/nut.conf'
+maybe chgrp 'nut' 'nut/ups.conf'
+maybe chmod 0640 'nut/ups.conf'
+maybe chgrp 'nut' 'nut/upsd.conf'
+maybe chmod 0640 'nut/upsd.conf'
+maybe chgrp 'nut' 'nut/upsd.users'
+maybe chmod 0640 'nut/upsd.users'
+maybe chgrp 'nut' 'nut/upsmon.conf'
+maybe chmod 0640 'nut/upsmon.conf'
+maybe chgrp 'nut' 'nut/upssched.conf'
+maybe chmod 0640 'nut/upssched.conf'
maybe chmod 0755 'nxagent'
maybe chmod 0644 'nxagent/keystrokes.cfg'
maybe chmod 0644 'nxagent/nxagent.keyboard'
--- /dev/null
+<?xml version="1.0" standalone='no'?><!--*-nxml-*-->
+<!DOCTYPE service-group SYSTEM "avahi-service.dtd">
+
+<!--
+ This file is part of NUT - Network UPS Tools
+
+ NUT is free software; you can redistribute it and/or modify it
+ under the terms of the GNU Lesser General Public License as
+ published by the Free Software Foundation; either version 2 of the
+ License, or (at your option) any later version.
+
+ NUT is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with NUT; if not, write to the Free Software
+ Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
+ 02111-1307 USA.
+-->
+
+<!-- See avahi.service(5) for more information about this configuration file -->
+
+<service-group>
+
+ <name replace-wildcards="yes">%h</name>
+
+ <service>
+ <type>_nut._tcp</type>
+ <port>3493</port>
+ </service>
+
+</service-group>
man:x:12:
proxy:x:13:
kmem:x:15:
-dialout:x:20:asterisk,alexa
+dialout:x:20:asterisk,alexa,nut
fax:x:21:
voice:x:22:
cdrom:x:24:mhoellein
cool:x:137:
sambauser:x:997:
borg:x:5006:
+nut:x:159:
Debian-snmp:x:121:
cool:x:137:
sambauser:x:997:
+borg:x:5006:
+nut:x:159:
man:*::
proxy:*::
kmem:*::
-dialout:*::asterisk,alexa
+dialout:*::asterisk,alexa,nut
fax:*::
voice:*::
cdrom:*::mhoellein
cool:!::
sambauser:!::
borg:!::
+nut:!::
Debian-snmp:!::
cool:!::
sambauser:!::
+borg:!::
+nut:!::
--- /dev/null
+#! /bin/sh
+### BEGIN INIT INFO
+# Provides: nut-client upsmon ups-monitor
+# Required-Start: $local_fs $syslog $network $remote_fs
+# Required-Stop: $local_fs $syslog $network $remote_fs
+# Should-Start: nut-server
+# Should-Stop:
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: Network UPS Tools monitor initscript
+# Description: This script take care of starting and stopping the
+# Network UPS Tools monitoring component (upsmon).
+### END INIT INFO
+
+# Author: Arnaud Quette <aquette@debian.org>
+
+PATH=/sbin:/usr/sbin:/bin:/usr/bin:/usr/local/sbin:/usr/local/bin
+
+NAME=nut-client
+DESC="NUT - power device monitor and shutdown controller"
+CONFIG=/etc/nut/nut.conf
+pid_dir=/var/run/nut
+upsmon_pid=${pid_dir}/upsmon.pid
+upsmon=/sbin/upsmon
+log=">/dev/null 2>/dev/null"
+
+# Define LSB log_* functions.
+# Depend on lsb-base (>= 3.0-6) to ensure that this file is present.
+. /lib/lsb/init-functions
+
+# set upsmon specific options. use "man upsmon" for more info
+# this parameter is now located in nut.conf, and not in /etc/default/nut anymore
+# FIXME: retrieved from 'nut' script during update
+UPSMON_OPTIONS=""
+
+# Exit if the package is not installed
+[ -x "$upsmon" ] || exit 0
+
+# Include NUT nut.conf
+[ -r $CONFIG ] && . $CONFIG
+
+# FIXME: put all common bits, between nut-client and nut-server,
+# into a common nut-function
+
+# Explicitly require the configuration to be done in /etc/nut/nut.conf
+if [ "x$MODE" = "xnone" -o -z "$MODE" ] ; then
+ log_action_msg "$NAME disabled, please adjust the configuration to your needs"
+ log_action_msg "Then set MODE to a suitable value in $CONFIG to enable it"
+ # exit success to avoid breaking the install process!
+ exit 0
+fi
+
+# Check if /var/run/nut exists and has the correct perms
+check_var_directory() {
+ [ ! -d ${pid_dir} ] && mkdir -p ${pid_dir} \
+ && chown root:nut ${pid_dir} \
+ && chmod 770 ${pid_dir} \
+ && [ -x /sbin/restorecon ] && /sbin/restorecon ${pid_dir}
+}
+
+# check if the right components are running
+check_status() {
+ case "$MODE" in
+ standalone|netserver|netclient)
+ status_of_proc -p $upsmon_pid $upsmon upsmon
+ ;;
+ none|*)
+ ;;
+ esac
+}
+
+start_stop_client () {
+ case "$MODE" in
+ standalone|netserver|netclient)
+ # FIXME: for standalone|netserver, ensure 'nut-server status' returns ?
+ case "$1" in
+ start)
+ start-stop-daemon -S -q -p $upsmon_pid -x $upsmon \
+ -- $UPSMON_OPTIONS >/dev/null 2>&1 && return 0 || return 1
+ ;;
+ stop)
+ start-stop-daemon -K -o -q -p $upsmon_pid -n upsmon >/dev/null 2>&1 \
+ && return 0 || return 1
+ ;;
+ esac
+ ;;
+ none|*)
+ return 1
+ ;;
+ esac
+}
+
+case "$1" in
+
+ start)
+ log_daemon_msg "Starting $DESC" "$NAME"
+ check_var_directory
+ start_stop_client start
+ log_end_msg $?
+ ;;
+
+ stop)
+ log_daemon_msg "Stopping $DESC" "$NAME"
+ start_stop_client stop
+ log_end_msg $?
+ ;;
+
+ reload)
+ log_daemon_msg "Reloading $DESC" "$NAME"
+ $upsmon -c reload >/dev/null 2>&1
+ log_end_msg $?
+ ;;
+
+ restart|force-reload)
+ # FIXME: lack consistency, due to initscript split.
+ # This only addresses partial reload.
+ # Full reload requires to:
+ # - stop nut-client
+ # - restart (Ie stop+start) nut-server
+ # - start nut-client
+ log_daemon_msg "Restarting $DESC" "$NAME"
+ start_stop_client stop || true
+ # should then 'start_stop_server stop', Ie /etc/init.d/nut-server stop
+ #sleep 5
+ check_var_directory
+ # should first 'start_stop_server start', Ie /etc/init.d/nut-server start
+ start_stop_client start
+ log_end_msg $?
+ ;;
+
+ status)
+ #log_daemon_msg "Checking status of $DESC"
+ echo "Checking status of $DESC"
+ check_status
+ exit $?
+ ;;
+
+ poweroff)
+ case "$MODE" in
+ standalone|netserver)
+ # Sanity check
+ flag=`sed -ne 's#^ *POWERDOWNFLAG *\(.*\)$#\1#p' /etc/nut/upsmon.conf`
+ if [ -z "$flag" ] ; then
+ log_action_msg "##########################################################"
+ log_action_msg "## POWERDOWNFLAG is not defined in /etc/nut/upsmon.conf ##"
+ log_action_msg "## ##"
+ log_action_msg "## Please read the Manual page upsmon.conf(5) ##"
+ log_action_msg "##########################################################"
+ exit 1
+ fi
+
+ # Defer to nut-server to actually poweroff the UPS, if needed
+ # (the need is tested here though!)
+ if $upsmon -K >/dev/null 2>&1 ; then
+ log_daemon_msg "UPS poweroff required..."
+ log_end_msg 0
+ if [ -x /etc/init.d/nut-server ] ; then
+ exec /etc/init.d/nut-server poweroff
+ else
+ log_action_msg "Failure: /etc/init.d/nut-server script missing"
+ fi
+ else
+ log_action_msg "Power down flag is not set (UPS poweroff not needed)"
+ fi
+ ;;
+ none|netclient|*)
+ # nothing to do
+ log_action_msg "'$MODE' configuration does not require UPS poweroff"
+ ;;
+ esac
+ ;;
+
+ *)
+ N=/etc/init.d/$NAME
+ echo "Usage: $N {start|stop|reload|restart|force-reload|status|poweroff}" >&2
+ exit 1
+ ;;
+esac
+
+exit 0
--- /dev/null
+#! /bin/sh
+### BEGIN INIT INFO
+# Provides: nut-server upsd
+# Required-Start: $local_fs $syslog $network $remote_fs udev
+# Required-Stop: $local_fs $syslog $network $remote_fs udev
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: Network UPS Tools initscript
+# Description: This script take care of starting and stopping the
+# Network UPS Tools components. When needed, it also
+# handle the UPS hardware shutdown.
+### END INIT INFO
+
+# Author: Arnaud Quette <aquette@debian.org>
+
+PATH=/sbin:/usr/sbin:/bin:/usr/bin:/usr/local/sbin:/usr/local/bin
+
+NAME=nut-server
+DESC="NUT - power devices information server and drivers"
+CONFIG=/etc/nut/nut.conf
+pid_dir=/var/run/nut
+upsd_pid=${pid_dir}/upsd.pid
+upsd=/sbin/upsd
+upsdrvctl=/sbin/upsdrvctl
+log=">/dev/null 2>/dev/null"
+
+# Define LSB log_* functions.
+# Depend on lsb-base (>= 3.0-6) to ensure that this file is present.
+. /lib/lsb/init-functions
+
+# set upsd specific options. use "man upsd" for more info
+# this parameter is now located in nut.conf, and not in /etc/default/nut anymore
+# FIXME: retrieved from 'nut' script during update
+UPSD_OPTIONS=""
+
+# Exit if the package is not installed
+[ -x "$upsd" ] || exit 0
+
+# Include NUT nut.conf
+[ -r $CONFIG ] && . $CONFIG
+
+# Explicitly require the configuration to be done in /etc/nut/nut.conf
+# redundant with nut-client
+if [ "x$MODE" = "xnone" -o -z "$MODE" ] ; then
+ log_action_msg "$NAME disabled, please adjust the configuration to your needs"
+ log_action_msg "Then set MODE to a suitable value in $CONFIG to enable it"
+ # exit success to avoid breaking the install process!
+ exit 0
+fi
+
+# Check if /var/run/nut exists and has the correct perms
+check_var_directory() {
+ [ ! -d ${pid_dir} ] && mkdir -p ${pid_dir} \
+ && chown root:nut ${pid_dir} \
+ && chmod 770 ${pid_dir} \
+ && [ -x /sbin/restorecon ] && /sbin/restorecon ${pid_dir}
+}
+
+# check if the right components are running
+check_status() {
+ case "$MODE" in
+ standalone|netserver)
+ status_of_proc -p $upsd_pid $upsd upsd
+ # FIXME: need driver(s) status too!
+ ;;
+ none|netclient|*)
+ # defered to nut-client
+ #status_of_proc -p $upsmon_pid $upsmon upsmon
+ ;;
+ esac
+}
+
+start_stop_server () {
+ case "$MODE" in
+ standalone|netserver)
+ case "$1" in
+ start)
+ # First, start driver(s)
+ ! $upsdrvctl start >/dev/null 2>&1 && \
+ log_progress_msg " (driver(s) failed)." || log_progress_msg " driver(s)."
+ # Then, data server (upsd)
+ start-stop-daemon -S -p $upsd_pid -x $upsd \
+ -- $UPSD_OPTIONS >/dev/null 2>&1 &&
+ log_progress_msg "upsd" || log_progress_msg "(upsd failed)"
+ ;;
+ stop)
+ # FIXME: should stop nut-client first!
+ # Reverse order for stop
+ start-stop-daemon -K -o -p $upsd_pid -n upsd && #>/dev/null 2>&1 &&
+ log_progress_msg "upsd" || log_progress_msg "(upsd failed)"
+ ! /sbin/upsdrvctl stop >/dev/null 2>&1 && \
+ log_progress_msg "(driver(s) failed)" || log_progress_msg "driver(s)"
+ ;;
+ esac
+ ;;
+ none|netclient|*)
+ # now handled by nut-client
+ return 1
+ ;;
+ esac
+}
+
+case "$1" in
+
+ start)
+ log_daemon_msg "Starting $DESC"
+ check_var_directory
+ start_stop_server start #&& log_progress_msg "upsd"
+ #start_stop_client start && log_progress_msg "upsmon"
+ log_end_msg 0
+ ;;
+
+ stop)
+ log_daemon_msg "Stopping $DESC"
+ start_stop_server stop #&& log_progress_msg "upsd"
+ #start_stop_client stop && log_progress_msg "upsmon"
+ log_end_msg 0
+ ;;
+
+ reload)
+ $upsd -c reload >/dev/null 2>&1
+ #$upsmon -c reload >/dev/null 2>&1
+ ;;
+
+ restart|force-reload)
+ log_daemon_msg "Restarting $DESC"
+ #start_stop_client stop
+ start_stop_server stop
+ sleep 5
+ check_var_directory
+ start_stop_server start #&& log_progress_msg "upsd"
+ #start_stop_client start && log_progress_msg "upsmon"
+ log_end_msg 0
+ ;;
+
+ status)
+ #log_daemon_msg "Checking status of $DESC"
+ echo "Checking status of $DESC"
+ check_status
+ exit $?
+ ;;
+
+ poweroff)
+ wait_delay=`sed -ne 's#^ *POWEROFF_WAIT= *\(.*\)$#\1#p' /etc/nut/nut.conf`
+ # UPS poweroff action is actually done here.
+ # But nut-monitor (Ie nut-client) does the check and call nut-server if needed!
+ # This action MUST NOT be called directly, and thus is not exposed in 'Usage'
+ case "$MODE" in
+ standalone|netserver)
+ log_daemon_msg "Shutting down the UPS ..."
+ if $upsdrvctl shutdown ; then
+ # FIXME (needed?): sleep 5
+ log_progress_msg "Waiting for UPS to cut the power"
+ log_end_msg 0
+ else
+ log_progress_msg "Shutdown failed."
+ log_progress_msg "Waiting for UPS batteries to run down"
+ log_end_msg 0
+ fi
+ if [ -n "$wait_delay" ] ; then
+ log_daemon_msg " (will reboot after $wait_delay) ..."
+ sleep "$wait_delay"
+ invoke-rc.d reboot stop
+ fi
+ ;;
+ none|netclient|*)
+ # nothing to do
+ ;;
+ esac
+ ;;
+
+ *)
+ N=/etc/init.d/$NAME
+ echo "Usage: $N {start|stop|reload|restart|force-reload|status}" >&2
+ exit 1
+ ;;
+esac
+
+exit 0
-../apcupsd/ups-monitor
\ No newline at end of file
+nut-client
\ No newline at end of file
--- /dev/null
+-----BEGIN CERTIFICATE REQUEST-----
+MIICdTCCAV0CAQIwADCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALtI
+RduFeXJFooF+ynGeS6Ou13JLEJGJKCwtVHCZdjU+RHaEk3r/w8S0D/fAQU1VRP9u
+LhC/7DfYRLEYw9sQtSpRAHIizUOW99GrV16cRcymG8Q1gfWyr12ZIy8BStTjHR9T
+G4kkd8y0Jila2vWiJvDzqoboAOMsW8wu1BFx/ZqTNB1jYyyQRCycKXVoxk/7eQIR
+FTSms+9amBzNm4BaXPHxqjcK6iPNmJNhU93IjqT+Wk8ndIduT4vli6lpI1jUlyiM
+A3YmFnw+wFiAsSuo4Nd6YcyYocRPX682D5e8jC04pzkrYbRhLENfxp5k0GlY03AG
+E6WqLTEjCQCX66LtKZcCAwEAAaAwMC4GCSqGSIb3DQEJDjEhMB8wHQYDVR0RBBYw
+FIISdHYuaG9lbGxlaW4ub25saW5lMA0GCSqGSIb3DQEBCwUAA4IBAQAA2hGmPRpg
+jf0AQLRCSppI8GgUdWYxhALl/wpq9rA4ETtzI7nBW+B6ShjJom9Ixft/8n2o3wAY
+PWx6WWc2lEgO2IRWmytbZkKZe28sJFJF6Z+XvWIx1c1CxHivh8xYVhnKEqMBJ+ja
+c+55wMURtDYaonZdrbJbeARSWIyWtHNthSeEQRPQ86rz+h2Mvwogd2/SIK8rU+JZ
+8nM3xnvobLF9ThOH8s5gttnZOZ1kdZMJJ924yEHQdoz8b8lFKdW6CWh1A6ALmCjy
+cSHEUXiG4sJx7Zqp9YmkhPWi2TJ7UPfYG/T427ilDcInY6s158ysIIqseexVN0XW
+BIik9/pWhuHQ
+-----END CERTIFICATE REQUEST-----
--- /dev/null
+-----BEGIN PRIVATE KEY-----
+MIIEwAIBADANBgkqhkiG9w0BAQEFAASCBKowggSmAgEAAoIBAQC7SEXbhXlyRaKB
+fspxnkujrtdySxCRiSgsLVRwmXY1PkR2hJN6/8PEtA/3wEFNVUT/bi4Qv+w32ESx
+GMPbELUqUQByIs1DlvfRq1denEXMphvENYH1sq9dmSMvAUrU4x0fUxuJJHfMtCYp
+Wtr1oibw86qG6ADjLFvMLtQRcf2akzQdY2MskEQsnCl1aMZP+3kCERU0prPvWpgc
+zZuAWlzx8ao3CuojzZiTYVPdyI6k/lpPJ3SHbk+L5YupaSNY1JcojAN2JhZ8PsBY
+gLErqODXemHMmKHET1+vNg+XvIwtOKc5K2G0YSxDX8aeZNBpWNNwBhOlqi0xIwkA
+l+ui7SmXAgMBAAECggEBALDKtvdVdqHCzncD48OBtNGdeVAxQEDCgyPA3tc0Zvw3
+/ZUL7dTMoFeNyw0Ldhm0ht/BeMbjBfBpvd6YDDs9+Gcr9AnKhI5rcyGAZ4euac2Y
+eNmt0TLJLPZkW2xCAgwZISKy52l8/YJGBUhAtjXujmgi/TVAyaWp+DY1dofJXaeN
+9NvKO96gomyFW+4uYWf88zdechCIbKHgETyWag1NBhNv4wLZUaZesRdCls0CN+0G
+y60s+6ByPCiaczp3yMu7Wok3rIzExlHwS7hzH37pbwi7iP3Rjtq4juS4k5HFFmmU
+7ayt13ZE1S3IiyAt5/Sr5IkepNR1bH51GRvkKzjtafECgYEA201gF949KR/WRV9r
+yAYLmml/jfBrg4QvFIoIHbMRRaMcT0M5RKaDyiCUAaPYcTwC4zf/xsYiZTdlgG8g
+/ttBCIMCAahx23sunZeiSdUU0p/JgDblxiJhQNwb1WnMYWjiT/zgDCS6DfMvz8+d
+o4dfAl9G2Ij6mhFqFVeViXIy8q0CgYEA2p80fwCUCNAtabg2UHNwfUcZ9bR+Eg+r
+DM+LD4BOcrsAEMv+YlkQJE/Hj5X8tP7bVcWGzJf3jlsgbrekSCD3xyLLdEhuT4zm
+M/Key4B74beRjs+194eU+1LipQ/aM7GlBfehdiKEQQ2ZpwqGsETy1cUuxB/Hrbkr
+J0gPPWH1WdMCgYEAmU3v3P+ZFcSRz5EzEXNYbStO5fSp1Bh1qRANOGXTrzClO6us
+vxcAji5UCQl250GiayDchyI/LS6aoDwPftnbDo42ut38Kghkv/oekyqIEe1tuVmn
+Kukhv2ufcYMyQu5FNtF59kM+ZT4ZsFZcxtJ9UnU0W272cPm3hQ/jE2BnyUkCgYEA
+sc7GbXzU6Y4XQWK3mhsppFqNvI698oaXweWS3lqmcx2wYfjnvqldPYs9bYS5caPO
+VCZBCmmWyEtJR4NIs/lMTMP54Wt/fGfGWv27NRwcpWodkp9RCi9VdkrlVwZbm6uh
+4gaTZXeRRS+AhqFDBl4tervS22RVjO+LL3mmG3Bukk0CgYEA2JCt2CZpwcu/irVm
+cnIsqITM3b8UfI7OBfHYAPRv5UszFjvUFReDbana8eWUCekUj8pfN8mhT46h1ZIt
+AFDdksd/8dCHMfB0AFKPnsD7x1lbL9M9HR/jICR+VQktj/V+/J6EJ2GgHaIajFPs
+hbv/8fU5t+Lnma5YtLWUHfbIEuc=
+-----END PRIVATE KEY-----
--- /dev/null
+# Network UPS Tools: example nut.conf
+#
+##############################################################################
+# General section
+##############################################################################
+# The MODE determines which part of the NUT is to be started, and which
+# configuration files must be modified.
+#
+# This file try to standardize the various files being found in the field, like
+# /etc/default/nut on Debian based systems, /etc/sysconfig/ups on RedHat based
+# systems, ... Distribution's init script should source this file to see which
+# component(s) has to be started.
+#
+# The values of MODE can be:
+# - none: NUT is not configured, or use the Integrated Power Management, or use
+# some external system to startup NUT components. So nothing is to be started.
+# - standalone: This mode address a local only configuration, with 1 UPS
+# protecting the local system. This implies to start the 3 NUT layers (driver,
+# upsd and upsmon) and the matching configuration files. This mode can also
+# address UPS redundancy.
+# - netserver: same as for the standalone configuration, but also need
+# some more network access controls (firewall, tcp-wrappers) and possibly a
+# specific LISTEN directive in upsd.conf.
+# Since this MODE is opened to the network, a special care should be applied
+# to security concerns.
+# - netclient: this mode only requires upsmon.
+#
+# IMPORTANT NOTE:
+# This file is intended to be sourced by shell scripts.
+# You MUST NOT use spaces around the equal sign!
+
+MODE=none
--- /dev/null
+# Network UPS Tools: example ups.conf
+#
+# --- SECURITY NOTE ---
+#
+# If you use snmp-ups and set a community string in here, you
+# will have to secure this file to keep other users from obtaining
+# that string. It needs to be readable by upsdrvctl and any drivers,
+# and by upsd.
+#
+# ---
+#
+# This is where you configure all the UPSes that this system will be
+# monitoring directly. These are usually attached to serial ports, but
+# USB devices and SNMP devices are also supported.
+#
+# This file is used by upsdrvctl to start and stop your driver(s), and
+# is also used by upsd to determine which drivers to monitor. The
+# drivers themselves also read this file for configuration directives.
+#
+# The general form is:
+#
+# [upsname]
+# driver = <drivername>
+# port = <portname>
+# < any other directives here >
+#
+# The section header ([upsname]) can be just about anything as long as
+# it is a single word inside brackets. upsd uses this to uniquely
+# identify a UPS on this system.
+#
+# If you have a UPS called snoopy, your section header would be "[snoopy]".
+# On a system called "doghouse", the line in your upsmon.conf to monitor
+# it would look something like this:
+#
+# MONITOR snoopy@doghouse 1 upsmonuser mypassword master
+#
+# It might look like this if monitoring in slave mode:
+#
+# MONITOR snoopy@doghouse 1 upsmonuser mypassword slave
+#
+# Configuration directives
+# ------------------------
+#
+# These directives are used by upsdrvctl only and should be specified outside
+# of a driver definition:
+#
+# maxretry: Optional. Specify the number of attempts to start the driver(s),
+# in case of failure, before giving up. A delay of 'retrydelay' is
+# inserted between each attempt. Caution should be taken when using
+# this option, since it can impact the time taken by your system to
+# start.
+#
+# The default is 1 attempt.
+#
+# retrydelay: Optional. Specify the delay between each restart attempt of the
+# driver(s), as specified by 'maxretry'. Caution should be taken
+# when using this option, since it can impact the time taken by your
+# system to start.
+#
+# The default is 5 seconds.
+#
+# These directives are common to all drivers that support ups.conf:
+#
+# driver: REQUIRED. Specify the program to run to talk to this UPS.
+# apcsmart, bestups, and sec are some examples.
+#
+# port: REQUIRED. The serial port where your UPS is connected.
+# /dev/ttyS0 is usually the first port on Linux boxes, for example.
+#
+# sdorder: optional. When you have multiple UPSes on your system, you
+# usually need to turn them off in a certain order. upsdrvctl
+# shuts down all the 0s, then the 1s, 2s, and so on. To exclude
+# a UPS from the shutdown sequence, set this to -1.
+#
+# The default value for this parameter is 0.
+#
+# nolock: optional, and not recommended for use in this file.
+#
+# If you put nolock in here, the driver will not lock the
+# serial port every time it starts. This may allow other
+# processes to seize the port if you start more than one by
+# mistake.
+#
+# This is only intended to be used on systems where locking
+# absolutely must be disabled for the software to work.
+#
+# maxstartdelay: optional. This can be set as a global variable
+# above your first UPS definition and it can also be
+# set in a UPS section. This value controls how long
+# upsdrvctl will wait for the driver to finish starting.
+# This keeps your system from getting stuck due to a
+# broken driver or UPS.
+#
+# The default is 45 seconds.
+#
+# synchronous: optional. The driver work by default in asynchronous
+# mode (i.e *synchronous=no*). This means that all data
+# are pushed by the driver on the communication socket to
+# upsd (Unix socket on Unix, Named pipe on Windows) without
+# waiting for these data to be actually consumed. With
+# some HW, such as ePDUs, that can produce a lot of data,
+# asynchronous mode may cause some congestion, resulting in
+# the socket to be full, and the driver to appear as not
+# connected. By enabling the 'synchronous' flag
+# (value = 'yes'), the driver will wait for data to be
+# consumed by upsd, prior to publishing more. This can be
+# enabled either globally or per driver.
+#
+# The default is 'no' (i.e. asynchronous mode) for backward
+# compatibility of the driver behavior.
+#
+# Anything else is passed through to the hardware-specific part of
+# the driver.
+#
+# Examples
+# --------
+#
+# A simple example for a UPS called "powerpal" that uses the blazer_ser
+# driver on /dev/ttyS0 is:
+#
+# [powerpal]
+# driver = blazer_ser
+# port = /dev/ttyS0
+# desc = "Web server"
+#
+# If your UPS driver requires additional settings, you can specify them
+# here. For example, if it supports a setting of "1234" for the
+# variable "cable", it would look like this:
+#
+# [myups]
+# driver = mydriver
+# port = /dev/ttyS1
+# cable = 1234
+# desc = "Something descriptive"
+#
+# To find out if your driver supports any extra settings, start it with
+# the -h option and/or read the driver's documentation.
+
+# Set maxretry to 3 by default, this should mitigate race with slow devices:
+maxretry = 3
--- /dev/null
+# Network UPS Tools: example upsd configuration file
+#
+# This file contains access control data, you should keep it secure.
+#
+# It should only be readable by the user that upsd becomes. See the FAQ.
+#
+# Each entry below provides usage and default value.
+
+# =======================================================================
+# MAXAGE <seconds>
+# MAXAGE 15
+#
+# This defaults to 15 seconds. After a UPS driver has stopped updating
+# the data for this many seconds, upsd marks it stale and stops making
+# that information available to clients. After all, the only thing worse
+# than no data is bad data.
+#
+# You should only use this if your driver has difficulties keeping
+# the data fresh within the normal 15 second interval. Watch the syslog
+# for notifications from upsd about staleness.
+
+# =======================================================================
+# STATEPATH <path>
+# STATEPATH /var/run/nut
+#
+# Tell upsd to look for the driver state sockets in 'path' rather
+# than the default that was compiled into the program.
+
+# =======================================================================
+# LISTEN <address> [<port>]
+# LISTEN 127.0.0.1 3493
+# LISTEN ::1 3493
+#
+# This defaults to the localhost listening addresses and port 3493.
+# In case of IP v4 or v6 disabled kernel, only the available one will be used.
+#
+# You may specify each interface you want upsd to listen on for connections,
+# optionally with a port number.
+#
+# You may need this if you have multiple interfaces on your machine and
+# you don't want upsd to listen to all interfaces (for instance on a
+# firewall, you may not want to listen to the external interface).
+#
+# This will only be read at startup of upsd. If you make changes here,
+# you'll need to restart upsd, reload will have no effect.
+
+# =======================================================================
+# MAXCONN <connections>
+# MAXCONN 1024
+#
+# This defaults to maximum number allowed on your system. Each UPS, each
+# LISTEN address and each client count as one connection. If the server
+# runs out of connections, it will no longer accept new incoming client
+# connections. Only set this if you know exactly what you're doing.
+
+# =======================================================================
+# CERTFILE <certificate file>
+# CERTFILE /usr/local/ups/etc/upsd.pem
+#
+# When compiled with SSL support with OpenSSL backend,
+# you can enter the certificate file here.
+# The certificates must be in PEM format and must be sorted starting with
+# the subject's certificate (server certificate), followed by intermediate
+# CA certificates (if applicable_ and the highest level (root) CA. It should
+# end with the server key. See 'docs/security.txt' or the Security chapter of
+# NUT user manual for more information on the SSL support in NUT.
+#
+# See 'docs/security.txt' or the Security chapter of NUT user manual
+# for more information on the SSL support in NUT.
+
+# =======================================================================
+# CERTPATH <certificate file or directory>
+# CERTPATH /usr/local/ups/etc/cert/upsd
+#
+# When compiled with SSL support with NSS backend,
+# you can enter the certificate path here.
+# Certificates are stored in a dedicated database (splitted in 3 files).
+# Specify the path of the database directory.
+#
+# See 'docs/security.txt' or the Security chapter of NUT user manual
+# for more information on the SSL support in NUT.
+
+# =======================================================================
+# CERTIDENT <certificate name> <database password>
+# CERTIDENT "my nut server" "MyPasSw0rD"
+#
+# When compiled with SSL support with NSS backend,
+# you can specify the certificate name to retrieve from database to
+# authenticate itself and the password
+# required to access certificate related private key.
+#
+# See 'docs/security.txt' or the Security chapter of NUT user manual
+# for more information on the SSL support in NUT.
+
+# =======================================================================
+# CERTREQUEST <certificate request level>
+# CERTREQUEST REQUIRE
+#
+# When compiled with SSL support with NSS backend and client certificate
+# validation (disabled by default, see 'docs/security.txt'),
+# you can specify if upsd requests or requires client's' certificates.
+# Possible values are :
+# - 0 to not request to clients to provide any certificate
+# - 1 to require to all clients a certificate
+# - 2 to require to all clients a valid certificate
+#
+# See 'docs/security.txt' or the Security chapter of NUT user manual
+# for more information on the SSL support in NUT.
+
--- /dev/null
+# Network UPS Tools: Example upsd.users
+#
+# This file sets the permissions for upsd - the UPS network daemon.
+# Users are defined here, are given passwords, and their privileges are
+# controlled here too. Since this file will contain passwords, keep it
+# secure, with only enough permissions for upsd to read it.
+
+# --------------------------------------------------------------------------
+
+# Each user gets a section. To start a section, put the username in
+# brackets on a line by itself. To set something for that user, specify
+# it under that section heading. The username is case-sensitive, so
+# admin and AdMiN are two different users.
+#
+# Possible settings:
+#
+# password: The user's password. This is case-sensitive.
+#
+# --------------------------------------------------------------------------
+#
+# actions: Let the user do certain things with upsd.
+#
+# Valid actions are:
+#
+# SET - change the value of certain variables in the UPS
+# FSD - set the "forced shutdown" flag in the UPS
+#
+# --------------------------------------------------------------------------
+#
+# instcmds: Let the user initiate specific instant commands. Use "ALL"
+# to grant all commands automatically. There are many possible
+# commands, so use 'upscmd -l' to see what your hardware supports. Here
+# are a few examples:
+#
+# test.panel.start - Start a front panel test
+# test.battery.start - Start battery test
+# test.battery.stop - Stop battery test
+# calibrate.start - Start calibration
+# calibrate.stop - Stop calibration
+#
+# --------------------------------------------------------------------------
+#
+# Example:
+#
+# [admin]
+# password = mypass
+# actions = SET
+# instcmds = ALL
+#
+
+#
+# --- Configuring for a user who can execute tests only
+#
+# [testuser]
+# password = pass
+# instcmds = test.battery.start
+# instcmds = test.battery.stop
+
+#
+# --- Configuring for upsmon
+#
+# To add a user for your upsmon, use this example:
+#
+# [upsmon]
+# password = pass
+# upsmon master
+# or
+# upsmon slave
+#
+# The matching MONITOR line in your upsmon.conf would look like this:
+#
+# MONITOR myups@localhost 1 upsmon pass master (or slave)
--- /dev/null
+# Network UPS Tools: example upsmon configuration
+#
+# This file contains passwords, so keep it secure.
+
+# --------------------------------------------------------------------------
+# RUN_AS_USER <userid>
+#
+# By default, upsmon splits into two processes. One stays as root and
+# waits to run the SHUTDOWNCMD. The other one switches to another userid
+# and does everything else.
+#
+# The default nonprivileged user is set at compile-time with
+# 'configure --with-user=...'.
+#
+# You can override it with '-u <user>' when starting upsmon, or just
+# define it here for convenience.
+#
+# Note: if you plan to use the reload feature, this file (upsmon.conf)
+# must be readable by this user! Since it contains passwords, DO NOT
+# make it world-readable. Also, do not make it writable by the upsmon
+# user, since it creates an opportunity for an attack by changing the
+# SHUTDOWNCMD to something malicious.
+#
+# For best results, you should create a new normal user like "nutmon",
+# and make it a member of a "nut" group or similar. Then specify it
+# here and grant read access to the upsmon.conf for that group.
+#
+# This user should not have write access to upsmon.conf.
+#
+# RUN_AS_USER nut
+
+# --------------------------------------------------------------------------
+# MONITOR <system> <powervalue> <username> <password> ("master"|"slave")
+#
+# List systems you want to monitor. Not all of these may supply power
+# to the system running upsmon, but if you want to watch it, it has to
+# be in this section.
+#
+# You must have at least one of these declared.
+#
+# <system> is a UPS identifier in the form <upsname>@<hostname>[:<port>]
+# like ups@localhost, su700@mybox, etc.
+#
+# Examples:
+#
+# - "su700@mybox" means a UPS called "su700" on a system called "mybox"
+#
+# - "fenton@bigbox:5678" is a UPS called "fenton" on a system called
+# "bigbox" which runs upsd on port "5678".
+#
+# The UPS names like "su700" and "fenton" are set in your ups.conf
+# in [brackets] which identify a section for a particular driver.
+#
+# If the ups.conf on host "doghouse" has a section called "snoopy", the
+# identifier for it would be "snoopy@doghouse".
+#
+# <powervalue> is an integer - the number of power supplies that this UPS
+# feeds on this system. Most computers only have one power supply, so this
+# is normally set to 1. You need a pretty big or special box to have any
+# other value here.
+#
+# You can also set this to 0 for a system that doesn't supply any power,
+# but you still want to monitor. Use this when you want to hear about
+# changes for a given UPS without shutting down when it goes critical,
+# unless <powervalue> is 0.
+#
+# <username> and <password> must match an entry in that system's
+# upsd.users. If your username is "monmaster" and your password is
+# "blah", the upsd.users would look like this:
+#
+# [monmaster]
+# password = blah
+# upsmon master (or slave)
+#
+# "master" means this system will shutdown last, allowing the slaves
+# time to shutdown first.
+#
+# "slave" means this system shuts down immediately when power goes critical.
+#
+# Examples:
+#
+# MONITOR myups@bigserver 1 monmaster blah master
+# MONITOR su700@server.example.com 1 upsmon secretpass slave
+# MONITOR myups@localhost 1 upsmon pass master (or slave)
+
+# --------------------------------------------------------------------------
+# MINSUPPLIES <num>
+#
+# Give the number of power supplies that must be receiving power to keep
+# this system running. Most systems have one power supply, so you would
+# put "1" in this field.
+#
+# Large/expensive server type systems usually have more, and can run with
+# a few missing. The HP NetServer LH4 can run with 2 out of 4, for example,
+# so you'd set that to 2. The idea is to keep the box running as long
+# as possible, right?
+#
+# Obviously you have to put the redundant supplies on different UPS circuits
+# for this to make sense! See big-servers.txt in the docs subdirectory
+# for more information and ideas on how to use this feature.
+
+MINSUPPLIES 1
+
+# --------------------------------------------------------------------------
+# SHUTDOWNCMD "<command>"
+#
+# upsmon runs this command when the system needs to be brought down.
+#
+# This should work just about everywhere ... if it doesn't, well, change it.
+
+SHUTDOWNCMD "/sbin/shutdown -h +0"
+
+# --------------------------------------------------------------------------
+# NOTIFYCMD <command>
+#
+# upsmon calls this to send messages when things happen
+#
+# This command is called with the full text of the message as one argument.
+# The environment string NOTIFYTYPE will contain the type string of
+# whatever caused this event to happen.
+#
+# Note that this is only called for NOTIFY events that have EXEC set with
+# NOTIFYFLAG. See NOTIFYFLAG below for more details.
+#
+# Making this some sort of shell script might not be a bad idea. For more
+# information and ideas, see docs/scheduling.txt
+#
+# Example:
+# NOTIFYCMD /bin/notifyme
+
+# --------------------------------------------------------------------------
+# POLLFREQ <n>
+#
+# Polling frequency for normal activities, measured in seconds.
+#
+# Adjust this to keep upsmon from flooding your network, but don't make
+# it too high or it may miss certain short-lived power events.
+
+POLLFREQ 5
+
+# --------------------------------------------------------------------------
+# POLLFREQALERT <n>
+#
+# Polling frequency in seconds while UPS on battery.
+#
+# You can make this number lower than POLLFREQ, which will make updates
+# faster when any UPS is running on battery. This is a good way to tune
+# network load if you have a lot of these things running.
+#
+# The default is 5 seconds for both this and POLLFREQ.
+
+POLLFREQALERT 5
+
+# --------------------------------------------------------------------------
+# HOSTSYNC - How long upsmon will wait before giving up on another upsmon
+#
+# The master upsmon process uses this number when waiting for slaves to
+# disconnect once it has set the forced shutdown (FSD) flag. If they
+# don't disconnect after this many seconds, it goes on without them.
+#
+# Similarly, upsmon slave processes wait up to this interval for the
+# master upsmon to set FSD when a UPS they are monitoring goes critical -
+# that is, on battery and low battery. If the master doesn't do its job,
+# the slaves will shut down anyway to avoid damage to the file systems.
+#
+# This "wait for FSD" is done to avoid races where the status changes
+# to critical and back between polls by the master.
+
+HOSTSYNC 15
+
+# --------------------------------------------------------------------------
+# DEADTIME - Interval to wait before declaring a stale ups "dead"
+#
+# upsmon requires a UPS to provide status information every few seconds
+# (see POLLFREQ and POLLFREQALERT) to keep things updated. If the status
+# fetch fails, the UPS is marked stale. If it stays stale for more than
+# DEADTIME seconds, the UPS is marked dead.
+#
+# A dead UPS that was last known to be on battery is assumed to have gone
+# to a low battery condition. This may force a shutdown if it is providing
+# a critical amount of power to your system.
+#
+# Note: DEADTIME should be a multiple of POLLFREQ and POLLFREQALERT.
+# Otherwise you'll have "dead" UPSes simply because upsmon isn't polling
+# them quickly enough. Rule of thumb: take the larger of the two
+# POLLFREQ values, and multiply by 3.
+
+DEADTIME 15
+
+# --------------------------------------------------------------------------
+# POWERDOWNFLAG - Flag file for forcing UPS shutdown on the master system
+#
+# upsmon will create a file with this name in master mode when it's time
+# to shut down the load. You should check for this file's existence in
+# your shutdown scripts and run 'upsdrvctl shutdown' if it exists.
+#
+# See the config-notes.txt file in the docs subdirectory for more information.
+# Refer to the section:
+# [[UPS_shutdown]] "Configuring automatic shutdowns for low battery events"
+# or refer to the online version.
+
+POWERDOWNFLAG /etc/killpower
+
+# --------------------------------------------------------------------------
+# NOTIFYMSG - change messages sent by upsmon when certain events occur
+#
+# You can change the default messages to something else if you like.
+#
+# NOTIFYMSG <notify type> "message"
+#
+# NOTIFYMSG ONLINE "UPS %s on line power"
+# NOTIFYMSG ONBATT "UPS %s on battery"
+# NOTIFYMSG LOWBATT "UPS %s battery is low"
+# NOTIFYMSG FSD "UPS %s: forced shutdown in progress"
+# NOTIFYMSG COMMOK "Communications with UPS %s established"
+# NOTIFYMSG COMMBAD "Communications with UPS %s lost"
+# NOTIFYMSG SHUTDOWN "Auto logout and shutdown proceeding"
+# NOTIFYMSG REPLBATT "UPS %s battery needs to be replaced"
+# NOTIFYMSG NOCOMM "UPS %s is unavailable"
+# NOTIFYMSG NOPARENT "upsmon parent process died - shutdown impossible"
+#
+# Note that %s is replaced with the identifier of the UPS in question.
+#
+# Possible values for <notify type>:
+#
+# ONLINE : UPS is back online
+# ONBATT : UPS is on battery
+# LOWBATT : UPS has a low battery (if also on battery, it's "critical")
+# FSD : UPS is being shutdown by the master (FSD = "Forced Shutdown")
+# COMMOK : Communications established with the UPS
+# COMMBAD : Communications lost to the UPS
+# SHUTDOWN : The system is being shutdown
+# REPLBATT : The UPS battery is bad and needs to be replaced
+# NOCOMM : A UPS is unavailable (can't be contacted for monitoring)
+# NOPARENT : The process that shuts down the system has died (shutdown impossible)
+
+# --------------------------------------------------------------------------
+# NOTIFYFLAG - change behavior of upsmon when NOTIFY events occur
+#
+# By default, upsmon sends walls (global messages to all logged in users)
+# and writes to the syslog when things happen. You can change this.
+#
+# NOTIFYFLAG <notify type> <flag>[+<flag>][+<flag>] ...
+#
+# NOTIFYFLAG ONLINE SYSLOG+WALL
+# NOTIFYFLAG ONBATT SYSLOG+WALL
+# NOTIFYFLAG LOWBATT SYSLOG+WALL
+# NOTIFYFLAG FSD SYSLOG+WALL
+# NOTIFYFLAG COMMOK SYSLOG+WALL
+# NOTIFYFLAG COMMBAD SYSLOG+WALL
+# NOTIFYFLAG SHUTDOWN SYSLOG+WALL
+# NOTIFYFLAG REPLBATT SYSLOG+WALL
+# NOTIFYFLAG NOCOMM SYSLOG+WALL
+# NOTIFYFLAG NOPARENT SYSLOG+WALL
+#
+# Possible values for the flags:
+#
+# SYSLOG - Write the message in the syslog
+# WALL - Write the message to all users on the system
+# EXEC - Execute NOTIFYCMD (see above) with the message
+# IGNORE - Don't do anything
+#
+# If you use IGNORE, don't use any other flags on the same line.
+
+# --------------------------------------------------------------------------
+# RBWARNTIME - replace battery warning time in seconds
+#
+# upsmon will normally warn you about a battery that needs to be replaced
+# every 43200 seconds, which is 12 hours. It does this by triggering a
+# NOTIFY_REPLBATT which is then handled by the usual notify structure
+# you've defined above.
+#
+# If this number is not to your liking, override it here.
+
+RBWARNTIME 43200
+
+# --------------------------------------------------------------------------
+# NOCOMMWARNTIME - no communications warning time in seconds
+#
+# upsmon will let you know through the usual notify system if it can't
+# talk to any of the UPS entries that are defined in this file. It will
+# trigger a NOTIFY_NOCOMM by default every 300 seconds unless you
+# change the interval with this directive.
+
+NOCOMMWARNTIME 300
+
+# --------------------------------------------------------------------------
+# FINALDELAY - last sleep interval before shutting down the system
+#
+# On a master, upsmon will wait this long after sending the NOTIFY_SHUTDOWN
+# before executing your SHUTDOWNCMD. If you need to do something in between
+# those events, increase this number. Remember, at this point your UPS is
+# almost depleted, so don't make this too high.
+#
+# Alternatively, you can set this very low so you don't wait around when
+# it's time to shut down. Some UPSes don't give much warning for low
+# battery and will require a value of 0 here for a safe shutdown.
+#
+# Note: If FINALDELAY on the slave is greater than HOSTSYNC on the master,
+# the master will give up waiting for the slave to disconnect.
+
+FINALDELAY 5
+
+# --------------------------------------------------------------------------
+# CERTPATH - path to certificates (database directory or directory with CA's)
+#
+# When compiled with SSL support, you can enter the certificate path here.
+#
+# With NSS:
+# Certificates are stored in a dedicated database (splitted in 3 files).
+# Specify the path of the database directory.
+#
+# CERTPATH /etc/nut/cert/upsmon
+#
+# With OpenSSL:
+# Directory containing CA certificates in PEM format, used to verify
+# the server certificate presented by the upsd server. The files each
+# contain one CA certificate. The files are looked up by the CA subject
+# name hash value, which must hence be available.
+#
+# CERTPATH /usr/ssl/certs
+#
+# See 'docs/security.txt' or the Security chapter of NUT user manual
+# for more information on the SSL support in NUT.
+
+# --------------------------------------------------------------------------
+# CERTIDENT - self certificate name and database password
+# CERTIDENT <certificate name> <database password>
+#
+# When compiled with SSL support with NSS, you can specify the certificate
+# name to retrieve from database to authenticate itself and the password
+# required to access certificate related private key.
+#
+# CERTIDENT "my nut monitor" "MyPasSw0rD"
+#
+# See 'docs/security.txt' or the Security chapter of NUT user manual
+# for more information on the SSL support in NUT.
+
+# --------------------------------------------------------------------------
+# CERTHOST - security properties for an host
+# CERTHOST <hostname> <certificate name> <certverify> <forcessl>
+#
+# When compiled with SSL support with NSS, you can specify security directive
+# for each server you can contact.
+# Each entry maps server name with the expected certificate name and flags
+# indicating if the server certificate is verified and if the connection
+# must be secure.
+#
+# CERTHOST localhost "My nut server" 1 1
+#
+# See 'docs/security.txt' or the Security chapter of NUT user manual
+# for more information on the SSL support in NUT.
+
+# --------------------------------------------------------------------------
+# CERTVERIFY - make upsmon verify all connections with certificates
+# CERTVERIFY 1
+#
+# When compiled with SSL support, make upsmon verify all connections with
+# certificates.
+# Without this, there is no guarantee that the upsd is the right host.
+# Enabling this greatly reduces the risk of man in the middle attacks.
+# This effectively forces the use of SSL, so don't use this unless
+# all of your upsd hosts are ready for SSL and have their certificates
+# in order.
+# When compiled with NSS support of SSL, can be overriden for host
+# specified with a CERTHOST directive.
+
+
+# --------------------------------------------------------------------------
+# FORCESSL - force upsmon to use SSL
+# FORCESSL 1
+#
+# When compiled with SSL, specify that a secured connection must be used
+# to communicate with upsd.
+# If you don't use 'CERTVERIFY 1', then this will at least make sure
+# that nobody can sniff your sessions without a large effort. Setting
+# this will make upsmon drop connections if the remote upsd doesn't
+# support SSL, so don't use it unless all of them have it running.
+# When compiled with NSS support of SSL, can be overriden for host
+# specified with a CERTHOST directive.
--- /dev/null
+# Network UPS Tools - upssched.conf sample file
+#
+# ============================================================================
+#
+# CMDSCRIPT <scriptname>
+#
+# This script gets called to invoke commands for timers that trigger.
+# It is given a single argument - the <timername> in your
+# AT ... START-TIMER defines.
+#
+# *** This must be defined *before* the first AT line. Otherwise the
+# program will complain and exit without doing anything.
+#
+# A shell script with a big case..esac construct should work nicely for this.
+# An example has been provided to help you get started.
+
+CMDSCRIPT /bin/upssched-cmd
+
+# ============================================================================
+#
+# PIPEFN <filename>
+#
+# This sets the file name of the FIFO that will pass communications between
+# processes to start and stop timers. This should be set to some path where
+# normal users can't create the file, due to the possibility of symlinking
+# and other evil.
+#
+# Note: if you are running Solaris or similar, the permissions that
+# upssched sets on this file *are not enough* to keep you safe. If
+# your OS ignores the permissions on a FIFO, then you MUST put this in
+# a protected directory!
+#
+# Note 2: by default, upsmon will run upssched as whatever user you have
+# defined with RUN_AS_USER in upsmon.conf. Make sure that user can
+# create files and write to files in the path you use for PIPEFN and
+# LOCKFN.
+#
+# My recommendation: create a special directory for upssched, make it
+# owned by your upsmon user, then use it for both.
+#
+# This is commented out by default to make you visit this file and think
+# about how your system works before potentially opening a hole.
+#
+# PIPEFN /var/run/nut/upssched/upssched.pipe
+
+# ============================================================================
+#
+# LOCKFN <filename>
+#
+# REQUIRED. This was added after version 1.2.1.
+#
+# upssched needs to be able to create this filename in order to avoid
+# a race condition when two events are dispatched from upsmon at nearly
+# the same time. This file will only exist briefly. It must not be
+# created by any other process.
+#
+# You should put this in the same directory as PIPEFN.
+#
+# LOCKFN /var/run/nut/upssched/upssched.lock
+
+# ============================================================================
+#
+# AT <notifytype> <upsname> <command>
+#
+# Define a handler for a specific event <notifytype> on UPS <upsname>.
+#
+# <upsname> can be the special value * to apply this handler to every
+# possible value of <upsname>.
+#
+# Run the command <command> via your CMDSCRIPT when it happens.
+#
+# Note that any AT that matches both the <notifytype> and the <upsname>
+# for the current event will be used.
+
+# ============================================================================
+#
+# Possible AT commands
+#
+# - START-TIMER <timername> <interval>
+#
+# Start a timer called <timername> that will trigger after <interval>
+# seconds, calling your CMDSCRIPT with <timername> as the first
+# argument.
+#
+# Example:
+# Start a timer that'll execute when any UPS (*) has been gone 10 seconds
+#
+# AT COMMBAD * START-TIMER upsgone 10
+
+# -----------------------------------------------------------------------
+#
+# - CANCEL-TIMER <timername> [cmd]
+#
+# Cancel a running timer called <timername>, if possible. If the timer
+# has passed then pass the optional argument <cmd> to CMDSCRIPT.
+#
+# Example:
+# If a specific UPS (myups@localhost) comes back online, then stop the
+# timer before it triggers
+#
+# AT COMMOK myups@localhost CANCEL-TIMER upsgone
+
+# -----------------------------------------------------------------------
+#
+# - EXECUTE <command>
+#
+# Immediately pass <command> as an argument to CMDSCRIPT.
+#
+# Example:
+# If any UPS (*) reverts to utility power, then execute
+# 'ups-back-on-line' via CMDSCRIPT.
+#
+# AT ONLINE * EXECUTE ups-back-on-line
cool:x:145:137::/opt/cool:/usr/sbin/nologin
sambauser:x:997:997::/home/sambauser:/bin/false
borg:x:5006:5006::/home/borg:/bin/bash
+nut:x:140:159::/var/lib/nut:/usr/sbin/nologin
alexa:x:998:998::/home/alexa:
x2gouser:x:125:131::/var/lib/x2go:/bin/false
nagios:x:139:143::/var/lib/nagios:/bin/false
-mosquitto:x:140:65534::/var/lib/mosquitto:/usr/sbin/nologin
redis:x:141:146:redis server,,,:/var/lib/redis:/bin/false
systemd-timesync:x:142:148:systemd Time Synchronization,,,:/run/systemd:/bin/false
systemd-network:x:143:149:systemd Network Management,,,:/run/systemd/netif:/bin/false
cool:x:145:137::/opt/cool:/usr/sbin/nologin
sambauser:x:997:997::/home/sambauser:/bin/false
borg:x:5006:5006::/home/borg:/bin/bash
+nut:x:140:159::/var/lib/nut:/usr/sbin/nologin
--- /dev/null
+../init.d/nut-client
\ No newline at end of file
--- /dev/null
+../init.d/nut-server
\ No newline at end of file
--- /dev/null
+../init.d/nut-client
\ No newline at end of file
--- /dev/null
+../init.d/nut-server
\ No newline at end of file
--- /dev/null
+../init.d/nut-server
\ No newline at end of file
--- /dev/null
+../init.d/nut-client
\ No newline at end of file
--- /dev/null
+../init.d/nut-server
\ No newline at end of file
--- /dev/null
+../init.d/nut-client
\ No newline at end of file
--- /dev/null
+../init.d/nut-server
\ No newline at end of file
--- /dev/null
+../init.d/nut-client
\ No newline at end of file
--- /dev/null
+../init.d/nut-server
\ No newline at end of file
--- /dev/null
+../init.d/nut-client
\ No newline at end of file
--- /dev/null
+../init.d/nut-client
\ No newline at end of file
--- /dev/null
+../init.d/nut-server
\ No newline at end of file
cool:*:18972:0:99999:7:::
sambauser:!:19010::::::
borg:!:19012:0:99999:7:::
+nut:*:19353:0:99999:7:::
alexa:!:17492::::::
x2gouser:!:17598:0:99999:7:::
nagios:!:17618:0:99999:7:::
-mosquitto:*:17682:0:99999:7:::
redis:!:17732:0:99999:7:::
systemd-timesync:*:17827:0:99999:7:::
systemd-network:*:17827:0:99999:7:::
cool:*:18972:0:99999:7:::
sambauser:!:19010::::::
borg:!:19012:0:99999:7:::
+nut:*:19353:0:99999:7:::
--- /dev/null
+/dev/null
\ No newline at end of file
--- /dev/null
+/lib/systemd/system/nut-monitor.service
\ No newline at end of file
--- /dev/null
+/lib/systemd/system/nut-server.service
\ No newline at end of file
projects / homeserver / commitdiff