Unterschiede

Hier werden die Unterschiede zwischen zwei Versionen angezeigt.

--- centos:apc [28.07.2012 14:21. ] – angelegt django
+++ centos:apc [22.07.2019 14:52. ] (aktuell) – Externe Bearbeitung 127.0.0.1
@@ Zeile 1: / Zeile 1: @@
+====== APC UPS Daemon unter CentOS 7.x ======
+{{ :centos:rack-2016-11-24-22.33.57.jpg?nolink&150|Bild: Photo vom Serverschrank}}
+{{:centos:apcupsd-logo.png?nolink&500|Bild: APC UPSD Logo}}
+Beim Betrieb eines Servers ist der Einsatz einer gesicherten Energieversorgung natürlich obligatorisch. Im **RZ**((**R**echen **Z**entrum)) stehen dazu meist unterbrechungsfreie Stromversorgungen, Ersatznetze oder auch Notstromaggregate zur Verfügung. Kann man auf derartige Techniken nicht zurückgreifen, lohnt sich die Anschaffung einer eigenen USV.
+{{:centos:apc-smartusv-1400.jpg?direct&300 |Bild: Photo der APC Smart-UPS SU1400RMI 3HE}}So kommt z.B. bei nausch.org eine //**APC Smart-UPS SU1400RMI 3HE**// zum Einsatz.  Zur Überwachung, Verwaltung und Administration wird **[[http://www.apcupsd.org|APCUPSD]]** verwendet. In diesem Kapitel werden wir uns mit der Installation und Konfiguration des Daemon befassen.
+Eine ausführliche Programmdokumentation ist auf der Seite [[http://www.apcupsd.org/manual/manual.html|APCUPSD User Manual]] zu finden.
+===== USB/RS.232-Adapter =====
+Die Verbindung zwischen der USV und dem Server erfolgt mittels zugehörigem seriellen Verbindungskabel vom Typ **//[[http://rtfm.vtt.net/pinouts/data/apc_smart_cable_pinout.shtml.htm|940-0024B]]//** und einem 4-port USB/UART-Adapter **[[http://www.digitus.info/de/produkte/computer-accessories-and-components/computer-accessories/serial-and-parallel-adapter/da-70159/|DIGITUS USB 2.0 zu 4xRS232 Kabel]]**.
+Mit Hilfe der installierten **usbutiuls** können Details zum USB_Adapter abgefragt werden.
+Bei Bedarf installieren wir uns also besagtes RPM-Paket.
+   # yum install usbutils
+Den Inhalt des Paketes können wir uns wie folgt anzeigen lassen.
+   # rpm -qil usbutils
+<code>Name        : usbutils
+Version     : 007
+Release     : 5.el7
+Architecture: x86_64
+Install Date: Sun 08 Jan 2017 12:03:27 PM CET
+Group       : Applications/System
+Size        : 187281
+License     : GPLv2+
+Signature   : RSA/SHA256, Wed 25 Nov 2015 05:02:14 PM CET, Key ID 24c6a8a7f4a80eb5
+Source RPM  : usbutils-007-5.el7.src.rpm
+Build Date  : Fri 20 Nov 2015 09:48:55 AM CET
+Build Host  : worker1.bsys.centos.org
+Relocations : (not relocatable)
+Packager    : CentOS BuildSystem <http://bugs.centos.org>
+Vendor      : CentOS
+URL         : http://www.linux-usb.org/
+Summary     : Linux USB utilities
+Description :
+This package contains utilities for inspecting devices connected to a
+USB bus.
+/usr/bin/lsusb
+/usr/bin/lsusb.py
+/usr/bin/usb-devices
+/usr/bin/usbhid-dump
+/usr/share/doc/usbutils-007
+/usr/share/doc/usbutils-007/AUTHORS
+/usr/share/doc/usbutils-007/COPYING
+/usr/share/doc/usbutils-007/ChangeLog
+/usr/share/doc/usbutils-007/NEWS
+/usr/share/doc/usbutils-007/README
+/usr/share/man/man1/usb-devices.1.gz
+/usr/share/man/man8/lsusb.8.gz
+/usr/share/man/man8/usbhid-dump.8.gz
+/usr/share/pkgconfig/usbutils.pc</code>
+Der Aufruf von **lsusb** zeigt uns neben den anderen USB-Devices auch unseren 4-Port Adapter.
+   # lsusb
+  Bus 001 Device 003: ID 0403:6011 Future Technology Devices International, Ltd FT4232H Quad HS USB-UART/FIFO IC
+  Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
+  Bus 004 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
+  Bus 003 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
+  Bus 002 Device 002: ID 0627:0001 Adomax Technology Co., Ltd
+  Bus 002 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
+Eine ähnliche aussagekräftige Detailanzeige können wir uns mit dem Befehl **usb-devices** anzeigen lassen.
+   # usb-devices
+<code>T:  Bus=01 Lev=01 Prnt=01 Port=01 Cnt=01 Dev#=  3 Spd=480 MxCh= 0
+D:  Ver= 2.00 Cls=00(>ifc ) Sub=00 Prot=00 MxPS=64 #Cfgs=  1
+P:  Vendor=0403 ProdID=6011 Rev=08.00
+S:  Manufacturer=FTDI
+S:  Product=FT4232H Device
+S:  SerialNumber=FTZ9JWTW
+C:  #Ifs= 4 Cfg#= 1 Atr=80 MxPwr=200mA
+I:  If#= 0 Alt= 0 #EPs= 2 Cls=ff(vend.) Sub=ff Prot=ff Driver=ftdi_sio
+I:  If#= 1 Alt= 0 #EPs= 2 Cls=ff(vend.) Sub=ff Prot=ff Driver=ftdi_sio
+I:  If#= 2 Alt= 0 #EPs= 2 Cls=ff(vend.) Sub=ff Prot=ff Driver=ftdi_sio
+I:  If#= 3 Alt= 0 #EPs= 2 Cls=ff(vend.) Sub=ff Prot=ff Driver=ftdi_sio</code>
+Damit der Adapter auch verwendet werden kann, benötigen wir noch die **libftdi**-Bibliotheken, welche wir nun noch installieren werden.
+   # yum install libftdi
+Auch hier können wir bei Interesse, den Inhalt des RPM-Paketes anzeigen lassen.
+   # rpm -qil libftdi
+<code>Name        : libftdi
+Version     : 1.1
+Release     : 4.el7
+Architecture: x86_64
+Install Date: Sun 08 Jan 2017 11:55:10 AM CET
+Group       : System Environment/Libraries
+Size        : 96091
+License     : LGPLv2
+Signature   : RSA/SHA256, Tue 07 Oct 2014 10:19:03 PM CEST, Key ID 6a2faea2352c64e5
+Source RPM  : libftdi-1.1-4.el7.src.rpm
+Build Date  : Mon 06 Oct 2014 09:17:24 PM CEST
+Build Host  : buildvm-24.phx2.fedoraproject.org
+Relocations : (not relocatable)
+Packager    : Fedora Project
+Vendor      : Fedora Project
+URL         : http://www.intra2net.com/de/produkte/opensource/ftdi/
+Summary     : Library to program and control the FTDI USB controller
+Description :
+A library (using libusb) to talk to FTDI's FT2232C,
+FT232BM and FT245BM type chips including the popular bitbang mode.
+/lib/udev/rules.d/69-libftdi.rules
+/usr/lib64/libftdi1.so.2
+/usr/lib64/libftdi1.so.2.1.0
+/usr/share/doc/libftdi-1.1
+/usr/share/doc/libftdi-1.1/AUTHORS
+/usr/share/doc/libftdi-1.1/COPYING.LIB
+/usr/share/doc/libftdi-1.1/ChangeLog
+/usr/share/doc/libftdi-1.1/README</code>
+===== Installation und Konfiguration =====
+==== apcupsd ====
+=== Installation ===
+Zur Administration unserer USV benötien wir nun noch einen passenden Daemon, den **[[http://www.apcupsd.org/|apcupsd]]**. Das RPM-Paket aus dem Repository **[[https://fedoraproject.org/wiki/EPEL|Extra Packages for Enterprise Linux (EPEL)]]** installieren wir wie gewohnt mittels **yum**
+   # yum install apcupsd
+Welche Verzeichnisse und Dateien uns die Installation eben ins System brachte, lassen wir uns mit Unterstützung des Befehls **rpm** und der Option ''qil'' anzeigen.
+   # rpm -qil apcupsd
+<code>Name        : apcupsd
+Version     : 3.14.12
+Release     : 1.el7
+Architecture: x86_64
+Install Date: Sun 08 Jan 2017 01:02:05 AM CET
+Group       : System Environment/Daemons
+Size        : 1492686
+License     : GPLv2
+Signature   : RSA/SHA256, Thu 22 Jan 2015 01:28:09 AM CET, Key ID 6a2faea2352c64e5
+Source RPM  : apcupsd-3.14.12-1.el7.src.rpm
+Build Date  : Mon 19 Jan 2015 07:17:55 PM CET
+Build Host  : buildhw-04.phx2.fedoraproject.org
+Relocations : (not relocatable)
+Packager    : Fedora Project
+Vendor      : Fedora Project
+URL         : http://www.apcupsd.com
+Summary     : APC UPS Power Control Daemon for Linux
+Description :
+Apcupsd can be used for controlling most APC UPSes. During a
+power failure, apcupsd will inform the users about the power
+failure and that a shutdown may occur.  If power is not restored,
+a system shutdown will follow when the battery is exausted, a
+timeout (seconds) expires, or the battery runtime expires based
+on internal APC calculations determined by power consumption
+rates.  If the power is restored before one of the above shutdown
+conditions is met, apcupsd will inform users about this fact.
+Some features depend on what UPS model you have (simple or smart).
+/etc/apcupsd
+/etc/apcupsd/apccontrol
+/etc/apcupsd/apcupsd.conf
+/etc/apcupsd/changeme
+/etc/apcupsd/commfailure
+/etc/apcupsd/commok
+/etc/apcupsd/offbattery
+/etc/apcupsd/onbattery
+/etc/logrotate.d/apcupsd
+/lib/systemd/system-shutdown/apcupsd_shutdown
+/lib/systemd/system/apcupsd.service
+/sbin/apcaccess
+/sbin/apctest
+/sbin/apcupsd
+/sbin/smtp
+/usr/share/doc/apcupsd-3.14.12
+/usr/share/doc/apcupsd-3.14.12/COPYING
+/usr/share/doc/apcupsd-3.14.12/ChangeLog
+/usr/share/doc/apcupsd-3.14.12/ReleaseNotes
+/usr/share/doc/apcupsd-3.14.12/examples
+/usr/share/doc/apcupsd-3.14.12/examples/Makefile
+/usr/share/doc/apcupsd-3.14.12/examples/SmartUPS1400.snmp
+/usr/share/doc/apcupsd-3.14.12/examples/client.c
+/usr/share/doc/apcupsd-3.14.12/examples/gui
+/usr/share/doc/apcupsd-3.14.12/examples/gui/about.tcl
+/usr/share/doc/apcupsd-3.14.12/examples/gui/apcupsd.tcl
+/usr/share/doc/apcupsd-3.14.12/examples/gui/dialog.tcl
+/usr/share/doc/apcupsd-3.14.12/examples/gui/events.tcl
+/usr/share/doc/apcupsd-3.14.12/examples/gui/mainwindow.tcl
+/usr/share/doc/apcupsd-3.14.12/examples/gui/pkgIndex.tcl
+/usr/share/doc/apcupsd-3.14.12/examples/gui/splash.tcl
+/usr/share/doc/apcupsd-3.14.12/examples/gui/status.tcl
+/usr/share/doc/apcupsd-3.14.12/examples/hid-set.c
+/usr/share/doc/apcupsd-3.14.12/examples/hid-ups.c
+/usr/share/doc/apcupsd-3.14.12/examples/hiddev-hiddev.h-cleanup-2.4.patch
+/usr/share/doc/apcupsd-3.14.12/examples/hiddev.h
+/usr/share/doc/apcupsd-3.14.12/examples/hiddev.txt
+/usr/share/doc/apcupsd-3.14.12/examples/index.php
+/usr/share/doc/apcupsd-3.14.12/examples/libusb.h
+/usr/share/doc/apcupsd-3.14.12/examples/linux-2.4.20-USB-reject.patch
+/usr/share/doc/apcupsd-3.14.12/examples/linux-2.4.20-killpower.patch
+/usr/share/doc/apcupsd-3.14.12/examples/linux-2.6.0-USB-queue-overflow.patch
+/usr/share/doc/apcupsd-3.14.12/examples/linux-usb-patch-email.txt
+/usr/share/doc/apcupsd-3.14.12/examples/linux-usb-patch2-email.txt
+/usr/share/doc/apcupsd-3.14.12/examples/make-hiddev
+/usr/share/doc/apcupsd-3.14.12/examples/megaclient.c
+/usr/share/doc/apcupsd-3.14.12/examples/nagios_plugin_check_apcupsd.c
+/usr/share/doc/apcupsd-3.14.12/examples/newslave.c
+/usr/share/doc/apcupsd-3.14.12/examples/offbattery.cpufreq
+/usr/share/doc/apcupsd-3.14.12/examples/onbattery.cpufreq
+/usr/share/doc/apcupsd-3.14.12/examples/php-monitor.txt
+/usr/share/doc/apcupsd-3.14.12/examples/rpt
+/usr/share/doc/apcupsd-3.14.12/examples/rpt/Back-UPS-350-USB.rpt
+/usr/share/doc/apcupsd-3.14.12/examples/rpt/Back-UPS-350ES.rpt
+/usr/share/doc/apcupsd-3.14.12/examples/rpt/Back-UPS-500-USB.rpt
+/usr/share/doc/apcupsd-3.14.12/examples/rpt/Back-UPS-500ES.rpt
+/usr/share/doc/apcupsd-3.14.12/examples/rpt/Back-UPS-BR-800.rpt
+/usr/share/doc/apcupsd-3.14.12/examples/rpt/Back-UPS-CS-650.rpt
+/usr/share/doc/apcupsd-3.14.12/examples/rpt/Back-UPS-ES-550.rpt
+/usr/share/doc/apcupsd-3.14.12/examples/rpt/Back-UPS-XS-1300-LCD.rpt
+/usr/share/doc/apcupsd-3.14.12/examples/rpt/BackUPS.rpt
+/usr/share/doc/apcupsd-3.14.12/examples/rpt/Smart-UPS-1500.rpt
+/usr/share/doc/apcupsd-3.14.12/examples/rpt/SmartUPS-USB.rpt
+/usr/share/doc/apcupsd-3.14.12/examples/rpt/SmartUPS.rpt
+/usr/share/doc/apcupsd-3.14.12/examples/rpt/hid-ups.rpt
+/usr/share/doc/apcupsd-3.14.12/examples/safe.apccontrol
+/usr/share/doc/apcupsd-3.14.12/examples/smartsim.c
+/usr/share/doc/apcupsd-3.14.12/examples/snoopdecode.c
+/usr/share/doc/apcupsd-3.14.12/examples/status
+/usr/share/doc/apcupsd-3.14.12/examples/status/Back-UPS-BX-1500.status
+/usr/share/doc/apcupsd-3.14.12/examples/status/Back-UPS-Pro-1000.status
+/usr/share/doc/apcupsd-3.14.12/examples/status/BackUPS-USB.status
+/usr/share/doc/apcupsd-3.14.12/examples/status/JapaneseUPS.status
+/usr/share/doc/apcupsd-3.14.12/examples/status/PowerStack450.status
+/usr/share/doc/apcupsd-3.14.12/examples/status/SmartUPS-vs-650.status
+/usr/share/doc/apcupsd-3.14.12/examples/status/SmartUPS1000.status
+/usr/share/doc/apcupsd-3.14.12/examples/status/SmartUPS1400.status
+/usr/share/doc/apcupsd-3.14.12/examples/status/SmartUPS3000.status
+/usr/share/doc/apcupsd-3.14.12/examples/status/SmartUPS5000.status
+/usr/share/doc/apcupsd-3.14.12/examples/status/SmartUPS600.status
+/usr/share/doc/apcupsd-3.14.12/examples/status/SmartUPS700-2.status
+/usr/share/doc/apcupsd-3.14.12/examples/status/SmartUPS700.status
+/usr/share/doc/apcupsd-3.14.12/examples/status/newbackupspro1.status
+/usr/share/doc/apcupsd-3.14.12/examples/status/newbackupspro2.status
+/usr/share/doc/apcupsd-3.14.12/examples/upsapm.c
+/usr/share/doc/apcupsd-3.14.12/examples/usb_hid_usages
+/usr/share/doc/apcupsd-3.14.12/examples/usbsnoop.txt
+/usr/share/hal/fdi/policy/20thirdparty/80-apcupsd-ups-policy.fdi
+/usr/share/man/man5/apcupsd.conf.5.gz
+/usr/share/man/man8/apcaccess.8.gz
+/usr/share/man/man8/apccontrol.8.gz
+/usr/share/man/man8/apctest.8.gz
+/usr/share/man/man8/apcupsd.8.gz</code>
+=== Konfiguration ===
+Zur Einstellungen des Daemon sind in der Konfigurationsdatei //**/etc/apcupsd/apcupsd.conf**// vorzunehmen. Diese Datei bearbeiten wir mit dem Editor unserer Wahl, z.B. **vim**.
+   # vim /etc/apcupsd/apcupsd.conf
+<file bash /etc/apcupsd/apcupsd.conf>## apcupsd.conf v1.1 ##
+#
+#  for apcupsd release 3.14.12 (29 March 2014) - redhat
+#
+# "apcupsd" POSIX config file
+#
+# ========= General configuration parameters ============
+#
+# UPSNAME xxx
+#   Use this to give your UPS a name in log files and such. This
+#   is particulary useful if you have multiple UPSes. This does not
+#   set the EEPROM. It should be 8 characters or less.
+# Django : 2017-01-08
+# default: #UPSNAME
+UPSNAME APC1400
+# UPSCABLE <cable>
+#   Defines the type of cable connecting the UPS to your computer.
+#
+#   Possible generic choices for <cable> are:
+#     simple, smart, ether, usb
+#
+#   Or a specific cable model number may be used:
+#     940-0119A, 940-0127A, 940-0128A, 940-0020B,
+#     940-0020C, 940-0023A, 940-0024B, 940-0024C,
+#     940-1524C, 940-0024G, 940-0095A, 940-0095B,
+#     940-0095C, 940-0625A, M-04-02-2000
+#
+# Django : 2017-01-08
+# default: UPSCABLE usb
+UPSCABLE 940-0024B
+# To get apcupsd to work, in addition to defining the cable
+# above, you must also define a UPSTYPE, which corresponds to
+# the type of UPS you have (see the Description for more details).
+# You must also specify a DEVICE, sometimes referred to as a port.
+# For USB UPSes, please leave the DEVICE directive blank. For
+# other UPS types, you must specify an appropriate port or address.
+#
+# UPSTYPE   DEVICE           Description
+# apcsmart  /dev/tty**       Newer serial character device, appropriate for
+#                            SmartUPS models using a serial cable (not USB).
+#
+# usb       <BLANK>          Most new UPSes are USB. A blank DEVICE
+#                            setting enables autodetection, which is
+#                            the best choice for most installations.
+#
+# net       hostname:port    Network link to a master apcupsd through apcupsd's
+#                            Network Information Server. This is used if the
+#                            UPS powering your computer is connected to a
+#                            different computer for monitoring.
+#
+# snmp      hostname:port:vendor:community
+#                            SNMP network link to an SNMP-enabled UPS device.
+#                            Hostname is the ip address or hostname of the UPS
+#                            on the network. Vendor can be can be "APC" or
+#                            "APC_NOTRAP". "APC_NOTRAP" will disable SNMP trap
+#                            catching; you usually want "APC". Port is usually
+#                            161. Community is usually "private".
+#
+# netsnmp   hostname:port:vendor:community
+#                            OBSOLETE
+#                            Same as SNMP above but requires use of the
+#                            net-snmp library. Unless you have a specific need
+#                            for this old driver, you should use 'snmp' instead.
+#
+# dumb      /dev/tty**       Old serial character device for use with
+#                            simple-signaling UPSes.
+#
+# pcnet     ipaddr:username:passphrase:port
+#                            PowerChute Network Shutdown protocol which can be
+#                            used as an alternative to SNMP with the AP9617
+#                            family of smart slot cards. ipaddr is the IP
+#                            address of the UPS management card. username and
+#                            passphrase are the credentials for which the card
+#                            has been configured. port is the port number on
+#                            which to listen for messages from the UPS, normally
+#                            3052. If this parameter is empty or missing, the
+#                            default of 3052 will be used.
+#
+# modbus    /dev/tty**       Serial device for use with newest SmartUPS models
+#                            supporting the MODBUS protocol.
+#
+# Django : 2017-01-08
+# default: UPSTYPE usb
+#          DEVICE
+UPSTYPE apcsmart
+DEVICE /dev/ttyUSB3
+# POLLTIME <int>
+#   Interval (in seconds) at which apcupsd polls the UPS for status. This
+#   setting applies both to directly-attached UPSes (UPSTYPE apcsmart, usb,
+#   dumb) and networked UPSes (UPSTYPE net, snmp). Lowering this setting
+#   will improve apcupsd's responsiveness to certain events at the cost of
+#   higher CPU utilization. The default of 60 is appropriate for most
+#   situations.
+# Django : 2017-01-08
+# default: #POLLTIME 60
+POLLTIME 60
+# LOCKFILE <path to lockfile>
+#   Path for device lock file. Not used on Win32.
+LOCKFILE /var/lock
+# SCRIPTDIR <path to script directory>
+#   Directory in which apccontrol and event scripts are located.
+SCRIPTDIR /etc/apcupsd
+# PWRFAILDIR <path to powerfail directory>
+#   Directory in which to write the powerfail flag file. This file
+#   is created when apcupsd initiates a system shutdown and is
+#   checked in the OS halt scripts to determine if a killpower
+#   (turning off UPS output power) is required.
+PWRFAILDIR /etc/apcupsd
+# NOLOGINDIR <path to nologin directory>
+#   Directory in which to write the nologin file. The existence
+#   of this flag file tells the OS to disallow new logins.
+NOLOGINDIR /etc
+#
+# ======== Configuration parameters used during power failures ==========
+#
+# The ONBATTERYDELAY is the time in seconds from when a power failure
+#   is detected until we react to it with an onbattery event.
+#
+#   This means that, apccontrol will be called with the powerout argument
+#   immediately when a power failure is detected.  However, the
+#   onbattery argument is passed to apccontrol only after the
+#   ONBATTERYDELAY time.  If you don't want to be annoyed by short
+#   powerfailures, make sure that apccontrol powerout does nothing
+#   i.e. comment out the wall.
+ONBATTERYDELAY 6
+#
+# Note: BATTERYLEVEL, MINUTES, and TIMEOUT work in conjunction, so
+# the first that occurs will cause the initation of a shutdown.
+#
+# If during a power failure, the remaining battery percentage
+# (as reported by the UPS) is below or equal to BATTERYLEVEL,
+# apcupsd will initiate a system shutdown.
+BATTERYLEVEL 5
+# If during a power failure, the remaining runtime in minutes
+# (as calculated internally by the UPS) is below or equal to MINUTES,
+# apcupsd, will initiate a system shutdown.
+MINUTES 3
+# If during a power failure, the UPS has run on batteries for TIMEOUT
+# many seconds or longer, apcupsd will initiate a system shutdown.
+# A value of 0 disables this timer.
+#
+#  Note, if you have a Smart UPS, you will most likely want to disable
+#    this timer by setting it to zero. That way, you UPS will continue
+#    on batteries until either the % charge remaing drops to or below BATTERYLEVEL,
+#    or the remaining battery runtime drops to or below MINUTES.  Of course,
+#    if you are testing, setting this to 60 causes a quick system shutdown
+#    if you pull the power plug.
+#  If you have an older dumb UPS, you will want to set this to less than
+#    the time you know you can run on batteries.
+TIMEOUT 0
+#  Time in seconds between annoying users to signoff prior to
+#  system shutdown. 0 disables.
+ANNOY 300
+# Initial delay after power failure before warning users to get
+# off the system.
+ANNOYDELAY 60
+# The condition which determines when users are prevented from
+# logging in during a power failure.
+# NOLOGON <string> [ disable | timeout | percent | minutes | always ]
+NOLOGON disable
+# If KILLDELAY is non-zero, apcupsd will continue running after a
+# shutdown has been requested, and after the specified time in
+# seconds attempt to kill the power. This is for use on systems
+# where apcupsd cannot regain control after a shutdown.
+# KILLDELAY <seconds>  0 disables
+KILLDELAY 0
+#
+# ==== Configuration statements for Network Information Server ====
+#
+# NETSERVER [ on | off ] on enables, off disables the network
+#  information server. If netstatus is on, a network information
+#  server process will be started for serving the STATUS and
+#  EVENT data over the network (used by CGI programs).
+NETSERVER on
+# NISIP <dotted notation ip address>
+#  IP address on which NIS server will listen for incoming connections.
+#  This is useful if your server is multi-homed (has more than one
+#  network interface and IP address). Default value is 0.0.0.0 which
+#  means any incoming request will be serviced. Alternatively, you can
+#  configure this setting to any specific IP address of your server and
+#  NIS will listen for connections only on that interface. Use the
+#  loopback address (127.0.0.1) to accept connections only from the
+#  local machine.
+NISIP 0.0.0.0
+# NISPORT <port> default is 3551 as registered with the IANA
+#  port to use for sending STATUS and EVENTS data over the network.
+#  It is not used unless NETSERVER is on. If you change this port,
+#  you will need to change the corresponding value in the cgi directory
+#  and rebuild the cgi programs.
+NISPORT 3551
+# If you want the last few EVENTS to be available over the network
+# by the network information server, you must define an EVENTSFILE.
+EVENTSFILE /var/log/apcupsd.events
+# EVENTSFILEMAX <kilobytes>
+#  By default, the size of the EVENTSFILE will be not be allowed to exceed
+#  10 kilobytes.  When the file grows beyond this limit, older EVENTS will
+#  be removed from the beginning of the file (first in first out).  The
+#  parameter EVENTSFILEMAX can be set to a different kilobyte value, or set
+#  to zero to allow the EVENTSFILE to grow without limit.
+EVENTSFILEMAX 10
+#
+# ========== Configuration statements used if sharing =============
+#            a UPS with more than one machine
+#
+# Remaining items are for ShareUPS (APC expansion card) ONLY
+#
+# UPSCLASS [ standalone | shareslave | sharemaster ]
+#   Normally standalone unless you share an UPS using an APC ShareUPS
+#   card.
+UPSCLASS standalone
+# UPSMODE [ disable | share ]
+#   Normally disable unless you share an UPS using an APC ShareUPS card.
+UPSMODE disable
+#
+# ===== Configuration statements to control apcupsd system logging ========
+#
+# Time interval in seconds between writing the STATUS file; 0 disables
+STATTIME 0
+# Location of STATUS file (written to only if STATTIME is non-zero)
+STATFILE /var/log/apcupsd.status
+# LOGSTATS [ on | off ] on enables, off disables
+# Note! This generates a lot of output, so if
+#       you turn this on, be sure that the
+#       file defined in syslog.conf for LOG_NOTICE is a named pipe.
+#  You probably do not want this on.
+LOGSTATS off
+# Time interval in seconds between writing the DATA records to
+#   the log file. 0 disables.
+DATATIME 0
+# FACILITY defines the logging facility (class) for logging to syslog.
+#          If not specified, it defaults to "daemon". This is useful
+#          if you want to separate the data logged by apcupsd from other
+#          programs.
+#FACILITY DAEMON
+#
+# ========== Configuration statements used in updating the UPS EPROM =========
+#
+#
+# These statements are used only by apctest when choosing "Set EEPROM with conf
+# file values" from the EEPROM menu. THESE STATEMENTS HAVE NO EFFECT ON APCUPSD.
+#
+# UPS name, max 8 characters
+#UPSNAME UPS_IDEN
+# Battery date - 8 characters
+#BATTDATE mm/dd/yy
+# Sensitivity to line voltage quality (H cause faster transfer to batteries)
+# SENSITIVITY H M L        (default = H)
+#SENSITIVITY H
+# UPS delay after power return (seconds)
+# WAKEUP 000 060 180 300   (default = 0)
+#WAKEUP 60
+# UPS Grace period after request to power off (seconds)
+# SLEEP 020 180 300 600    (default = 20)
+#SLEEP 180
+# Low line voltage causing transfer to batteries
+# The permitted values depend on your model as defined by last letter
+#  of FIRMWARE or APCMODEL. Some representative values are:
+#    D 106 103 100 097
+#    M 177 172 168 182
+#    A 092 090 088 086
+#    I 208 204 200 196     (default = 0 => not valid)
+#LOTRANSFER  208
+# High line voltage causing transfer to batteries
+# The permitted values depend on your model as defined by last letter
+#  of FIRMWARE or APCMODEL. Some representative values are:
+#    D 127 130 133 136
+#    M 229 234 239 224
+#    A 108 110 112 114
+#    I 253 257 261 265     (default = 0 => not valid)
+#HITRANSFER 253
+# Battery charge needed to restore power
+# RETURNCHARGE 00 15 50 90 (default = 15)
+#RETURNCHARGE 15
+# Alarm delay
+# 0 = zero delay after pwr fail, T = power fail + 30 sec, L = low battery, N = never
+# BEEPSTATE 0 T L N        (default = 0)
+#BEEPSTATE T
+# Low battery warning delay in minutes
+# LOWBATT 02 05 07 10      (default = 02)
+#LOWBATT 2
+# UPS Output voltage when running on batteries
+# The permitted values depend on your model as defined by last letter
+#  of FIRMWARE or APCMODEL. Some representative values are:
+#    D 115
+#    M 208
+#    A 100
+#    I 230 240 220 225     (default = 0 => not valid)
+#OUTPUTVOLTS 230
+# Self test interval in hours 336=2 weeks, 168=1 week, ON=at power on
+# SELFTEST 336 168 ON OFF  (default = 336)
+#SELFTEST 336</file>
+=== Programmstart ===
+Haben wir die Konfiguration unseren Wünschen nach angepasst, steht dem Start des **apcupsd** nichts mehr im Wege.
+   # systemctl start apcupsd.service
+Damit der Daemon automatisch beim Starten des Servers gleich mitstartet, aktivieren wir gleich noch den Autostart des Daemon.
+   # systemctl enable apcupsd.service
+Created symlink from /etc/systemd/system/multi-user.target.wants/apcupsd.service to /usr/lib/systemd/system/apcupsd.service.
+Den erfolgreichen Start des Daemon können wir wie folgt abfragen.
+   # systemctl start apcupsd.service
+<html><pre class="code">
+<font style="color: rgb(0, 255, 0)"><b>● </b></font><font style="color: rgb(0, 0, 0)">apcupsd.service - APC UPS Power Control Daemon for Linux
+   Loaded: loaded (/usr/lib/systemd/system/apcupsd.service; disabled; vendor preset: disabled)
+   Active: <font style="color: rgb(0, 255, 0)"><b>active (running) </b></font><font style="color: rgb(0, 0, 0)"> since Sun 2017-01-08 11:41:41 CET; 1s ago
+  Process: 1750 ExecStartPre=/bin/rm -f /etc/apcupsd/powerfail (code=exited, status=0/SUCCESS)
+ Main PID: 1752 (apcupsd)
+   CGroup: /system.slice/apcupsd.service
+           └─1752 /sbin/apcupsd -b -f /etc/apcupsd/apcupsd.conf
+Jan 08 11:41:41 vml000127.dmz.nausch.org systemd[1]: Starting APC UPS Power Control Daemon for Linux...
+Jan 08 11:41:41 vml000127.dmz.nausch.org systemd[1]: Started APC UPS Power Control Daemon for Linux.
+Jan 08 11:41:41 vml000127.dmz.nausch.org apcupsd[1752]: apcupsd 3.14.12 (29 March 2014) redhat startup succeeded
+Jan 08 11:41:41 vml000127.dmz.nausch.org apcupsd[1752]: NIS server startup succeeded</font>
+</pre></html>
+Im Syslog wird der erfolgreiche Start entsprechend dokumentiert.
+   # less /var/log/messages
+  Jan  8 11:41:41 vml000127 apcupsd[1752]: apcupsd 3.14.12 (29 March 2014) redhat startup succeeded
+  Jan  8 11:41:41 vml000127 apcupsd[1752]: NIS server startup succeeded
+Ebenso erfolgt ein zum Start des Daemon gehöriger Log-Eintrag in der Log-/Events-Datei des **apcupsd**.
+   # cat /var/log/apcupsd.events
+-01-08 22:24:57 +0100  apcupsd 3.14.12 (29 March 2014) redhat startup succeeded
+=== Statusabfrage ===
+Zur Abfrage des aktuellen Status unseres **apcupsd** verwenden wir das Programm **apcaccess**.
+# /sbin/apcaccess
+<code>APC      : 001,051,1170
+DATE     : 2017-01-08 14:53:11 +0100
+HOSTNAME : vml000127.dmz.nausch.org
+VERSION  : 3.14.12 (29 March 2014) redhat
+UPSNAME  : APC1400
+CABLE    : Custom Cable Smart
+DRIVER   : APC Smart UPS (any)
+UPSMODE  : Stand Alone
+STARTTIME: 2017-01-08 14:52:58 +0100
+MODEL    : SMART-UPS 1400 RM
+STATUS   : ONLINE
+LINEV    : 221.0 Volts
+LOADPCT  : 23.9 Percent
+BCHARGE  : 100.0 Percent
+TIMELEFT : 17.0 Minutes
+MBATTCHG : 5 Percent
+MINTIMEL : 3 Minutes
+MAXTIME  : 0 Seconds
+MAXLINEV : 222.3 Volts
+MINLINEV : 219.7 Volts
+OUTPUTV  : 221.0 Volts
+SENSE    : High
+DWAKE    : 0 Seconds
+DSHUTD   : 20 Seconds
+DLOWBATT : 2 Minutes
+LOTRANS  : 196.0 Volts
+HITRANS  : 253.0 Volts
+RETPCT   : 0.0 Percent
+ITEMP    : 27.4 C
+ALARMDEL : 5 Seconds
+BATTV    : 27.6 Volts
+LINEFREQ : 50.0 Hz
+LASTXFER : Automatic or explicit self test
+NUMXFERS : 0
+TONBATT  : 0 Seconds
+CUMONBATT: 0 Seconds
+XOFFBATT : N/A
+SELFTEST : NO
+STESTI   : 336
+STATFLAG : 0x05000008
+DIPSW    : 0x00
+REG1     : 0x00
+REG2     : 0x00
+REG3     : 0x00
+MANDATE  : 09/23/99
+SERIALNO : GS9939006549
+BATTDATE : 09/23/99
+NOMOUTV  : 230 Volts
+NOMBATTV : 24.0 Volts
+EXTBATTS : 0
+FIRMWARE : 72.11.I
+END APC  : 2017-01-08 14:53:15 +0100</code>
+=== Statusbenachrichtigungen per eMail ===
+Bei einem Stromausfall oder anderen Störungen wird automatisch der User **root** per eMail informiert.
+<code>Date:    Son, 8 Jul 2016 23:23:01 +0200
+From:    root@nausch.org (root)
+To:      root@nausch.org
+Subject: vml000127.dmz.nausch.org Power Failure !!!
+vml000127.dmz.nausch.org Power Failure !!!
+APC      : 001,051,1170
+DATE     : 2017-01-08 14:53:11 +0100
+HOSTNAME : vml000127.dmz.nausch.org
+VERSION  : 3.14.12 (29 March 2014) redhat
+UPSNAME  : APC1400
+CABLE    : Custom Cable Smart
+DRIVER   : APC Smart UPS (any)
+UPSMODE  : Stand Alone
+STARTTIME: 2012-07-28 16:31:25 +0200
+MODEL    : SMART-UPS 1400 RM
+STATUS   : ONBATT
+LINEV    : 000.0 Volts
+LOADPCT  :  33.2 Percent Load Capacity
+BCHARGE  : 100.0 Percent
+TIMELEFT :  10.0 Minutes
+MBATTCHG : 5 Percent
+MINTIMEL : 3 Minutes
+MAXTIME  : 0 Seconds
+MAXLINEV : 000.0 Volts
+MINLINEV : 000.0 Volts
+OUTPUTV  : 230.4 Volts
+SENSE    : High
+DWAKE    : 000 Seconds
+DSHUTD   : 020 Seconds
+DLOWBATT : 02 Minutes
+LOTRANS  : 196.0 Volts
+HITRANS  : 253.0 Volts
+RETPCT   : 000.0 Percent
+ITEMP    : 33.7 C Internal
+ALARMDEL : 5 seconds
+BATTV    : 24.4 Volts
+LINEFREQ : 50.0 Hz
+LASTXFER : Line voltage notch or spike
+NUMXFERS : 1
+XONBATT  : 2012-07-30 17:22:55 +0200
+TONBATT  : 6 seconds
+CUMONBATT: 6 seconds
+XOFFBATT : N/A
+SELFTEST : NO
+STESTI   : 336
+STATFLAG : 0x07060010 Status Flag
+DIPSW    : 0x00 Dip Switch
+REG1     : 0x00 Register 1
+REG2     : 0x00 Register 2
+REG3     : 0x00 Register 3
+MANDATE  : 09/23/99
+SERIALNO : GS9939006549
+BATTDATE : 09/23/99
+NOMOUTV  : 230 Volts
+NOMBATTV :  24.0 Volts
+EXTBATTS : 0
+FIRMWARE : 72.11.I
+END APC  : 2017-01-08 23:23:01 +0200
+</code>
+Wird die Stromversorgung wieder hergestellt, erfolgt erneut eine positive Rückmeldung per eMail.
+<code>Date:    Son, 1 Jan 2017 23:23:59 +0200
+From:    root@nausch.org (root)
+To:      root@nausch.org
+Subject: vml000127.dmz.nausch.org Power has returned
+vml000127.dmz.nausch.org Power has returned
+APC      : 001,051,1170
+DATE     : 2017-01-08 14:53:11 +0100
+HOSTNAME : vml000127.dmz.nausch.org
+VERSION  : 3.14.12 (29 March 2014) redhat
+UPSNAME  : APC1400
+CABLE    : Custom Cable Smart
+DRIVER   : APC Smart UPS (any)
+UPSMODE  : Stand Alone
+STARTTIME: 2012-07-28 16:31:25 +0200
+MODEL    : SMART-UPS 1400 RM
+STATUS   : ONLINE
+LINEV    : 227.5 Volts
+LOADPCT  :  33.2 Percent Load Capacity
+BCHARGE  : 090.0 Percent
+TIMELEFT :   9.0 Minutes
+MBATTCHG : 5 Percent
+MINTIMEL : 3 Minutes
+MAXTIME  : 0 Seconds
+MAXLINEV : 000.0 Volts
+MINLINEV : 024.7 Volts
+OUTPUTV  : 228.8 Volts
+SENSE    : High
+DWAKE    : 000 Seconds
+DSHUTD   : 020 Seconds
+DLOWBATT : 02 Minutes
+LOTRANS  : 196.0 Volts
+HITRANS  : 253.0 Volts
+RETPCT   : 000.0 Percent
+ITEMP    : 33.3 C Internal
+ALARMDEL : 5 seconds
+BATTV    : 25.9 Volts
+LINEFREQ : 50.0 Hz
+LASTXFER : Line voltage notch or spike
+NUMXFERS : 1
+XONBATT  : 2012-07-30 17:22:55 +0200
+TONBATT  : 0 seconds
+CUMONBATT: 64 seconds
+XOFFBATT : 2012-07-30 17:23:59 +0200
+SELFTEST : NO
+STESTI   : 336
+STATFLAG : 0x07040008 Status Flag
+DIPSW    : 0x00 Dip Switch
+REG1     : 0x00 Register 1
+REG2     : 0x00 Register 2
+REG3     : 0x00 Register 3
+MANDATE  : 09/23/99
+SERIALNO : GS9939006549
+BATTDATE : 09/23/99
+NOMOUTV  : 230 Volts
+NOMBATTV :  24.0 Volts
+EXTBATTS : 0
+FIRMWARE : 72.11.I
+END APC  : 2017-01-08 23:23:59 +0200
+</code>
+===== apcupsd-gui =====
+Hat man auf dem Server einen X-server am laufen, muss man sich nicht auf die textbasierten Informationen zurückgreifen. Hier kann man auch auf das **GUI**((**G**raphical **U**ser **I**nterface)) für den APCUPS-Daemon zurückgreifen. Die Installation dieser GUI erfolgt wie **yum**.
+   # yum install -y apcupsd-gui
+Den Inhalt des RPM-Paketes erforscht man bei Interesse wie folgt.
+   # rpm -qil apcupsd-gui
+<code>Name        : apcupsd-gui
+Version     : 3.14.12
+Release     : 1.el7
+Architecture: x86_64
+Install Date: Sun 08 Jan 2017 02:58:20 PM CET
+Group       : Applications/System
+Size        : 135050
+License     : GPLv2
+Signature   : RSA/SHA256, Thu 22 Jan 2015 01:39:58 AM CET, Key ID 6a2faea2352c64e5
+Source RPM  : apcupsd-3.14.12-1.el7.src.rpm
+Build Date  : Mon 19 Jan 2015 07:17:55 PM CET
+Build Host  : buildhw-04.phx2.fedoraproject.org
+Relocations : (not relocatable)
+Packager    : Fedora Project
+Vendor      : Fedora Project
+URL         : http://www.apcupsd.com
+Summary     : GUI interface for apcupsd
+Description :
+A GUI interface to the APC UPS monitoring daemon.
+/usr/bin/gapcmon
+/usr/share/applications/gapcmon.desktop
+/usr/share/pixmaps/apcupsd.png
+/usr/share/pixmaps/charging.png
+/usr/share/pixmaps/gapc_prefs.png
+/usr/share/pixmaps/onbatt.png
+/usr/share/pixmaps/online.png
+/usr/share/pixmaps/unplugged.png</code>
+Der Start der GUI erfolgt über das Startmenü oder durch Aufruf des Befehls **gamcmon** nach Eingabe der Tatsenkobination **ALT**+**F2**.
+{{ :centos:apcupsd-gui-01.png?direct&800 |Bild: Bildschirmhardcopy des APCUPS-Dämon}}
+===== apcupsd-cgi =====
+Eine weitere Möglichkeit zur Visualisierung der Stati unseres APCUPS-Daemon ist die Verwendung einer WEB-GUI, so dass von berechtigten Hosts, Netzen und/oder Nutzern eine Statusabfrage im Intra- oder auch Internet erfolgen kann. Die notwendigen Programmteile und Konfigurationsbeispiele sind in dem RPm-Paket **apcupsd-cgi** enthalten.
+==== Installation ====
+Dieses Paket installieren wir nun mit Unterstützung des Befehls **yum**.
+   # yum install apcupsd-cgi
+Den Inhalt des Paketes und auch den Speicherort ermitteln wir wie gewohnt mittels **rpm** und der Option //-qil//.
+   # rpm -qil apcupsd-cgi
+<code>Name        : apcupsd-cgi
+Version     : 3.14.12
+Release     : 1.el7
+Architecture: x86_64
+Install Date: Sun 08 Jan 2017 03:05:58 PM CET
+Group       : Applications/Internet
+Size        : 121261
+License     : GPLv2
+Signature   : RSA/SHA256, Thu 22 Jan 2015 01:28:22 AM CET, Key ID 6a2faea2352c64e5
+Source RPM  : apcupsd-3.14.12-1.el7.src.rpm
+Build Date  : Mon 19 Jan 2015 07:17:55 PM CET
+Build Host  : buildhw-04.phx2.fedoraproject.org
+Relocations : (not relocatable)
+Packager    : Fedora Project
+Vendor      : Fedora Project
+URL         : http://www.apcupsd.com
+Summary     : Web interface for apcupsd
+Description :
+A CGI interface to the APC UPS monitoring daemon.
+/etc/apcupsd/apcupsd.css
+/etc/apcupsd/hosts.conf
+/etc/apcupsd/multimon.conf
+/etc/httpd/conf.d/apcupsd.conf
+/var/www/apcupsd
+/var/www/apcupsd/multimon.cgi
+/var/www/apcupsd/upsfstats.cgi
+/var/www/apcupsd/upsimage.cgi
+/var/www/apcupsd/upsstats.cgi</code>
+==== Konfiguration ====
+Da wir die WEB-GUI über einen separaten Apache vHOST ansprechen wollen deaktivieren wir als erstes die mitgelieferte Apache Konfigurationsdatei //**/etc/httpd/conf.d/apcupsd.conf**// in dem wir alle Zeilen auskommentieren.
+Die Installation und Konfiguration des **//[[centos:web_c7:apache_1|Apache httpd, "der" WEB-Server unter CentOS 7.x]]//** sowie die Konfiguration //**[[centos:web_c7:apache_2|SSL gesicherter Webserver mit mod_ssl für Apache httpd 2.4 unter CentOS 7.x]]**// werden entsprechend vorausgesetzt.
+   # vim /etc/httpd/conf.d/apcupsd.conf
+<file apache /etc/httpd/conf.d/apcupsd.conf>##
+## apcupsd configuration file for Apache Web server
+##
+#
+## files are off the documentroot of Web server
+#Alias /apcupsd /var/www/apcupsd
+#<Directory /var/www/apcupsd>
+# AddHandler cgi-script cgi pl
+# Options ExecCGI
+#</Directory>
+#
+##
+## Allow only local access at default
+## Change the ".example.com" to match your domain or modify
+## access rights to your needs to enable remote access also.
+##
+#<Directory "/var/www/apcupsd">
+#    DirectoryIndex upsstats.cgi
+#    AllowOverride None
+#    Options ExecCGI Indexes
+#  <IfModule mod_authz_core.c>
+#    # Apache 2.4
+#    Require local
+#  </IfModule>
+#  <IfModule !mod_authz_core.c>
+#    # Apache 2.2
+#    Order deny,allow
+#    Deny from all
+#    Allow from 127.0.0.1
+#    Allow from ::1
+#  </IfModule>
+#</Directory></file>
+Die Konfiguration unseres Apache vHOST erledigen wir mit Hilfe einer eigenen Konfigurationsdatei //**/etc/httpd/conf.d/3rd_apcupsd.conf**//.
+<file bash /etc/httpd/conf.d/3rd_apcupsd.conf>#
+# power.nausch.org
+#
+<VirtualHost *:80>
+        ServerAdmin webmaster@nausch.org
+        ServerName power.nausch.org
+        ServerPath /
+        DocumentRoot "/var/www/apcupsd"
+        AddHandler cgi-script .cgi
+	DirectoryIndex multimon.cgi
+	<Directory /var/www/apcupsd>
+        	Require all granted
+        	AddHandler cgi-script cgi pl
+        	Options ExecCGI
+	</Directory>
+        AddType application/x-httpd-php .php
+        ErrorLog logs/power_error.log
+        CustomLog logs/power_access.log combined
+</VirtualHost>
+</file>
+Den Zugriff werden wir natürlich entsprechend beschneiden und den Transportweg absichern. Auf unserem HTTP-Proxy-Host legen wir hierzu eine passende vHOST-Konfigurationsdatei an.
+   # vim /etc/httpd/conf.d/3rd_power.conf
+<file apache /etc/httpd/conf.d/3rd_power.conf>#
+# Django : 2015-10-29
+#          vHost power
+#
+# Variablen der Hostvariablen
+Define vhost power
+Define errors_log logs/${vhost}_error.log
+Define access_log logs/${vhost}_access.log
+Define ssl_log logs/${vhost}_ssl_request.log
+<VirtualHost 10.0.0.97:80>
+    ServerAdmin webmaster@nausch.org
+    ServerName ${vhost}.nausch.org
+    RewriteEngine on
+    RewriteCond %{HTTPS} off
+    RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
+    # Welche Logdateien sollen beschrieben werden
+    SetEnvIf Remote_Addr "10\.0\.0\.20" dontlog
+    ErrorLog  ${errors_log}
+    CustomLog ${access_log} combined env=!dontlog
+</VirtualHost>
+<VirtualHost 10.0.0.97:443>
+    ServerAdmin webmaster@nausch.org
+    ServerName ${vhost}.nausch.org
+    ServerPath /
+    # Wer soll Zugriff auf die Webseite(n) bekommen?
+    <Proxy *>
+        Options +FollowSymLinks +Multiviews -Indexes
+        AllowOverride None
+        AuthType Basic
+        AuthName "Fuer den Zugriff auf den Webserver bitte Anmeldedaten eingeben!"
+        AuthBasicProvider ldap
+        AuthLDAPUrl ldaps://openldap.dmz.nausch.org:636/ou=People,dc=nausch,dc=org?uid
+        AuthLDAPBindDN cn=TechnischerUser,dc=nausch,dc=org
+        AuthLDAPBindPassword "MwDWrcdRnw95zMt7A5bS/dPnEHuuO7h0"
+        AuthLDAPBindAuthoritative on
+        Require ldap-user django
+    </Proxy>
+   # Welcher Inhalt soll angezeigt bzw. auf welchen Server sollen die HTTP-Requests weitergeleitet werden?
+    ProxyRequests Off
+    ProxyPreserveHost On
+    ProxyPass / http://10.0.0.127/
+    ProxyPassReverse / http://10.0.0.127/
+    # Welche Logdateien sollen beschrieben werden
+    SetEnvIf Remote_Addr "10\.0\.0\.20" dontlog
+    ErrorLog  ${errors_log}
+    CustomLog ${access_log} combined env=!dontlog
+    CustomLog ${ssl_log} "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
+    # Absicherung der Übertragung mit Hilfe von TLS
+    # Django : 2015-10-04 - TLS-Verschlüsselung mit Hilfe von mod_ssl
+    SSLEngine on
+    # Definition der anzubietenden Protokolle
+    SSLProtocol All -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
+    # Definition der Cipher
+    SSLCipherSuite ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-DSS-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDH-ECDSA-AES256-GCM-SHA384
+    # Schlüsseldatei, mit der der CSR erstellt wurde
+    SSLCertificateKeyFile /etc/pki/tls/private/power.nausch.org.serverkey.pem
+    # Zertifikatsdatei, die von der CA signiert wurde
+    SSLCertificateFile /etc/pki/tls/certs/power.nausch.org.certificate_161118.pem
+    # Zertifikatsdatei des bzw. der Intermediate-Zertifikate(s)
+    SSLCertificateChainFile /etc/pki/tls/certs/AlphaSSL_Intermediate.certificate.pem
+    # Änderung der Cipherorder der Clients verneinen
+    SSLHonorCipherOrder on
+    # TLS 1.0 Kompremmierung deaktivieren (CRIME attacks)
+    SSLCompression off
+    # Online Certificate Status Protocol stapling zum Prüfen des Gültigkeitsstatus des Serverzertifikats.
+    SSLUseStapling on
+    SSLStaplingResponderTimeout 5
+    SSLStaplingReturnResponderErrors off
+    # HTTP Strict Transport Security (HSTS), bei dem der Server dem Client im HTTP-Header mitteilt,
+    # dass dieser nur noch verschlüsselt mit dem Server kommunizieren soll.
+    Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"
+    # This header enables the Cross-site scripting (XSS) filter built into most recent web browsers.
+    # It's usually enabled by default anyway, so the role of this header is to re-enable the filter for
+    # this particular website if it was disabled by the user.
+    # https://www.owasp.org/index.php/List_of_useful_HTTP_headers
+    #Header set X-XSS-Protection "1; mode=block"
+    Header always set X-Xss-Protection "1; mode=block"
+    # when serving user-supplied content, include a X-Content-Type-Options: nosniff header along with the Content-Type: header,
+    # to disable content-type sniffing on some browsers.
+    # https://www.owasp.org/index.php/List_of_useful_HTTP_headers
+    # currently suppoorted in IE > 8 http://blogs.msdn.com/b/ie/archive/2008/09/02/ie8-security-part-vi-beta-2-update.aspx
+    # http://msdn.microsoft.com/en-us/library/ie/gg622941(v=vs.85).aspx
+    # 'soon' on Firefox https://bugzilla.mozilla.org/show_bug.cgi?id=471020
+    # Sofern die Datei auch den entsprechenden MIME-Typ "text/css" entspricht, soll der Browser
+    # CSS-Dateien nur als CSS interprätieren.
+    Header always set X-Content-Type-Options nosniff
+    # config to don't allow the browser to render the page inside an frame or iframe
+    # and avoid clickjacking http://en.wikipedia.org/wiki/Clickjacking
+    # if you need to allow [i]frames, you can use SAMEORIGIN or even set an uri with ALLOW-FROM uri
+    # https://developer.mozilla.org/en-US/docs/HTTP/X-Frame-Options
+    ###header set X-Frame-Options SAMEORIGIN
+    header always set X-Frame-Options DENY
+    # hide server header (apache and php version)
+    Header always unset Server
+    # Only allow JavaScript from the same domain to be run.
+    # don't allow inline JavaScript to run.
+    Header always set X-Content-Security-Policy "allow 'self';"
+    # Add Secure and HTTP only attributes to cookies
+    Header edit Set-Cookie ^(.*)$ $1;HttpOnly;Secure
+    # prevent Clickjacking Attack
+    #Header always append X-Frame-Options SAMEORIGIN
+    Header always set X-Frame-Options "SAMEORIGIN"
+    # hkpk-stuff
+    Header always set Public-Key-Pins "pin-sha256=\"nMiOpb6vUnjCoWCkPkDaG4ND8SNWzFTsQf2ZfruLno0=\"; pin-sha256=\"INhxSQ38nCS6ijaAAyo4xAhAZj9xeL3Xaak+GGiM2fo=\"; max-age=2592000; report-uri=\"https://nausch.report-uri.io/r/default/hpkp/enforce\""
+</VirtualHost></file>
+Bevor wir zur Aktivierung unserer Konfigurationsänderungen den bzw. die HTTP-Daemon einmal durchstarten überprüfen wir unsere Apache-Konfigurationsdateien auf syntaktische Fehler.
+   # apachectl -t
+  Syntax OK
+Ist alles O.K. starten wir den/die Daemon nun einmal neu.
+   # systemctl restart httpd.service
+<html><pre class="code">
+<font style="color: rgb(0, 255, 0)"><b>● </b></font><font style="color: rgb(0, 0, 0)">httpd.service - The Apache HTTP Server
+   Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
+   Active: <font style="color: rgb(0, 255, 0)"><b>active (running) </b></font><font style="color: rgb(0, 0, 0)"> since Mon 2017-01-09 11:03:23 CET; 48s ago
+     Docs: man:httpd(8)
+           man:apachectl(8)
+  Process: 11642 ExecStop=/bin/kill -WINCH ${MAINPID} (code=exited, status=0/SUCCESS)
+ Main PID: 11647 (httpd)
+   Status: "Total requests: 2; Current requests/sec: 0.1; Current traffic: 307 B/sec"
+   CGroup: /system.slice/httpd.service
+           ├─11647 /usr/sbin/httpd -DFOREGROUND
+           ├─11648 /usr/sbin/httpd -DFOREGROUND
+           ├─11649 /usr/sbin/httpd -DFOREGROUND
+           ├─11650 /usr/sbin/httpd -DFOREGROUND
+           ├─11651 /usr/sbin/httpd -DFOREGROUND
+           ├─11652 /usr/sbin/httpd -DFOREGROUND
+           └─11699 /usr/sbin/httpd -DFOREGROUND
+Jan 09 11:03:23 vml000127.dmz.nausch.org systemd[1]: Starting The Apache HTTP Server...
+Jan 09 11:03:23 vml000127.dmz.nausch.org systemd[1]: Started The Apache HTTP Server.</font>
+</pre></html>
+Nun starten wir einen Browser und öffnen die zugehörige URL.
+   $ konqueror http://power.nausch.org
+Im ersten Bild sehen wir die Startseite der WEB-GUI.
+{{ :centos:apcupsd-cgi-01.png?direct&800 |BILD: WEB GUI des APCUPS-Daemon}}
+Das zweite Bild zeigt die Übersicht zu den aktuellen Stati unserer USV.
+{{ :centos:apcupsd-cgi-02.png?direct&800 |BILD: WEB GUI des APCUPS-Daemon}}
+Eine Ansicht aller Detailangaben zeigt das dritte Bild.
+{{ :centos:apcupsd-cgi-03.png?direct&800 |BILD: WEB GUI des APCUPS-Daemon}}
+====== Links ======
+  * **[[wiki:start| ⇐ Zurück zu Projekte und Themenkapitel]]**
+  * **[[http://dokuwiki.nausch.org/doku.php/|Zurück zur Startseite]]**