:man source: safekeep
:man version: {revnumber}
:man manual: SafeKeep Server Configuration

safekeep.conf(5)
================

NAME
----
safekeep.conf - Configuration file for 'safekeep(1)'

SYNOPSIS
--------
This file resides in `/etc/safekeep/`, or optionally in
`~/.safekeep/` for non-root users, from where it
will be automatically picked up by 'safekeep(1)'.

DESCRIPTION
-----------
This configuration file holds safekeep global settings. 
The format of the file is a simple key-value pair similar
to Java properties files: lines starting with '#' are ignored
as comments, keys are separated from values by '=', and
leading and trailing spaces are ignored.

PARAMETERS
----------

backup.user::
	The Unix user under which the server will run.
	If not specified, `safekeep` will just run under the
	current user.

backup.tempdir::
	Specifes a TEMPDIR for use with `rdiff-backup'.
	This can be overridden by a commandline argument to `safekeep'.

base.dir::
	The base directory for date repository relative paths.
	If not specified, it defaults to the home directory
	of the backup user.

client.user::
	The default Unix user which will be used on the client.
	This can be overridden on a host by host basis in the `.backup`
	file.
	If not specified, it defaults to `root`.

email.format::
	If specified generate multipart MIME email messages.
	If not specified then a non-MIME message is created.
	The format options are 'text' or 'html' to generate parts of
	that type.
	NB: The log of `safekeep` is always sent as 'text'.

email.from::
	The email address to be used as sender when sending the logs.
	If not specified `safekeep` will use SafeKeep@<hostname fqdn>.

email.to::
	In addition to writing the session logs
	on the standard output, `safekeep` can also send the
	logs via email to a number of recipients.
	This comma-separated list of emails designates
	the recipients of the logs. If not specified,
	`safekeep` will not attempt to email the logs.

email.smtp.port::
	Specifies the port to use to connect to the SMTP server.
	If not specified, `safekeep` will use the system default
	value, normally port 25/tcp.

email.smtp.server::
	Specifies the SMTP server used for sending mails 
	if the `email.to` specifies any recipients.
	If not specified, `safekeep` will just use
	`/usr/sbin/sendmail` to deliver the mail.

email.summary::
	Generate a summary part at the start of the email.
	Possible options are 'true', 'yes' or '1'.  Anything elses
	as taken as 'false'.
	NB: This requires 'email.format' set and currently only used
	for 'server' and 'list' run types.

nice.adjustment::
	The default nice level adjustment for safekeep.
	It specifies an integer to be added to the current nice 
	level. Nicenesses range from -20 (most favorable scheduling) 
	to 19 (least favorable).
	To disable nice, set this value to 0.
	If no nice level is specified, safekeep is niced at +10.

nice.adjustment.server::
	The nice level adjustment for safekeep, used on the server side.
	It overrides the generic setting in nice.adjustment.

nice.adjustment.client::
	The default nice adjustment for the client. This settings is normally
	not all that important, as most of the load is on the server side.
	You can also set the remove nice level on a per-client basis in
	the .backup file (see /backup/host/@nice).
	NB: if you change this value, you will have to re-deploy the auth keys.

ionice.adjustment::
	The default IO nice level adjustment for safekeep.
	It can be either 'none', 'idle', or an integer between 0-7
	(with 0 being higher priority). See ionice(1) for more information.
	This is currently being used only on the server side, where
	IO load tends to be a problem.
	NB: this depends on the availability of 'ionice(1)' on the
	system where the server is running. If ionice cannot be found,
	this setting is ignored.
	If no level is specified, it defaults to 'idle'.

bandwidth.overall::
	This is the default bandwidth limit for both upload and
	download for all the clients. It is an integer number of KB/s
	(see NOTES section for more information). 
	This value is optional.
	
bandwidth.download::
	This is the default bandwidth limit for download across all clients.
	If specified (with a value greater than 0) it will override
	the value set in `bandwidth.overall` (refer to it for more
	informatio). This value is optional.

bandwidth.upload::
	This is the default bandwidth limit for upload across all clients.
	If specified (with a value greater than 0) it will override
	the value set in `bandwidth.overall` (refer to it for more
	information). This value is optional.

snapshot.size::
	This is the default size to be used for any snapshots without a
	`size` value specified.
	It is passed to 'lvcreate(8)' (LVM2), including the specification of
	a percentage (`%`).  If not otherwise specified, the percentage is
	based on unallocated space (i.e. LVM2 '%FREE'), which is different
	to the interpretation within the `<snapshot>` option.
	This value is optional, it defaults to '20%FREE'.

ssh.keygen.type::
	The SSH private key type to generate when 'safekeep --keys' is used.
	This is passed to 'ssh-keygen(1)' and not all valid types may be
	accepted on all systems.
	Only SSH protocol version 2 keys are accepted.
	This value is optional, it defaults to 'rsa'.

ssh.keygen.bits::
	Specifies the number of bits in the SSH private key to create.
	This is passed to 'ssh-keygen(1)' and only certain sizes are
	accepted, depending of the key type.
	If no value is required, e.g. for 'ecdsa' key type, give this
	option with no corresponding bit size.
	This value is optional, it defaults to '4096'.

ssh.strict_hostkey_checking::
	Specifies if StrictHostKeyChecking should be performed by the ssh
	client when connecting to the remote host.
	This value is optional, it defaults to 'ask'.
	Set to 'yes' if you sign host keys with a CA key or manage host keys
	by other means (FreeIPA/sssd, Ansible,,,).
	Setting this to 'no' is a bit unsafe as new hosts are automatically
	added to known_hosts without any validation.

NOTES
-----
Safekeep uses `trickle` to implement bandwidth throttling (see
http://monkey.org/~marius/pages/?page=trickle for more information). 
You  will need to install it separately to use this feature (most
Linux distributions have it packaged as `trickle`).

The bandwidth is calculated as an average over a 256KB window, 
and it is  expressed as an integer number of kilo-bytes per second 
(e.g. 100, meaning 100KB/s). Bandwidth limits of zero are ignored.

The bandwidth throtlling can be customized for both download and upload
(see `bandwidth.download` and `bandwidth.upload`) as well as on a per-client
basis (see `safekeep.backup(5)` for more information).

FILES
-----
    /etc/safekeep/safekeep.conf
    ~/.safekeep/safekeep.conf

SEE ALSO
--------
safekeep(1), safekeep.backup(5), rdiff-backup(1), trickle(1), lvcreate(8),
ssh-keygen(1)

AUTHOR
------
This man page was originally written by Dimi Paun <dimi@lattica.com>.

