I have a UPS attached to OPNSense and NUT running in Standalone mode. That all works great, but I'm not able to remotely monitor my UPS like I can with TrueNAS or other systems. Is there a way to set that up in Standalone mode or does it require the Master mode?
Additionally, I'd like all of my machines to be able to gracefully shutdown when the power goes out but there's currently no way for OPNSense to notify them. I don't want to make OPNSense a NUT client as it should be the last thing running in order to maintain the network as long as possible.
You can add a portforward to localhost with nut port
Quote from: mimugmail on November 18, 2023, 04:44:59 PM
You can add a portforward to localhost with nut port
I think I need to look up the different modes of Nut to see what my other servers are doing before I try this.
I could not get that to work. I am not familiar enough with NUT and at the moment I don't have the time to research. If somebody knows: does a server need to configured as netserver to comunicate with netclients? Or is that just an abbreviation for different listen behaviour?
Not running on opnsense, but have a Pi doing this job:
# nut.conf
# - standalone: This mode address a local only configuration, with 1 UPS
# protecting the local system. This implies to start the 3 NUT layers (driver,
# upsd and upsmon) and the matching configuration files. This mode can also
# address UPS redundancy.
# - netserver: same as for the standalone configuration, but also need
# some more network access controls (firewall, tcp-wrappers) and possibly a
# specific LISTEN directive in upsd.conf.
# Since this MODE is opened to the network, a special care should be applied
# to security concerns.
MODE=netserver
Then:
#upsd.conf
LISTEN 127.0.0.1 3493
LISTEN 192.168.3.110 3493
Then setup 'upsd.users' and configure a client, even locally, to talk to the server - a MONITOR line in upsmon.conf.
But, I don't have the NUT server acting as a client - I just let the Pi 'die' with the UPS. As the OP notes originally, it should be the last thing 'up' - for me, anyway.
I believe the shutdown behaviour is controlled by 'upssched.conf' on the client end, based on the charge.low, or runtime.low or the state reported to the client.
EDIT: The below seems to have a nice run down:
https://wiki.ipfire.org/addons/nut/detailed
Just wanted to note here that adding the firewall's IP addresses to the "Listen Address" directive (and adding appropriate firewall rules) is sufficient to turn a standalone instance into a server. It isn't necessary to mess around with port forwards.
BUT - I don't recommend that. You are limited to accessing only the most basic configuration items, which is not adequate for a server instance. For one fun example, in this port's configuration, I found 'monuser' is "hardcoded" with "upsmon = master" in upsd.users, which gave my nut clients the ability to turn off my firewall. I sorta doubt most people want that. :)
You can override anything you want manually in the configuration files, of course, but they will get clobbered sooner or later.
The Opnsense NUT port is fine (and appreciated) as a client, but I'd stick to a Raspberry Pi for the NUT server, until/unless the full suite of NUT configuration parameters is made available in the port.