conf/nutauth.conf.sample.in, configure.ac, conf/Makefile.am, conf/.gitignore: add example config for nutauth.conf [#3329]

Signed-off-by: Jim Klimov <jimklimov+nut@gmail.com>

Author: jimklimov

conf/.gitignore

@@ -1,3 +1,4 @@
+/nutauth.conf.sample
 /upsmon.conf.sample
 /upssched.conf.sample
 /upsstats-single.html.sample

conf/Makefile.am

@@ -7,7 +7,7 @@ INSTALL_0600 = $(INSTALL) -m 0600
 # Note: ups.conf is a secured file, because for networked devices
 # it can contain SNMP, NetXML, IPMI or similar credentials
 SECFILES_STATIC = upsd.conf.sample upsd.users.sample ups.conf.sample
-SECFILES_GENERATED = upsmon.conf.sample
+SECFILES_GENERATED = upsmon.conf.sample nutauth.conf.sample
 PUBFILES_STATIC = nut.conf.sample
 PUBFILES_GENERATED = upssched.conf.sample
 CGIPUB_STATIC = hosts.conf.sample upsset.conf.sample
@@ -31,7 +31,7 @@ nodist_conf_examples_DATA = $(SECFILES_GENERATED) $(PUBFILES_GENERATED) \
  $(CGI_INSTALL_GENERATED)
 
 SPELLCHECK_SRC = $(dist_sysconf_DATA) \
- upssched.conf.sample.in upsmon.conf.sample.in \
+ nutauth.conf.sample.in upssched.conf.sample.in upsmon.conf.sample.in \
  upsstats-modern-list.html.sample.in upsstats-modern-single.html.sample.in \
  upsstats.html.sample.in upsstats-single.html.sample.in
 
@@ -55,6 +55,6 @@ SPELLCHECK_SRC = $(dist_sysconf_DATA) \
 spellcheck spellcheck-interactive spellcheck-sortdict: @dotMAKE@
 	+$(MAKE) -f $(top_builddir)/docs/Makefile $(AM_MAKEFLAGS) MKDIR_P="$(MKDIR_P)" builddir="$(builddir)" srcdir="$(srcdir)" top_builddir="$(top_builddir)" top_srcdir="$(top_srcdir)" SPELLCHECK_SRC="$(SPELLCHECK_SRC)" SPELLCHECK_SRCDIR="$(srcdir)" SPELLCHECK_BUILDDIR="$(builddir)" $@
 
-
+# WARNING: Do not clean away files generated from templates by configure script!
 MAINTAINERCLEANFILES = Makefile.in .dirstamp
 CLEANFILES = *.pdf *.html *-spellchecked

conf/nutauth.conf.sample.in

@@ -0,0 +1,43 @@
+# The `nutauth.conf` file conveys information needed for NUT clients to
+# authenticate themselves to a NUT data server, as well as to validate
+# that this is a server they want to trust (when SSL/TLS mode is used).
+#
+# By default, these files are located in either a per-user location like
+# `${HOME}/.config/nut/nutauth.conf` or `${HOME}/.nutauth.conf`, or a
+# site default `${NUT_CONFDIR}/nutauth.conf` (whichever is found first).
+# Such a file may `INCLUDE` further configurations (e.g. hop from a
+# per-user file to load server-wide defaults) if desired.
+#
+# While it usually suffices to have one client certificate for all servers,
+# it may be that some remote system owned/managed by a different department
+# would insist on *themselves* issuing (and revoking) certificates for their
+# equipment. In this case, you can specify connection-specific settings.
+
+# Example contents:
+#
+# # Global section, inherited and overridden per line by others:
+# CERTPATH = @CONFPATH@/certs/client
+# # CERTFILE is only relevant for OpenSSL:
+# CERTFILE = @CONFPATH@/certs/client/nut-client-hostname.pem
+# CERTIDENT_NAME = "NUT Client"
+# CERTIDENT_PASS = "KeyP@$$phrase!"
+# CERTVERIFY = 1
+# FORCESSL = -1
+#
+# [@localhost]
+#       USER = "admin"
+#       PASS = "Adm1n!Pass"
+#
+# [upsmonuser@localhost]
+#       PASS = "monitor"
+#       # Note you can not override USER in this context,
+#       # where it is part of section name
+#
+# [@remote-host:34935]
+#       USER = "other-user"
+#       PASS = "other_pass"
+#       CERTPATH = @CONFPATH@/certs/client-for-remote-host
+#       CERTIDENT_NAME = "NUT Client for remote host"
+#       CERTIDENT_PASS = "C00lP@$$"
+#       CERTVERIFY = 1
+#       FORCESSL = 1

configure.ac

@@ -7282,6 +7282,7 @@ AC_CONFIG_FILES([
  clients/Makefile
  common/Makefile
  conf/Makefile
+ conf/nutauth.conf.sample
  conf/upsmon.conf.sample
  conf/upssched.conf.sample
  conf/upsstats.html.sample