Subversion Repositories configs

# This is a configuration file for Zabbix agent daemon (Unix)

# To get more information about Zabbix, visit http://www.zabbix.com

############ GENERAL PARAMETERS #################

### Option: PidFile

#	Name of PID file.

#

# Mandatory: no

# Default:

# PidFile=/tmp/zabbix_agentd.pid

PidFile=/var/run/zabbix/zabbix_agentd.pid

### Option: LogType

#	Specifies where log messages are written to:

#		system  - syslog

#		file    - file specified with LogFile parameter

#		console - standard output

#

# Mandatory: no

# Default:

# LogType=file

### Option: LogFile

#	Log file name for LogType 'file' parameter.

#

# Mandatory: yes, if LogType is set to file, otherwise no

# Default:

# LogFile=

LogFile=/var/log/zabbix/zabbix_agentd.log

### Option: LogFileSize

#	Maximum size of log file in MB.

#	0 - disable automatic log rotation.

#

# Mandatory: no

# Range: 0-1024

# Default:

# LogFileSize=1

LogFileSize=0

### Option: DebugLevel

#	Specifies debug level:

#	0 - basic information about starting and stopping of Zabbix processes

#	1 - critical information

#	2 - error information

#	3 - warnings

#	4 - for debugging (produces lots of information)

#	5 - extended debugging (produces even more information)

#

# Mandatory: no

# Range: 0-5

# Default:

# DebugLevel=3

### Option: SourceIP

#	Source IP address for outgoing connections.

#

# Mandatory: no

# Default:

# SourceIP=

### Option: AllowKey

#	Allow execution of item keys matching pattern.

#	Multiple keys matching rules may be defined in combination with DenyKey.

#	Key pattern is wildcard expression, which support "*" character to match any number of any characters in certain position. It might be used in both key name and key arguments.

#	Parameters are processed one by one according their appearance order.

#	If no AllowKey or DenyKey rules defined, all keys are allowed.

#

# Mandatory: no

### Option: DenyKey

#	Deny execution of items keys matching pattern.

#	Multiple keys matching rules may be defined in combination with AllowKey.

#	Key pattern is wildcard expression, which support "*" character to match any number of any characters in certain position. It might be used in both key name and key arguments.

#	Parameters are processed one by one according their appearance order.

#	If no AllowKey or DenyKey rules defined, all keys are allowed.

#       Unless another system.run[*] rule is specified DenyKey=system.run[*] is added by default.

#

# Mandatory: no

# Default:

# DenyKey=system.run[*]

### Option: EnableRemoteCommands - Deprecated, use AllowKey=system.run[*] or DenyKey=system.run[*] instead

#	Internal alias for AllowKey/DenyKey parameters depending on value:

#	0 - DenyKey=system.run[*]

#	1 - AllowKey=system.run[*]

#

# Mandatory: no

AllowKey=system.run[*]

### Option: LogRemoteCommands

#	Enable logging of executed shell commands as warnings.

#	0 - disabled

#	1 - enabled

#

# Mandatory: no

# Default:

# LogRemoteCommands=0

##### Passive checks related

### Option: Server

#	List of comma delimited IP addresses, optionally in CIDR notation, or DNS names of Zabbix servers and Zabbix proxies.

#	Incoming connections will be accepted only from the hosts listed here.

#	If IPv6 support is enabled then '127.0.0.1', '::127.0.0.1', '::ffff:127.0.0.1' are treated equally

#	and '::/0' will allow any IPv4 or IPv6 address.

#	'0.0.0.0/0' can be used to allow any IPv4 address.

#	Example: Server=127.0.0.1,192.168.1.0/24,::1,2001:db8::/32,zabbix.example.com

#

# Mandatory: yes, if StartAgents is not explicitly set to 0

# Default:

# Server=

Server=127.0.0.1,10.192.25.0/24,::1

### Option: ListenPort

#	Agent will listen on this port for connections from the server.

#

# Mandatory: no

# Range: 1024-32767

# Default:

# ListenPort=10050

### Option: ListenIP

#	List of comma delimited IP addresses that the agent should listen on.

#	First IP address is sent to Zabbix server if connecting to it to retrieve list of active checks.

#

# Mandatory: no

# Default:

# ListenIP=0.0.0.0

### Option: StartAgents

#	Number of pre-forked instances of zabbix_agentd that process passive checks.

#	If set to 0, disables passive checks and the agent will not listen on any TCP port.

#

# Mandatory: no

# Range: 0-100

# Default:

# StartAgents=3

##### Active checks related

### Option: ServerActive

#	List of comma delimited IP:port (or DNS name:port) pairs of Zabbix servers and Zabbix proxies for active checks.

#	If port is not specified, default port is used.

#	IPv6 addresses must be enclosed in square brackets if port for that host is specified.

#	If port is not specified, square brackets for IPv6 addresses are optional.

#	If this parameter is not specified, active checks are disabled.

#	Example: ServerActive=127.0.0.1:20051,zabbix.domain,[::1]:30051,::1,[12fc::1]

#

# Mandatory: no

# Default:

# ServerActive=

ServerActive=127.0.0.1

### Option: Hostname

#	List of comma delimited unique, case sensitive hostnames.

#	Required for active checks and must match hostnames as configured on the server.

#	Value is acquired from HostnameItem if undefined.

#

# Mandatory: no

# Default:

# Hostname=

Hostname=homeserver8

### Option: HostnameItem

#	Item used for generating Hostname if it is undefined. Ignored if Hostname is defined.

#	Does not support UserParameters or aliases.

#

# Mandatory: no

# Default:

# HostnameItem=system.hostname

### Option: HostMetadata

#	Optional parameter that defines host metadata.

#	Host metadata is used at host auto-registration process.

#	An agent will issue an error and not start if the value is over limit of 255 characters.

#	If not defined, value will be acquired from HostMetadataItem.

#

# Mandatory: no

# Range: 0-255 characters

# Default:

# HostMetadata=

### Option: HostMetadataItem

#	Optional parameter that defines an item used for getting host metadata.

#	Host metadata is used at host auto-registration process.

#	During an auto-registration request an agent will log a warning message if

#	the value returned by specified item is over limit of 255 characters.

#	This option is only used when HostMetadata is not defined.

#

# Mandatory: no

# Default:

# HostMetadataItem=

### Option: HostInterface

#	Optional parameter that defines host interface.

#	Host interface is used at host auto-registration process.

#	An agent will issue an error and not start if the value is over limit of 255 characters.

#	If not defined, value will be acquired from HostInterfaceItem.

#

# Mandatory: no

# Range: 0-255 characters

# Default:

# HostInterface=

### Option: HostInterfaceItem

#	Optional parameter that defines an item used for getting host interface.

#	Host interface is used at host auto-registration process.

#	During an auto-registration request an agent will log a warning message if

#	the value returned by specified item is over limit of 255 characters.

#	This option is only used when HostInterface is not defined.

#

# Mandatory: no

# Default:

# HostInterfaceItem=

### Option: RefreshActiveChecks

#	How often list of active checks is refreshed, in seconds.

#

# Mandatory: no

# Range: 60-3600

# Default:

# RefreshActiveChecks=120

### Option: BufferSend

#	Do not keep data longer than N seconds in buffer.

#

# Mandatory: no

# Range: 1-3600

# Default:

# BufferSend=5

### Option: BufferSize

#	Maximum number of values in a memory buffer. The agent will send

#	all collected data to Zabbix Server or Proxy if the buffer is full.

#

# Mandatory: no

# Range: 2-65535

# Default:

# BufferSize=100

### Option: MaxLinesPerSecond

#	Maximum number of new lines the agent will send per second to Zabbix Server

#	or Proxy processing 'log' and 'logrt' active checks.

#	The provided value will be overridden by the parameter 'maxlines',

#	provided in 'log' or 'logrt' item keys.

#

# Mandatory: no

# Range: 1-1000

# Default:

# MaxLinesPerSecond=20

############ ADVANCED PARAMETERS #################

### Option: Alias

#	Sets an alias for an item key. It can be used to substitute long and complex item key with a smaller and simpler one.

#	Multiple Alias parameters may be present. Multiple parameters with the same Alias key are not allowed.

#	Different Alias keys may reference the same item key.

#	For example, to retrieve the ID of user 'zabbix':

#	Alias=zabbix.userid:vfs.file.regexp[/etc/passwd,^zabbix:.:([0-9]+),,,,\1]

#	Now shorthand key zabbix.userid may be used to retrieve data.

#	Aliases can be used in HostMetadataItem but not in HostnameItem parameters.

#

# Mandatory: no

# Range:

# Default:

### Option: Timeout

#	Spend no more than Timeout seconds on processing

#

# Mandatory: no

# Range: 1-30

# Default:

# Timeout=3

### Option: AllowRoot

#	Allow the agent to run as 'root'. If disabled and the agent is started by 'root', the agent

#	will try to switch to the user specified by the User configuration option instead.

#	Has no effect if started under a regular user.

#	0 - do not allow

#	1 - allow

#

# Mandatory: no

# Default:

# AllowRoot=0

### Option: User

#	Drop privileges to a specific, existing user on the system.

#	Only has effect if run as 'root' and AllowRoot is disabled.

#

# Mandatory: no

# Default:

# User=zabbix

# NOTE: This option is overriden by settings in systemd service file!

### Option: Include

#	You may include individual files or all files in a directory in the configuration file.

#	Installing Zabbix will create include directory in /usr/local/etc, unless modified during the compile time.

#

# Mandatory: no

# Default:

# Include=

Include=/etc/zabbix/zabbix_agentd.d/*.conf

# Include=/usr/local/etc/zabbix_agentd.userparams.conf

# Include=/usr/local/etc/zabbix_agentd.conf.d/

# Include=/usr/local/etc/zabbix_agentd.conf.d/*.conf

####### USER-DEFINED MONITORED PARAMETERS #######

### Option: UnsafeUserParameters

#	Allow all characters to be passed in arguments to user-defined parameters.

#	The following characters are not allowed:

#	\ ' " ` * ? [ ] { } ~ $ ! & ; ( ) < > | # @

#	Additionally, newline characters are not allowed.

#	0 - do not allow

#	1 - allow

#

# Mandatory: no

# Range: 0-1

# Default:

# UnsafeUserParameters=0

### Option: UserParameter

#	User-defined parameter to monitor. There can be several user-defined parameters.

#	Format: UserParameter=<key>,<shell command>

#	See 'zabbix_agentd' directory for examples.

#

# Mandatory: no

# Default:

# UserParameter=

UserParameter=mysql.ping[*], mysqladmin -u'zbx_monitor' -p'HcRvV8L^eY' -h"$1" -P"$2" ping

UserParameter=mysql.get_status_variables[*], mysql -u'zbx_monitor' -p'HcRvV8L^eY' -h"$1" -P"$2" -sNX -e "show global status"

UserParameter=mysql.version[*], mysqladmin -u'zbx_monitor' -p'HcRvV8L^eY' -s -h"$1" -P"$2" version

UserParameter=mysql.db.discovery[*], mysql -u'zbx_monitor' -p'HcRvV8L^eY' -h"$1" -P"$2" -sN -e "show databases"

UserParameter=mysql.dbsize[*], mysql -u'zbx_monitor' -p'HcRvV8L^eY' -h"$1" -P"$2" -sN -e "SELECT COALESCE(SUM(DATA_LENGTH + INDEX_LENGTH),0) FROM INFORMATION_SCHEMA.TABLES WHERE TABLE_SCHEMA='$3'"

UserParameter=mysql.replication.discovery[*], mysql -u'zbx_monitor' -p'HcRvV8L^eY' -h"$1" -P"$2" -sNX -e "show slave status"

UserParameter=mysql.slave_status[*], mysql -u'zbx_monitor' -p'HcRvV8L^eY' -h"$1" -P"$2" -sNX -e "show slave status"

#UserParameter=spam.hour,find /var/virusmails/spam/ -name "spam*" -type f -amin -60|wc -l

#UserParameter=virus.hour,find /var/virusmails/virus/ -name "virus*" -type f -amin -60|wc -l

#UserParameter=banned.hour,find /var/virusmails/banned/ -name "banned*" -type f -amin -60|wc -l

#UserParameter=badh.hour,find /var/virusmails/badh/ -name "badh*" -type f -amin -60|wc -l

UserParameter=zabbix.mysqlsize,mysql zabbix -uroot -puwe2592 -e 'show table status' | perl -lane '$size += $F[6]+$F[8];END{print $size}'

UserParameter=check_apc_ups.load,/usr/sbin/apcaccess | grep LOADPCT | cut -f4 -d" "

UserParameter=check_apc_ups.bcharge,/usr/sbin/apcaccess | grep BCHARGE | cut -f4 -d" "

UserParameter=check_apc_ups.time,/usr/sbin/apcaccess | grep TIMELEFT | cut -f3 -d" "

UserParameter=check_apc_ups.status,/usr/sbin/apcaccess | grep STATUS | cut -f5- -d" "

UserParameter=rsnapshot.total_files,awk '{a += $2} END{print a}' /tmp/rsnapshot.daily

UserParameter=rsnapshot.trans_files,awk '{a += $3} END{print a}' /tmp/rsnapshot.daily

UserParameter=rsnapshot.total_size,awk '{a += $4} END{print a}' /tmp/rsnapshot.daily

UserParameter=rsnapshot.trans_size,awk '{a += $5} END{print a}' /tmp/rsnapshot.daily

UserParameter=rsnapshot.list_gen_time,awk '{a += $6} END{print a}' /tmp/rsnapshot.daily

UserParameter=rsnapshot.file_trans_time,awk '{a += $8} END{print a}' /tmp/rsnapshot.daily

UserParameter=pfmailq,mailq | grep -v "Mail queue is empty" | grep -c '^[0-9A-Z]'

UserParameter=sensor.core0,sudo /usr/bin/sensors | grep "Core 0" | awk '{ print $3+0 }'

UserParameter=sensor.core1,sudo /usr/bin/sensors | grep "Core 1" | awk '{ print $3+0 }'

UserParameter=sensor.core2,sudo /usr/bin/sensors | grep "Core 2" | awk '{ print $3+0 }'

UserParameter=sensor.core3,sudo /usr/bin/sensors | grep "Core 3" | awk '{ print $3+0 }'

UserParameter=rsyslogd.cpu,ps auxw|grep rsyslogd|grep -v grep| awk '{s+=$3} END {print s}'

#UserParameter=hdd.sda.wear_leveling_count,sudo /usr/local/sbin/get_smart_value.sh /dev/sda Wear_Leveling_Count

#UserParameter=hdd.sda.read_error_rate,sudo /usr/local/sbin/get_smart_value.sh /dev/sda CRC_Error_Count

#UserParameter=hdd.sda.write_error_rate,sudo /usr/local/sbin/get_smart_value.sh /dev/sda Uncorrectable_Error_Cnt

#UserParameter=hdd.sda.reallocated_sector_count,sudo /usr/local/sbin/get_smart_value.sh /dev/sda Reallocated_Sector_Ct

#UserParameter=hdd.sda.power_on_hours,sudo /usr/local/sbin/get_smart_value.sh /dev/sda Power_On_Hours

#UserParameter=hdd.sda.temperature,sudo /usr/local/sbin/get_smart_value.sh /dev/sda Temperature_Cel

#UserParameter=hdd.sdb.wear_leveling_count,sudo /usr/local/sbin/get_smart_value.sh /dev/sdb Wear_Leveling_Count

#UserParameter=hdd.sdb.read_error_rate,sudo /usr/local/sbin/get_smart_value.sh /dev/sdb CRC_Error_Count

#UserParameter=hdd.sdb.write_error_rate,sudo /usr/local/sbin/get_smart_value.sh /dev/sdb Uncorrectable_Error_Cnt

#UserParameter=hdd.sdb.reallocated_sector_count,sudo /usr/local/sbin/get_smart_value.sh /dev/sdb Reallocated_Sector_Ct

#UserParameter=hdd.sdb.power_on_hours,sudo /usr/local/sbin/get_smart_value.sh /dev/sdb Power_On_Hours

#UserParameter=hdd.sdb.temperature,sudo /usr/local/sbin/get_smart_value.sh /dev/sdb Temperature_Cel

#UserParameter=hdd.sdc.read_error_rate,sudo /usr/local/sbin/get_smart_value.sh /dev/sdc Raw_Read_Error_Rate

#UserParameter=hdd.sdc.reallocated_sector_count,sudo /usr/local/sbin/get_smart_value.sh /dev/sdc Reallocated_Sector_Ct

#UserParameter=hdd.sdc.power_on_hours,sudo /usr/local/sbin/get_smart_value.sh /dev/sdc Power_On_Hours

#UserParameter=hdd.sdc.temperature,sudo /usr/local/sbin/get_smart_value.sh /dev/sdc Temperature_Celsius

#UserParameter=hdd.sdd.read_error_rate,sudo /usr/local/sbin/get_smart_value.sh /dev/sdd Raw_Read_Error_Rate

#UserParameter=hdd.sdd.reallocated_sector_count,sudo /usr/local/sbin/get_smart_value.sh /dev/sdd Reallocated_Sector_Ct

#UserParameter=hdd.sdd.power_on_hours,sudo /usr/local/sbin/get_smart_value.sh /dev/sdd Power_On_Hours

#UserParameter=hdd.sdd.temperature,sudo /usr/local/sbin/get_smart_value.sh /dev/sdd Temperature_Celsius

#UserParameter=hdd.sde.read_error_rate,sudo /usr/local/sbin/get_smart_value.sh /dev/sde Raw_Read_Error_Rate

#UserParameter=hdd.sde.reallocated_sector_count,sudo /usr/local/sbin/get_smart_value.sh /dev/sde Reallocated_Sector_Ct

#UserParameter=hdd.sde.power_on_hours,sudo /usr/local/sbin/get_smart_value.sh /dev/sde Power_On_Hours

#UserParameter=hdd.sde.temperature,sudo /usr/local/sbin/get_smart_value.sh /dev/sde Temperature_Celsius

#UserParameter=hdd.sdf.read_error_rate,sudo /usr/local/sbin/get_smart_value.sh /dev/sdf Raw_Read_Error_Rate

#UserParameter=hdd.sdf.reallocated_sector_count,sudo /usr/local/sbin/get_smart_value.sh /dev/sdf Reallocated_Sector_Ct

#UserParameter=hdd.sdf.power_on_hours,sudo /usr/local/sbin/get_smart_value.sh /dev/sdf Power_On_Hours

#UserParameter=hdd.sdf.temperature,sudo /usr/local/sbin/get_smart_value.sh /dev/sdf Temperature_Celsius

#UserParameter=hdd.sdg.read_error_rate,sudo /usr/local/sbin/get_smart_value.sh /dev/sdg Raw_Read_Error_Rate

#UserParameter=hdd.sdg.reallocated_sector_count,sudo /usr/local/sbin/get_smart_value.sh /dev/sdg Reallocated_Sector_Ct

#UserParameter=hdd.sdg.power_on_hours,sudo /usr/local/sbin/get_smart_value.sh /dev/sdg Power_On_Hours

#UserParameter=hdd.sdg.temperature,sudo /usr/local/sbin/get_smart_value.sh /dev/sdg Temperature_Celsius

#UserParameter=hdd.sdh.read_error_rate,sudo /usr/local/sbin/get_smart_value.sh /dev/sdh Raw_Read_Error_Rate

#UserParameter=hdd.sdh.reallocated_sector_count,sudo /usr/local/sbin/get_smart_value.sh /dev/sdh Reallocated_Sector_Ct

#UserParameter=hdd.sdh.power_on_hours,sudo /usr/local/sbin/get_smart_value.sh /dev/sdh Power_On_Hours

#UserParameter=hdd.sdh.temperature,sudo /usr/local/sbin/get_smart_value.sh /dev/sdh Temperature_Celsius

### Option: UserParameterDir

#	Directory to execute UserParameter commands from. Only one entry is allowed.

#	When executing UserParameter commands the agent will change the working directory to the one

#	specified in the UserParameterDir option.

#	This way UserParameter commands can be specified using the relative ./ prefix.

#

# Mandatory: no

# Default:

# UserParameterDir=

####### LOADABLE MODULES #######

### Option: LoadModulePath

#	Full path to location of agent modules.

#	Default depends on compilation options.

#	To see the default path run command "zabbix_agentd --help".

#

# Mandatory: no

# Default:

# LoadModulePath=${libdir}/modules

### Option: LoadModule

#	Module to load at agent startup. Modules are used to extend functionality of the agent.

#	Formats:

#		LoadModule=<module.so>

#		LoadModule=<path/module.so>

#		LoadModule=</abs_path/module.so>

#	Either the module must be located in directory specified by LoadModulePath or the path must precede the module name.

#	If the preceding path is absolute (starts with '/') then LoadModulePath is ignored.

#	It is allowed to include multiple LoadModule parameters.

#

# Mandatory: no

# Default:

# LoadModule=

####### TLS-RELATED PARAMETERS #######

### Option: TLSConnect

#	How the agent should connect to server or proxy. Used for active checks.

#	Only one value can be specified:

#		unencrypted - connect without encryption

#		psk         - connect using TLS and a pre-shared key

#		cert        - connect using TLS and a certificate

#

# Mandatory: yes, if TLS certificate or PSK parameters are defined (even for 'unencrypted' connection)

# Default:

# TLSConnect=unencrypted

### Option: TLSAccept

#	What incoming connections to accept.

#	Multiple values can be specified, separated by comma:

#		unencrypted - accept connections without encryption

#		psk         - accept connections secured with TLS and a pre-shared key

#		cert        - accept connections secured with TLS and a certificate

#

# Mandatory: yes, if TLS certificate or PSK parameters are defined (even for 'unencrypted' connection)

# Default:

# TLSAccept=unencrypted

### Option: TLSCAFile

#	Full pathname of a file containing the top-level CA(s) certificates for

#	peer certificate verification.

#

# Mandatory: no

# Default:

# TLSCAFile=

### Option: TLSCRLFile

#	Full pathname of a file containing revoked certificates.

#

# Mandatory: no

# Default:

# TLSCRLFile=

### Option: TLSServerCertIssuer

#		Allowed server certificate issuer.

#

# Mandatory: no

# Default:

# TLSServerCertIssuer=

### Option: TLSServerCertSubject

#		Allowed server certificate subject.

#

# Mandatory: no

# Default:

# TLSServerCertSubject=

### Option: TLSCertFile

#	Full pathname of a file containing the agent certificate or certificate chain.

#

# Mandatory: no

# Default:

# TLSCertFile=

### Option: TLSKeyFile

#	Full pathname of a file containing the agent private key.

#

# Mandatory: no

# Default:

# TLSKeyFile=

### Option: TLSPSKIdentity

#	Unique, case sensitive string used to identify the pre-shared key.

#

# Mandatory: no

# Default:

# TLSPSKIdentity=

### Option: TLSPSKFile

#	Full pathname of a file containing the pre-shared key.

#

# Mandatory: no

# Default:

# TLSPSKFile=

####### For advanced users - TLS ciphersuite selection criteria #######

### Option: TLSCipherCert13

#	Cipher string for OpenSSL 1.1.1 or newer in TLS 1.3.

#	Override the default ciphersuite selection criteria for certificate-based encryption.

#

# Mandatory: no

# Default:

# TLSCipherCert13=

### Option: TLSCipherCert

#	GnuTLS priority string or OpenSSL (TLS 1.2) cipher string.

#	Override the default ciphersuite selection criteria for certificate-based encryption.

#	Example for GnuTLS:

#		NONE:+VERS-TLS1.2:+ECDHE-RSA:+RSA:+AES-128-GCM:+AES-128-CBC:+AEAD:+SHA256:+SHA1:+CURVE-ALL:+COMP-NULL:+SIGN-ALL:+CTYPE-X.509

#	Example for OpenSSL:

#		EECDH+aRSA+AES128:RSA+aRSA+AES128

#

# Mandatory: no

# Default:

# TLSCipherCert=

### Option: TLSCipherPSK13

#	Cipher string for OpenSSL 1.1.1 or newer in TLS 1.3.

#	Override the default ciphersuite selection criteria for PSK-based encryption.

#	Example:

#		TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256

#

# Mandatory: no

# Default:

# TLSCipherPSK13=

### Option: TLSCipherPSK

#	GnuTLS priority string or OpenSSL (TLS 1.2) cipher string.

#	Override the default ciphersuite selection criteria for PSK-based encryption.

#	Example for GnuTLS:

#		NONE:+VERS-TLS1.2:+ECDHE-PSK:+PSK:+AES-128-GCM:+AES-128-CBC:+AEAD:+SHA256:+SHA1:+CURVE-ALL:+COMP-NULL:+SIGN-ALL

#	Example for OpenSSL:

#		kECDHEPSK+AES128:kPSK+AES128

#

# Mandatory: no

# Default:

# TLSCipherPSK=

### Option: TLSCipherAll13

#	Cipher string for OpenSSL 1.1.1 or newer in TLS 1.3.

#	Override the default ciphersuite selection criteria for certificate- and PSK-based encryption.

#	Example:

#		TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256

#

# Mandatory: no

# Default:

# TLSCipherAll13=

### Option: TLSCipherAll

#	GnuTLS priority string or OpenSSL (TLS 1.2) cipher string.

#	Override the default ciphersuite selection criteria for certificate- and PSK-based encryption.

#	Example for GnuTLS:

#		NONE:+VERS-TLS1.2:+ECDHE-RSA:+RSA:+ECDHE-PSK:+PSK:+AES-128-GCM:+AES-128-CBC:+AEAD:+SHA256:+SHA1:+CURVE-ALL:+COMP-NULL:+SIGN-ALL:+CTYPE-X.509

#	Example for OpenSSL:

#		EECDH+aRSA+AES128:RSA+aRSA+AES128:kECDHEPSK+AES128:kPSK+AES128

#

# Mandatory: no

# Default:

# TLSCipherAll=