ftp: add role

author: Jonas Gunz <himself@jonasgunz.de> 2021-09-30 18:06:45 +0200
committer: Jonas Gunz <himself@jonasgunz.de> 2021-09-30 18:06:45 +0200
commit: 89b4408e0b91ee670bda0c6ea5a1f9d183e2504a (patch)
tree: e72b217a769708ab8a3f678ac93a7b58d3330125 /roles/ftp/templates
parent: ac9d4a9a0150f525c2ac5b4105bc0c11a24d8e38 (diff)
download: ansible_collection-89b4408e0b91ee670bda0c6ea5a1f9d183e2504a.tar.gz
2 files changed, 63 insertions, 0 deletions
diff --git a/roles/ftp/templates/ldap.conf.j2 b/roles/ftp/templates/ldap.conf.j2
new file mode 100644
index 0000000..33b663f
--- /dev/null
+++ b/roles/ftp/templates/ldap.conf.j2
@@ -0,0 +1,15 @@
+# Managed by Ansible. Do NOT change.
+
+LDAPScheme ldaps
+LDAPServer {{ ftp.ldap.host }}
+LDAPPort {{ ftp.ldap.port }}
+LDAPVersion 3
+
+LDAPBaseDN {{ ftp.ldap.base }}
+
+LDAPBindDN {{ ftp.ldap.bind_dn }}
+LDAPBindPW {{ ftp.ldap.bind_pw }}
+
+LDAPAuthMethod BIND
+
+LDAPFilter {{ ftp.ldap.filter }}
diff --git a/roles/ftp/templates/pure-ftpd.conf.j2 b/roles/ftp/templates/pure-ftpd.conf.j2
new file mode 100644
index 0000000..9faccf5
--- /dev/null
+++ b/roles/ftp/templates/pure-ftpd.conf.j2
@@ -0,0 +1,48 @@
+# Managed by Ansible. Do NOT change.
+
+ChrootEveryone               yes
+BrokenClientsCompatibility   no
+MaxClientsNumber             50
+Daemonize                    no
+MaxClientsPerIP              8
+VerboseLog                   yes
+DisplayDotFiles              yes
+AnonymousOnly                no
+NoAnonymous                  yes
+#SyslogFacility               ftp
+DontResolve                  yes
+MaxIdleTime                  15
+
+{% if ftp.ldap.enable %}
+LDAPConfigFile               /etc/pure-ftpd/db/ldap.conf
+{% endif %}
+
+{% if ftp.enable_pam %}
+PAMAuthentication           yes
+{% endif %}
+
+{% if ftp.tls.enable %}
+TLS                          2
+TLSCipherSuite               HIGH
+CertFileAndKey               "{{ ftp.tls.cert }}" "{{ ftp.tls.key }}"
+{% endif %}
+
+LimitRecursion               10000 8
+AnonymousCanCreateDirs       no
+MaxLoad                      4
+AntiWarez                    yes
+
+# File creation mask. <umask for files>:<umask for dirs> .
+# 177:077 if you feel paranoid.
+Umask                        177:077
+
+MinUID                       100
+AllowUserFXP                 no
+AllowAnonymousFXP            no
+ProhibitDotFilesWrite        no
+ProhibitDotFilesRead         no
+AutoRename                   no
+AnonymousCantUpload          yes
+CreateHomeDir                yes
+MaxDiskUsage                 99
+CustomerProof                yes
author	Jonas Gunz <himself@jonasgunz.de>	2021-09-30 18:06:45 +0200
committer	Jonas Gunz <himself@jonasgunz.de>	2021-09-30 18:06:45 +0200
commit	89b4408e0b91ee670bda0c6ea5a1f9d183e2504a (patch)
tree	e72b217a769708ab8a3f678ac93a7b58d3330125 /roles/ftp/templates
parent	ac9d4a9a0150f525c2ac5b4105bc0c11a24d8e38 (diff)
download	ansible_collection-89b4408e0b91ee670bda0c6ea5a1f9d183e2504a.tar.gz