From 8c88322621d193ace7dd25ef233c77d5559ee3a0 Mon Sep 17 00:00:00 2001 From: Alex Tavarez Date: Sun, 16 Nov 2025 13:57:30 -0500 Subject: [PATCH] Renamed file and edited to render it exemplar --- .../conf.d/vhost@vps1-fq.dn.conf.example.j2 | 93 +++++++++++++++++++ .../proftpd/conf.d/vhost@vps1.conf.j2 | 41 -------- 2 files changed, 93 insertions(+), 41 deletions(-) create mode 100644 roles/bootstrap/templates/proftpd/conf.d/vhost@vps1-fq.dn.conf.example.j2 delete mode 100644 roles/bootstrap/templates/proftpd/conf.d/vhost@vps1.conf.j2 diff --git a/roles/bootstrap/templates/proftpd/conf.d/vhost@vps1-fq.dn.conf.example.j2 b/roles/bootstrap/templates/proftpd/conf.d/vhost@vps1-fq.dn.conf.example.j2 new file mode 100644 index 0000000..a68c4dc --- /dev/null +++ b/roles/bootstrap/templates/proftpd/conf.d/vhost@vps1-fq.dn.conf.example.j2 @@ -0,0 +1,93 @@ + + LoadModule mod_tls.c + + + + + ServerName "{{ ftp_server_name }}" + ServerIdent on "Our head librarians Furcas and Marbas welcome you!" + ServerAlias {{ hostvars[inventory_hostname].fqdn }} ftp.{{ hostvars[inventory_hostname].fqdn }} {{ hostvars[inventory_hostname].fqdn.split('.')[0] }} + ServerLog /var/log/proftpd/{{ hostvars[inventory_hostname].fqdn }}.log + Protocols ftps + Port 990 + DefaultRoot ~ + # AllowStoreRestart on + MaxStoreFileSize 10 Gb + MaxTransfersPerUser STOR,RETR 9 + MaxTransfersPerHost STOR,RETR 36 + DirFakeUser on ~ + DirFakeGroup on ~ + + # AuthOrder mod_auth_pam.c mod_auth_unix.c* + AuthOrder mod_auth_file.c + AuthUserFile {{ config.proftpd.auth_filepaths.users_path }} + AuthGroupFile {{ config.proftpd.auth_filepaths.groups_path }} + AuthFileOptions SyntaxCheck + + TLSEngine on + TLSLog /var/log/proftpd/tls.log + # @NOTE: "SSLv23" means all SSL versions + TLSProtocol SSLv23 + TLSOptions AllowClientRenegotiations + TLSVerifyClient off + TLSRequired on + TLSRenegotiate required off + + TLSECCertificateFile {{ config.proftpd.tls_paths.cert }} + TLSECCertificateKeyFile {{ config.proftpd.tls_paths.privkey }} + TLSCACertificateFile {{ config.proftpd.tls_paths.cert }} + + + AllowUser OR {{ allowed_users}} + + + + + AllowAll + + + + + UserOwner ftp + GroupOwner ftp + HideUser !~ + HideFiles ^\.(.+)? + HideNoAccess on + + + AllowAll + + + + + User ftp + Group ftp + RequireValidShell off + DirFakeUser on anon + DirFakeGroup on anon + DirFakeMode 0444 + UserAlias anon {{ anon_user }} + AllowStoreRestart off + MaxStoreFileSize 4 Gb + MaxTransfersPerUser STOR,RETR 3 + MaxTransfersPerHost STOR,RETR 10 + HideUser !~ + HideNoAccess on + + + + AllowAll + + + + + # + + AllowAll + + + HideFiles ^\.(.+)? + + + + \ No newline at end of file diff --git a/roles/bootstrap/templates/proftpd/conf.d/vhost@vps1.conf.j2 b/roles/bootstrap/templates/proftpd/conf.d/vhost@vps1.conf.j2 deleted file mode 100644 index bb18ea4..0000000 --- a/roles/bootstrap/templates/proftpd/conf.d/vhost@vps1.conf.j2 +++ /dev/null @@ -1,41 +0,0 @@ - - ServerName {{ ftp_server_name }} - ServerIdent on "You have arrived at {{ ftp_server_name }}!" - ServerAlias {{ hostvars[inventory_hostname].fqdn }} - ServerAlias ftp.{{ hostvars[inventory_hostname].fqdn }} - ServerAlias {{ hostvars[inventory_hostname].fqdn.split('.')[0] }} - ServerLog /var/log/proftpd/{{ hostvars[inventory_hostname].fqdn.split('.')[0] }}.log - Protocols ftps - Port 990 - - # AuthOrder mod_auth_pam.c mod_auth_unix.c* - AuthOrder mod_auth_file.c - AuthUserFile /etc/proftpd/ftpd.passwd - AuthGroupFile /etc/proftpd/ftpd.group - AuthFileOptions SyntaxCheck - - TLSEngine on - TLSLog /var/log/proftpd/tls.log - # @NOTE: "AALv23" means all SSL versions - TLSProtocol SSLv23 - TLSOptions AllowClientRenegotiations - TLSVerifyClient off - TLSRequired on - TLSRenegotiate required off - - TLSECCertificateFile {{ config.proftpd.tls_paths.cert }} - TLSECCertificateKeyFile {{ config.proftpd.tls_paths.privkey }} - TLSCACertificateFile {{ config.proftpd.tls_paths.cert }} - - - - - DenyAll - - - - AllowAll - - - - \ No newline at end of file