feature: created preliminary ProFTPd installation task handler that configures ProFTPd

2025-11-12 18:54:40 -05:00
parent a0413c7ebc
commit a387326cca
1 changed files with 63 additions and 0 deletions
--- a/roles/bootstrap/handlers/proftpd.yml
+++ b/roles/bootstrap/handlers/proftpd.yml
@@ -3,4 +3,67 @@
 # handlers file for bootstrap
 - name: Configure ProFTPd server
  listen: proftpd
+  become: true
  block:
+    - name: Create ProFTPd non-web user subdirectories
+      ansible.builtin.file:
+        follow: true
+        force: true
+        group: "{{ item.value.chown.split(':')[0] }}"
+        owner: "{{ item.value.chown.split(':')[1] }}"
+        path: "{{ item.value.chroot }}"
+        state: directory
+      loop: "{{ lookup('ansible.builtin.dict', config.proftpd.vusers) }}"
+    # @TODO complete below commented out tasks
+    # - name: Provide TLS/SSL resources for FTPS capabilities with ProFTPd
+    # - name: Load prerequisite modules for intended configuration
+    - name: Configure ProFTPd main control server
+      ansible.builtin.template:
+        backup: true
+        comment_end_string: "#}"
+        comment_start_string: "{#"
+        dest: /etc/proftpd/proftpd.conf
+        follow: true
+        force: true
+        group: root
+        owner: root
+        src: proftpd/proftpd.conf.j2
+        validate: proftpd --configtest
+      vars:
+        ftp_server_name: init
+    - name: Configure ProFTPd global settings
+      ansible.builtin.template:
+        backup: true
+        comment_end_string: "#}"
+        comment_start_string: "{#"
+        dest: /etc/proftpd/conf.d/global.conf
+        follow: true
+        force: true
+        group: root
+        owner: root
+        src: proftpd/conf.d/global.conf.j2
+        validate: proftpd --configtest
+      vars:
+        pasv_ports: "49152 65534"
+        max_conns: 30
+        allow_symlinks: false
+    - name: Create ProFTPd FTPS virtual host
+      ansible.builtin.template:
+        backup: true
+        comment_end_string: "#}"
+        comment_start_string: "{#"
+        dest: "/etc/proftpd/conf.d/{{ config.proftpd.name.lowercase() }}.conf"
+        follow: true
+        force: true
+        group: root
+        owner: root
+        src: proftpd/conf.d/vhost@vps1.conf.j2
+        validate: proftpd --configtest
+      vars:
+        ftp_server_name: "{{ config.proftpd.name }}'s Archive'"
+    # @TODO finish constructing below block task
+    # - name: Add virtual users to ProFTPd FTPS virtual host
+    #   block:
+    #     - name: Create the virtual users
+    #     - name: Specify what virtual users are allowed login
+    #     - name: Specify restrictions for virtual users on the directories they will reside in