LoadModule mod_tls.c ServerName "{{ ftp_server_name }}" ServerIdent on "Our head librarians Furcas and Marbas welcome you!" ServerAlias {{ hostvars[inventory_hostname].fqdn }} ftp.{{ hostvars[inventory_hostname].fqdn }} {{ hostvars[inventory_hostname].fqdn.split('.')[0] }} ServerLog /var/log/proftpd/{{ hostvars[inventory_hostname].fqdn }}.log Protocols ftps Port 990 DefaultRoot ~ # AllowStoreRestart on MaxStoreFileSize 10 Gb MaxTransfersPerUser STOR,RETR 9 MaxTransfersPerHost STOR,RETR 36 DirFakeUser on ~ DirFakeGroup on ~ # AuthOrder mod_auth_pam.c mod_auth_unix.c* AuthOrder mod_auth_file.c AuthUserFile {{ config.proftpd.auth_filepaths.users_path }} AuthGroupFile {{ config.proftpd.auth_filepaths.groups_path }} AuthFileOptions SyntaxCheck TLSEngine on TLSLog /var/log/proftpd/tls.log # @NOTE: "SSLv23" means all SSL versions TLSProtocol SSLv23 TLSOptions AllowClientRenegotiations TLSVerifyClient off TLSRequired on TLSRenegotiate required off TLSECCertificateFile {{ config.proftpd.tls_paths.cert }} TLSECCertificateKeyFile {{ config.proftpd.tls_paths.privkey }} TLSCACertificateFile {{ config.proftpd.tls_paths.cert }} AllowUser OR {{ allowed_users}} AllowAll UserOwner ftp GroupOwner ftp HideUser !~ HideFiles ^\.(.+)? HideNoAccess on AllowAll User ftp Group ftp RequireValidShell off DirFakeUser on anon DirFakeGroup on anon DirFakeMode 0444 UserAlias anon {{ anon_user }} AllowStoreRestart off MaxStoreFileSize 4 Gb MaxTransfersPerUser STOR,RETR 3 MaxTransfersPerHost STOR,RETR 10 HideUser !~ HideNoAccess on AllowAll # AllowAll HideFiles ^\.(.+)?