# SPDX-License-Identifier: MIT-0 --- # handlers file for bootstrap - name: Configure ProFTPd server listen: proftpd become: true block: - name: Create ProFTPd non-web user subdirectories ansible.builtin.file: follow: true force: true group: "{{ item.value.chown.split(':')[0] }}" owner: "{{ item.value.chown.split(':')[1] }}" path: "{{ item.value.chroot }}" state: directory loop: "{{ lookup('ansible.builtin.dict', config.proftpd.vusers) }}" # @TODO complete below commented out tasks # - name: Provide TLS/SSL resources for FTPS capabilities with ProFTPd # - name: Load prerequisite modules for intended configuration - name: Configure ProFTPd main control server ansible.builtin.template: backup: true comment_end_string: "#}" comment_start_string: "{#" dest: /etc/proftpd/proftpd.conf follow: true force: true group: root owner: root src: proftpd/proftpd.conf.j2 validate: proftpd --configtest vars: ftp_server_name: init - name: Configure ProFTPd global settings ansible.builtin.template: backup: true comment_end_string: "#}" comment_start_string: "{#" dest: /etc/proftpd/conf.d/global.conf follow: true force: true group: root owner: root src: proftpd/conf.d/global.conf.j2 validate: proftpd --configtest vars: pasv_ports: "49152 65534" max_conns: 30 allow_symlinks: false - name: Create ProFTPd FTPS virtual host ansible.builtin.template: backup: true comment_end_string: "#}" comment_start_string: "{#" dest: "/etc/proftpd/conf.d/{{ config.proftpd.name.lowercase() }}.conf" follow: true force: true group: root owner: root src: proftpd/conf.d/vhost@vps1.conf.j2 validate: proftpd --configtest vars: ftp_server_name: "{{ config.proftpd.name }}'s Archive'" # @TODO finish constructing below block task # - name: Add virtual users to ProFTPd FTPS virtual host # block: # - name: Create the virtual users # - name: Specify what virtual users are allowed login # - name: Specify restrictions for virtual users on the directories they will reside in