43 lines
1.3 KiB
Django/Jinja
43 lines
1.3 KiB
Django/Jinja
<VirtualHost 0.0.0.0>
|
|
ServerName {{ ftp_server_name }}
|
|
ServerIdent on "You have arrived at {{ ftp_server_name }}!"
|
|
ServerAlias {{ hostvars[inventory_hostname].fqdn }}
|
|
ServerAlias ftp.{{ hostvars[inventory_hostname].fqdn }}
|
|
ServerAlias {{ hostvars[inventory_hostname].fqdn.split('.')[0] }}
|
|
ServerLog /var/log/proftpd/{{ hostvars[inventory_hostname].fqdn.split('.')[0] }}.log
|
|
Protocols ftps
|
|
Port 990
|
|
|
|
# AuthOrder mod_auth_pam.c mod_auth_unix.c*
|
|
AuthOrder mod_auth_file.c
|
|
AuthUserFile /etc/proftpd/ftpd.passwd
|
|
AuthGroupFile /etc/proftpd/ftpd.group
|
|
AuthFileOptions SyntaxCheck
|
|
|
|
TLSEngine on
|
|
TLSLog /var/log/proftpd/tls.log
|
|
# @NOTW: "AALv23" means all SSL versions
|
|
TLSProtocol SSLv23
|
|
TLSOptions AllowClientRenegotiations
|
|
TLSVerifyClient off
|
|
TLSRequired on
|
|
TLSRenegotiate required off
|
|
|
|
TLSECCertificateFile {{ config.proftpd.tls_paths.cert }}
|
|
TLSECCertificateKeyFile {{ config.proftpd.tls_paths.privkey }}
|
|
TLSCACertificateFile {{ config.proftpd.tls_paths.cert }}
|
|
|
|
<Anonymous /srv/ftp/public>
|
|
UserAlias anon smuggler
|
|
|
|
<Directory *>
|
|
<Limit WRITE CDUP CWD PWD>
|
|
DenyAll
|
|
</Limit>
|
|
|
|
<Limit READ>
|
|
AllowAll
|
|
</Limit>
|
|
</Directory>
|
|
</Anonymous>
|
|
<VirtualHost> |