user-access/README.md

File access with [ProFTPD](http://www.proftpd.org/) and ldap authentication.

# Volumes
- `/var/lib/proftp/data`: root directory for files
- `/etc/ssl/proftp:ro`: certificates have to be here

# Environment Variables
## SERVER_NAME
Name displayed to connecting users.

## PASSIVE_LOWER_BOUND
Lower bound for the passive port range.

## PASSIVE_UPPER_BOUND
Upper bound for the passive port range.

## TLS_PROTOCOL
- default: TLSv1.2

SSL/TLS protocol version to use.

## TLS_CIPHERS
- default: AES128+EECDH:AES128+EDH

Cipher list to use.

## CERT_NAME
- default: fullchain.pem

Name of the certificate file.

## KEY_NAME
- default: privkey.pem

Name of the key file.

## LDAP_URI
Full ldap uri with search qualifier.

For example: `ldap://ldap:389/??sub`

## LDAP_BASE
Base DN for ldap searches.

## LDAP_FILTER
Ldap [filter](http://www.proftpd.org/docs/directives/linked/config_ref_LDAPUsers.html) to find valid users.

`%u` is replaced with the username.

## LDAP_BIND_DN
DN to use when connecting to the ldap host.

## LDAP_BIND_PASSWORD
Password to use when connecting to the ldap host.

## LDAP_USE_TLS
- default: on

Whether to use tls when connecting to the ldap host.

## LDAP_USE_AUTH_BIND
- default: on

Whether to use auth bind with ldap.

# Ports
- 21
- All ports in the defined bounds

## Capabilities
- DAC_OVERRIDE
- NET_BIND_SERVICE
- SETGID
- SETUID
Update README.md [skip build] 2016-10-31 18:21:10 +00:00			`File access with [ProFTPD](http://www.proftpd.org/) and ldap authentication.`
Create README.md 2016-10-31 17:53:00 +00:00
			`# Volumes`
			- `/var/lib/proftp/data`: root directory for files
			- `/etc/ssl/proftp:ro`: certificates have to be here

			`# Environment Variables`
			`## SERVER_NAME`
			`Name displayed to connecting users.`

			`## PASSIVE_LOWER_BOUND`
			`Lower bound for the passive port range.`

			`## PASSIVE_UPPER_BOUND`
			`Upper bound for the passive port range.`

			`## TLS_PROTOCOL`
			`- default: TLSv1.2`

			`SSL/TLS protocol version to use.`

			`## TLS_CIPHERS`
			`- default: AES128+EECDH:AES128+EDH`

			`Cipher list to use.`

			`## CERT_NAME`
			`- default: fullchain.pem`

			`Name of the certificate file.`

			`## KEY_NAME`
			`- default: privkey.pem`

			`Name of the key file.`

			`## LDAP_URI`
			`Full ldap uri with search qualifier.`

			For example: `ldap://ldap:389/??sub`

			`## LDAP_BASE`
			`Base DN for ldap searches.`

			`## LDAP_FILTER`
			`Ldap [filter](http://www.proftpd.org/docs/directives/linked/config_ref_LDAPUsers.html) to find valid users.`

			`%u` is replaced with the username.

			`## LDAP_BIND_DN`
			`DN to use when connecting to the ldap host.`

			`## LDAP_BIND_PASSWORD`
			`Password to use when connecting to the ldap host.`

			`## LDAP_USE_TLS`
			`- default: on`

			`Whether to use tls when connecting to the ldap host.`

			`## LDAP_USE_AUTH_BIND`
			`- default: on`

			`Whether to use auth bind with ldap.`

			`# Ports`
			`- 21`
			`- All ports in the defined bounds`

			`## Capabilities`
			`- DAC_OVERRIDE`
			`- NET_BIND_SERVICE`
			`- SETGID`
			`- SETUID`