user-access/rootfs/etc/confd/templates/proftpd.conf.tmpl

55 lines
1.4 KiB
Cheetah
Raw Normal View History

2016-10-13 11:52:14 +00:00
ServerName "{{getenv "SERVER_NAME"}}"
ServerType standalone
DefaultServer on
2016-10-13 12:04:19 +00:00
Port 21
2016-10-13 11:52:14 +00:00
UseIPv6 off
2016-10-13 22:24:51 +00:00
Umask 006 007
2016-10-13 11:52:14 +00:00
MaxInstances 30
User proftp
Group proftp
DefaultRoot /var/lib/proftp/data
2016-10-13 14:10:39 +00:00
DefaultChdir /var/lib/proftp/data
2016-10-13 11:52:14 +00:00
AllowOverwrite on
2016-10-13 13:30:26 +00:00
RequireValidShell off
PassivePorts {{getenv "PASSIVE_LOWER_BOUND"}} {{getenv "PASSIVE_UPPER_BOUND"}}
2016-10-13 11:52:14 +00:00
<Limit SITE_CHMOD>
DenyAll
</Limit>
2016-10-14 04:27:38 +00:00
<IfModule mod_tls.c>
TLSEngine on
2016-10-14 04:29:05 +00:00
TLSProtocol {{getenv "TLS_PROTOCOL" "TLSv1.2"}}
2016-10-14 04:27:38 +00:00
TLSRequired on
2016-10-31 17:35:05 +00:00
TLSRSACertificateFile /etc/ssl/proftp/{{getenv "CERT_NAME" "fullchain.pem"}}
TLSRSACertificateKeyFile /etc/ssl/proftp/{{getenv "KEY_NAME" "privkey.pem"}}
2016-10-14 04:27:38 +00:00
TLSVerifyClient off
TLSServerCipherPreference on
TLSSessionCache internal: 1800
2016-10-14 04:29:05 +00:00
TLSCipherSuite {{getenv "TLS_CIPHERS" "AES128+EECDH:AES128+EDH"}}
2016-10-14 04:27:38 +00:00
</IfModule>
2016-10-13 11:52:14 +00:00
<IfModule mod_ldap.c>
2016-10-13 13:30:26 +00:00
AuthOrder mod_ldap.c
2016-10-13 14:10:39 +00:00
LDAPAttr uid cn
2016-10-13 11:52:14 +00:00
LDAPServer {{getenv "LDAP_URI"}}
LDAPUseTLS {{getenv "LDAP_USE_TLS"}}
LDAPAuthBinds {{getenv "LDAP_USE_AUTH_BIND"}}
LDAPBindDN "{{getenv "LDAP_BIND_DN"}}" {{getenv "LDAP_BIND_PASSWORD"}}
LDAPUsers {{getenv "LDAP_BASE"}} "{{getenv "LDAP_FILTER"}}"
LDAPSearchScope subtree
LDAPDefaultUID 2222
LDAPDefaultGID 2222
2016-10-13 13:30:26 +00:00
LDAPForceDefaultUID on
LDAPForceDefaultGID on
2016-10-13 14:19:54 +00:00
LDAPGenerateHomedir on
LDAPGenerateHomedirPrefix /var/lib/proftp/data
LDAPForceGeneratedHomedir on
2016-10-13 13:30:26 +00:00
</IfModule>