ServerName "{{getenv "SERVER_NAME"}}"
ServerType standalone
DefaultServer on
Port 21
UseIPv6 off
Umask 006 007
MaxInstances 30
User proftp
Group proftp
DefaultRoot /var/lib/proftp/data
DefaultChdir /var/lib/proftp/data
AllowOverwrite on
RequireValidShell off
PassivePorts {{getenv "PASSIVE_LOWER_BOUND"}} {{getenv "PASSIVE_UPPER_BOUND"}}
DenyAll
TLSEngine on
TLSProtocol {{getenv "TLS_PROTOCOL" "TLSv1.2"}}
TLSRequired on
TLSRSACertificateFile /etc/ssl/proftp/{{getenv "CERT_NAME" "fullchain.pem"}}
TLSRSACertificateKeyFile /etc/ssl/proftp/{{getenv "KEY_NAME" "privkey.pem"}}
TLSVerifyClient off
TLSServerCipherPreference on
TLSSessionCache internal: 1800
TLSCipherSuite {{getenv "TLS_CIPHERS" "AES128+EECDH:AES128+EDH"}}
AuthOrder mod_ldap.c
LDAPAttr uid cn
LDAPServer {{getenv "LDAP_URI"}}
LDAPUseTLS {{getenv "LDAP_USE_TLS" "on"}}
LDAPAuthBinds {{getenv "LDAP_USE_AUTH_BIND" "on"}}
LDAPBindDN "{{getenv "LDAP_BIND_DN"}}" {{getenv "LDAP_BIND_PASSWORD"}}
LDAPUsers {{getenv "LDAP_BASE"}} "{{getenv "LDAP_FILTER"}}"
LDAPSearchScope subtree
LDAPDefaultUID 2222
LDAPDefaultGID 2222
LDAPForceDefaultUID on
LDAPForceDefaultGID on
LDAPGenerateHomedir on
LDAPGenerateHomedirPrefix /var/lib/proftp/data
LDAPForceGeneratedHomedir on