user-access/README.md
Sebastian Hugentobler 70519a0ea6 Update README.md
[skip build]
2016-10-31 19:45:16 +00:00

1.4 KiB

File access with ProFTPD and ldap authentication.

Volumes

  • /var/lib/proftp/data: root directory for files
  • /etc/ssl/proftp:ro: certificates have to be here

Environment Variables

SERVER_NAME

Name displayed to connecting users.

PASSIVE_LOWER_BOUND

Lower bound for the passive port range.

PASSIVE_UPPER_BOUND

Upper bound for the passive port range.

TLS_PROTOCOL

  • default: TLSv1.2

SSL/TLS protocol version to use.

TLS_CIPHERS

  • default: AES128+EECDH:AES128+EDH

Cipher list to use.

CERT_NAME

  • default: fullchain.pem

Name of the certificate file.

KEY_NAME

  • default: privkey.pem

Name of the key file.

LDAP_URI

Full ldap uri with search qualifier.

For example: ldap://ldap:389/??sub

LDAP_BASE

Base DN for ldap searches.

LDAP_FILTER

Ldap filter to find valid users.

%u is replaced with the username.

LDAP_BIND_DN

DN to use when connecting to the ldap host.

LDAP_BIND_PASSWORD

Password to use when connecting to the ldap host.

LDAP_USE_TLS

  • default: on

Whether to use tls when connecting to the ldap host.

LDAP_USE_AUTH_BIND

  • default: on

Whether to use auth bind with ldap.

Ports

  • 21
  • All ports in the defined bounds

Capabilities

  • DAC_OVERRIDE
  • NET_BIND_SERVICE
  • SETGID
  • SETUID
  • SYS_CHROOT