Support EL 7, install the chroot file.

This commit is contained in:
Andrea Dell'Amico 2020-12-07 17:28:51 +01:00
parent fbb9ecb651
commit 6c57574eb5
4 changed files with 53 additions and 17 deletions

View File

@ -10,14 +10,19 @@ vsftpd_ls_recurse_enable: "NO"
vsftpd_local_root: /dev/null vsftpd_local_root: /dev/null
vsftpd_pasv_min_port: 49152 vsftpd_pasv_min_port: 49152
vsftpd_pasv_max_port: 65534 vsftpd_pasv_max_port: 65534
vsftpd_global_confi_dir: /etc/vsftpd
vsftpd_chroot_list_enable: "YES" vsftpd_chroot_list_enable: "YES"
vsftpd_chroot_list_file: /etc/vsftpd.chroot_list vsftpd_chroot_list_file: '{{ vsftpd_global_confi_dir }}/chroot_list'
vsftpd_chroot_passwd_enable: "NO" vsftpd_chroot_passwd_enable: "NO"
vsftpd_chroot_local_user: "NO" vsftpd_chroot_local_user: "NO"
vsftpd_iptables_rules: True vsftpd_iptables_rules: True
vsftpd_iptables_allowed_hosts: vsftpd_iptables_allowed_hosts:
- 0.0.0.0/0 - 0.0.0.0/0
vsftp_chrooted_users: []
# - { login: 'user1' }
# - { login: 'user2' }
vsftpd_manage_user_acls: True vsftpd_manage_user_acls: True
vsftpd_manage_real_users: False vsftpd_manage_real_users: False
vsftpd_manage_valid_shells: False vsftpd_manage_valid_shells: False

View File

@ -16,7 +16,10 @@ galaxy_info:
- name: Ubuntu - name: Ubuntu
versions: versions:
- bionic - bionic
- name: EL
versions:
- 7
galaxy_tags: galaxy_tags:
- ftp - ftp
- ftpd - ftpd

View File

@ -1,21 +1,46 @@
--- ---
- name: Install the vsftpd package - name: Package, and config, deb distributions
apt: pkg=vsftpd state=present update_cache=yes cache_valid_time=3600 block:
- name: Install the vsftpd package on deb distributions
apt: pkg=vsftpd state=present update_cache=yes cache_valid_time=3600
- name: Install the vsftpd configuration file
template: src=vsftpd.conf.j2 dest=/etc/vsftpd.conf mode=0444 owner=root group=root
notify: Restart the vsftpd server
tags: [ 'vsftpd', 'ftp', 'vsftpd_conf' ]
when: ansible_distribution_file_variety == "Debian"
tags: [ 'vsftpd', 'ftp' ] tags: [ 'vsftpd', 'ftp' ]
- name: Install the vsftpd configuration file - name: Package, and config, el
template: src=vsftpd.conf.j2 dest=/etc/vsftpd.conf mode=0444 owner=root group=root block:
notify: Restart the vsftpd server - name: Install the vsftpd package on el distributions
yum: pkg=vsftpd state=present
- name: Install the vsftpd configuration file
template: src=vsftpd.conf.j2 dest={{ vsftpd_global_confi_dir }}/vsftpd.conf mode=0444 owner=root group=root
notify: Restart the vsftpd server
tags: [ 'vsftpd', 'ftp', 'vsftpd_conf' ]
when: ansible_distribution_file_variety == "RedHat"
tags: [ 'vsftpd', 'ftp' ] tags: [ 'vsftpd', 'ftp' ]
- name: Start and enable the vsftpd server - name: Global configuration
service: name=vsftpd state=started enabled=yes block:
when: vsftpd_server_enabled - name: Install the chroot list file
template: src=vsftpd_chroot_list.j2 dest={{ vsftpd_chroot_list_file }} mode=0444 owner=root group=root
tags: [ 'vsftpd', 'ftp', 'vsftpd_conf' ]
- name: vsftpd service
block:
- name: Start and enable the vsftpd server
service: name=vsftpd state=started enabled=yes
when: vsftpd_server_enabled
tags: [ 'vsftpd', 'ftp' ]
- name: Stop and disable the vsftpd server
service: name=vsftpd state=stopped
when: not vsftpd_server_enabled
tags: [ 'vsftpd', 'ftp' ] tags: [ 'vsftpd', 'ftp' ]
- name: Stop and disable the vsftpd server
service: name=vsftpd state=stopped
when: not vsftpd_server_enabled
tags: [ 'vsftpd', 'ftp' ]

View File

@ -0,0 +1,3 @@
{% for u in vsftp_chrooted_users %}
{{ u.login }}
{% endfor %}