---
vsftpd_enabled: True
vsftpd_pkgs:
  - vsftpd

vsftpd_blacklist_files:
  - chroot_list
  - ftpusers
  - user_list

vsftpd_anonymous: False
vsftpd_anonymous_enable: 'NO'
vsftpd_anonymous_upload: False
vsftpd_anonymous_upload_enabled: 'NO'
vsftpd_local: True
vsftpd_local_enable: 'YES'
vsftpd_write_enable: 'YES'
vsftpd_banner: '{{ ansible_fqdn }}'
vsftpd_enable_chroot: False
vsftpd_chroot_local_users: 'YES'
vsftpd_chroot_list_enable: 'YES'
vsftpd_text_userdb_names: 'YES'
vsftpd_pasv_min_port: 19000
vsftpd_pasv_max_port: 19999

# The first listens on ipv4 only. The second on both, despite the name
vsftpd_listen: "NO"
vsftpd_listen_ipv6: "YES"
vsftpd_tls_enabled: True
vsftpd_force_tls: True
vsftpd_tls_letsencrypt: True
vsftpd_ssl_ca_certificate: '{{ letsencrypt_acme_certs_dir }}/fullchain'
vsftpd_ssl_certificate: '{{ letsencrypt_acme_certs_dir }}/cert'
vsftpd_ssl_certificate_key: '{{ letsencrypt_acme_certs_dir }}/privkey'