60 lines
1.6 KiB
YAML
60 lines
1.6 KiB
YAML
---
|
|
- name: Install the ftp server packages
|
|
yum: pkg={{ vsftpd_pkgs }} state={{ pkg_state }}
|
|
tags:
|
|
- ftp
|
|
- vsftpd
|
|
|
|
- name: Install the vsftpd blacklist files
|
|
copy: src={{ item }} dest=/etc/vsftpd/{{ item }} owner=root group=root mode=0400
|
|
with_items: vsftpd_blacklist_files
|
|
notify: Restart vsftpd
|
|
tags:
|
|
- ftp
|
|
- vsftpd
|
|
|
|
- name: Install the vsftpd config file
|
|
template: src=vsftpd.conf.j2 dest=/etc/vsftpd/vsftpd.conf owner=root group=root mode=0400
|
|
notify: Restart vsftpd
|
|
tags:
|
|
- ftp
|
|
- vsftpd
|
|
- vsftpd_config
|
|
|
|
- name: Set the needed SELinux booleans when local users are enabled
|
|
seboolean: name={{ item }} state=yes persistent=yes
|
|
with_items:
|
|
- ftp_home_dir
|
|
- ftpd_full_access
|
|
when: vsftpd_local | bool
|
|
tags:
|
|
- ftp
|
|
- vsftpd
|
|
|
|
- name: Set the needed SELinux booleans when anonymous users uploads are enabled
|
|
seboolean: name={{ item }} state=yes persistent=yes
|
|
with_items:
|
|
- allow_ftpd_full_access
|
|
- allow_ftpd_anon_write
|
|
when: vsftpd_anonymous_upload | bool
|
|
tags:
|
|
- ftp
|
|
- vsftpd
|
|
|
|
- name: Ensure that the vsftpd service is started and enabled
|
|
service: name=vsftpd enabled=yes
|
|
tags:
|
|
- ftp
|
|
- vsftpd
|
|
|
|
- name: Manage the letsencrypt hook
|
|
block:
|
|
- name: Create the acme hooks directory if it does not yet exist
|
|
file: dest={{ letsencrypt_acme_sh_services_scripts_dir }} state=directory owner=root group=root
|
|
|
|
- name: Install the vsftp hook for letsencrypt
|
|
template: src=vsftpd-letsencrypt-hook.sh.j2 dest=/usr/lib/acme/hooks/vsftpd owner=root group=root mode=0550
|
|
|
|
when: vsftpd_tls_letsencrypt | bool
|
|
tags: [ 'ftp', 'vsftpd', 'vsftpd_config', 'letsencrypt' ]
|