From 58d736a81fdbdb55948fa62859f52ef56dbea7b4 Mon Sep 17 00:00:00 2001 From: Andrea Dell'Amico Date: Wed, 2 Mar 2016 19:59:02 +0100 Subject: [PATCH] dnet-eagle: modified the playbook to support more than one ftp user. New virtualhost to access a specific directory. --- vsftpd/defaults/main.yml | 10 +++++++++- vsftpd/handlers/main.yml | 3 --- vsftpd/tasks/main.yml | 19 +++++++++++++------ vsftpd/templates/vsftpd.conf.j2 | 3 +++ 4 files changed, 25 insertions(+), 10 deletions(-) diff --git a/vsftpd/defaults/main.yml b/vsftpd/defaults/main.yml index 16fc3000..82f6ec78 100644 --- a/vsftpd/defaults/main.yml +++ b/vsftpd/defaults/main.yml @@ -1,4 +1,5 @@ --- +vsftpd_server_enabled: True vsftpd_anonymous_enable: "NO" vsftpd_local_enable: "YES" vsftpd_write_enable: "YES" @@ -11,6 +12,13 @@ vsftpd_pasv_min_port: 49152 vsftpd_pasv_max_port: 65534 vsftpd_chroot_list_enable: "YES" vsftpd_chroot_list_file: /etc/vsftpd.chroot_list -vsftpd_iptables_rules: False +vsftpd_chroot_passwd_enable: "NO" +vsftpd_chroot_local_user: "NO" +vsftpd_iptables_rules: True vsftpd_iptables_allowed_hosts: - 0.0.0.0/0 + +vsftpd_manage_user_acls: True +vsftpd_manage_real_users: False +vsftpd_manage_valid_shells: False + diff --git a/vsftpd/handlers/main.yml b/vsftpd/handlers/main.yml index 6abae0b6..a1a0e322 100644 --- a/vsftpd/handlers/main.yml +++ b/vsftpd/handlers/main.yml @@ -1,7 +1,4 @@ --- -- name: Start the vsftpd server - service: name=vsftpd state=started enabled=yes - - name: Stop the vsftpd server service: name=vsftpd state=stopped diff --git a/vsftpd/tasks/main.yml b/vsftpd/tasks/main.yml index 9a9783f4..11a9a26a 100644 --- a/vsftpd/tasks/main.yml +++ b/vsftpd/tasks/main.yml @@ -1,14 +1,21 @@ --- - name: Install the vsftpd package apt: pkg=vsftpd state=installed - tags: - - vsftpd - - ftp + tags: [ 'vsftpd', 'ftp' ] - name: Install the vsftpd configuration file template: src=vsftpd.conf.j2 dest=/etc/vsftpd.conf mode=0444 owner=root group=root notify: Restart the vsftpd server - tags: - - vsftpd - - ftp + tags: [ 'vsftpd', 'ftp' ] + +- name: Start and enable the vsftpd server + service: name=vsftpd state=started enabled=yes + when: vsftpd_server_enabled + tags: [ 'vsftpd', 'ftp' ] + +- name: Stop and disable the vsftpd server + service: name=vsftpd state=stopped + when: not vsftpd_server_enabled + tags: [ 'vsftpd', 'ftp' ] + diff --git a/vsftpd/templates/vsftpd.conf.j2 b/vsftpd/templates/vsftpd.conf.j2 index ebbbef14..75a10de1 100644 --- a/vsftpd/templates/vsftpd.conf.j2 +++ b/vsftpd/templates/vsftpd.conf.j2 @@ -127,3 +127,6 @@ pasv_min_port={{ vsftpd_pasv_min_port }} pasv_max_port={{ vsftpd_pasv_max_port }} chroot_list_enable={{ vsftpd_chroot_list_enable }} chroot_list_file={{ vsftpd_chroot_list_file }} +passwd_chroot_enable={{ vsftpd_chroot_passwd_enable }} +chroot_local_user={{ vsftpd_chroot_local_user }} +