2022-09-13 16:31:03 +02:00
|
|
|
{% if proftpd_sftp_override %}
|
|
|
|
|
# WARNING : **Probably** ansible managed
|
|
|
|
|
{% endif %}
|
|
|
|
|
|
2019-01-24 11:47:03 +01:00
|
|
|
<IfModule !mod_tls.c>
|
|
|
|
|
LoadModule mod_tls.c
|
|
|
|
|
</IfModule>
|
|
|
|
|
|
|
|
|
|
<IfModule !mod_sftp.c>
|
|
|
|
|
LoadModule mod_sftp.c
|
|
|
|
|
</IfModule>
|
|
|
|
|
|
2022-08-31 17:03:02 +02:00
|
|
|
<VirtualHost {{ proftpd_default_address | join(' ') }}>
|
2019-01-24 11:47:03 +01:00
|
|
|
SFTPEngine on
|
|
|
|
|
Port {{ proftpd_sftp_port }}
|
|
|
|
|
DefaultRoot ~
|
|
|
|
|
|
|
|
|
|
SFTPLog /var/log/proftpd/sftp.log
|
2020-09-22 10:03:29 +02:00
|
|
|
TransferLog /var/log/proftpd/xferlog
|
2022-09-13 16:29:59 +02:00
|
|
|
|
|
|
|
|
{% if proftpd_sftp_use_publickeys %}
|
|
|
|
|
SFTPAuthMethods publickey password
|
|
|
|
|
SFTPAuthorizedUserKeys file:/etc/proftpd/sftp.authorized_keys/%u
|
|
|
|
|
{% else %}
|
2019-01-24 11:47:03 +01:00
|
|
|
SFTPAuthMethods password
|
2022-09-13 16:29:59 +02:00
|
|
|
{% endif %}
|
|
|
|
|
|
2019-01-24 11:47:03 +01:00
|
|
|
SFTPHostKey /etc/ssh/ssh_host_ecdsa_key
|
|
|
|
|
SFTPHostKey /etc/ssh/ssh_host_rsa_key
|
2023-11-15 10:53:22 +01:00
|
|
|
{% if ansible_distribution_major_version is version('11', '>=') %}
|
2023-11-15 09:43:10 +01:00
|
|
|
SFTPHostKey /etc/ssh/ssh_host_ed25519_key
|
2023-11-15 10:53:22 +01:00
|
|
|
{% endif %}
|
2019-01-24 11:47:03 +01:00
|
|
|
|
|
|
|
|
RequireValidShell off
|
|
|
|
|
|
|
|
|
|
AuthUserFile /etc/proftpd/vpasswd
|
|
|
|
|
|
|
|
|
|
<Limit LOGIN>
|
|
|
|
|
AllowGroup ftpusers
|
|
|
|
|
DenyAll
|
|
|
|
|
</Limit>
|
|
|
|
|
</VirtualHost>
|
