2022-09-13 16:31:03 +02:00
|
|
|
{% if proftpd_ftps_override %}
|
|
|
|
# WARNING : **Probably** ansible managed
|
|
|
|
{% endif %}
|
|
|
|
|
2019-01-24 11:47:03 +01:00
|
|
|
<IfModule !mod_tls.c>
|
|
|
|
LoadModule mod_tls.c
|
|
|
|
</IfModule>
|
|
|
|
|
2022-08-31 17:03:02 +02:00
|
|
|
<VirtualHost {{ proftpd_default_address | join(' ') }}>
|
2019-01-24 11:47:03 +01:00
|
|
|
TLSEngine on
|
|
|
|
TLSLog /var/log/proftpd/ftps.log
|
|
|
|
TLSProtocol TLSv1
|
|
|
|
|
|
|
|
TLSRSACertificateFile {{ proftpd_ftps_cert }}
|
|
|
|
TLSRSACertificateKeyFile {{ proftpd_ftps_key }}
|
|
|
|
|
|
|
|
#TLSOptions AllowClientRenegotiations
|
|
|
|
|
|
|
|
TLSOptions AllowPerUser
|
|
|
|
TLSVerifyClient off
|
|
|
|
TLSRequired off
|
|
|
|
|
|
|
|
TLSRenegotiate required off
|
|
|
|
TLSOptions NoSessionReuseRequired
|
|
|
|
|
|
|
|
RequireValidShell off
|
|
|
|
Port {{ proftpd_ftps_port }}
|
|
|
|
AuthUserFile /etc/proftpd/vpasswd
|
|
|
|
DefaultRoot ~
|
|
|
|
|
|
|
|
PassivePorts 60000 61000
|
2020-09-22 10:03:29 +02:00
|
|
|
TransferLog /var/log/proftpd/xferlog
|
2019-01-24 11:47:03 +01:00
|
|
|
|
|
|
|
<Limit LOGIN>
|
|
|
|
AllowGroup ftpusers
|
|
|
|
DenyAll
|
|
|
|
</Limit>
|
|
|
|
</VirtualHost>
|