ProFTPd: set missing default listen IP for SFTP, enable ed25525549 key only for Debian >= 11

2023-11-15 10:53:22 +01:00 · 2023-11-15 10:53:22 +01:00 · 1394052fd6
parent 4a6e6e6ba2
commit 1394052fd6
3 changed files with 5 additions and 2 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -23,7 +23,7 @@ The **patch** part changes is incremented if multiple releases happen the same m
 * evocheck: upstream release 23.10
 * add-vm.sh: allow VM name max length > 20
 * nagios: rename var `nagios_nrpe_process_processes` into `nagios_nrpe_processes` and check systemd-timesyncd instead of ntpd in Debian 12
-* ProFTPd: in SFTP vhost, enable SSH keys login, enable ed25549 host key
+* ProFTPd: in SFTP vhost, enable SSH keys login, enable ed25549 host key for Debian >= 11

 ### Fixed

@ -35,6 +35,7 @@ The **patch** part changes is incremented if multiple releases happen the same m
 * webapps/nextcloud: fix missing gid
 * webapps/nextcloud: fix misplaced gid attribute
 * webapps/nextcloud: added check that nexctcloud uid is over 3000
+* ProFTPd: set missing default listen IP for SFTP

 ### Removed

--- a/proftpd/defaults/main.yml
+++ b/proftpd/defaults/main.yml
@ -1,7 +1,7 @@
 ---
 proftpd_hostname: "{{ ansible_hostname }}"
 proftpd_fqdn: "{{ ansible_fqdn }}"
-proftpd_default_address: []
+proftpd_default_address: ["0.0.0.0"]
 proftpd_ftp_enable: True
 proftpd_ftp_override: False
 proftpd_port: 21
--- a/proftpd/templates/sftp.conf.j2
+++ b/proftpd/templates/sftp.conf.j2
@ -27,7 +27,9 @@

    SFTPHostKey /etc/ssh/ssh_host_ecdsa_key
    SFTPHostKey /etc/ssh/ssh_host_rsa_key
+    {% if ansible_distribution_major_version is version('11', '>=') %}
    SFTPHostKey /etc/ssh/ssh_host_ed25519_key
+    {% endif %}
    
    RequireValidShell off