rename backup-server-state to dump-server-state #150
|
@ -19,6 +19,7 @@ The **patch** part changes is incremented if multiple releases happen the same m
|
|||
* inspect-domains: Add role
|
||||
* memcached: NRPE check for multi-instance setup
|
||||
* proftpd: Add options to override configs
|
||||
* proftpd: Allow user auth with ssh keys
|
||||
|
||||
### Changed
|
||||
|
||||
|
|
|
@ -12,6 +12,7 @@ proftpd_ftps_cert: "/etc/ssl/certs/ssl-cert-snakeoil.pem"
|
|||
proftpd_ftps_key: "/etc/ssl/private/ssl-cert-snakeoil.key"
|
||||
proftpd_sftp_enable: False
|
||||
proftpd_sftp_override: False
|
||||
proftpd_sftp_use_publickeys: False
|
||||
proftpd_sftp_port: 22222
|
||||
proftpd_accounts: []
|
||||
proftpd_accounts_final: []
|
||||
|
|
|
@ -60,3 +60,18 @@
|
|||
when: proftpd_sftp_enable | bool
|
||||
tags:
|
||||
- proftpd
|
||||
|
||||
- name: Allow keys for SFTP account
|
||||
blockinfile:
|
||||
dest: "/etc/proftpd/sftp.authorized_keys/{{ item.name }}"
|
||||
state: present
|
||||
block: "{{ item.sshkeys }}"
|
||||
create: yes
|
||||
mode: 0600
|
||||
loop: "{{ proftpd_accounts_final }}"
|
||||
notify: restart proftpd
|
||||
when:
|
||||
- proftpd_sftp_enable | bool
|
||||
- proftpd_sftp_use_publickeys | bool
|
||||
tags:
|
||||
- proftpd
|
||||
|
|
|
@ -48,6 +48,20 @@
|
|||
tags:
|
||||
- proftpd
|
||||
|
||||
- name: SFTP key folder exists if needed
|
||||
file:
|
||||
path: /etc/proftpd/sftp.authorized_keys/
|
||||
state: directory
|
||||
mode: "0700"
|
||||
owner: root
|
||||
group: root
|
||||
notify: restart proftpd
|
||||
when:
|
||||
- proftpd_sftp_enable | bool
|
||||
- proftpd_sftp_use_publickeys | bool
|
||||
tags:
|
||||
- proftpd
|
||||
|
||||
- name: mod_tls_memcache is disabled
|
||||
replace:
|
||||
dest: /etc/proftpd/modules.conf
|
||||
|
|
|
@ -13,8 +13,14 @@
|
|||
|
||||
SFTPLog /var/log/proftpd/sftp.log
|
||||
TransferLog /var/log/proftpd/xferlog
|
||||
|
||||
|
||||
{% if proftpd_sftp_use_publickeys %}
|
||||
SFTPAuthMethods publickey password
|
||||
SFTPAuthorizedUserKeys file:/etc/proftpd/sftp.authorized_keys/%u
|
||||
{% else %}
|
||||
SFTPAuthMethods password
|
||||
{% endif %}
|
||||
|
||||
SFTPHostKey /etc/ssh/ssh_host_ecdsa_key
|
||||
SFTPHostKey /etc/ssh/ssh_host_rsa_key
|
||||
|
||||
|
|
Loading…
Reference in a new issue