ansible-roles/proftpd/templates/ftps.conf.j2

39 lines
1.3 KiB
Django/Jinja

{% if proftpd_ftps_override %}
# WARNING : **Probably** ansible managed
{% endif %}
<IfModule !mod_tls.c>
LoadModule mod_tls.c
</IfModule>
<VirtualHost {{ proftpd_default_address | join(' ') }}>
TLSEngine on
TLSLog /var/log/proftpd/ftps.log
TLSProtocol TLSv1
TLSRSACertificateFile {{ proftpd_ftps_cert }}
TLSRSACertificateKeyFile {{ proftpd_ftps_key }}
#TLSOptions AllowClientRenegotiations
TLSOptions AllowPerUser
TLSVerifyClient off
TLSRequired off
TLSRenegotiate required off
TLSOptions NoSessionReuseRequired
RequireValidShell off
Port {{ proftpd_ftps_port }}
AuthUserFile /etc/proftpd/vpasswd
DefaultRoot ~
PassivePorts 60000 61000
TransferLog /var/log/proftpd/xferlog
<Limit LOGIN>
AllowGroup ftpusers
DenyAll
</Limit>
</VirtualHost>