Commit afac6e04 authored by Jérome Perrin's avatar Jérome Perrin

proftpd: create all files in instance

Some files and sockets where created in their default location, which
was in the software.
As a result, this software was working only on webrunner or testnodes,
which uses same unix user for software and instance.
parent ac4b1df5
......@@ -20,9 +20,9 @@ md5sum = 8ed5b4a7940db47ccb386c2f4e3e7273
[instance-default]
filename = instance-default.cfg.in
md5sum = 89e145188fe2a223f22f57e5c0c242e4
md5sum = e2e67390753ec63babcc8d4ce9fc6230
[proftpd-config-file]
filename = proftpd-config-file.cfg.in
md5sum = 46cbe4ea65b445822d3da32c76c7d67d
md5sum = a7c0f4607c378b640379cc258a8aadfa
......@@ -62,6 +62,8 @@ url = sftp://[${:host}]:${:sftp-port}
data-dir = ${directory:proftpd-dir}
user=${proftpd-userinfo:pw-name}
group=${proftpd-userinfo:gr-name}
scoreboard-file=${directory:var}/proftpd.scoreboard
pid-file=${directory:var}/proftpd.pid
sftp-log=${directory:log}/proftpd-sftp.log
xfer-log=${directory:log}/proftpd-xfer.log
ban-log=${directory:log}/proftpd-ban.log
......@@ -70,6 +72,7 @@ ssh-host-dsa-key=${ssh-host-dsa-key:output}
ssh-host-ecdsa-key=${ssh-host-ecdsa-key:output}
ssh-authorized-keys-dir = ${directory:ssh-authorized-keys-dir}
ban-table=${directory:srv}/proftpd-ban-table
control-socket=${directory:var}/proftpd.sock
auth-user-file=${auth-user-file:output}
recipe = slapos.cookbook:wrapper
......
......@@ -9,6 +9,9 @@ Port {{ proftpd['sftp-port'] }}
User {{ proftpd['user'] }}
Group {{ proftpd['group'] }}
ScoreboardFile {{ proftpd['scoreboard-file'] }}
PidFile {{ proftpd['pid-file'] }}
Umask 022
AllowOverwrite on
......@@ -63,5 +66,6 @@ BanTable {{ proftpd['ban-table'] }}
# 5 failed login attemps in 5 minutes -> ban for 20 minutes
BanOnEvent MaxLoginAttempts 5/00:05:00 00:20:00 "Too many Failed Login Attempts"
BanControlsACLs all allow user {{ proftpd['user'] }}
# This depends on a control socket
ControlsSocket {{ proftpd['control-socket'] }}
ControlsSocketOwner {{ proftpd['user'] }} {{ proftpd['group'] }}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment