Version information
Start using this module
Add this module to your Puppetfile:
mod 'alexggolovin-vsftpd', '0.2.6'Learn more about managing modules with a PuppetfileDocumentation
Table of Contents
###Default Usage VSFTPD server configured for public anonymous and real system users authenticated by passwords in their home folders only usage.
###Description: This is complex module example which allows deploy and configure vsftpd service for virtual or local system users with allowed for download and upload permissions into their own home folders, anonymous configured users restricted access for download only from '/var/ftp' folder with possible managed this folder's content by this module with next variety of supported OS: CentOS/RedHat/Ubuntu/Debian.
Classes
- Class vsftpd This class installs and configure vsftpd service;
- Class ::vsftpd::params This class responsible for OS depend parameters and vsftpd.conf configuration file options. For virtual and real users authentication: vsftpd.conf.erb and vsftpd_virt.conf.erb assigned via ::vsftpd::params class;
###Folders
- Virtual users home folder '/home/virtual' for all users from Berkley database;
- Anonymous content folder '/var/ftp' created with help of ::vsftpd::content included class;
###Permissions: Anonymous '/var/ftp' download only, local/virtual users: download/upload into their home folders only;
###Supported OS:
- Debian-8/Ubuntu-14/CentOS-7/RedHat-7 - full supported distributions;
- Debian-7,CentOS-6,RedHat-6 releases can be used for anonymous downloads only, because seems they don't work with "allow_writeable_chroot" option;
###Usage: To change vsftpd service configurations edit vsftpd class parameters like "$listen" in the init.pp file, or add/remove required options directly into templates/vsftpd.conf.erb for real system's users and templates/vsftpd_virt.conf.erb for virtual user's configuration files. To get it started just add class {'vsftpd':} into site.pp configuration file for nodes where vsftpd server must be installed.
1.Add class {'vsftpd':} into site.pp configuration file for nodes where vsftpd server must be installed
2.Real system users authentication usage configured by default via init.pp class parameter "$enable_virtual = 'NO'".
3.If you want to change default system authentication to virtual users authentication you have to:
3.1 To be sure hiera is installed on your puppet master server, usually it's already installed by default as a part of puppet;
3.2 Add new "-vsftpd" hierarchy in /etc/puppet/hiera.yaml Example:
---
:backends:
- yaml
:yaml:
:datadir: /etc/puppet/hiera
:hierarchy:
-vsftpd
3.3 Configure your hiera datasource with required user/password values for Berkley DB: Example: /etc/puppet/hiera/vsftpd.yaml user,password,user,password line by line;
---
vsftpd::ftpuser:
- alex
- mytopsecretpass
- mike
- mikespasssecret
3.4 Change init.pp class parameter "$enable_virtual = 'NO'" to "$enable_virtual = 'YES'"
3.5 Security notes: don't forget to change your /etc/puppet/hiera/vsftpd.yaml secret password file access permissions.
###Hiera Examples: hiera_examples module folder contains: hiera.yaml - hiera configuration file example; vsftpd.yaml - virtual users usernames and passwords database example;
2015-06-07 - 0.2.6
- Changes done with hiera configuration requirement disabled in installation by default "$ftpuser = hiera('ftpuser','') -> default hiera empty data added, it continues run module if hiera not configured just empty users file created for berkley db virtual users
2015-05-10 - 0.2.1
- Berkley db RedHat/Debian based distributions package dependencies added: libdb-utils -> rpm; db-util -> deb
- Debian7,RedHat6,Centos6 default anonymous only support disabled
2015-05-05 - 0.2.0
- Hiera lookup integrated for the virtual users usernames and passwords stored out of module in hiera datasource yaml file on puppet master server;
- Virtual users with Berkley database configuration added;
- SELinux ftp_home_dir boolean enabled for realusers and "/home/virtual" virtual users directory context changed for virtual users case usage;
2015-04-08 - 0.1.4
- puppet module uninstall error fixed;
2015-04-08 - 0.1.3
- Modulefile removed;
- metadata.json modified, new tags added;
2015-04-07 - 0.1.2
- Module structure changes: OS depends options moved to params class, vsftpd class parameters added for new template based configuration file vsftpd.conf.erb, vsftpd::content class added for manage anonymous users content;
- CentOS/RedHat/Debian/Ubuntu distribution support added;
2015-04-06 - 0.1.1
- welcome.txt ascii banner file added to the package
2015-04-01 - 0.1.0
- Required vsftpd.conf configuration file maintained
- vsftpd server deployed and tested
Copyright (C) 2015 Alexander Golovin https://github.com/alexggolovin/alexggolovin-vsftpd Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0