Git Product home page Git Product logo

puppet-proftpd's Introduction

puppet-proftpd

Build Status Puppet Forge Puppet Forge - downloads

Table of Contents

  1. Overview
  2. Usage
  3. Reference
  4. Limitations
  5. Development
  6. Contributors

Overview

A Puppet module for ProFTPD, hiera-friendly, highly configurable and well-tested.

Usage

Beginning with proftpd

This example will install packages, setup a minimal configuration and activate the service for you:

class { 'proftpd': }

Loading additional modules is easy too:

class { 'proftpd':
  load_modules => {
    ban => {},
    tls => {},
    sql => {},
  }
}

It is simple to add new options or overwrite the defaults in the configuration root or any (sub) section:

class { 'proftpd':
  options => {
    'ROOT'  => {
      'ServerName'   => 'FTP server',
      'MaxInstances' => '10',
    },
    'IfModule mod_vroot.c' => {
      'VRootEngine' => 'on',
    },
  },
}

NOTE: You don't need to take care for section brackets or closing tags. The module will add this automatically.

Enabling anonymous login and customizing it's default options works the same way:

class { 'proftpd':
  anonymous_enable => true,
  options          => {
    'Anonymous ~ftp'        => {
      'Directory uploads/*' => {
        'Limit STOR'        => {
          'AllowAll'        => true,
          'DenyAll'         => false,
        },
      },
    },
  },

You may opt to disable the default configuration and do everything from scratch:

class { 'proftpd':
  default_config => false,
  options => {...}
}

(Here the options hash must contain all options required to run ProFTPD.)

Using Hiera

You're encouraged to define your configuration using Hiera, especially if you plan to disable the default configuration:

proftpd::default_config: false
# load modules in a specific order if necessary
proftpd::load_modules:
  sql:
    order: 1
  sql_mysql:
    order: 2
  quotatab:
    order: 3
  quotatab_sql:
    order: 4
  rewrite:
    order: 5
  ban: {}
  tls: {}

proftpd::options:
  ROOT:
    ServerType: 'standalone'
    DefaultServer: 'on'
    ScoreboardFile: '/var/run/proftpd.scoreboard'
    DelayTable: '/var/run/proftpd.delay'
    ControlsSocket: '/var/run/proftpd.socket'
    User: 'www'
    Group: 'www'
    Umask: '006'
    UseReverseDNS: 'off'
    DefaultRoot: '~ !'
    DefaultChdir: '/var/ftp'
    ServerName: '%{facts.networking.fqdn}'
    Port: '21'
    PassivePorts: '49152 65534'
    TransferLog: 'NONE'
    LogFormat:
      - 'default "%h %l %u %t \"%r\" %s %b"'
      - 'auth "%t %v [%P] %h \"%r\" %s"'
      - 'access "%h %l %u %t \"%r\" %s %b"'
    ExtendedLog:
      - '/var/log/proftpd/access.log INFO,DIRS,MISC,READ,WRITE access'
      - '/var/log/proftpd/auth.log AUTH auth'
    MaxClients: '20 "Connection limit reached (%m)."'
    MaxInstances: '20'
    MaxClientsPerHost: '15 "Connection limit reached (%m)."'
    MaxClientsPerUser: '10 "Connection limit reached (%m)."'
    TLSEngine: 'on'
    TLSProtocol: 'SSLv23'
    TLSRequired: 'off'
    TLSOptions: 'NoCertRequest'
    TLSCipherSuite: 'ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP'
    TLSVerifyClient: 'off'
    TLSRSACertificateFile: '/etc/ssl/%{facts.networking.fqdn}.crt'
    TLSRSACertificateKeyFile: '/etc/ssl/%{facts.networking.fqdn}.key'
    TLSLog: '/var/log/proftpd/tls.log'
  Global:
    RequireValidShell: 'off'
    UseFtpUsers: 'on'
    AllowRetrieveRestart: 'on'
    AllowStoreRestart: 'on'
    AllowOverwrite: 'yes'
    AccessGrantMsg: '"Login OK"'
    IdentLookups: 'off'
    ServerIdent: 'on "FTP Service"'
    AllowForeignAddress: 'on'
    DirFakeUser: 'on www'
    DirFakeGroup: 'on www'
    PathDenyFilter: '"(\.ftpaccess)$"'
    ListOptions: '"-a"'
    MaxLoginAttempts: '2'
    AuthUserFile: '/etc/proftpd/proftpd.passwd'
    AuthGroupFile: '/etc/proftpd/proftpd.group'
    TimeoutLogin: '1800'
    TimeoutIdle: '1800'
    TimeoutStalled: '1800'
    TimeoutNoTransfer: '1800'
  'Directory /':
    AllowOverwrite: 'on'
  'VirtualHost 127.0.1.1':
    ServerName: '"FTP Server 1"'
    PassivePorts: '60000 65534'
  'IfModule mod_rewrite.c':
    RewriteEngine: 'on'
    RewriteLog: '/var/log/proftpd/rewrite.log'
    RewriteMap:
      - |
        replace int:replaceall
            RewriteCondition        %m ^(STOR)$
            RewriteRule             ^(.*)$  "${replace:/$1/ /_}"
      - |
        replace int:replaceall
            RewriteCondition        %m ^(STOR)$
            RewriteRule             ^(.*)$  "${replace:/$1/\?/_}"
      - |
        replace int:replaceall
            RewriteCondition        %m ^(STOR)$
            RewriteRule             ^(.*)$  "${replace:/$1/Ü/UE}"
  'Directory /mnt/exchange/user1/*':
    RewriteCondition:
      - |-
        '%f "^[[:cntrl:] ]+"
            RewriteRule "^[[:cntrl:] ]+([^[:cntrl:]]+)" $1'
      - |-
        '%f "[[:cntrl:] ]+$"
            RewriteRule "([^[:cntrl:]]+)[[:cntrl:] ]+$" $1'
      - |-
        '%f "[[:cntrl:]]"
            RewriteRule "([^[:cntrl:]]+)[[:cntrl:]]*([^[:cntrl:]]*)[[:cntrl:]]*([^[:cntrl:]]*)" $1$2$3'

Reference

Syntax

You may want to use the $options parameter to overwrite default configuration options or build a ProFTPD configuration from scratch. There are few things you need to know:

  • sections: ProFTPD's configuration uses a number of <sections>. You create a new section by specifying a hash, the module's erb template will do the rest for you. This works for special cases like <IfDefine X> too.
  • ROOT: To add items to the root of the ProFTPD configuration, use this namespace.
  • false: Setting a value to 'false' will remove the item from the configuration.
  • multiple values: If you want to specify multiple values for the same configuration item (i.e. LogFormat or ExtendedLog), you need to specify these values as an array.

Classes and Parameters

Classes and parameters are documented in REFERENCE.md.

Limitations

OS Compatibility

This module was tested on FreeBSD, CentOS and Debian. Please open a new issue if your operating system is not supported yet, and provide information about problems or missing features.

Template Issues

The proftpd.conf.erb template... sucks. It suffers from code repetition. Furthermore it is limited to only four nested configuration sections (which should still be enough, even for rather complex configurations). If you come up with a better idea please let me know.

Development

Please use the github issues functionality to report any bugs or requests for new features. Feel free to fork and submit pull requests for potential contributions.

Contributors

This module is heavily inspired by and in part based on the following modules:

See the LICENSE file for further information.

puppet-proftpd's People

Contributors

baurmatt avatar cdenneen avatar cedef avatar crazymind1337 avatar crispygoth avatar derkgort avatar fraenki avatar franzs avatar jan-win1993 avatar jbender81 avatar klavsklavsen avatar lightning- avatar saz avatar testingoauth avatar trlinkin avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar

Forkers

cdenneen trovitsys yarikdot trlinkin khorsmann franzs olevole willaerk powerhome derkgort crispygoth bc-bjoern klavsklavsen syseleven suportetikrn wandera neatnerdprime gutierrezjeremy jbender81 jan-win1993 saz

puppet-proftpd's Issues

Issue with duplicate names with different values?

I don't know if this is something I'm doing wrong in Hiera or it's an issue with the module. It only takes the last of the values when they have the same name in the config. For example try this in Hiera:

proftpd::default_config: false
proftpd::load_modules:
sql: {}
sql_mysql: {}
quotatab: {}
quotatab_sql: {}

proftpd::options:
ROOT:
ServerName: 'Test'
ServerAdmin: 'root@localhost'
DefaultServer: 'on'
UseReverseDNS: 'off'
LogFormat: 'default "%h %l %u %t "%r" %s %b"'
LogFormat: 'auth "%v [%P] %h %t "%r" %s"'

Notice it'll only save the LogFormat auth and not the default. I have a bunch more in mysql for Hiera that have the same issue (only keeps the last). It even calls it out in his docs that you can do it so what am I missing?

Grep results post puppet apply in CentOS 7

[vagrant@localhost etc]$ more proftpd.conf | grep Log
LogFormat auth "%v [%P] %h %t "%r" %s"

Issue with AuthUserFile - validate_cmd doesn't pass on first run

Puppet configuration:

class { 'proftpd':
    anonymous_enable => false,
    options          => {
        'ROOT' => {
            'ServerName'   => 'Proftpd',
            'MaxInstances' => '100',
            'AuthUserFile' => '/etc/proftpd/proftpd.passwd',
        },
    }
}

Error message:

Error: Execution of '/usr/sbin/proftpd -t -c /etc/proftpd/proftpd.conf20151019-3691-442xx9' returned 1: Checking syntax of configuration file
2015-10-19 12:19:56,746 hosting proftpd[4838]: mod_auth_file/1.0: unable to lstat AuthUserFile '/etc/proftpd/proftpd.passwd': No such file or directory
2015-10-19 12:19:56,746 hosting proftpd[4838]: fatal: AuthUserFile: unable to use /etc/proftpd/proftpd.passwd: No such file or directory on line 28 of '/etc/proftpd/proftpd.conf20151019-3691-442xx9'
Error: /Stage[main]/Proftpd::Config/File[/etc/proftpd/proftpd.conf]/content: change from {md5}675c09519f746b8154dec38df20103c0 to {md5}032d66c7aa2d7c61e71f5cf5e9951418 failed: Execution of '/usr/sbin/proftpd -t -c /etc/proftpd/proftpd.conf20151019-3691-442xx9' returned 1: Checking syntax of configuration file
2015-10-19 12:19:56,746 hosting proftpd[4838]: mod_auth_file/1.0: unable to lstat AuthUserFile '/etc/proftpd/proftpd.passwd': No such file or directory
2015-10-19 12:19:56,746 hosting proftpd[4838]: fatal: AuthUserFile: unable to use /etc/proftpd/proftpd.passwd: No such file or directory on line 28 of '/etc/proftpd/proftpd.conf20151019-3691-442xx9'

Validate_cmd problem with missing AuthUserFile

Configuration:

$passwd = '/etc/proftpd/proftpd.passwd'

class { 'proftpd':
    anonymous_enable => false,
    options          => {
        'ROOT' => {
            'ServerName'   => 'Proftpd',
            'ServerAdmin'  => '[email protected]',
            'MaxInstances' => '100',
            'AuthUserFile' => '/etc/proftpd/proftpd.passwd',
            'AuthOrder'    => 'mod_auth_file.c',
            'PassivePorts' => '64000 65000',
        },
    }
}

Error message:

Error: Execution of '/usr/sbin/proftpd -t -c /etc/proftpd/proftpd.conf20160223-22582-1pjho3p' returned 1: Checking syntax of configuration file
2016-02-23 16:21:14,315 devel proftpd[23635]: mod_auth_file/1.0: unable to lstat AuthUserFile '/etc/proftpd/proftpd.passwd': No such file or directory
2016-02-23 16:21:14,315 devel proftpd[23635]: fatal: AuthUserFile: unable to use /etc/proftpd/proftpd.passwd: No such file or directory on line 28 of '/etc/proftpd/proftpd.conf20160223-22582-1pjho3p'
Error: /Stage[main]/Proftpd::Config/File[/etc/proftpd/proftpd.conf]/content: change from {md5}675c09519f746b8154dec38df20103c0 to {md5}1d6cd0fc37e7c6f57f8cff3d1e28309e failed: Execution of '/usr/sbin/proftpd -t -c /etc/proftpd/proftpd.conf20160223-22582-1pjho3p' returned 1: Checking syntax of configuration file
2016-02-23 16:21:14,315 devel proftpd[23635]: mod_auth_file/1.0: unable to lstat AuthUserFile '/etc/proftpd/proftpd.passwd': No such file or directory
2016-02-23 16:21:14,315 devel proftpd[23635]: fatal: AuthUserFile: unable to use /etc/proftpd/proftpd.passwd: No such file or directory on line 28 of '/etc/proftpd/proftpd.conf20160223-22582-1pjho3p'

New forge release

Hey, could you please release a new version to the forge? I'd like to have the concat changes.

Manage additional packages (for modules)

On some platforms (like CentOS) some modules require the installation of additional packages:

proftpd-ldap.x86_64 : Module to add LDAP support to the ProFTPD FTP server
proftpd-mysql.x86_64 : Module to add MySQL support to the ProFTPD FTP server
proftpd-postgresql.x86_64 : Module to add PostgreSQL support to the ProFTPD FTP server
proftpd-sqlite.x86_64 : Module to add SQLite support to the ProFTPD FTP server

The module should be able to automatically install all required packages, depending on the values in $load_modules.

Feature: add proftpd::ftpasswd::user defined type

I would like to add a proftpd::ftpasswd::user defined type in order to declare virtual users as simple variables like:

proftpd::virtual_users
    foo:
      password: $1$nVw4HoT7$VhFX6HFiz4VzbYnWUFrNP.
      uid: 33
      gid: 33
      homedir: /home/foo
      shell: /bin/false

Implementation would be trivial and using a concat::fragment targeting $proftpd::params::ftpasswd_file.

Would you accept a patch for such feature ?

General ordering in proftpd::install creates a dependency loop in catalog

The added general ordering via

puppet-proftpd/manifests/install.pp

Lines 6 to 8 in 0099de1

if $facts['os']['family'] == 'RedHat' {
Yumrepo <| |> -> Package <| |>
}
creates a dependency loop since other modules can require that a package is installed before a specific yumrepo will be created.

Since this module does not at all manages any yumrepo resources there should be no yumrepo ordering inside.

When acceptance tests need that kind of thing please only define it in the acceptance setup like so:

      pp = <<-EOS
      if $facts['os']['family'] == 'RedHat' {
        include epel
        Class['epel'] -> Class['proftpd']
      }
      class { 'proftpd': }
      EOS

Is this module still maintained?

Things are pretty outdated (e.g. still using travis-ci.org, dependencies in metadata.json).

If you're still maintaining this module, I'll send some PRs over.

unknown configuration directive 'DisplayReadme' 

# lsb_release -a
No LSB modules are available.
Distributor ID:	Debian
Description:	Debian GNU/Linux 10 (buster)
Release:	10
Codename:	buster

# puppet module install fraenki/proftpd --version 1.4.9
# puppet apply -e 'class { "proftpd": anonymous_enable => true }'

Notice: Compiled catalog for client.local in environment production in 0.08 seconds
Notice: /Stage[main]/Proftpd::Install/Package[proftpd-basic]/ensure: created
Error: Execution of '/usr/sbin/proftpd -t -c /etc/proftpd/proftpd.conf20200219-11616-r42skj' returned 1: Checking syntax of configuration file
2020-02-19 17:31:31,345 client proftpd[11856]: mod_ctrls/0.9.5: error: unable to bind to local socket: Address already in use
2020-02-19 17:31:31,346 client proftpd[11856]: fatal: unknown configuration directive 'DisplayReadme' on line 59 of '/etc/proftpd/proftpd.conf20200219-11616-r42skj'
Error: /Stage[main]/Proftpd::Config/File[/etc/proftpd/proftpd.conf]/content: change from '{md5}66d43911834887a0ce75bd2c0766ae84' to '{md5}a3a7796a896b4100d2e9ee5b37f823bd' failed: Execution of '/usr/sbin/proftpd -t -c /etc/proftpd/proftpd.conf20200219-11616-r42skj' returned 1: Checking syntax of configuration file
2020-02-19 17:31:31,345 client proftpd[11856]: mod_ctrls/0.9.5: error: unable to bind to local socket: Address already in use
2020-02-19 17:31:31,346 client proftpd[11856]: fatal: unknown configuration directive 'DisplayReadme' on line 59 of '/etc/proftpd/proftpd.conf20200219-11616-r42skj'
Notice: /Stage[main]/Proftpd::Service/Service[proftpd]: Dependency File[/etc/proftpd/proftpd.conf] has failures: true
Warning: /Stage[main]/Proftpd::Service/Service[proftpd]: Skipping because of failed dependencies
Notice: Applied catalog in 1.54 seconds

# dpkg -l '*proftp*' | grep ^i
ii  proftpd-basic      1.3.6-4+deb10u3 amd64        Versatile, virtual-hosting FTP daemon - binaries
ii  proftpd-doc        1.3.6-4+deb10u3 all          Versatile, virtual-hosting FTP daemon - documentation

Validate_cmd causing issues

@fraenki noticing odd behavior that I'm not sure where issue lies. It might not be your module and might be a puppet bug but wanted to reference.

If you enable module loading (let's use the user example given in #8):

---
proftpd::load_modules:
  sql:
    order: 1
  sql_mysql:
    order: 2
  quotatab:
    order: 3
  quotatab_sql:
    order: 4
  rewrite:
    order: 5

The validate_cmd complains on initial provision that it can't find the Included modules.conf but in looking at your config.pp it clearly states that modules.conf is before proftpd::config because of just this exact reason.
It's almost like it's not honoring that before statement?

==> default: Info: Computing checksum on file /etc/proftpd.conf
==> default: Info: /Stage[main]/Proftpd::Config/File[/etc/proftpd.conf]: Filebucketed /etc/proftpd.conf to puppet with sum 739256bad808470546c286093a2c1d34
==> default: Debug: Executing: '/usr/sbin/proftpd -t -c /etc/proftpd.conf20160304-4276-iney4d'
==> default: Notice: /Stage[main]/Proftpd::Config/File[/etc/proftpd.conf]/mode: mode changed '0640' to '0644'
==> default: Debug: Class[Proftpd::Config]: Resource is being skipped, unscheduling all events
==> default: Info: Class[Proftpd::Config]: Unscheduling all events on Class[Proftpd::Config]
==> default: Debug: Class[Proftpd::Service]: Resource is being skipped, unscheduling all events
==> default: Notice: /Stage[main]/Proftpd::Service/Service[proftpd]: Dependency File[/etc/proftpd.conf] has failures: true
==> default: Debug: /Stage[main]/Proftpd::Service/Service[proftpd]: Resource is being skipped, unscheduling all events
==> default: Info: /Stage[main]/Proftpd::Service/Service[proftpd]: Unscheduling all events on Service[proftpd]
==> default: Debug: Class[Proftpd::Service]: Resource is being skipped, unscheduling all events
==> default: Error: Execution of '/usr/sbin/proftpd -t -c /etc/proftpd.conf20160304-4276-iney4d' returned 1: Checking syntax of configuration file
==> default: 2016-03-04 12:47:29,201 localhost.localdomain proftpd[5663]: warning: unable to include '/etc/proftpd/modules.conf': No such file or directory
==> default: 2016-03-04 12:47:29,201 localhost.localdomain proftpd[5663]: fatal: unknown configuration directive 'SQLBackend' on line 35 of '/etc/proftpd.conf20160304-4276-iney4d'
==> default: /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util/execution.rb:216:in `execute'
==> default: /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/type/file.rb:804:in `block in write'
==> default: /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util.rb:388:in `replace_file'
==> default: /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/type/file.rb:798:in `write'
==> default: /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/type/file/content.rb:154:in `sync'
==> default: /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/transaction/resource_harness.rb:209:in `sync'
==> default: /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/transaction/resource_harness.rb:134:in `sync_if_needed'
==> default: /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/transaction/resource_harness.rb:89:in `block in perform_changes'
==> default: /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/transaction/resource_harness.rb:88:in `each'
==> default: /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/transaction/resource_harness.rb:88:in `perform_changes'
==> default: /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/transaction/resource_harness.rb:20:in `evaluate'
==> default: /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/transaction.rb:204:in `apply'
==> default: /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/transaction.rb:220:in `eval_resource'
==> default: /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/transaction.rb:147:in `call'
==> default: /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/transaction.rb:147:in `block (2 levels) in evaluate'
==> default: /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util.rb:292:in `block in thinmark'
==> default: /opt/puppetlabs/puppet/lib/ruby/2.1.0/benchmark.rb:294:in `realtime'
==> default: /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util.rb:291:in `thinmark'
==> default: /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/transaction.rb:147:in `block in evaluate'
==> default: /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/graph/relationship_graph.rb:118:in `traverse'
==> default: /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/transaction.rb:138:in `evaluate'
==> default: /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/resource/catalog.rb:178:in `block in apply'
==> default: /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util/log.rb:153:in `with_destination'
==> default: /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/transaction/report.rb:107:in `as_logging_destination'
==> default: /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/resource/catalog.rb:177:in `apply'
==> default: /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/configurer.rb:119:in `block in apply_catalog'
==> default: /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util.rb:129:in `block in benchmark'
==> default: /opt/puppetlabs/puppet/lib/ruby/2.1.0/benchmark.rb:294:in `realtime'
==> default: /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util.rb:128:in `benchmark'
==> default: /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/configurer.rb:118:in `apply_catalog'
==> default: /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/configurer.rb:228:in `run_internal'
==> default: /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/configurer.rb:134:in `block in run'
==> default: /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/context.rb:64:in `override'
==> default: /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet.rb:223:in `override'
==> default: /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/configurer.rb:133:in `run'
==> default: /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/application/apply.rb:343:in `apply_catalog'
==> default: /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/application/apply.rb:274:in `block in main'
==> default: /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/context.rb:64:in `override'
==> default: /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet.rb:223:in `override'
==> default: /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/application/apply.rb:225:in `main'
==> default: /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/application/apply.rb:170:in `run_command'
==> default: /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/application.rb:344:in `block in run'
==> default: /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util.rb:446:in `exit_on_fail'
==> default: /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/application.rb:344:in `run'
==> default: /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util/command_line.rb:128:in `run'
==> default: /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util/command_line.rb:72:in `execute'
==> default: /opt/puppetlabs/puppet/bin/puppet:5:in `<main>'
==> default: Error: /Stage[main]/Proftpd::Config/File[/etc/proftpd.conf]/content: change from {md5}739256bad808470546c286093a2c1d34 to {md5}17b7ca200d22fcc798ce4e5f63c8696f failed: Execution of '/usr/sbin/proftpd -t -c /etc/proftpd.conf20160304-4276-iney4d' returned 1: Checking syntax of configuration file
==> default: 2016-03-04 12:47:29,201 localhost.localdomain proftpd[5663]: warning: unable to include '/etc/proftpd/modules.conf': No such file or directory
==> default: 2016-03-04 12:47:29,201 localhost.localdomain proftpd[5663]: fatal: unknown configuration directive 'SQLBackend' on line 35 of '/etc/proftpd.conf20160304-4276-iney4d'
==> default: Warning: /Stage[main]/Proftpd::Service/Service[proftpd]: Skipping because of failed dependencies
==> default: Notice: /Stage[main]/Proftpd::Config/Concat[/etc/proftpd/modules.conf]/File[/etc/proftpd/modules.conf]/ensure: defined content as '{md5}19c94a6eedca04d2dce93f064387263c'

As you can see this is the source of the error:

Execution of '/usr/sbin/proftpd -t -c /etc/proftpd.conf20160304-4276-iney4d' returned 1: Checking syntax of configuration file
==> default: 2016-03-04 12:47:29,201 localhost.localdomain proftpd[5663]: warning: unable to include '/etc/proftpd/modules.conf': No such file or directory

And a few lines down it writes out the file:

==> default: Notice: /Stage[main]/Proftpd::Config/Concat[/etc/proftpd/modules.conf]/File[/etc/proftpd/modules.conf]/ensure: defined content as '{md5}19c94a6eedca04d2dce93f064387263c'

Config file order lines changed every puppet run

Hi there,

Every puppet agent run I've got the same config line with a different lines or blocks order, e.g.:

-ControlsEngine on
 AuthOrder mod_auth_pam.c* mod_auth_unix.c
-ServerName FTP server
+ControlsEngine on
 TransferLog /var/log/proftpd/xferlog
-ServerAdmin [email protected]
+ServerName FTP server
 DefaultRoot ~ !adm
+ServerAdmin [email protected]
 LogFormat default  "%h %l %u %t \"%r\" %s %b"
 LogFormat auth     "%v [%P] %h %t \"%r\" %s"
 SystemLog /var/log/proftpd/proftpd.log
+DefaultServer on
 ModuleControlsACLs insmod,rmmod allow user root
 ModuleControlsACLs lsmod allow user *
-UseReverseDNS off
 UseSendfile off
-DefaultServer on
+UseReverseDNS off
 Group nobody
 AuthPAMConfig proftpd
 ServerIdent on "FTP Server ready."
 ControlsACLs all allow user root
-User nobody
 MaxInstances 10
 ControlsSocketACL allow user *
+User nobody
 ControlsLog /var/log/proftpd/controls.log

and next run:

+<Directory /test>
+  <Limit ALL>
+    AllowAll true
+  </Limit>
+</Directory>
+
+<IfModule mod_vroot.c>
+  VRootEngine on
+</IfModule>
+
 <Limit LOGIN>
   AllowUser ftp
 </Limit>

 <IfModule mod_ctrls_admin.c>
-  AdminControlsACLs all allow user root
   AdminControlsEngine on
+  AdminControlsACLs all allow user root
 </IfModule>

-<Directory /test>
-  <Limit ALL>
-    AllowAll true
-  </Limit>
-</Directory>
-
 <IfModule mod_tls_shmcache.c>
   TLSSessionCache shm:/file=/var/run/proftpd/sesscache
 </IfModule>

-AuthOrder mod_auth_pam.c* mod_auth_unix.c
 ControlsEngine on
-TransferLog /var/log/proftpd/xferlog
-ServerName FTP server
-DefaultRoot ~ !adm
-ServerAdmin [email protected]
-LogFormat default  "%h %l %u %t \"%r\" %s %b"
-LogFormat auth     "%v [%P] %h %t \"%r\" %s"
-SystemLog /var/log/proftpd/proftpd.log
+ControlsSocketACL allow user *
+User nobody
+ControlsLog /var/log/proftpd/controls.log
+AuthPAMConfig proftpd
+AuthOrder mod_auth_pam.c* mod_auth_unix.c
 DefaultServer on
+Group nobody
 ModuleControlsACLs insmod,rmmod allow user root
 ModuleControlsACLs lsmod allow user *
 UseSendfile off
+MaxInstances 10
+ServerName FTP server
+ControlsACLs all allow user root
+SystemLog /var/log/proftpd/proftpd.log
+ServerAdmin [email protected]
 UseReverseDNS off
-Group nobody
-AuthPAMConfig proftpd
 ServerIdent on "FTP Server ready."
-ControlsACLs all allow user root
-MaxInstances 10
-ControlsSocketACL allow user *
-User nobody
-ControlsLog /var/log/proftpd/controls.log
+LogFormat default  "%h %l %u %t \"%r\" %s %b"
+LogFormat auth     "%v [%P] %h %t \"%r\" %s"
+TransferLog /var/log/proftpd/xferlog
+DefaultRoot ~ !adm

 <Global>
-  AllowOverwrite yes
-  Umask 022
   RequireValidShell off
+  Umask 022
+  AllowOverwrite yes
   <Limit ALL SITE_CHMOD>
     AllowAll
   </Limit>
 </Global>

-<IfModule mod_vroot.c>
-  VRootEngine on
-</IfModule>

And it's triggers proftpd restart.
Any idea how to sort it once and for all?

please release current version (including june 2016 commits) on the forge

The version currently published on Puppet Forge (v1.4.2) has some dependency bug that prevents it from running, at least when used on Ubuntu 16.04 with Puppet4 and current version of all dependencies (concat 2.2.0, stdlib 4.12.0).

The current master branch as of this writing seems to work correctly (we are checking it out with R10k directly from github).

Please release this as a new version to ease usage for people coming on the forge and using puppet module install.

class { '::proftpd' } fails

with:
Unknown variable: 'authuser_require'. at /etc/puppetlabs/code/environments/test/modules/upstream/proftpd/manifests/config.pp:94:8

:(

Issue with example config

Hello,

I'm having an issue with the example within the readme. The below code causes a error, which I've been unable to debug. Any suggestions please?

class profiles::ftp_server {

class { 'proftpd':
  options => {
    ROOT  => {
      ServerName   => 'FTP server',
      MaxInstances => '10',
    },
    'IfModule mod_vroot.c' => {
      VRootEngine => 'on',
    },
  },
}

}


puppet apply --modulepath=/etc/puppet/modules/ -e 'include profiles::ftp_server' 

Error: Syntax error at 'ROOT'; expected '}' at /etc/puppet/modules/profiles/manifests/ftp_server.pp:6 on node

Thanks,
Luke

Support for Puppet 6

This module is currently marked as being compatible with Puppet < 6. Considering there aren't a large number of dependencies listed, could this be tested on Puppet 6 and updated to be compatible?

Detail: split() can only be called using the 4.x function API. See Scope#call_function

I am using Puppet 4.8 on Debian 9 and wanted to try out your module by using the simplest case scenario in my manifest:

class { 'proftpd': }

unfortunately I get the following error on the puppet agent side:

Error: Could not retrieve catalog from remote server: Error 500 on SERVER: Server Error: Evaluation Error: Error while evaluating a Function Call, Failed to parse template proftpd/proftpd.conf.erb:
  Filepath: /usr/lib/ruby/vendor_ruby/puppet/parser/functions.rb
  Line: 275
  Detail: split() can only be called using the 4.x function API. See Scope#call_function
 at /etc/puppet/code/environments/production/modules/proftpd/manifests/config.pp:53:25 on node mynode

Package change since Debian Bullseye

Hi,
The "main" package for proftpd has been changed on Debian Bullseye, and onwards, to "proftpd-core" instead of "proftpd-basic".
"proftpd-basic" is, at least in Bullseye, Bookworm and (current) Sid, still available as transitional package, but it would be nicer to have the actual main package installed instead just as dependency.

Cheers
Jörg

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.