Parameterised port - service/proftpd

This commit is contained in:
thomashaw
2017-04-19 13:17:48 +01:00
parent e0a0e1f8d4
commit 3d4c0fa98a
5 changed files with 19 additions and 5 deletions

View File

@@ -1,9 +1,11 @@
class proftpd::configure {
$json_inputs = base64('decode', $::base64_inputs)
file { '/etc/proftpd/proftpd.conf':
notify => Service['proftpd'],
ensure => present,
owner => 'root',
group => 'root',
mode => '0644',
content => template('proftpd/proftpd.erb')
content => template('proftpd/proftpd.erb'),
}
}

View File

@@ -1,5 +1,5 @@
class proftpd {
require proftpd::install
require proftpd::configure
require proftpd::service
class { 'proftpd::install': }
class { 'proftpd::configure': } ~>
class { 'proftpd::service': }
}

View File

@@ -2,6 +2,8 @@ class proftpd::service {
service { 'proftpd':
ensure => running,
enable => true,
hasrestart => true,
require => File['/etc/proftpd/proftpd.conf'],
subscribe => File['/etc/proftpd/proftpd.conf'],
}
}

View File

@@ -12,6 +12,12 @@
<type>ftp</type>
<platform>linux</platform>
<read_fact>port</read_fact>
<default_input into="port">
<value>201</value>
</default_input>
<!--optional details-->
<reference>https://security.appspot.com/vsftpd.html</reference>
<reference>https://forge.puppet.com/adamjlow/proftpd</reference>

View File

@@ -1,3 +1,7 @@
<% require 'json'
$secgen_parameters = JSON.parse(@json_inputs)
$port = $secgen_parameters['port'].first
%>
#
# /etc/proftpd/proftpd.conf -- This is a basic ProFTPD configuration file.
# To really apply changes, reload proftpd after modifications, if
@@ -38,7 +42,7 @@ DenyFilter \*.*/
# RequireValidShell off
# Port 21 is the standard FTP port.
Port 21
Port <%=$port%>
# In some cases you have to specify passive ports range to by-pass
# firewall limitations. Ephemeral ports can be used for that, but