Add role variables and extend example

2024-05-08 17:31:23 +00:00 · 2021-03-24 17:27:47 +01:00 · 2021-03-24 17:27:47 +01:00 · 89259536fb
parent c2afaf297e
commit 89259536fb
2 changed files with 36 additions and 2 deletions
--- a/README.md
+++ b/README.md
@ -4,12 +4,46 @@ Install and configure the secure `PureFTPd` server.

 ## Role Variables

+| Value | Description | Default |
+|-------|-------------|---------|
+| `config_firewall` | Apply firewall rules | `false` |
+| `firewall_zone` | Firewall zone where ftp will be allowed | public |
+| `MaxClientsNumber` | Maximum number of anonymous clients | 10 |
+| `MaxClientsPerIP` | Maximum clients per IP address | 3 |
+| `AnonymousOnly` | Forbid user login | yes |
+| `NoAnonymous` | Disallow anonymous | no |
+| `PAMAuthentication` | Allow PAM authentication | no |
+| `MaxIdleTime` | Maximum idle time in minutes before disconnecting | 5 |
+| `MaxLoad` | Disallow anonymous download if system load is above this value | 4 |
+| `PassivePortMin` | Passive port range - lower bound | 30000 |
+| `PassivePortMax` | Passive port range - upper bound | 30100 |
+| `ForcePassiveIP` | Use this IP for passive mode, useful if `PureFTPd` is behind a NAT | `""` (disabled) |
+| `Bind` | Bind address and port (e.g. `127.0.0.1,21`) | `""` (disabled) | 
+| `Bandwidth` | Max bandwidth for all users in KB/s | `""` (disabled) | 
+| `TrustedIP` | Allow login only from this IP | `""` (disabled) | 
+| `MaxUserSessions` | Maximum number of open session per user | 3 |
+| `MaxAnonSessions` | Maximum number of open anonymous sessions | 20 |
+| `IPV4Only` | Bind to IPv4 only. By default we bind to IPv4 and IPv6 | no |
+| `IPV6Only` | Bind to IPv6 only. By default we bind to IPv4 and IPv6 | no |

 ## Example Playbook

    - hosts: jellyfish
      roles:
-         - { role: geekoops-pureftp }
+         - { role: geekoops-pureftp, config_firewall: true }
+
+A more extended example
+
+    - hosts: jellyfish
+      roles:
+         - role: geekoops-pureftp
+           vars:
+             config_firewall: true
+             AnonymousOnly: yes
+             PassivePortMin: 30000
+             PassivePortMax: 31000
+             MaxAnonSessions: 100
+

 ## License

--- a/defaults/main.yml
+++ b/defaults/main.yml
@ -8,8 +8,8 @@ firewall_zone: "public"
 MaxClientsNumber: 10
 MaxClientsPerIP: 3
 AnonymousOnly: "yes"
-PAMAuthentication: "no"
 NoAnonymous: "no"
+PAMAuthentication: "no"
 MaxIdleTime: "5"
 MaxLoad: "4"
 # PassivePortRange