From 89259536fbed44a5271cac88ff78aa14e96c9b41 Mon Sep 17 00:00:00 2001
From: "felix.niederwanger@suse.com" <phoenix>
Date: Wed, 24 Mar 2021 17:27:47 +0100
Subject: [PATCH] Add role variables and extend example

---
 README.md         | 36 +++++++++++++++++++++++++++++++++++-
 defaults/main.yml |  2 +-
 2 files changed, 36 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index c7487d9..11552e4 100644
--- a/README.md
+++ b/README.md
@@ -4,12 +4,46 @@ Install and configure the secure `PureFTPd` server.
 
 ## Role Variables
 
+| Value | Description | Default |
+|-------|-------------|---------|
+| `config_firewall` | Apply firewall rules | `false` |
+| `firewall_zone` | Firewall zone where ftp will be allowed | public |
+| `MaxClientsNumber` | Maximum number of anonymous clients | 10 |
+| `MaxClientsPerIP` | Maximum clients per IP address | 3 |
+| `AnonymousOnly` | Forbid user login | yes |
+| `NoAnonymous` | Disallow anonymous | no |
+| `PAMAuthentication` | Allow PAM authentication | no |
+| `MaxIdleTime` | Maximum idle time in minutes before disconnecting | 5 |
+| `MaxLoad` | Disallow anonymous download if system load is above this value | 4 |
+| `PassivePortMin` | Passive port range - lower bound | 30000 |
+| `PassivePortMax` | Passive port range - upper bound | 30100 |
+| `ForcePassiveIP` | Use this IP for passive mode, useful if `PureFTPd` is behind a NAT | `""` (disabled) |
+| `Bind` | Bind address and port (e.g. `127.0.0.1,21`) | `""` (disabled) | 
+| `Bandwidth` | Max bandwidth for all users in KB/s | `""` (disabled) | 
+| `TrustedIP` | Allow login only from this IP | `""` (disabled) | 
+| `MaxUserSessions` | Maximum number of open session per user | 3 |
+| `MaxAnonSessions` | Maximum number of open anonymous sessions | 20 |
+| `IPV4Only` | Bind to IPv4 only. By default we bind to IPv4 and IPv6 | no |
+| `IPV6Only` | Bind to IPv6 only. By default we bind to IPv4 and IPv6 | no |
 
 ## Example Playbook
 
     - hosts: jellyfish
       roles:
-         - { role: geekoops-pureftp }
+         - { role: geekoops-pureftp, config_firewall: true }
+
+A more extended example
+
+    - hosts: jellyfish
+      roles:
+         - role: geekoops-pureftp
+           vars:
+             config_firewall: true
+             AnonymousOnly: yes
+             PassivePortMin: 30000
+             PassivePortMax: 31000
+             MaxAnonSessions: 100
+
 
 ## License
 
diff --git a/defaults/main.yml b/defaults/main.yml
index 7e18a2c..96668c5 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -8,8 +8,8 @@ firewall_zone: "public"
 MaxClientsNumber: 10
 MaxClientsPerIP: 3
 AnonymousOnly: "yes"
-PAMAuthentication: "no"
 NoAnonymous: "no"
+PAMAuthentication: "no"
 MaxIdleTime: "5"
 MaxLoad: "4"
 # PassivePortRange