You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
100 lines
2.8 KiB
100 lines
2.8 KiB
---
|
|
|
|
# Version to deploy
|
|
sftpgo_version: 2.1.2
|
|
# URL of the archive
|
|
sftpgo_archive_url: https://github.com/drakkan/sftpgo/releases/download/v{{ sftpgo_version }}/sftpgo_v{{ sftpgo_version }}_linux_x86_64.tar.xz
|
|
# Expected sha1 of the archive
|
|
sftpgo_archive_sha1: 6b9ea26c53d62b47eec3ad18afeb90b6651df10c
|
|
|
|
# Should ansible handle upgrades ? If False, only initial install will be done
|
|
sftpgo_manage_upgrade: True
|
|
|
|
# Root dir where sftpgo will be installed
|
|
sftpgo_root_dir: /opt/sftpgo
|
|
|
|
# User account under which sftpgo will run
|
|
sftpgo_user: sftpgo
|
|
|
|
# Database settings
|
|
sftpgo_db_server: "{{ mysql_server | default('localhost') }}"
|
|
sftpgo_db_port: 3306
|
|
sftpgo_db_name: sftpgo
|
|
sftpgo_db_user: sftpgo
|
|
# If the password is not defined, a random one will be created and stored under {{ sftpgo_root_dir }}/meta/ansible_dbpass
|
|
# sftpgo_db_pass: S3cr3t.
|
|
|
|
# You can restrict access per port. This can be a list of IP (or network in CIDR notation)
|
|
# Access will be controlled by iptables
|
|
sftpgo_src_ip: []
|
|
sftpgo_sftp_src_ip: "{{ sftpgo_src_ip }}"
|
|
sftpgo_ftp_src_ip: "{{ sftpgo_src_ip }}"
|
|
sftpgo_webdav_src_ip: "{{ sftpgo_src_ip }}"
|
|
sftpgo_http_src_ip: "{{ sftpgo_src_ip }}"
|
|
|
|
# Base configuration of the service
|
|
sftpgo_base_conf:
|
|
common:
|
|
upload_mode: 1
|
|
setstat_mode: 1
|
|
temp_path: "{{ sftpgo_root_dir }}/tmp"
|
|
max_total_connections: 500
|
|
max_per_host_connections: 20
|
|
defender:
|
|
enabled: True
|
|
ban_time: 5
|
|
ban_time_increment: 50
|
|
threshold: 20
|
|
score_invalid: 10
|
|
score_valid: 1
|
|
score_limit_exceeded: 10
|
|
observation_time: 10
|
|
sftpd:
|
|
bindings:
|
|
port: 2022
|
|
max_auth_tries: 4
|
|
ftpd:
|
|
bindings:
|
|
port: 2021
|
|
passive_port_range:
|
|
start: 50000
|
|
end: 50200
|
|
force_passive_ip: ''
|
|
disable_active_mode: True
|
|
webdavd:
|
|
bindings:
|
|
port: 2080
|
|
prefix: /dav
|
|
proxy_allowed: []
|
|
data_provider:
|
|
driver: mysql
|
|
name: "{{ sftpgo_db_name }}"
|
|
host: "{{ sftpgo_db_server }}"
|
|
port: "{{ sftpgo_db_port }}"
|
|
username: "{{ sftpgo_db_user }}"
|
|
password: "{{ sftpgo_db_pass }}"
|
|
track_quota: 1
|
|
delayed_quota_update: 60
|
|
pool_size: 5
|
|
users_base_dir: "{{ sftpgo_root_dir }}/data/home/"
|
|
httpd:
|
|
bindings:
|
|
port: 8080
|
|
address: ''
|
|
proxy_allowed: []
|
|
enable_web_admin: True
|
|
enable_web_client: True
|
|
templates_path: "{{ sftpgo_root_dir }}/app/templates"
|
|
static_files_path: "{{ sftpgo_root_dir }}/app/static"
|
|
backups_path: "{{ sftpgo_root_dir }}/backup"
|
|
max_upload_file_size: 1048576000
|
|
telemetry:
|
|
bind_port: 0
|
|
|
|
# You can override and/or add custom settings here. Same format as sftpgo_base_conf
|
|
# The extra conf will be merged on top of the base conf
|
|
sftpgo_extra_conf: {}
|
|
sftpgo_conf: "{{ sftpgo_base_conf | combine(sftpgo_extra_conf, recursive=True) }}"
|
|
|
|
|
|
|
|
|