nix-infra/common/fragments/vsftpd.nix

{ config, ... }: {
  services.vsftpd = {
    enable = true;
    anonymousUser = true;
    anonymousUserNoPassword = true;

    rsaCertFile = "${
        config.security.acme.certs."technogothic.net".directory
      }/fullchain.pem";
    rsaKeyFile =
      "${config.security.acme.certs."technogothic.net".directory}/key.pem";

    forceLocalLoginsSSL = true;
    forceLocalDataSSL = true;

    extraConfig = ''
      pasv_min_port=40000
      pasv_max_port=40200

      allow_anon_ssl=YES
      require_ssl_reuse=NO
      ssl_ciphers=HIGH
    '';
  };
}
Set up TLS for VSFTPD 2023-03-06 19:44:41 +00:00			`{ config, ... }: {`
Initial config for migration from old Arch host 2023-02-10 17:34:46 +00:00			`services.vsftpd = {`
			`enable = true;`
			`anonymousUser = true;`
			`anonymousUserNoPassword = true;`
Set up TLS for VSFTPD 2023-03-06 19:44:41 +00:00
			`rsaCertFile = "${`
			`config.security.acme.certs."technogothic.net".directory`
			`}/fullchain.pem";`
			`rsaKeyFile =`
			`"${config.security.acme.certs."technogothic.net".directory}/key.pem";`

			`forceLocalLoginsSSL = true;`
			`forceLocalDataSSL = true;`

Initial config for migration from old Arch host 2023-02-10 17:34:46 +00:00			`extraConfig = ''`
			`pasv_min_port=40000`
			`pasv_max_port=40200`
Set up TLS for VSFTPD 2023-03-06 19:44:41 +00:00
			`allow_anon_ssl=YES`
			`require_ssl_reuse=NO`
			`ssl_ciphers=HIGH`
Initial config for migration from old Arch host 2023-02-10 17:34:46 +00:00			`'';`
			`};`
			`}`