Set up TLS for VSFTPD

This commit is contained in:
Agatha Lovelace 2023-03-06 20:44:41 +01:00
parent 0d5015230b
commit 2920d0cd34
Signed by: sorceress
GPG Key ID: 01D0B3AB10CED4F8
1 changed files with 15 additions and 1 deletions

View File

@ -1,11 +1,25 @@
{ ... }: { { config, ... }: {
services.vsftpd = { services.vsftpd = {
enable = true; enable = true;
anonymousUser = true; anonymousUser = true;
anonymousUserNoPassword = true; anonymousUserNoPassword = true;
rsaCertFile = "${
config.security.acme.certs."technogothic.net".directory
}/fullchain.pem";
rsaKeyFile =
"${config.security.acme.certs."technogothic.net".directory}/key.pem";
forceLocalLoginsSSL = true;
forceLocalDataSSL = true;
extraConfig = '' extraConfig = ''
pasv_min_port=40000 pasv_min_port=40000
pasv_max_port=40200 pasv_max_port=40200
allow_anon_ssl=YES
require_ssl_reuse=NO
ssl_ciphers=HIGH
''; '';
}; };
} }