From: Aurelien Jarno <aurelien@aurel32.net>
Date: Thu, 26 May 2016 22:52:29 +0000 (+0200)
Subject: Add ftp on ports-master for incoming
X-Git-Url: https://git.adam-barratt.org.uk/?a=commitdiff_plain;h=278da0874ce9bde5a53ca945338bd1641777a3c5;p=mirror%2Fdsa-puppet.git

Add ftp on ports-master for incoming

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
---

diff --git a/modules/roles/manifests/ports-master.pp b/modules/roles/manifests/ports-master.pp
index 62746adb1..363907641 100644
--- a/modules/roles/manifests/ports-master.pp
+++ b/modules/roles/manifests/ports-master.pp
@@ -18,4 +18,26 @@ class roles::ports-master {
 		group => 'mirroradm',
 		mode => 0660,
 	}
+
+	include ferm::ftp_conntrack
+
+	vsftpd::site { 'ports-master':
+		banner         => 'ports-master.debian.org FTP server',
+		logfile        => '/var/log/ftp/vsftpd-ports-master.debian.org.log',
+		writable       => true,
+		writable_other => true,
+		chown_user     => mini-dak-unpriv,
+		root           => '/srv/ports-master.debian.org/ftp/incoming',
+	}
+
+	if $bind6 {
+		vsftpd::site { 'ports-master-v6':
+			banner         => 'ports-master.debian.org FTP server',
+			logfile        => '/var/log/ftp/vsftpd-ports-master.debian.org.log',
+			writable       => true,
+			writable_other => true,
+			chown_user     => mini-dak-unpriv,
+			root           => '/srv/ports-master.debian.org/ftp/incoming',
+		}
+	}
 }
diff --git a/modules/vsftpd/manifests/site.pp b/modules/vsftpd/manifests/site.pp
index 63f9ed67b..4adb08a9d 100644
--- a/modules/vsftpd/manifests/site.pp
+++ b/modules/vsftpd/manifests/site.pp
@@ -3,6 +3,7 @@ define vsftpd::site (
 	$bind='',
 	$chown_user='',
 	$writable=false,
+	$writable_other=false,
 	$banner="${name} FTP Server",
 	$max_clients=100,
 	$logfile="/var/log/ftp/vsftpd-${name}.debian.org.log",
diff --git a/modules/vsftpd/templates/vsftpd.conf.erb b/modules/vsftpd/templates/vsftpd.conf.erb
index 308ae638f..5a09a5dd7 100644
--- a/modules/vsftpd/templates/vsftpd.conf.erb
+++ b/modules/vsftpd/templates/vsftpd.conf.erb
@@ -12,6 +12,10 @@ anon_upload_enable=YES
 chown_uploads=NO
 chown_username=<%= scope.lookupvar('chown_user') %>
 <%- end -%>
+<%- if scope.lookupvar('writable') and scope.lookupvar('writable_other') -%>
+anon_other_write_enable=YES
+delete_failed_uploads=YES
+<%- end -%>
 
 xferlog_enable=YES
 xferlog_file=<%= scope.lookupvar('logfile') %>