modules/vsftpd/manifests/init.pp

   1 class vsftpd {
   2
   3         package { 'vsftpd':
   4                 ensure => installed
   5         }
   6         package { 'logtail':
   7                 ensure => installed
   8         }
   9
  10         service { 'vsftpd':
  11                 ensure  => stopped,
  12                 require => Package['vsftpd']
  13         }
  14
  15         file { '/etc/vsftpd.conf':
  16                 content => "listen=NO\n",
  17                 require => Package['vsftpd'],
  18                 notify  => Service['vsftpd']
  19         }
  20
  21         # Mask the vsftpd service as we are using xinetd
  22         file { '/etc/systemd/system/vsftpd.service':
  23                 ensure => 'link',
  24                 target => '/dev/null',
  25                 notify => Exec['systemctl daemon-reload'],
  26         }
  27
  28
  29         munin::check { 'vsftpd':
  30                 ensure => absent
  31         }
  32         munin::check { 'ps_vsftpd':
  33                 script => 'ps_'
  34         }
  35
  36         @ferm::rule { 'dsa-ftp':
  37                 domain      => '(ip ip6)',
  38                 description => 'Allow ftp access',
  39                 rule        => '&SERVICE(tcp, 21)',
  40         }
  41
  42         file { '/var/log/ftp':
  43                 ensure => directory,
  44                 mode   => '0755'
  45         }
  46         file { '/etc/logrotate.d/vsftpd':
  47                 source  => 'puppet:///modules/vsftpd/logrotate.conf',
  48                 require => [
  49                         Package['vsftpd'],
  50                         Package['debian.org']
  51                 ]
  52         }
  53 }