soft

aa525b9c · Jérome Perrin · 7744dbda · aa525b9c · aa525b9c · aa525b9c
Commit aa525b9c authored Apr 12, 2018 by Jérome Perrin
4 changed files
--- a/software/proftpd/buildout.hash.cfg
+++ b/software/proftpd/buildout.hash.cfg
@@ -20,7 +20,7 @@ md5sum = 8ed5b4a7940db47ccb386c2f4e3e7273

 [instance-default]
 filename = instance-default.cfg.in
-md5sum = d9598ff3445cc061e83c436f3ad5d2b3
+md5sum = 1ecbd64fbd402855b192ba3420fd71ca

 [proftpd-config-file]
 filename = proftpd-config-file.cfg.in

--- a/software/proftpd/instance-default.cfg.in
+++ b/software/proftpd/instance-default.cfg.in
@@ -47,6 +47,7 @@ path = ${directory:promise}/${:_buildout_section_name_}
 [proftpd-userinfo]
 recipe = slapos.cookbook:userinfo

+
 [proftpd-password]
 recipe = slapos.cookbook:generate.password
 username = proftpd
@@ -82,11 +83,42 @@ hostname = ${proftpd:ipv6}
 port = ${proftpd:sftp-port}


+[ftpasswd-bug]
+# command line to add a user, invoke with:
+#   ftpasswd --name=bob 
+# to prompt for password, or --stdin to read password from stdin
+recipe = slapos.cookbook:wrapper
+wrapper-path = ${buildout:bin-directory}/${:_buildout_section_name_}
+command-line =
+  {{ perl_bin }} {{ ftpasswd_bin }} --passwd --home=${proftpd:data-dir} --shell=/bin/false --uid=${proftpd-userinfo:pw-uid} --gid=${proftpd-userinfo:gr-gid} --file ${auth-user-file:output}
+
+[ftpasswd]
+# command line to add a user, invoke with:
+#   ftpasswd --name=bob 
+# to prompt for password, or --stdin to read password from stdin
+recipe = slapos.recipe.template:jinja2
+mode = 0700
+extensions = jinja2.ext.do
+rendered = ${buildout:bin-directory}/${:_buildout_section_name_}
+wrapper-path = ${:rendered}
+# XXX: to workaround bug that pw-uid and gr-gir slapos.cookbook:userinfo cannot
+# be used in a buildout part (as they are returned as int and not strings), we
+# use slapos.recipe.template:jinja2 and not a simple slapos.cookbook:wrapper,
+# because only the former is compatible with userinfo.
+# Because we are already in a jinja template, we have to escape jinja template
+# with {% raw %} / {% endraw %}
+template = inline:
+  #!/bin/bash
+  {{ perl_bin }} {{ ftpasswd_bin }} --passwd --home=${proftpd:data-dir} --shell=/bin/false --uid={% raw %}{{ pw_uid }} --gid={{ gr_gid }}{% endraw %} --file ${auth-user-file:output} $@
+context =
+  key pw_uid proftpd-userinfo:pw-uid
+  key gr_gid proftpd-userinfo:gr-gid
+  
 [auth-user-file]
 recipe = plone.recipe.command
 output = ${directory:etc}/ftpd.passwd
 command =
-  echo ${proftpd-password:passwd} | {{ ftpasswd_bin }} --stdin --passwd --name=${proftpd-password:username} --home=${proftpd:data-dir} --shell=/bin/false --uid=`id -u` --gid=`id -g` --file ${:output}
+  echo ${proftpd-password:passwd} | ${ftpasswd:wrapper-path} --name=${proftpd-password:username} --stdin
 update-command = ${:command}


@@ -112,13 +144,15 @@ context =
  section proftpd proftpd
  key slapparameter_dict slap-configuration:configuration

+
 [promises]
 recipe =
 instance-promises =
  ${proftpd-listen-promise:path}

+
 [publish-connection-parameter]
 recipe = slapos.cookbook:publish
 url = ${proftpd:url}
-user = ${proftpd-password:username}
+username = ${proftpd-password:username}
 password = ${proftpd-password:passwd}
--- a/software/proftpd/instance-output-schema.json
+++ b/software/proftpd/instance-output-schema.json
@@ -10,11 +10,13 @@
    },
    "username": {
      "description": "Default username",
-      "type": "string"
+      "type": "string",
+      "optional": true
    },
    "password": {
      "description": "Password for default username",
-      "type": "string"
+      "type": "string",
+      "optional": true
    }
  },
  "type": "object"

--- a/software/proftpd/software.cfg
+++ b/software/proftpd/software.cfg
@@ -37,7 +37,7 @@ context =
  key ftpasswd_bin proftpd-output:ftpasswd
  key ftpdctl_bin proftpd-output:ftpdctl
  key ssh_keygen_bin openssh-output:keygen
-  key perl_bin openssh-output:keygen
+  key perl_bin proftpd-output:perl


 [versions]