changed some fields/keys/attributes and changed references to reflect those changes

2025-12-21 16:53:52 -05:00
parent ffa5408e9c
commit ea7d9f7caf
4 changed files with 23 additions and 23 deletions
--- a/roles/bootstrap/handlers/proftpd.yml
+++ b/roles/bootstrap/handlers/proftpd.yml
@@ -14,7 +14,7 @@
        group: "{{ item[0]['group'] | default(item[0]['username']) }}"
        path: "{{ item[0]['home'] | default('/home/' ~ item[0]['username']) }}/{{ item[1]['username'] }}"
        state: directory
-      loop: "{{ hostvars[inventory_hostname]['users'].values() | product(config['proftpd']['vusers'].values()) }}"
+      loop: "{{ hostvars[inventory_hostname]['users'].values() | product(config['proftpd']['users'].values()) }}"
    - name: Create ProFTPd FTP public directory for anonymous logins
      when: "'ftps' in item.value['services']"
      ansible.builtin.file:
@@ -65,7 +65,7 @@
            owner: root
            path: "{{ item.value }}"
            state: touch
-          loop: "{{ lookup('ansible.builtin.dict', config['proftpd']['auth_filepaths']) }}"
+          loop: "{{ lookup('ansible.builtin.dict', config['proftpd']['auth_paths']) }}"
        - name: Create the virtual users
          when: "not 'caddy' in item.value['services'] and not 'httpd' in item.value['services'] and not 'www-data' in item.value['services'] and not 'http' in item.value['services'] and not 'https' in item.value['services']"
          ansible.builtin.command:
@@ -73,14 +73,14 @@
              - ftpasswd
              - --passwd
              - "--name={{ item.value['username'] }}"
-              - "--uid=$(id -u {{ item.value['id_of'] }})"
+              - "--uid=$(id -u {{ item.value['id'] }})"
-              - "--gid=$(id -g {{ item.value['gid_of'] }})"
+              - "--gid=$(id -g {{ item.value['gid'] }})"
              - "--home={{ hostvars[inventory_hostname]['users']['ftp']['home'] | default('/srv/ftp') }}/{{ item.value['username'] }}"
              - --shell=/sbin/nologin
-              - --file={{ config['proftpd']['auth_filepaths']['users_path'] }}
+              - --file={{ config['proftpd']['auth_paths']['users'] }}
              - --stdin
            stdin: "{{ item.value['password'] }}"
-          loop: "{{ lookup('ansible.builtin.dict', config['proftpd']['vusers']) }}"
+          loop: "{{ lookup('ansible.builtin.dict', config['proftpd']['users']) }}"
        - name: Create the virtual groups of virtual users
          when: "not 'caddy' in item.value['services'] and not 'httpd' in item.value['services'] and not 'www-data' in item.value['services'] and not 'http' in item.value['services'] and not 'https' in item.value['services']"
          ansible.builtin.command:
@@ -88,10 +88,10 @@
              - ftpasswd
              - --group
              - "--name={{ item.value['username'] }}"
-              - "--gid=$(id -g {{ item.value['gid_of'] }})"
+              - "--gid=$(id -g {{ item.value['gid'] }})"
              - "--member={{ item.value['username'] }}"
-              - --file={{ config['proftpd']['auth_filepaths']['groups_path'] }}
+              - --file={{ config['proftpd']['auth_paths']['groups'] }}
-          loop: "{{ lookup('ansible.builtin.dict', config['proftpd']['vusers']) }}"
+          loop: "{{ lookup('ansible.builtin.dict', config['proftpd']['users']) }}"
    # @TODO create tasks in block integrating LDAP users to ProFTPd
    # - name: Integrate LDAP users into ProFTPd
    - name: Create ProFTPd FTPS virtual host
@@ -108,9 +108,9 @@
        validate: proftpd --configtest
      vars:
        ftp_server_name: "{{ config['proftpd']['name'].uppercase() }}'s Archive'"
-        allowed_users: "{{ ','.join(list(map(lambda u: u['username'], filter(lambda u: not 'http' in u['services'] and not 'https' in u['services'] and not 'httpd' in u['services'] and not 'caddy' in u['services'] and not 'www-data' in u['services'], config['proftpd']['vusers'].values())))) }}"
+        allowed_users: "{{ ','.join(list(map(lambda u: u['username'], filter(lambda u: not 'http' in u['services'] and not 'https' in u['services'] and not 'httpd' in u['services'] and not 'caddy' in u['services'] and not 'www-data' in u['services'], config['proftpd']['users'].values())))) }}"
        anon_root: "{{ map(lambda u: u['home'], filter(lambda u: 'ftps' in u['services'] or 'proftpd' in u['services'], hostvars[inventory_hostname]['users'].values())) | list | random }}/public"
-        anon_user: "{{ config['proftpd']['vusers']['smuggler']['username'] }}"
+        anon_user: "{{ config['proftpd']['users']['smuggler']['username'] }}"
    - name: Set ProFTPd jail in fail2ban
      block:
        - name: Create fail2ban system configuration directory
--- a/roles/bootstrap/templates/aria2/aria2.conf.j2
+++ b/roles/bootstrap/templates/aria2/aria2.conf.j2
@@ -15,7 +15,7 @@ rpc-allow-origin-all=true
 rpc-max-request-size=10M
 rpc-listen-all=true
 rpc-listen-port=6800
-rpc-secret={{ config.aria.secret }}
+rpc-secret={{ config['aria']['api_key'] }}
 # rpc-certificate=
 # rpc-private-key=
 # rpc-secure=true
--- a/roles/bootstrap/templates/proftpd/conf.d/vhost@vps1-fq.dn.conf.example.j2
+++ b/roles/bootstrap/templates/proftpd/conf.d/vhost@vps1-fq.dn.conf.example.j2
@@ -20,8 +20,8 @@
        # AuthOrder mod_auth_pam.c mod_auth_unix.c*
        AuthOrder mod_auth_file.c
-        AuthUserFile {{ config.proftpd.auth_filepaths.users_path }}
+        AuthUserFile {{ config.proftpd.auth_paths.users }}
-        AuthGroupFile {{ config.proftpd.auth_filepaths.groups_path }}
+        AuthGroupFile {{ config.proftpd.auth_paths.groups }}
        AuthFileOptions SyntaxCheck
        TLSEngine on
--- a/roles/bootstrap/vars/main/software.yml
+++ b/roles/bootstrap/vars/main/software.yml
@@ -249,16 +249,16 @@ config:
      editor: nvim
  proftpd:
    name: "{{ hostvars[inventory_hostname].fqdn.split('.')[0] }}"
-    auth_filepaths:
+    auth_paths:
-      users_path: /etc/proftpd/ftpd.passwd
+      users: /etc/proftpd/ftpd.passwd
-      groups_path: /etc/proftpd/ftpd.group
+      groups: /etc/proftpd/ftpd.group
    msg:
      welcome: "Our head librarians Furcas and Marbas welcome you!"  
-    vusers:
+    users:
      webmaster:
        username: webmaster
-        id_of: "{{ ['caddy', 'www-data'][0] }}"
+        id: "{{ ['caddy', 'www-data'][0] }}"
-        gid_of: "{{ ['caddy', 'www-data'][0] }}"
+        gid: "{{ ['caddy', 'www-data'][0] }}"
        # @TODO create vaulted password for this ProFTPd virtual user
        password: !vault |
          $ANSIBLE_VAULT;1.2;AES256;vps1-webmaster
@@ -270,8 +270,8 @@ config:
        services: [http,https]
      smuggler:
        username: smuggler
-        id_of: "{{ hostvars[inventory_hostname].users.ftp.username }}"
+        id: "{{ hostvars[inventory_hostname].users.ftp.username }}"
-        gid_of: "{{ hostvars[inventory_hostname].users.ftp.group | default(hostvars[inventory_hostname].users.ftp.username) }}"
+        gid: "{{ hostvars[inventory_hostname].users.ftp.group | default(hostvars[inventory_hostname].users.ftp.username) }}"
        # @TODO create vaulted password for this ProFTPd virtual user
        password: !vault |
          $ANSIBLE_VAULT;1.2;AES256;vps1-smuggler
@@ -293,5 +293,5 @@ config:
    phone_region: US
  aria:
    checksum: ~
-    secret: ~
+    api_key: ~