Mic92/stockholm
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

ma anon-ftp: init

Browse Source
This commit is contained in:
makefu 2017-08-01 15:01:59 +02:00
parent 923570f0f7
commit f9811b2ea1
No known key found for this signature in database
GPG Key ID: 36F7711F3FC0F225
1 changed files with 31 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
makefu/2configs/share/anon-ftp.nix Normal file
View File

@ -0,0 +1,31 @@
{ config, lib, ... }:
let
ftpdir = "/home/ftp";
in {
networking.firewall = {
allowedTCPPorts = [ 20 21 ];
autoLoadConntrackHelpers = true;
connectionTrackingModules = [ "ftp" ];
extraCommands = ''
iptables -A PREROUTING -t raw -p tcp --dport 21 -j CT --helper ftp
'';
};
systemd.services.vsftpd.preStart = lib.mkForce ''
mkdir -p -m755 ${ftpdir}/incoming
chown root:root ${ftpdir}
chown ftp ${ftpdir}/incoming
'';
services.vsftpd = {
enable = true;
extraConfig = ''
ftpd_banner=Welcome to the krebs share, use the incoming dir for new and old leaks. Join freenode#krebs
'';
anonymousUser = true;
anonymousUserNoPassword = true;
anonymousUploadEnable = true;
anonymousMkdirEnable = true;
writeEnable = true;
chrootlocalUser = true;
anonymousUserHome = ftpdir;
};
}