Merge pull request #5 from lldelisle/LDversion

galaxyproject · Mar 1, 2021 · 3c13232 · 3c13232
2 parents 51c0016 + bf11bfe
commit 3c13232
Show file tree

Hide file tree

Showing 11 changed files with 25 additions and 14 deletions.
diff --git a/README.md b/README.md
@@ -155,7 +155,7 @@ Install ProFTPD for Galaxy with TLS:
     proftpd_ssl_src_dir: files/ssl
 
   roles:
-    - galaxyprojectdotorg.proftpd
+    - galaxyproject.proftpd
 ```
 
 If using virtual servers in conjunction with Galaxy authentication, [DefaultRoot][proftpd-default-root]'s `chroot(2)`

diff --git a/defaults/main.yml b/defaults/main.yml
@@ -1,5 +1,5 @@
 ---
-# defaults file for galaxyprojectdotorg.proftpd
+# defaults file for galaxyproject.proftpd
 
 proftpd_ssl_src_dir: files/ssl
 
@@ -23,6 +23,8 @@ proftpd_galaxy_auth_context: 'server'
 
 proftpd_tls_sesscache_timeout: 300
 proftpd_tls_renegotiate: null
+proftpd_tls_options: null
+proftpd_use_mod_tls_shmcache: true
 
 proftpd_deploy_ssl: false
 

diff --git a/handlers/main.yml b/handlers/main.yml
@@ -1,5 +1,5 @@
 ---
-# handlers file for galaxyprojectdotorg.proftpd
+# handlers file for galaxyproject.proftpd
 
 - name: reload proftpd
   service:

diff --git a/tasks/debian.yml b/tasks/debian.yml
@@ -1,9 +1,13 @@
 ---
-# tasks file for galaxyprojectdotorg.proftpd
+# tasks file for galaxyproject.proftpd
 
 - name: Install ProFTPD (apt)
   apt:
-    name: "{{ item }}"
-  with_items:
-    - proftpd-basic
-    - proftpd-mod-pgsql
+    name: ['proftpd-basic', 'proftpd-mod-pgsql']
+
+- name: Change Include
+  replace: 
+    path: "{{ proftpd_config_file }}"
+    regexp: "Include {{ proftpd_config_dir }}/conf.d/$"
+    backup: yes
+    replace: "Include {{ proftpd_config_include_dir }}/*.conf" 
diff --git a/tasks/galaxy_auth.yml b/tasks/galaxy_auth.yml
@@ -1,5 +1,5 @@
 ---
-# tasks file for galaxyprojectdotorg.proftpd
+# tasks file for galaxyproject.proftpd
 
 - name: Comment Galaxy proftpd.conf options
   lineinfile:

diff --git a/tasks/main.yml b/tasks/main.yml
@@ -1,5 +1,5 @@
 ---
-# tasks file for galaxyprojectdotorg.proftpd
+# tasks file for galaxyproject.proftpd
 
 - name: Set OS-specific variables
   include_vars: "{{ ansible_os_family | lower }}.yml"

diff --git a/tasks/redhat.yml b/tasks/redhat.yml
@@ -1,5 +1,5 @@
 ---
-# tasks file for galaxyprojectdotorg.proftpd
+# tasks file for galaxyproject.proftpd
 
 - name: Install ProFTPD (yum)
   yum:

diff --git a/tasks/tls.yml b/tasks/tls.yml
@@ -1,5 +1,5 @@
 ---
-# tasks file for galaxyprojectdotorg.proftpd
+# tasks file for galaxyproject.proftpd
 
 - name: Configure TLS options
   template:

diff --git a/templates/tls.conf.j2 b/templates/tls.conf.j2
@@ -3,8 +3,11 @@
 ##
 
 # Enable session reuse (must be in the server context)
+
+{% if proftpd_use_mod_tls_shmcache %}
 LoadModule mod_tls_shmcache.c
 TLSSessionCache shm:/file={{ proftpd_tls_sesscache_path }}&size=8388608 {{ proftpd_tls_sesscache_timeout }}
+{% endif %}
 {{ 'TLSRenegotiate ' ~ proftpd_tls_renegotiate if proftpd_tls_renegotiate else '' }}
 
 {% if proftpd_tls_context == 'global' %}
@@ -21,6 +24,8 @@ TLSProtocol {{ proftpd_tls_protocol | default('TLSv1.1 TLSv1.2') }}
 # Require TLS
 TLSRequired {{ proftpd_tls_required | default('on') }}
 
+{{ 'TLSOptions ' ~ proftpd_tls_options if proftpd_tls_options else '' }}
+
 # Limit TLS ciphers
 TLSServerCipherPreference on
 TLSCipherSuite {{ proftpd_tls_cipher_suite | default('EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:EDH+aRSA:!RC4:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS') }}

diff --git a/tests/test.yml b/tests/test.yml
@@ -2,4 +2,4 @@
 - hosts: localhost
   remote_user: root
   roles:
-    - galaxyprojectdotorg.proftpd
+    - galaxyproject.proftpd
diff --git a/vars/main.yml b/vars/main.yml
@@ -1,2 +1,2 @@
 ---
-# vars file for galaxyprojectdotorg.proftpd
+# vars file for galaxyproject.proftpd