pure-ftpd на Debian Jessie

Добавляем репозиторий
vim /etc/apt/sources.list:

deb http://ftp.ua.debian.org/debian/ jessie main


aptitude update
aptitude install pure-ftpd-mysql openssl iptables-persistent

Создаём группу и пользователя для pure-ftpd
groupadd -g 1001 ftp
useradd -u 1001 -g ftp -s /bin/false -d /ftp -c "ftp-users" ftp

Настраиваем pure-ftpd
echo "no" > /etc/pure-ftpd/conf/NoAnonymous
echo "yes" > /etc/pure-ftpd/conf/ChrootEveryone
echo "yes" > /etc/pure-ftpd/conf/IPV4Only
echo "yes" > /etc/pure-ftpd/conf/UnixAuthentication
echo "yes" > /etc/pure-ftpd/conf/DontResolve
echo "yes" > /etc/pure-ftpd/conf/CreateHomeDir
echo "no" > /etc/pure-ftpd/conf/PAMAuthentication
echo "yes" > /etc/pure-ftpd/conf/VerboseLog
echo "30" > /etc/pure-ftpd/conf/MaxClientsNumber
echo "8" > /etc/pure-ftpd/conf/MaxClientsPerIP
echo "no" > /etc/pure-ftpd/conf/DisplayDotFiles
echo "30" > /etc/pure-ftpd/conf/MaxIdleTime
echo "49152 65535" > /etc/pure-ftpd/conf/PassivePortRange
echo "2048" > /etc/pure-ftpd/conf/AnonymousBandwidth
echo "1000 500" > /etc/pure-ftpd/conf/Quota
echo "90" > /etc/pure-ftpd/conf/MaxDiskUsage
echo "1" > /etc/pure-ftpd/conf/TLS

Генерируем самоподписные сертификаты для pure-ftpd
cd /etc/ssl/private
openssl req -x509 -nodes -newkey rsa:1024 -keyout pure-ftpd.pem -out pure-ftpd.pem
chmod 400 pure-ftpd.pem

Создаем базу данных для pure-ftpd
mysql -u root -p
CREATE DATABASE pureftpd;
GRANT ALL PRIVILEGES ON pureftpd.* TO 'pureftpd'@'localhost' IDENTIFIED BY 'pureftpddbpass';

USE pureftpd;

CREATE TABLE admin (
Username varchar(35) NOT NULL default '',
Password char(32) binary NOT NULL default '',
PRIMARY KEY (Username)
) ENGINE=MyISAM;

INSERT INTO admin VALUES ('admin',MD5('adminpasswd'));

CREATE TABLE `users` (
`User` varchar(16) NOT NULL default '',
`Password` varchar(32) binary NOT NULL default '',
`Uid` int(11) NOT NULL default '14',
`Gid` int(11) NOT NULL default '5',
`Dir` varchar(128) NOT NULL default '',
`QuotaFiles` int(10) NOT NULL default '500',
`QuotaSize` int(10) NOT NULL default '30',
`ULBandwidth` int(10) NOT NULL default '80',
`DLBandwidth` int(10) NOT NULL default '80',
`Ipaddress` varchar(15) NOT NULL default '*',
`Comment` tinytext,
`Status` enum('0','1') NOT NULL default '1',
`ULRatio` smallint(5) NOT NULL default '1',
`DLRatio` smallint(5) NOT NULL default '1',
PRIMARY KEY (`User`),
UNIQUE KEY `User` (`User`)
) ENGINE=MyISAM;
quit

vim /etc/pure-ftpd/db/mysql.conf:

MYSQLUser       pureftpd
MYSQLPassword   pureftpddbpass
MYSQLDatabase   pureftpd
MYSQLCrypt      md5
MYSQLGetPW      SELECT Password FROM users WHERE User="\L" AND status="1" AND (Ipaddress = "*" OR Ipaddress LIKE "\R")
MYSQLGetUID     SELECT Uid FROM users WHERE User="\L" AND status="1" AND (Ipaddress = "*" OR Ipaddress LIKE "\R")
MYSQLGetGID     SELECT Gid FROM users WHERE User="\L"AND status="1" AND (Ipaddress = "*" OR Ipaddress LIKE "\R")
MYSQLGetDir     SELECT Dir FROM users WHERE User="\L"AND status="1" AND (Ipaddress = "*" OR Ipaddress LIKE "\R")
MySQLGetBandwidthUL SELECT ULBandwidth FROM users WHERE User="\L"AND status="1" AND (Ipaddress = "*" OR Ipaddress LIKE "\R")
MySQLGetBandwidthDL SELECT DLBandwidth FROM users WHERE User="\L"AND status="1" AND (Ipaddress = "*" OR Ipaddress LIKE "\R")
MySQLGetQTASZ   SELECT QuotaSize FROM users WHERE User="\L"AND status="1" AND (Ipaddress = "*" OR Ipaddress LIKE "\R")
MySQLGetQTAFS   SELECT QuotaFiles FROM users WHERE User="\L"AND status="1" AND (Ipaddress = "*" OR Ipaddress LIKE "\R")

invoke-rc.d pure-ftpd-mysql restart

Устанавливаем user manager для pure-ftpd
wget http://machiel.generaal.net/files/pureftpd/ftp_v2.1.tar.gz
tar xzf ftp_v2.1.tar.gz -C /var/www
wget http://machiel.generaal.net/files/pureftpd/languages/2.x/russian.php.txt -O /var/www/ftp/language/russian.php
chown -R www-data:www-data /var/www/ftp

vim /var/www/ftp/config.php:

  $LANG = "Russian";
  $LocationImages =  "images";
  $DBHost = "127.0.0.1";
  $DBLogin = "pureftpd";
  $DBPassword = "pureftpddbpass";
  $DBDatabase = "pureftpd";
  $FTPAddress = "example.com:21";
  $DEFUserID = "1001";
  $DEFGroupID = "1001";
  $UsersFile = "/etc/passwd";
  $GroupFile = "/etc/group";
  $StyleSheet = "style/default.css.php";
  $EnableQuota = 1;
  $EnableRatio = 1;

vim /etc/php5/apache2/php.ini:

short_open_tag = On

vim /etc/apache2/conf-enabled/ftpmgr.conf:

Alias /ftpmgr /var/www/ftp/
<Directory /var/www/ftp/>
  DirectoryIndex index.php
  Require all granted
</Directory>

invoke-rc.d apache2 restart

Управление пользователями будет доступно на http://example.com/ftpmgr

Открываем порты
iptables -I INPUT 1 -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -I INPUT 2 -s 192.168.40.0/24 -d 192.168.40.1 -i eth0 -p tcp -m state --state NEW -m multiport --dports 21,990,49152:65535 -j ACCEPT
invoke-rc.d netfilter-persistent save

Добавить комментарий

Ваш e-mail не будет опубликован. Обязательные поля помечены *