# Includes DSO modules
Include /etc/proftpd/modules.conf

# Set off to disable IPv6 support which is annoying on IPv4 only boxes.
UseIPv6				off
# If set on you can experience a longer connection delay in many cases.
IdentLookups			off

ServerName			Cloudron
ServerType			standalone
DeferWelcome			off

MultilineRFC2228		on
DefaultServer			on
ShowSymlinks			on

TimeoutNoTransfer		600
TimeoutStalled			600
TimeoutIdle			1200

DisplayLogin                    welcome.msg
DisplayChdir               	.message true
ListOptions                	"-l"

DenyFilter			\*.*/

# Use this to jail all users in their homes, will be homeDirectory LDAP attribute
DefaultRoot			~

# Users require a valid shell listed in /etc/shells to login.
# Use this directive to release that constrain.
# RequireValidShell		off

# Port 21 is the standard FTP port.
Port				0

# To prevent DoS attacks, set the maximum number of child processes
# to 30.  If you need to allow more than 30 concurrent connections
# at once, simply increase this value.  Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd)
MaxInstances			10

# Set the user and group that the server normally runs at.
User				www-data
Group				www-data

# Umask 022 is a good standard umask to prevent new files and dirs
# (second parm) from being group and world writable.
Umask				022  022
# Normally, we want files to be overwriteable.
AllowOverwrite			on

TransferLog /run/proftpd/xferlog
SystemLog   /run/proftpd/proftpd.log

# disable ssh login log
WtmpLog off

<IfModule mod_quotatab.c>
    QuotaEngine off
</IfModule>

<IfModule mod_ratio.c>
    Ratios off
</IfModule>

# Delay engine reduces impact of the so-called Timing Attack described in
# http://www.securityfocus.com/bid/11430/discuss
# It is on by default.
<IfModule mod_delay.c>
    DelayEngine on
</IfModule>

<IfModule mod_ctrls.c>
    ControlsEngine        off
    ControlsMaxClients    2
    ControlsLog           /var/log/proftpd/controls.log
    ControlsInterval      5
    ControlsSocket        /var/run/proftpd/proftpd.sock
</IfModule>

<IfModule mod_ctrls_admin.c>
    AdminControlsEngine off
</IfModule>

LoadModule mod_ldap.c
<IfModule mod_ldap.c>
    # https://forums.proftpd.org/smf/index.php?topic=6368.0
    LDAPServer "ldap://localhost:3002/??sub"
    LDAPUsers "ou=proftpd,dc=cloudron" (username=%u)

    LDAPLog /var/log/proftpd/ldap.log
</IfModule>

<IfModule mod_sftp.c>
    SFTPEngine on
    Port 222
    SFTPLog /var/log/proftpd/sftp.log

    # Configure both the RSA and DSA host keys, using the same host key
    # files that OpenSSH uses.
    SFTPHostKey /etc/ssh/ssh_host_rsa_key

    SFTPAuthMethods password

    # Enable compression
    SFTPCompression delayed

    RequireValidShell off
</IfModule>

<Directory />
    HideNoAccess yes
</Directory>