From ff107e15da6cb936804be8f027e070b1d828708d Mon Sep 17 00:00:00 2001 From: Paolo Asperti Date: Sat, 18 May 2019 11:33:49 +0200 Subject: [PATCH] updated docs --- README.md | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 22c4cde..eb966e4 100644 --- a/README.md +++ b/README.md @@ -47,21 +47,26 @@ services: volumes: - "/srv/ftps/auth:/auth" - "/srv/ftps/data:/home" - - "/etc/letsencrypt/live/ftp.mydomain.com:/certs" + - "/etc/letsencrypt:/certs" environment: - MASQUERADE=ftp.mydomain.com + - TLS_CERT=/certs/live/ftp.mydomain.com/cert.pem + - TLS_KEY=/certs/live/ftp.mydomain.com/privkey.pem + - TLS_CHAIN=/certs/live/ftp.mydomain.com/chain.pem ``` ## notes -Please note that you have to restart the container whenever the certificate is renewed. +Please note that you have to restart the container (or send sighup to proftpd) whenever the certificate is renewed. +We mount the complete letsencrypt directory because the in live/ftp.mydomain.com we have symlinks to the actual live certificates and in the container these will refer to non-existant files. +Also FTP active mode doesn't work until you configure networking as "host". ## users management To change/set a password, do like this (replace "paolo" with the correct username): ```bash -docker exec -ti my-ftps ftpasswd --passwd --name=paolo --uid=1000 --home=/home/paolo --shell=/bin/false --file=/auth/passwd +docker exec -ti my-ftps ftpasswd --passwd --name=paolo --uid=1000 --home=/home/paolo --sha512 --shell=/bin/false --file=/auth/passwd ``` You also have to create and chown the user's home folder.