some docs update

README.md

@@ -45,7 +45,7 @@ services:
     ports:
       - "21:21"
       - "20:20"
-      - "50000-50500:50000-50500"
+      - "21210-21220:21210-21220"
     volumes:
       - "/srv/ftps/auth:/auth"
       - "/srv/ftps/conf:/etc/proftpd/custom.conf.d:ro"
@@ -53,11 +53,20 @@ services:
       - "/etc/letsencrypt:/certs:ro"
     environment:
       - MASQUERADE=ftp.mydomain.com
+      - PASSIVEPORTS_START=21210
+      - PASSIVEPORTS_END=21220
+      - MAXCLIENTS=500
+      - MAXCLIENTSPERHOST=100      
       - TLS_CERT=/certs/live/ftp.mydomain.com/cert.pem
       - TLS_KEY=/certs/live/ftp.mydomain.com/privkey.pem
       - TLS_CHAIN=/certs/live/ftp.mydomain.com/chain.pem
 ```
 
+## passive ports
+
+If you want to change the passive ports range (which by default is 50000-50050), you can do so via environment variables (PASSIVEPORTS_START and PASSIVEPORTS_END).
+In any case, you also have to enable a matching range of exposed ports.
+
 ## notes
 
 Please note that you have to restart the container (or send sighup to proftpd) whenever the certificate is renewed.

custom.conf

@@ -8,8 +8,6 @@ AllowRetrieveRestart On
 WtmpLog off
 UseReverseDNS off
 DefaultRoot ~
-Maxclients 30
-MaxClientsPerHost 5
 
 <IfModule mod_tls.c>
   TLSEngine                               on

run.sh

@@ -55,6 +55,14 @@ PASSIVEPORTS_END=${PASSIVEPORTS_END:-50050}
 
 echo "PassivePorts ${PASSIVEPORTS_START} ${PASSIVEPORTS_END}" > /etc/proftpd/conf.d/passive_ports.conf
 
+############ MAX CLIENTS
+
+MAXCLIENTS=${MAXCLIENTS:-30}
+MAXCLIENTSPERHOST=${MAXCLIENTSPERHOST:-5}
+
+echo "Maxclients ${MAXCLIENTS}" > /etc/proftpd/conf.d/maxclients.conf
+echo "MaxClientsPerHost ${MAXCLIENTSPERHOST}" >> /etc/proftpd/conf.d/maxclients.conf
+
 ############ START CRON
 
 crond -b