#!/bin/sh ############ MASQUERADE MASQUERADE=${MASQUERADE:-127.0.0.1} echo "MasqueradeAddress ${MASQUERADE}" > /etc/proftpd/conf.d/masquerade.conf ############ AUTH [ ! -f /auth/passwd ] && touch /auth/passwd chmod 0600 /auth/passwd chmod 0700 /auth ############ TLS TLS_CERT=${TLS_CERT:-/certs/cert.pem} TLS_KEY=${TLS_KEY:-/certs/privkey.pem} TLS_CHAIN=${TLS_CHAIN:-/certs/chain.pem} cat $TLS_CERT > /etc/proftpd/cert.pem cat $TLS_KEY > /etc/proftpd/privkey.pem cat $TLS_CHAIN > /etc/proftpd/chain.pem ############ CHECK CERT KEY ALGO ALGO=$(openssl x509 -in /etc/proftpd/cert.pem -text | sed -n 's/\ *Public Key Algorithm: //p' | tr '\n') if [ "$ALGO" = "id-ecPublicKey" ] ; then cat > /etc/proftpd/conf.d/certificate.conf < TLSECCertificateFile /etc/proftpd/cert.pem TLSECCertificateKeyFile /etc/proftpd/privkey.pem TLSCertificateChainFile /etc/proftpd/chain.pem EOF fi if [ "$ALGO" = "rsaEncryption" ] ; then cat > /etc/proftpd/conf.d/certificate.conf < TLSRSACertificateFile /etc/proftpd/cert.pem TLSRSACertificateKeyFile /etc/proftpd/privkey.pem TLSCertificateChainFile /etc/proftpd/chain.pem EOF fi md5sum "$TLS_CERT" > /sums ############ PASSIVE PORTS PASSIVEPORTS_START=${PASSIVEPORTS_START:-50000} PASSIVEPORTS_END=${PASSIVEPORTS_END:-50050} echo "PassivePorts ${PASSIVEPORTS_START} ${PASSIVEPORTS_END}" > /etc/proftpd/conf.d/passive_ports.conf ############ START CRON crond -b ############ START proftpd -n