FTP Configuration Reference
FTP in Sympl is provided by Pure-FTPd, and user configuration is typically done with one of two methods, either authenticating against the domain (example.com
) with full access, or authenticating as a user on the domain (user@example.com
) which supports limited access.
Domain Authentication
The most basic method of FTP authentication provides access to the /srv/example.com/public/
directory and it's contents, but no directories above that.
To enable this, simply add a password in /srv/example.com/config/ftp-password
either in plain text or as a hashed password (generated using sympl-encrypt-password
).
Users can then log in to the server using an FTP client using any hostname or IP which points to the server, with the username example.com
and password as set in config/ftp-password
.
FTP Quota
If necessary, an FTP quota can be set in /srv/example.com/config/ftp-quota
. This defaults to 0
if unset, and is a value in bytes, supporting the normal file size suffix format.
This quota will prevent any new uploads via FTP once the total size of all files and subdirectories in /srv/example.com/public/
(including logs) reaches the quota value, however it does not prevent web uploads or other processes using space.
Multi-User Authentication
The multi-user authentication method supports users with separate directory access and quotas, and is controlled with the /srv/example.com/config/ftp-users
file, and again has access limited to /srv/example.com/public/
.
The format of the config/ftp-users
file is made up of 2-4 values, separated by colons (:
), for example:
# Comments start with a hash # user:password:subdirectory:quota alice:jd765DF2ioh-sg2:htdocs/files:1G charlie:{CRYPT}$6$sXwVQjpI$1DCuuVaTgmmciah.sZuYGCMuV.IcJff8Rsx1PX3OcJOv5CmCWTL9RGka.m56hDXt26fJyCS53R5ZWMBPFlsH21
Username
The first value in the file is the username. Note that this always has the domain added, so in the example the valid usernames would be alice@example.com
and charlie@example.com
.
Password
The password can be either in plain text as shown in the first example, or encrypted format in the second example as generated by sympl-encrypt-password
. Note that you should avoid using the colon (:
) character in passwords where possible, or escape them by preceding them with a backslash (\
).
Subdirectory
The subdirectory field is optional, and changes the FTP root directory from it's default of /srv/example.com/public/
to a subdirectory of public/
which can be used to limit access to a specific directory. In the example, the user alice@example.com
is restricted to the /srv/example.com/public/htdocs/files
directory and it's contents.
Quota
The quota field is optional, is a value in bytes with an optional suffix. This prevents files being uploaded once the quota is reached, with the limit is based on files in the FTP root directory and all subdirectories, and defaults to the value from /srv/example.com/config/ftp-quota
if unset.
In the example, alice@example.com
is limited to 1 Gigabyte of files in /srv/example.com/public/htdocs/files
and it's subdirectories whereas charlie@example.com
has no limit.
User Permissions
The permissions used by Pure-FTPd are inherited from the FTP root directory, which avoids permissions conflicts. This differs from Symbiosis which copied the permissions from the /srv/example.com
directory.
Alternate Authentication Methods
As Sympl uses Pure-FTPd, it's other authentication methods can optionally be used, and information on this is available in the Pure-FTPd documentation.
Configuration Reference
File or Directory | Used For | More |
---|---|---|
.../config/ftp-password
|
Sets the password for FTP access to /srv/example.com/public/ with the username example.com
|
More... |
.../config/ftp-quota
|
Sets a maximum size of files and directories in /srv/example.com/public/ before preventing uploads.
|
More... |
.../config/ftp-users
|
Per user configuration for FTP access. | More... |
See also Configuration Reference for other configuration files.