Update to 2022-03-04 18:00

roles/sftpgo/defaults/main.yml

@@ -17,6 +17,10 @@ sftpgo_root_dir: /opt/sftpgo
 sftpgo_user: sftpgo
 
 # Database settings
+# Engine can be sqlite or mysql
+sftpgo_db_engine: mysql
+
+# Settings for mysql engine
 sftpgo_db_server: "{{ mysql_server | default('localhost') }}"
 sftpgo_db_port: 3306
 sftpgo_db_name: sftpgo
@@ -27,10 +31,11 @@ sftpgo_db_user: sftpgo
 # You can restrict access per port. This can be a list of IP (or network in CIDR notation)
 # Access will be controlled by iptables
 sftpgo_src_ip: []
-sftpgo_sftp_src_ip: "{{ sftpgo_src_ip }}"
-sftpgo_ftp_src_ip: "{{ sftpgo_src_ip }}"
-sftpgo_webdav_src_ip: "{{ sftpgo_src_ip }}"
-sftpgo_http_src_ip: "{{ sftpgo_src_ip }}"
+sftpgo_sftpd_src_ip: "{{ sftpgo_src_ip }}"
+sftpgo_ftpd_src_ip: "{{ sftpgo_src_ip }}"
+sftpgo_webdavd_src_ip: "{{ sftpgo_src_ip }}"
+sftpgo_httpd_src_ip: "{{ sftpgo_src_ip }}"
+sftpgo_telemetry_src_ip: []
 
 # Base configuration of the service
 sftpgo_base_conf:
@@ -52,7 +57,7 @@ sftpgo_base_conf:
   sftpd:
     bindings:
       port: 2022
-      max_auth_tries: 4
+    max_auth_tries: 4
   ftpd:
     bindings:
       port: 2021
@@ -61,14 +66,18 @@ sftpgo_base_conf:
       end: 50200
       force_passive_ip: ''
     disable_active_mode: True
+    # If you want to use Let's Encrypt cert (obtain with dehydrated), you can set 
+    # certificate_file: letsencrypt:mycert.example.org
+    # No need to configure certificate_key_file, the role will handle it
   webdavd:
     bindings:
       port: 2080
+      address: 0.0.0.0
       prefix: /dav
       proxy_allowed: []
   data_provider:
-    driver: mysql
-    name: "{{ sftpgo_db_name }}"
+    driver: "{{ sftpgo_db_engine }}"
+    name: "{{ (sftpgo_db_engine == 'mysql') | ternary(sftpgo_db_name, sftpgo_root_dir ~ '/data/sftpgo.sqlite') }}"
     host: "{{ sftpgo_db_server }}"
     port: "{{ sftpgo_db_port }}"
     username: "{{ sftpgo_db_user }}"
@@ -77,10 +86,16 @@ sftpgo_base_conf:
     delayed_quota_update: 60
     pool_size: 5
     users_base_dir: "{{ sftpgo_root_dir }}/data/home/"
+    # If you want to allow anonymous FTP, you can create a user named anonymous (set a password to whatever you want, it won't be checked)
+    # and enable the following settings
+    # This hook will accept any password for the anonymous user
+    # check_password_hook: "{{ sftpgo_root_dir }}/bin/anonymous-ftp-password-hook"
+    # This will restrict the hook to the FTP protocol
+    # check_password_scope: 2
   httpd:
     bindings:
       port: 8080
-      address: ''
+      address: 0.0.0.0
       proxy_allowed: []
     enable_web_admin: True
     enable_web_client: True
@@ -89,7 +104,13 @@ sftpgo_base_conf:
     backups_path: "{{ sftpgo_root_dir }}/backup"
     max_upload_file_size: 1048576000
   telemetry:
-    bind_port: 0
+    bind_port: 8081
+    bind_address: 0.0.0.0
+  smtp:
+    host: localhost
+    port: 25
+    from: FTP Service <ftp-noreply@{{ ansible_domain }}>
+    templates_path: "{{ sftpgo_root_dir }}/app/templates"
 
 # You can override and/or add custom settings here. Same format as sftpgo_base_conf
 # The extra conf will be merged on top of the base conf