Adding FTP server

roles/firewall/templates/firewall.j2

@@ -499,6 +499,16 @@ config rule
 	option dest_port '123'
 	option target 'ACCEPT'
 
+# FTP
+config rule
+	option name 'Allow-OUTPUT-FTP'
+	option src 'iot'
+	list proto 'tcp'
+	option dest 'dmz'
+	option dest_ip '{{ hostvars['ftp.dmz.mateu.be']['ansible_default_ipv4']['address'] }}'
+	option dest_port '21 10100-10110'
+	option target 'ACCEPT'
+
 ## Default configuration
 config defaults
 	option syn_flood '1'

roles/ftp/files/vsftpd.conf

@@ -0,0 +1,20 @@
+listen=NO
+listen_ipv6=YES
+anonymous_enable=YES
+local_enable=NO
+write_enable=YES
+anon_upload_enable=YES
+anon_mkdir_write_enable=YES
+anon_other_write_enable=YES
+dirmessage_enable=YES
+use_localtime=YES
+xferlog_enable=YES
+connect_from_port_20=YES
+secure_chroot_dir=/var/run/vsftpd/empty
+pam_service_name=vsftpd
+utf8_filesystem=YES
+no_anon_password=YES
+anon_root=/srv/ftp
+pasv_enable=YES
+pasv_min_port=10100
+pasv_max_port=10110

roles/ftp/handlers/main.yml

@@ -0,0 +1,4 @@
+- name: restart vsftpd
+  service:
+    name: vsftpd
+    state: restarted

roles/ftp/tasks/main.yml

@@ -0,0 +1,25 @@
+- name: Install vsftpd
+  package:
+    name: vsftpd
+    state: present
+
+- name: Create ftp directory
+  file:
+      path: /srv/ftp
+      state: directory
+
+- name: Create upload directory
+  file:
+      path: /srv/ftp/upload
+      owner: ftp
+      group: root
+      state: directory
+
+- name: Config vsftpd
+  copy:
+    src: files/vsftpd.conf
+    dest: /etc/vsftpd.conf
+    owner: root
+    group: root
+  notify: restart vsftpd
+

roles/x509/tasks/main.yml

@@ -1,5 +1,5 @@
 - name: install acme.sh
-  shell: curl https://raw.githubusercontent.com/Neilpang/acme.sh/master/acme.sh | INSTALLONLINE=1 LE_WORKING_DIR=/etc/x509 sh
+  shell: curl https://get.acme.sh | INSTALLONLINE=1 LE_WORKING_DIR=/etc/x509 sh
   args:
     creates: /etc/x509