FTP_VERBOSE flag to activate/deactivate logs on files

ebarault · Oct 17, 2017 · 07333a5 · 07333a5
1 parent 26da80f
commit 07333a5
Show file tree

Hide file tree

Showing 14 changed files with 49 additions and 29 deletions.
diff --git a/.env.tpl b/.env.tpl
@@ -4,7 +4,8 @@ FTP_DB_USER=    # db user, required
 FTP_DB_PASS=    # db password, required
 FTP_DB_ADMIN=         # db user, required
 FTP_DB_ADMIN_PASS=    # db password, required
-FTP_PG_MIGRATE=       # ON/OFF, activate/deactivate
+FTP_PG_MIGRATE=       # ON/OFF, activate/deactivate creation of required pg tables
+FTP_VERBOSE=          # ON/UNDEF, activate/deactivate logging to files
 
 FTP_ROOT=       # /path/to/ftp/root, optional, defaults to /data/ftp_root
 LOGS=           # /path/to/log/dir, optional, defaults to /var/log/proftpd

diff --git a/Dockerfile b/Dockerfile
@@ -43,7 +43,6 @@ COPY entrypoint.sh ./entrypoint.sh
 RUN chmod a+x ./entrypoint.sh
 
 RUN mkdir /var/log/proftpd
-RUN ln -sf /dev/stdout /var/log/proftpd/proftpd.log
 
 # FTP ROOT
 VOLUME /srv/ftp

diff --git a/Dockerfile-alpine b/Dockerfile-alpine
@@ -51,12 +51,7 @@ COPY sql/proftp_tables.sql.tpl /etc/proftpd/proftp_tables.sql.tpl
 COPY entrypoint.sh ./entrypoint.sh
 RUN chmod a+x ./entrypoint.sh
 
-# RUN touch /var/log/proftpd/proftpd.log
 RUN mkdir /var/log/proftpd
-RUN ln -sf /dev/stdout /var/log/proftpd/proftpd.log
-
-# PROFTPD LOGS
-# VOLUME /var/log/proftpd
 
 # FTP ROOT
 VOLUME /srv/ftp

diff --git a/README.md b/README.md
@@ -24,6 +24,7 @@ The required/optional parameters are described here after:
 - **FTP_DB_ADMIN**: db admin user, required if FTP_PG_MIGRATE=ON
 - **FTP_DB_ADMIN_PASS**: db admin password, required if FTP_PG_MIGRATE=ON
 - **FTP_PG_MIGRATE**: ON/OFF, activate/deactivate automatic creation of tables required by proftpd in postgresql database
+- **FTP_VERBOSE**: ON/UNDEF, activate/deactivate logging to files
 - **FTP_ROOT**: /path/to/ftp/root, optional, defaults to /data/ftp_root
 - **LOGS**: /path/to/log/dir, optional, defaults to /var/log/proftpd
 - **SALT**: /path/to/salt/file, optional, defaults to `./.salt`
@@ -104,7 +105,7 @@ The env var `MASQ_ADDR` can be set to either a given IP address or hostame, or t
 The ftp root (home for all user's directories) can be configured using the `FTP_ROOT` env variable. Otherwise it default to the directory `/data/ftp_root` of the docker's host.
 
 ### Configuring proftpd logs directory
-The ftp root (home for all user's directories) can be configured using the `LOGS` env variable. Otherwise it default to the directory `/var/log/proftpd` of the docker's host.
+When setting verbose mode ON with env var `FTP_VERBOSE`, the log directory can be configured using the `LOGS` env variable. Otherwise it default to the directory `/var/log/proftpd` of the docker's host.
 
 ### Module mod_tls
 When enabling the module with env var MOD_TLS=ON, a module configuration file and associated certificates should be provided as binded volumes. Default included configuration expects a self-signed TLS certificate `proftpd.cert.pem` and it's key file `proftpd.key.pem`.
@@ -158,6 +159,7 @@ Following the previous sections, a number a env vars and volumes needs to be spe
   - `FTP_DB_ADMIN`
   - `FTP_DB_ADMIN_PASS`
   - `FTP_PG_MIGRATE`
+  - `FTP_VERBOSE`
   - `MASQ_ADDR`
   - `MOD_TLS`
   - `MOD_EXEC`

diff --git a/docker-compose-alpine-image.yml b/docker-compose-alpine-image.yml
@@ -6,9 +6,9 @@ services:
     image: ebarault/proftpd-docker:alpine-latest
     network_mode: host
     volumes:
-      # - type: bind
-      #   source: "${LOGS:-./var_log_proftpd}"
-      #   target: /var/log/proftpd
+      - type: bind
+        source: "${LOGS:-./var_log_proftpd}"
+        target: /var/log/proftpd
       - type: bind
         source: "${FTP_ROOT:-./data_ftp_root}"
         target: /srv/ftp

diff --git a/docker-compose-alpine.yml b/docker-compose-alpine.yml
@@ -8,9 +8,9 @@ services:
       dockerfile: Dockerfile-alpine
     network_mode: host
     volumes:
-      # - type: bind
-      #   source: "${LOGS:-./var_log_proftpd}"
-      #   target: /var/log/proftpd
+      - type: bind
+        source: "${LOGS:-./var_log_proftpd}"
+        target: /var/log/proftpd
       - type: bind
         source: "${FTP_ROOT:-./data_ftp_root}"
         target: /srv/ftp

diff --git a/docker-compose-image.yml b/docker-compose-image.yml
@@ -6,9 +6,9 @@ services:
     image: ebarault/proftpd-docker:latest
     network_mode: host
     volumes:
-      # - type: bind
-      #   source: "${LOGS:-./var_log_proftpd}"
-      #   target: /var/log/proftpd
+      - type: bind
+        source: "${LOGS:-./var_log_proftpd}"
+        target: /var/log/proftpd
       - type: bind
         source: "${FTP_ROOT:-./data_ftp_root}"
         target: /srv/ftp

diff --git a/docker-compose.yml b/docker-compose.yml
@@ -6,9 +6,9 @@ services:
     build: .
     network_mode: host
     volumes:
-      # - type: bind
-      #   source: "${LOGS:-./var_log_proftpd}"
-      #   target: /var/log/proftpd
+      - type: bind
+        source: "${LOGS:-./var_log_proftpd}"
+        target: /var/log/proftpd
       - type: bind
         source: "${FTP_ROOT:-./data_ftp_root}"
         target: /srv/ftp

diff --git a/entrypoint.sh b/entrypoint.sh
@@ -1,6 +1,6 @@
 #!/bin/sh
 
-PROFTPD_ARGS="-DMOD_EXEC=$MOD_EXEC -DMOD_TLS=$MOD_TLS -DMOD_VROOT=$MOD_VROOT"
+PROFTPD_ARGS="-DMOD_EXEC=$MOD_EXEC -DMOD_TLS=$MOD_TLS -DMOD_VROOT=$MOD_VROOT -DVERBOSE=$FTP_VERBOSE"
 
 if [ "$MASQ_ADDR" = "AWS" ]; then
 	MASQ_ADDR=`curl -f -s http://169.254.169.254/latest/meta-data/public-ipv4`

diff --git a/exec/exec.conf b/exec/exec.conf
@@ -2,7 +2,11 @@
 
 <IfModule mod_exec.c>
 	ExecEngine on
-	ExecLog /var/log/proftpd/proftpd.log
+
+	<IfDefine VERBOSE=ON>
+		ExecLog /var/log/proftpd/exec.log
+	</IfDefine>
+
 	ExecOptions logStderr logStdout
 
 	# Demo script executed on user connect

diff --git a/proftpd.conf b/proftpd.conf
@@ -7,8 +7,9 @@ DefaultAddress      127.0.0.1
 Port                21
 PassivePorts        49152 49407
 MaxInstances        30
-AllowLogSymlinks    on
-SystemLog           /var/log/proftpd/proftpd.log
+<IfDefine VERBOSE=ON>
+  SystemLog         /var/log/proftpd/proftpd.log
+</IfDefine>
 
 # Enable server address masquerading if required
 <IfDefine USE_MASQ_ADDR>
@@ -22,7 +23,9 @@ SystemLog           /var/log/proftpd/proftpd.log
 <IfModule mod_ctrls.c>
   ControlsEngine      off
   ControlsMaxClients  2
-  ControlsLog         /var/log/proftpd/proftpd.log
+  <IfDefine VERBOSE=ON>
+    ControlsLog         /var/log/proftpd/controls.log
+  </IfDefine>
   ControlsInterval    5
   ControlsSocket      /var/run/proftpd/proftpd.sock
 </IfModule>
@@ -49,7 +52,12 @@ SystemLog           /var/log/proftpd/proftpd.log
   AllowOverwrite      on
   AuthOrder           mod_sql.c
   CreateHome          on dirmode 755
-  TransferLog         /var/log/proftpd/proftpd.log
+  <IfDefine VERBOSE=ON>
+    TransferLog         /var/log/proftpd/xferlog.log
+  </IfDefine>
+  <IfDefine !VERBOSE>
+    TransferLog         none
+  </IfDefine>
   WtmpLog             off
 
   AllowForeignAddress on

diff --git a/sql.conf b/sql.conf
@@ -2,7 +2,11 @@
   <IfModule mod_sql.c>
     SQLBackend      postgres
     SQLEngine       on
-    SQLLogFile      /var/log/proftpd/proftpd.log
+
+    <IfDefine VERBOSE=ON>
+      SQLLogFile      /var/log/proftpd/sql.log
+    </IfDefine>
+
     SQLAuthenticate users userset groups groupset
     SQLAuthTypes    SHA256 SHA512
     SQLConnectInfo  %{env:FTP_DB_NAME}@%{env:FTP_DB_HOST} %{env:FTP_DB_USER} %{env:FTP_DB_PASS}

diff --git a/tls.conf b/tls.conf
@@ -2,7 +2,10 @@
 
 <IfModule mod_tls.c>
   TLSEngine on
-  TLSLog /var/log/proftpd/proftpd.log
+
+  <IfDefine VERBOSE=ON>
+    TLSLog /var/log/proftpd/tls.log
+  </IfDefine>
 
   # Support both SSLv3 and TLSv1
   TLSProtocol SSLv3 TLSv1

diff --git a/vroot.conf b/vroot.conf
@@ -1,6 +1,10 @@
   # see: http://www.proftpd.org/docs/contrib/mod_vroot.html
   <IfModule mod_vroot.c>
     VRootEngine on
-    VRootLog /var/log/proftpd/proftpd.log
+
+    <IfDefine VERBOSE=ON>
+      VRootLog /var/log/proftpd/vroot.log
+    </IfDefine>
+
     DefaultRoot ~
   </IfModule>