debops.tftpd default variables
Sections
APT packages
- tftpd__base_packages
List of base APT packages to install for TFTP server support.
tftpd__base_packages: [ 'tftpd-hpa' ]
- tftpd__packages
List of additional APT packages to install with TFTP server.
tftpd__packages: []
TFTP server configuration
- tftpd__address
Address and port on which TFTP server is listening for new connections.
tftpd__address: '[::]:69'
- tftpd__directory
Root directory with files served over TFTP.
tftpd__directory: '/srv/tftp'
- tftpd__username
UNIX system account used by the TFTP server.
tftpd__username: 'tftp'
- tftpd__options
Additional options passed to the tftpd-hpa daemon, defined as a string or a YAML list (lists will be flattened automatically).
tftpd__options:
- '--secure'
- '{{ ["--permissive", "--create", ("--umask " + tftpd__upload_umask)]
if tftpd__upload_enabled | bool else [] }}'
Support for file uploads
- tftpd__upload_enabled
Enable or disable support for file uploads over TFTP service.
tftpd__upload_enabled: '{{ True if tftpd__allow | d() else False }}'
- tftpd__upload_directory
Name of the upload subdirectory located in the TFTP root directory which will be owned by the TFTP user with write access.
tftpd__upload_directory: 'upload'
- tftpd__upload_group
Specify the primary UNIX group of the upload directory.
tftpd__upload_group: 'tftp'
- tftpd__upload_mode
Specify the UNIX attributes of the upload directory.
tftpd__upload_mode: '0751'
- tftpd__upload_umask
Specify the umask(2) used during file uploads by the TFTP server.
tftpd__upload_umask: '0002'
Firewall and TCP Wrappers configuration
- tftpd__allow
List of IP addresses or CIDR subnets which are allowed to connect to TFTP server. If it's empty, anybody can connect to the FTP server.
tftpd__allow: []
Configuration for other Ansible roles
- tftpd__ferm__dependent_rules
Configuration for the debops.ferm Ansible role.
tftpd__ferm__dependent_rules:
- type: 'accept'
protocols: [ 'udp' ]
dport: [ 'tftp' ]
saddr: '{{ tftpd__allow }}'
accept_any: True
weight: '50'
filename: 'tftpd_dependency_accept'
- tftpd__tcpwrappers__dependent_allow
Configuration for the debops.tcpwrappers Ansible role.
tftpd__tcpwrappers__dependent_allow:
- daemon: 'in.tftpd'
client: '{{ tftpd__allow }}'
accept_any: True
weight: '50'
filename: 'tftpd_dependency_allow'
comment: 'Allow remote connections to TFTP server'