CloudFormation for Create FTP(vsftpd) with Ubuntu Server

AWS Ubuntu
Resources:
  AppNode:
    Type: AWS::EC2::Instance
    Properties:
      InstanceType: t2.micro
      ImageId:  ami-81cefcfd
      KeyName: Ubuntu
      SecurityGroups:
        - !Ref AppNodeSG
      UserData: !Base64 |
        #!/bin/bash
        sudo su
        # install ftp service
        apt-get update -qq
        apt-get install vsftpd -y
        #  backup ftp config file
        cp /etc/vsftpd.conf /etc/vsftpd.conf.orig
        # variable
        public_ip=$(curl ipinfo.io/ip)
        ftp_path=/var/ftp
        ftp_user=user
        ftp_password=password
        
        # add user for access ftp
        useradd -m -d /home/$ftp_user/ -s /bin/bash $ftp_user
        # set password for user
        echo "$ftp_user:$ftp_password" | chpasswd
        # create ftp file store directory
        mkdir $ftp_path
        # make directory can accessable
        chown nobody:nogroup $ftp_path
        chmod 777 $ftp_path
        # write new ftp config
        cat <<EOF | sudo tee /etc/vsftpd.conf
        listen=YES

        anonymous_enable=NO
        local_enable=YES
        write_enable=YES
        local_umask=022

        dirmessage_enable=YES
        use_localtime=YES
        xferlog_enable=YES
        connect_from_port_20=YES
        chown_uploads=YES

        secure_chroot_dir=/var/run/vsftpd/empty
        pam_service_name=vsftpd
        rsa_cert_file=/etc/ssl/private/vsftpd.pem
        pasv_min_port=40000
        pasv_max_port=50000
        pasv_address=$public_ip

        tcp_wrappers=YES
        local_root=$ftp_path
        allow_writeable_chroot=YES

        userlist_enable=YES
        userlist_file=/etc/vsftpd.userlist
        userlist_deny=NO
        EOF

        echo "$ftp_user" | sudo tee -a /etc/vsftpd.userlist
        systemctl restart vsftpd
  AppNodeSG:
    Type: AWS::EC2::SecurityGroup
    Properties:
      GroupDescription: for the app nodes that allow ssh, http
      SecurityGroupIngress:
      - IpProtocol: tcp
        FromPort: '20'
        ToPort: '20'
        CidrIp: 0.0.0.0/0
      - IpProtocol: tcp
        FromPort: '22'
        ToPort: '22'
        CidrIp: 0.0.0.0/0
      - IpProtocol: tcp
        FromPort: '21'
        ToPort: '21'
        CidrIp: 0.0.0.0/0
      - IpProtocol: tcp
        FromPort: '40000'
        ToPort: '50000'
        CidrIp: 0.0.0.0/0

 

Leave a Reply

Your email address will not be published. Required fields are marked *