Adding option to enable vsftpd debug logging to Docker output

bfren · Sep 6, 2024 · 76f84ff · 76f84ff
1 parent de308f2
commit 76f84ff
Show file tree

Hide file tree

Showing 3 changed files with 18 additions and 9 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -23,6 +23,8 @@ ENV \
     BF_FTPS_VSFTPD_PASS= \
     # the welcome message when people sign in to the server
     BF_FTPS_VSFTPD_WELCOME="Welcome to the FTPS server." \
+    # enable vsftpd debug logging of all FTP commands and responses
+    BF_FTPS_VSFTPD_ENABLE_DEBUG_LOG=0 \
     # whether the LFTP client should verify the server certificate for the healthcheck
     # - only use 'yes' if you have a non-self-signed SSL certificate mapped to /ssl/vsftpd.pem
     # valid values are values 'yes' or 'no' (default)

diff --git a/README.md b/README.md
@@ -51,15 +51,16 @@ Password: BF_FTPS_VSFTPD_PASS
 
 ## Environment Variables
 
-| Variable                  | Values | Description                                                                                                                        | Default                                                    |
-| ------------------------- | ------ | ---------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------- |
-| `BF_FTPS_EXTERNAL_IP`     | string | The external IP of the server - required for passive mode (unless `BF_FTPS_EXTERNAL_URI` is set).                                  | *None* - **required** unless `BF_FTPS_EXTERNAL_URI` is set |
-| `BF_FTPS_EXTERNAL_URI`    | string | The URI of the server - required for passive mode (unless `BF_FTPS_EXTERNAL_IP` is set).<br>If both are set this takes precedence. | *None* - **required** unless `BF_FTPS_EXTERNAL_IP` is set  |
-| `BF_FTPS_SSL_BITS`        | string | The number of bits to use for the self-signed SSL certificate.                                                                     | 4096                                                       |
-| `BF_FTPS_VSFTPD_USER`     | string | A user account will be created for connecting to the server.                                                                       | *None* - **required**                                      |
-| `BF_FTPS_VSFTPD_PASS`     | string | The password to use for connecting to the server.                                                                                  | *None* - **required**                                      |
-| `BF_FTPS_VSFTPD_UID`      | string | User ID with access rights to the `/files` directory.                                                                              | 1000                                                       |
-| `BF_FTPS_VSFTPD_WELCOME`  | string | Welcome message when people sign in to the server.                                                                                 | "Welcome to the FTPS server."                              |
+| Variable                          | Values | Description                                                                                                                        | Default                                                    |
+| --------------------------------- | ------ | ---------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------- |
+| `BF_FTPS_EXTERNAL_IP`             | string | The external IP of the server - required for passive mode (unless `BF_FTPS_EXTERNAL_URI` is set).                                  | *None* - **required** unless `BF_FTPS_EXTERNAL_URI` is set |
+| `BF_FTPS_EXTERNAL_URI`            | string | The URI of the server - required for passive mode (unless `BF_FTPS_EXTERNAL_IP` is set).<br>If both are set this takes precedence. | *None* - **required** unless `BF_FTPS_EXTERNAL_IP` is set  |
+| `BF_FTPS_SSL_BITS`                | string | The number of bits to use for the self-signed SSL certificate.                                                                     | 4096                                                       |
+| `BF_FTPS_VSFTPD_USER`             | string | A user account will be created for connecting to the server.                                                                       | *None* - **required**                                      |
+| `BF_FTPS_VSFTPD_PASS`             | string | The password to use for connecting to the server.                                                                                  | *None* - **required**                                      |
+| `BF_FTPS_VSFTPD_UID`              | string | User ID with access rights to the `/files` directory.                                                                              | 1000                                                       |
+| `BF_FTPS_VSFTPD_ENABLE_DEBUG_LOG` | 0 or 1 | Whether or not to enable all FTP commands and responses for vsftpd.                                                                | 0                                                          |
+| `BF_FTPS_VSFTPD_WELCOME`          | string | Welcome message when people sign in to the server.                                                                                 | "Welcome to the FTPS server."                              |
 
 ## Licence
 

diff --git a/overlay/etc/bf/templates/vsftpd.conf.esh b/overlay/etc/bf/templates/vsftpd.conf.esh
@@ -178,3 +178,9 @@ allow_writeable_chroot=YES
 # ref: https://github.com/microsoft/WSL/issues/5412#issuecomment-644330450
 seccomp_sandbox=NO
 isolate_network=NO
+
+# ref: https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/4/html/reference_guide/s2-ftp-vsftpd-conf-opt-log
+<% if bf-env-check FTPS_VSFTPD_ENABLE_DEBUG_LOG ; then %>
+syslog_enable=YES
+log_ftp_protocol=YES
+<% fi