## DigFTP Configuration File
## =========================
## This is the primary configuration file. Here is where you'll find all the
## necessary options to configure your FTP server.

#### Cheat Sheet
### String Variables
## These may be used in certain options to be runtime replaced.
##  %a     App Name
##  %u     Username
##  %v     Version
##  %h     Hostname
##  %d     Date
##  %t     Time
## Example: %a %v: Hi %u. It is %t on %d.
##          digFTP v1.0.0: Hi user on example.com, your password is h4ckm3.
##
### Booleans
##  true | false
## ----- | -----
##     1 |     0
##    on |   off
##   yes |    no
## Anything unrecognized will be treated as 'false'.

[core]
## The name of the server it sends to the client.
## Syntax: server_name=<string>
## Default: %a %v
server_name=%a %v

## Message of the Day to post to clients upon log in.
## Syntax: motd=<string>
##         motd=file:<path>
##         motd=cmd:<command>
## WARNING: Commands could be dangerous. Use with caution.
#motd=cmd:cowsay -r Welcome %u.
#motd=file:ftp.motd
#motd=Welcome.

## Path to digFTP plugins
## Syntax: plugin_path=<path>
## Default: /usr/lib/digftp/plugins
plugin_path=/usr/lib/digftp/plugins

[engines]
## These specify the interface to use for functions.
## Engines are provided through plugins.
## Syntax: <interface>=<plugin name>

## Engine used for authenticating users.
## Default: pam
auth=pam

## Engine used for handling the filesystem.
## Default: local
filer=local

[net]
## Network address and port to listen on.
## Syntax: listen=<ip>:<port>
listen=127.0.0.1:21

## Whether to support SSL. Server must be compiled with WITH_SSL=ON.
## This is highly recommended as it allows clients to secure their login 
## credentials. SSL support is provided as explicit (AUTH command).
## Syntax: ssl=<bool>
ssl=on

[features]
utf8=off

[ssl]
## Configuration for FTPS (Explicit SSL)

certificate=cert.pem
private_key=key.pem

## Ciphers to use for SSL.
## Default: ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH
ciphers=ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH

ssl_v2=no
ssl_v3=no
tls_v1=no
tls_v1_1=no
tls_v1_2=yes
tls_v1_3=yes
compression=yes
prefer_server_ciphers=yes

#### LOGGING
## Filenames for loglevels.
[logging]
## Log server output files.
## Syntax: [critical|error|warning|info|debug|all]=<path>
info=digftp.log
warning=digftp.log
error=digftp.log
critical=digftp.log

## Output loglevel to console
## Syntax: console=[critical|error|warning|info|debug|all|none]
console=all

[passdb]
## The file for the passdb engine.
## Syntax: passdb=<path>
file=passdb

## Root of logged in user. Can use string formatting.
## Syntax: home_path=<path>
home_path=/home/%u/

[pam]
chroot=yes