Skip to content

Operations: FTP functionality

Jump to bottom Edit New page
Mark Bussey edited this page Feb 14, 2014 · 1 revision

HydraDAM can ingest and transcode files uploaded via ftp as well as via http. We don't use ftp a lot, so we're not experts on configuring ftp servers. This is how we got ftp uploads working on our testing server. Be aware that ftp is an insecure protocol and this configuration may not protect your server against mis-use.

  1. Install vsftp
    Ubuntu: sudo apt-get install vsftpd
    CentOS: sudo yum install vsftpd
  2. Configure vsftpd - see sample /etc/vsftpd.conf
  3. Open ports 20, 21, and the PASV range (pasv_min_port to pasv_max_port) from your vsftpd.conf file
  4. Edit config/application.rb and edit the ftp_download_base setting, for example:
    config.ftp_download_base = '/opt/ftp'
  5. It is possible to configure a single FTP account for HydraDAM to use for all its users. For that and for any additional FTP accounts you want to authorize to upload files via ftp, you will need:
    1. An ftp directory with an upload subdirectory - to create these:
      sudo mkdir /opt/ftp/ftpuser1 && sudo mkdir /opt/ftp/ftpuser1/upload
    2. A unix username with the same default group as the apache user (on ubuntu it's www-data, on CentOS it's apache) - to create one:
      sudo useradd –d /opt/ftp/ftpuser1 –s /bin/bash –g www-data ftpuser1
    3. A unix password for that user - to create or reset the password:
      sudo passwd ftpuser1
      then enter and repeat the password as prompted
    4. Permissions of 775 on the /opt/ftp/ftpuser1 directory - to set:
      sudo chmod -R 775 /opt/ftp/ftpuser1
    5. A user on the rails app - to create a new user in the rails app:
      1. From the home page of your application, click on the "login" link in the top right corner
      2. On the login page, scroll down and click on "Sign up."
      3. Enter an email address and a password, confirm the password, and click the "Sign up" button.
    6. A setting in the rails app pointing the rails app user to the unix user's ftp directory - to set this:
      1. Log into the rails app as an admin user
      2. Navigate to your HydraDAM admin page (something like http://yourwebsite/admin/dashboard)
      3. Select Users (link in upper left corner)
      4. Find the user you wish to authorize for ftp uploads and click on the edit tool
      5. Set the directory to be the ftp directory you created above - OMIT the trailing slash on the directory
      6. Save the user settings
    7. A user config file in /etc/vsftpd_user_conf/ specifying the ftp and shell commands the user may use via ftp - the name of this file must be the same as the unix username - see sample vsftpd user config file
  6. If only a single unix account will be used for FTP and shared by hydradam users:
  7. modify permissions of its home directory to prevent that account holder from reading and writing there. e.g., chmod u-rw /opt/ftp/ftpuser1 # the ftp user will not see subdirectories here
  8. as the unix owner of hydradam, make subdirectories therein available to hydradam users. e.g., 1. mkdir /opt/ftp/ftpuser1/hydrauser1_randomized # make it hard for ftp snoopers to guess 1. chmod 774 /opt/ftp/ftpuser1/hydrauser1_randomized # make sure hydradam and apache can fully modify it
  9. assign each subdirectory to a hydradam user as detailed above in section "A setting in the rails app pointing the rails app user to the unix user's ftp directory"
  10. Restart vsftpd sudo service vsftpd restart
  11. Log into the ftp server using the unix username and unix password, upload a file
  12. Log into the website using the email address and web password
  13. Click on Upload, you should see the file you uploaded in the bottom half under " . . . or use a file you uploaded via FTP"
  14. Check the box next to the file, click on Import
  15. The rest of the procedure is just like importing a file via http
  16. CentOS: you may need to set vsftpd to restart automatically on start/reboot with chkconfig
Add a custom footer
Add a custom sidebar
Clone this wiki locally