.gitea/workflows/container.yaml

@@ -1,12 +0,0 @@
-name: Build Multiarch Container Image
-on: [push]
-jobs:
-  call-reusable-workflow:
-    uses: container/multiarch-build-workflow/.gitea/workflows/build.yaml@main
-    with:
-      repository: ${{ gitea.repository }}
-      ref_name: ${{ gitea.ref_name }}
-      sha: ${{ gitea.sha }}
-      registry_url: ${{ secrets.REGISTRY_URL }}
-      registry_user: ${{ secrets.REGISTRY_USER }}
-      registry_pw: ${{ secrets.REGISTRY_PW }}

.gitlab-ci.yml

@@ -0,0 +1,12 @@
+stages:
+    - build
+
+variables:
+    IMAGE_NAME: thallian/user-access
+    CI_BUILD_ARCHS: "linux/amd64,linux/arm64"
+
+build:
+    stage: build
+    script:
+        - docker login -u $DOCKER_USER -p $DOCKER_PASSWORD $DOCKER_REGISTRY
+        - docker buildx build --platform "$CI_BUILD_ARCHS" --progress plain --pull --tag "$IMAGE_NAME:$CI_COMMIT_SHA" --tag "$IMAGE_NAME:$CI_COMMIT_REF_NAME" --tag "$IMAGE_NAME:latest" --push .

Dockerfile

@@ -1,10 +1,12 @@
-FROM docker.io/thallian/confd-env:3.19-3.1.6.2
+FROM thallian/confd-env:latest
 
 RUN apk add --no-cache \
     openssl \
     openssh-client \
     zlib \
-    perl \
+    perl
+
+RUN apk add --no-cache --repository http://dl-cdn.alpinelinux.org/alpine/edge/community \
     proftpd \
     proftpd-mod_sftp \
     proftpd-utils
@@ -20,6 +22,6 @@ ADD /rootfs /
 
 WORKDIR /
 
-VOLUME /var/lib/ftp/data
+VOLUME /etc/proftpd/keys /var/lib/ftp/data
 
-EXPOSE 2222
+EXPOSE 22

README.md

@@ -2,19 +2,7 @@ File access with [ProFTPD](http://www.proftpd.org/) over sftp and a static user/
 
 # Volumes
 - `/var/lib/ftp/data`: root directory for files
-
-# Files
-## /etc/proftpd/keys/dhparams.pem
-```
-openssl dhparam -outform PEM -5 
-
-```
-
-## /etc/proftpd/keys/ssh_key
-```
-ssh-keygen -b 2048 -t ed25519 -q -N "" -f ./ssh
-cat ./ssh
-```
+- `/etc/proftpd/keys`: ssh key files
 
 # Environment Variables
 ## SERVER_NAME
@@ -37,6 +25,5 @@ Uid for the static user.
 ## STATIC_GID
 Gid for the static user.
 
-
 # Ports
-- 2222
+- 22

rootfs/etc/confd/templates/proftpd.conf.tmpl

@@ -3,7 +3,7 @@ Include /etc/proftpd/modules.d/*.conf
 ServerName "{{getenv "SERVER_NAME"}}"
 ServerType standalone
 DefaultServer on
-Port 2222
+Port 22
 UseIPv6 off
 Umask {{ getenv "UMASK" "006 007" }}
 MaxInstances 30
@@ -27,6 +27,6 @@ AuthUserFile /etc/proftpd/passwd
     SFTPEngine on
     SFTPAuthMethods password
     SFTPDHParamFile /etc/proftpd/keys/dhparams.pem
-    SFTPHostKey /etc/proftpd/keys/ssh_key
+    SFTPHostKey /etc/proftpd/keys/ssh_rsa_key
     SFTPOptions IgnoreSCPUploadPerms IgnoreSFTPUploadPerms
 </IfModule>

rootfs/etc/cont-init.d/02-dhparam

@@ -0,0 +1,5 @@
+#!/usr/bin/with-contenv sh
+
+if [ ! -f /etc/proftpd/keys/dhparams.pem ]; then
+    openssl dhparam -outform PEM -5 nbits >> /etc/proftpd/keys/dhparams.pem
+fi

rootfs/etc/cont-init.d/03-ssh-keys

@@ -0,0 +1,5 @@
+#!/usr/bin/with-contenv sh
+
+if [ ! -f /etc/proftpd/keys/ssh_rsa_key ]; then
+    ssh-keygen -b 2048 -t rsa -f /etc/proftpd/keys/ssh_rsa_key -q -N ""
+fi

rootfs/etc/cont-init.d/04-static-user

@@ -1,12 +1,12 @@
-#!/bin/sh
+#!/usr/bin/with-contenv sh
 
 if [ ! -z ${STATIC_USER+x} ]; then
     echo ${STATIC_PASSWORD} | ftpasswd \
         --sha512 \
         --passwd \
         --home /var/lib/ftp/data \
-        --uid "2222" \
-        --gid "2222" \
+        --uid "$STATIC_UID" \
+        --gid "$STATIC_GID" \
         --name "$STATIC_USER" \
         --shell /bin/sh \
         --file /etc/proftpd/passwd \

rootfs/etc/fix-attrs.d/01-data

@@ -0,0 +1 @@
+/var/lib/ftp/data/ true proftpd:access 0666 0777

rootfs/etc/s6-overlay/s6-rc.d/proftpd/dependencies

@@ -1,2 +0,0 @@
-confd
-static-user

rootfs/etc/s6-overlay/s6-rc.d/proftpd/run

@@ -1,3 +0,0 @@
-#!/bin/sh
-
-exec proftpd --nodaemon

rootfs/etc/s6-overlay/s6-rc.d/proftpd/type

@@ -1 +0,0 @@
-longrun

rootfs/etc/s6-overlay/s6-rc.d/static-user/dependencies

@@ -1 +0,0 @@
-confd

rootfs/etc/s6-overlay/s6-rc.d/static-user/type

@@ -1 +0,0 @@
-oneshot

rootfs/etc/s6-overlay/s6-rc.d/static-user/up

@@ -1 +0,0 @@
-static-user

rootfs/etc/services.d/proftpd/run

@@ -0,0 +1,3 @@
+#!/usr/bin/with-contenv sh
+
+exec proftpd --nodaemon