container/user-access
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: container:13889200536d78d0956b2da55f5dab245d5342d1
Branches Tags
container:main
container:1.3.8b-r0
..
compare: container:77b65574da0d35cc21815445867ce3a375dd6dc6
Branches Tags
container:main
container:1.3.8b-r0

No commits in common. "13889200536d78d0956b2da55f5dab245d5342d1" and "77b65574da0d35cc21815445867ce3a375dd6dc6" have entirely different histories.
1388920053 ... 77b65574da

17 changed files with 39 additions and 45 deletions
Show Stats Expand all files Collapse all files

12
.gitea/workflows/container.yaml
View File

@ -1,12 +0,0 @@
name: Build Multiarch Container Image
on: [push]
jobs:
call-reusable-workflow:
uses: container/multiarch-build-workflow/.gitea/workflows/build.yaml@main
with:
repository: ${{ gitea.repository }}
ref_name: ${{ gitea.ref_name }}
sha: ${{ gitea.sha }}
registry_url: ${{ secrets.REGISTRY_URL }}
registry_user: ${{ secrets.REGISTRY_USER }}
registry_pw: ${{ secrets.REGISTRY_PW }}

12
.gitlab-ci.yml Normal file
View File

@ -0,0 +1,12 @@
stages:
- build
variables:
IMAGE_NAME: thallian/user-access
CI_BUILD_ARCHS: "linux/amd64,linux/arm64"
build:
stage: build
script:
- docker login -u $DOCKER_USER -p $DOCKER_PASSWORD $DOCKER_REGISTRY
- docker buildx build --platform "$CI_BUILD_ARCHS" --progress plain --pull --tag "$IMAGE_NAME:$CI_COMMIT_SHA" --tag "$IMAGE_NAME:$CI_COMMIT_REF_NAME" --tag "$IMAGE_NAME:latest" --push .

10
Containerfile → Dockerfile
View File

@ -1,10 +1,12 @@
FROM docker.io/thallian/confd-env:3.19-3.1.6.2 FROM thallian/confd-env:latest
RUN apk add --no-cache \ RUN apk add --no-cache \
openssl \ openssl \
openssh-client \ openssh-client \
zlib \ zlib \
perl \ perl
RUN apk add --no-cache --repository http://dl-cdn.alpinelinux.org/alpine/edge/community \
proftpd \ proftpd \
proftpd-mod_sftp \ proftpd-mod_sftp \
proftpd-utils proftpd-utils
@ -20,6 +22,6 @@ ADD /rootfs /
WORKDIR / WORKDIR /
VOLUME /var/lib/ftp/data VOLUME /etc/proftpd/keys /var/lib/ftp/data
EXPOSE 2222 EXPOSE 22

17
README.md
View File

@ -2,19 +2,7 @@ File access with [ProFTPD](http://www.proftpd.org/) over sftp and a static user/
# Volumes # Volumes
- `/var/lib/ftp/data`: root directory for files - `/var/lib/ftp/data`: root directory for files
- `/etc/proftpd/keys`: ssh key files
# Files
## /etc/proftpd/keys/dhparams.pem
```
openssl dhparam -outform PEM -5
```
## /etc/proftpd/keys/ssh_key
```
ssh-keygen -b 2048 -t ed25519 -q -N "" -f ./ssh
cat ./ssh
```
# Environment Variables # Environment Variables
## SERVER_NAME ## SERVER_NAME
@ -37,6 +25,5 @@ Uid for the static user.
## STATIC_GID ## STATIC_GID
Gid for the static user. Gid for the static user.
# Ports # Ports
- 2222 - 22

4
rootfs/etc/confd/templates/proftpd.conf.tmpl
View File

@ -3,7 +3,7 @@ Include /etc/proftpd/modules.d/*.conf
ServerName "{{getenv "SERVER_NAME"}}" ServerName "{{getenv "SERVER_NAME"}}"
ServerType standalone ServerType standalone
DefaultServer on DefaultServer on
Port 2222 Port 22
UseIPv6 off UseIPv6 off
Umask {{ getenv "UMASK" "006 007" }} Umask {{ getenv "UMASK" "006 007" }}
MaxInstances 30 MaxInstances 30
@ -27,6 +27,6 @@ AuthUserFile /etc/proftpd/passwd
SFTPEngine on SFTPEngine on
SFTPAuthMethods password SFTPAuthMethods password
SFTPDHParamFile /etc/proftpd/keys/dhparams.pem SFTPDHParamFile /etc/proftpd/keys/dhparams.pem
SFTPHostKey /etc/proftpd/keys/ssh_key SFTPHostKey /etc/proftpd/keys/ssh_rsa_key
SFTPOptions IgnoreSCPUploadPerms IgnoreSFTPUploadPerms SFTPOptions IgnoreSCPUploadPerms IgnoreSFTPUploadPerms
</IfModule> </IfModule>

5
rootfs/etc/cont-init.d/02-dhparam Normal file
View File

@ -0,0 +1,5 @@
#!/usr/bin/with-contenv sh
if [ ! -f /etc/proftpd/keys/dhparams.pem ]; then
openssl dhparam -outform PEM -5 nbits >> /etc/proftpd/keys/dhparams.pem
fi

5
rootfs/etc/cont-init.d/03-ssh-keys Normal file
View File

@ -0,0 +1,5 @@
#!/usr/bin/with-contenv sh
if [ ! -f /etc/proftpd/keys/ssh_rsa_key ]; then
ssh-keygen -b 2048 -t rsa -f /etc/proftpd/keys/ssh_rsa_key -q -N ""
fi

6
rootfs/bin/static-user → rootfs/etc/cont-init.d/04-static-user Executable file → Normal file
View File

@ -1,12 +1,12 @@
#!/bin/sh #!/usr/bin/with-contenv sh
if [ ! -z ${STATIC_USER+x} ]; then if [ ! -z ${STATIC_USER+x} ]; then
echo ${STATIC_PASSWORD} | ftpasswd \ echo ${STATIC_PASSWORD} | ftpasswd \
--sha512 \ --sha512 \
--passwd \ --passwd \
--home /var/lib/ftp/data \ --home /var/lib/ftp/data \
--uid "2222" \ --uid "$STATIC_UID" \
--gid "2222" \ --gid "$STATIC_GID" \
--name "$STATIC_USER" \ --name "$STATIC_USER" \
--shell /bin/sh \ --shell /bin/sh \
--file /etc/proftpd/passwd \ --file /etc/proftpd/passwd \

1
rootfs/etc/fix-attrs.d/01-data Normal file
View File

@ -0,0 +1 @@
/var/lib/ftp/data/ true proftpd:access 0666 0777

2
rootfs/etc/s6-overlay/s6-rc.d/proftpd/dependencies
View File

@ -1,2 +0,0 @@
confd
static-user

3
rootfs/etc/s6-overlay/s6-rc.d/proftpd/run
View File

@ -1,3 +0,0 @@
#!/bin/sh
exec proftpd --nodaemon

1
rootfs/etc/s6-overlay/s6-rc.d/proftpd/type
View File

@ -1 +0,0 @@
longrun

1
rootfs/etc/s6-overlay/s6-rc.d/static-user/dependencies
View File

@ -1 +0,0 @@
confd

1
rootfs/etc/s6-overlay/s6-rc.d/static-user/type
View File

@ -1 +0,0 @@
oneshot

1
rootfs/etc/s6-overlay/s6-rc.d/static-user/up
View File

@ -1 +0,0 @@
static-user

0
rootfs/etc/s6-overlay/s6-rc.d/user/contents.d/proftpd
View File

3
rootfs/etc/services.d/proftpd/run Normal file
View File

@ -0,0 +1,3 @@
#!/usr/bin/with-contenv sh
exec proftpd --nodaemon