From 2a7e56ed29f506a0e82993fda5ff097d296aaa5d Mon Sep 17 00:00:00 2001 From: Nicola Murino Date: Sat, 7 Sep 2019 18:21:03 +0200 Subject: [PATCH] docker: minor fixes --- docker/sftpgo/alpine/Dockerfile | 11 ++++++----- docker/sftpgo/alpine/README.md | 20 +++++++++----------- docker/sftpgo/alpine/docker-entrypoint.sh | 2 +- docker/sftpgo/alpine/sftpgo.service | 2 +- docker/sftpgo/debian/Dockerfile | 14 +++++++------- docker/sftpgo/debian/README.md | 2 +- sftpd/server.go | 4 ++-- 7 files changed, 27 insertions(+), 28 deletions(-) diff --git a/docker/sftpgo/alpine/Dockerfile b/docker/sftpgo/alpine/Dockerfile index 99e2d457..6b5448af 100644 --- a/docker/sftpgo/alpine/Dockerfile +++ b/docker/sftpgo/alpine/Dockerfile @@ -1,23 +1,24 @@ FROM golang:1.13-alpine3.10 as builder RUN apk add --no-cache git gcc g++ ca-certificates \ - && go get -u github.com/drakkan/sftpgo + && go get -d github.com/drakkan/sftpgo WORKDIR /go/src/github.com/drakkan/sftpgo - +# uncomment the next line to get the latest stable version instead of the latest git +#RUN git checkout `git rev-list --tags --max-count=1` RUN go build -i -ldflags "-s -w -X github.com/drakkan/sftpgo/utils.commit=`git describe --always --dirty` -X github.com/drakkan/sftpgo/utils.date=`date -u +%FT%TZ`" -o /go/bin/sftpgo FROM alpine:3.10 RUN apk add --no-cache ca-certificates su-exec \ - && mkdir -p /data /etc/sftpgo + && mkdir -p /data /etc/sftpgo /srv/sftpgo/config COPY --from=builder /go/bin/sftpgo /bin/ COPY --from=builder /go/src/github.com/drakkan/sftpgo/sftpgo.json /etc/sftpgo/sftpgo.json COPY docker-entrypoint.sh /bin/entrypoint.sh RUN chmod +x /bin/entrypoint.sh -VOLUME /data +VOLUME [ "/data", "/srv/sftpgo/config" ] EXPOSE 2022 8080 ENTRYPOINT ["/bin/entrypoint.sh"] -CMD [] +CMD [] \ No newline at end of file diff --git a/docker/sftpgo/alpine/README.md b/docker/sftpgo/alpine/README.md index 0abb7c62..cd41fb6b 100644 --- a/docker/sftpgo/alpine/README.md +++ b/docker/sftpgo/alpine/README.md @@ -1,4 +1,4 @@ -# SFTPgo with Docker and Alpine +# SFTPGo with Docker and Alpine This DockerFile is made to build image to host multiple instances of SFTPgo started with different users. @@ -6,28 +6,28 @@ The volume for the configuration is not mandatory, but it will be necessary to c ### Example > 1003 is a custom uid:gid for this instance of SFTPgo -``` +```bash # Prereq on docker host sudo groupadd -g 1003 sftpgrp && \ sudo useradd -u 1003 -g 1003 sftpuser -d /home/sftpuser/ && \ sudo -u sftpuser mkdir /home/sftpuser/{conf,data} && \ curl https://raw.githubusercontent.com/drakkan/sftpgo/master/sql/sqlite/20190828.sql | sqlite3 /home/sftpuser/conf/sftpgo.db && \ - curl https://raw.githubusercontent.com/drakkan/sftpgo/master/sftpgo.json -o /home/sftpuser/conf/sftpgo.conf + curl https://raw.githubusercontent.com/drakkan/sftpgo/master/sftpgo.json -o /home/sftpuser/conf/sftpgo.json # Get and build SFTPgo image git clone https://github.com/drakkan/sftpgo.git && \ cd sftpgo && \ - sudo docker build -t sftpgo docker/alpine/ + sudo docker build -t sftpgo docker/sftpgo/alpine/ # Starting image sudo docker run --name sftpgo \ -e SFTPGO_LOG_FILE_PATH= \ - -e SFTPGO_CONFIG_DIR=/etc/sftpgo \ + -e SFTPGO_CONFIG_DIR=/srv/sftpgo/config \ -p 8080:8080 \ -p 2022:2022 \ -e PUID=1003 \ -e GUID=1003 \ - -v /home/sftpuser/conf/:/etc/sftpgo/ \ + -v /home/sftpuser/conf/:/srv/sftpgo/config \ -v /home/sftpuser/data:/data \ sftpgo ``` @@ -35,11 +35,9 @@ The script `entrypoint.sh` makes sure to correct the permissions of directories Several images can be run with another parameters. -### Custom systemD script -An example of systemD script is present [here](../../init/sftpgo-docker.service), with `Environment` parameter to set `PUID` and `GUID` +### Custom systemd script +An example of systemd script is present [here](sftpgo-docker.service), with `Environment` parameter to set `PUID` and `GUID` `WorkingDirectory` parameter must be exist with one file in this directory like `sftpgo-${PUID}.env` corresponding to the variable file for SFTPgo instance. -Enjoy - - +Enjoy \ No newline at end of file diff --git a/docker/sftpgo/alpine/docker-entrypoint.sh b/docker/sftpgo/alpine/docker-entrypoint.sh index 2bf42689..cd2463f9 100755 --- a/docker/sftpgo/alpine/docker-entrypoint.sh +++ b/docker/sftpgo/alpine/docker-entrypoint.sh @@ -2,6 +2,6 @@ set -eu -chown -R "${PUID}:${GUID}" /data /etc/sftpgo \ +chown -R "${PUID}:${GUID}" /data /etc/sftpgo /srv/sftpgo/config \ && exec su-exec "${PUID}:${GUID}" \ /bin/sftpgo serve "$@" diff --git a/docker/sftpgo/alpine/sftpgo.service b/docker/sftpgo/alpine/sftpgo.service index cae3575a..d70de15f 100644 --- a/docker/sftpgo/alpine/sftpgo.service +++ b/docker/sftpgo/alpine/sftpgo.service @@ -17,7 +17,7 @@ ExecStart=docker run --name sftpgo \ -e GUID=${GUID} \ -p 8080:8080 \ -p 2022:2022 \ - -v /home/sftpuser/conf/:/etc/sftpgo/ \ + -v /home/sftpuser/conf/:/srv/sftpgo/config \ -v /home/sftpuser/data:/data \ sftpgo ExecStop=docker stop sftpgo diff --git a/docker/sftpgo/debian/Dockerfile b/docker/sftpgo/debian/Dockerfile index 5aa9379c..2ec9b3cc 100644 --- a/docker/sftpgo/debian/Dockerfile +++ b/docker/sftpgo/debian/Dockerfile @@ -4,8 +4,8 @@ LABEL maintainer="nicola.murino@gmail.com" RUN go get -d github.com/drakkan/sftpgo WORKDIR /go/src/github.com/drakkan/sftpgo # uncomment the next line to get the latest stable version instead of the latest git -#RUN git checkout `git rev-list --tags --max-count=1` -RUN go build -i -ldflags "-s -w -X github.com/drakkan/sftpgo/utils.commit=`git describe --always --dirty` -X github.com/drakkan/sftpgo/utils.date=`date -u +%FT%TZ`" -o sftpgo +#RUN git checkout `git rev-list --tags --max-count=1` +RUN go build -i -ldflags "-s -w -X github.com/drakkan/sftpgo/utils.commit=`git describe --always --dirty` -X github.com/drakkan/sftpgo/utils.date=`date -u +%FT%TZ`" -o sftpgo # now define the run environment FROM debian:latest @@ -22,24 +22,24 @@ ARG GID=515 ENV HOME_DIR=${BASE_DIR}/${USERNAME} # DATA_DIR, this is a volume that you can use hold user's home dirs ENV DATA_DIR=${BASE_DIR}/${DATA_REL_DIR} -# CONFIG_DIR, this is a volume to persist the daemon private keys, configuration file ecc.. +# CONFIG_DIR, this is a volume to persist the daemon private keys, configuration file ecc.. ENV CONFIG_DIR=${BASE_DIR}/${CONFIG_REL_DIR} RUN mkdir -p ${DATA_DIR} ${CONFIG_DIR} RUN groupadd --system -g ${GID} ${GROUPNAME} RUN useradd --system --create-home --no-log-init --home-dir ${HOME_DIR} --comment "SFTPGo user" --shell /bin/false --gid ${GID} --uid ${UID} ${USERNAME} -WORKDIR ${HOME_DIR} +WORKDIR ${HOME_DIR} RUN mkdir -p bin .config/sftpgo ENV PATH ${HOME_DIR}/bin:$PATH -COPY --from=buildenv /go/src/github.com/drakkan/sftpgo/sftpgo bin/sftpgo +COPY --from=buildenv /go/src/github.com/drakkan/sftpgo/sftpgo bin/sftpgo # default config file to use if no config file is found inside the CONFIG_DIR volume. # You can override each configuration options via env vars too COPY --from=buildenv /go/src/github.com/drakkan/sftpgo/sftpgo.json .config/sftpgo/ -RUN chown -R ${UID}:${GID} ${DATA_DIR} +RUN chown -R ${UID}:${GID} ${DATA_DIR} # run as non root user -USER ${USERNAME} +USER ${USERNAME} EXPOSE 2022 8080 diff --git a/docker/sftpgo/debian/README.md b/docker/sftpgo/debian/README.md index 262aca9b..8a00a073 100644 --- a/docker/sftpgo/debian/README.md +++ b/docker/sftpgo/debian/README.md @@ -14,7 +14,7 @@ and you can run the Dockerfile using something like this: docker run --name sftpgo -p 8080:8080 -p 2022:2022 --mount type=bind,source=/srv/sftpgo/data,target=/app/data --mount type=bind,source=/srv/sftpgo/config,target=/app/config drakkan/sftpgo ``` -where `/srv/sftpgo/data` and `/srv/sftpgo/config` are two folders on the host system with write access for UID/GID defined inside the `Dockerfile`. You can choose to create a new user with a matching UID/GID pair or simply do something like: +where `/srv/sftpgo/data` and `/srv/sftpgo/config` are two folders on the host system with write access for UID/GID defined inside the `Dockerfile`. You can choose to create a new user, on the host system, with a matching UID/GID pair or simply do something like: ```bash diff --git a/sftpd/server.go b/sftpd/server.go index b71f3b0d..471bff32 100644 --- a/sftpd/server.go +++ b/sftpd/server.go @@ -301,10 +301,10 @@ func (c Configuration) handleSftpConnection(channel io.ReadWriteCloser, connecti server := sftp.NewRequestServer(channel, handler) if err := server.Serve(); err == io.EOF { - connection.Log(logger.LevelDebug, logSenderSCP, "connection closed") + connection.Log(logger.LevelDebug, logSender, "connection closed") server.Close() } else if err != nil { - connection.Log(logger.LevelError, logSenderSCP, "sftp connection closed with error: %v", err) + connection.Log(logger.LevelWarn, logSender, "connection closed with error: %v", err) } removeConnection(connection.ID)