0
0
Fork 0
mirror of https://github.com/atmoz/sftp.git synced 2024-11-17 12:51:33 -05:00

Document and test bind-mounting with /etc/sftp.d/

This commit is contained in:
Adrian Dvergsdal 2016-03-17 21:27:41 +01:00
parent beae8655d9
commit 2d7f37cd20
2 changed files with 82 additions and 9 deletions

View file

@ -18,7 +18,7 @@ Usage
Examples Examples
-------- --------
### Simple example ### Simple docker run example
``` ```
docker run \ docker run \
@ -42,7 +42,7 @@ sftp:
#### Logging in #### Logging in
The OpenSSH server runs by default on port 22, and in this example, we are The OpenSSH server runs by default on port 22, and in this example, we are
forwarding the container's port 22 to the host's port 2222. To log in with an forwarding the container's port 22 to the host's port 2222. To log in with the
OpenSSH client, run: `sftp -P 2222 foo@<host-ip>` OpenSSH client, run: `sftp -P 2222 foo@<host-ip>`
### Store users in config ### Store users in config
@ -65,7 +65,7 @@ bar:abc:1002
### Encrypted password ### Encrypted password
Add `:e` behind password to mark it as encrypted. Use single quotes. Add `:e` behind password to mark it as encrypted. Use single quotes if using terminal.
``` ```
docker run \ docker run \
@ -90,3 +90,33 @@ docker run \
-p 2222:22 -d atmoz/sftp \ -p 2222:22 -d atmoz/sftp \
foo::1001 foo::1001
``` ```
### Execute custom scripts or applications
Put your programs in /etc/sftp.d/ and it will automatically run when the container starts.
See next section for an example.
### Bindmount dirs from another location
If you are using --volumes-from or just want to make a custom directory
available in user's home directory, you can add a script to /etc/sftp.d/ that
bindmounts after container starts.
```
#!/bin/bash
# Just an example (make your own):
function bindmount() {
if [ -d "$1" ]; then
mkdir -p "$2"
fi
mount --bind $3 "$1" "$2"
}
# Remember permissions, you may have to fix it:
# chown -R :users /data/common
bindmount /data/admin-tools /home/admin/tools
bindmount /data/common /home/dave/common
bindmount /data/common /home/peter/common
bindmount /data/docs /home/peter/docs --read-only
```

View file

@ -57,11 +57,13 @@ function afterTest() {
} }
function getSftpIp() { function getSftpIp() {
docker inspect -f {{.NetworkSettings.IPAddress}} "$sftpContainerName" docker inspect -f {{.NetworkSettings.IPAddress}} "$1"
} }
function runSftpCommands() { function runSftpCommands() {
ip="$(getSftpIp)" ip="$(getSftpIp $1)"
user="$2"
shift 2
commands="" commands=""
for cmd in "$@"; do for cmd in "$@"; do
@ -72,7 +74,7 @@ function runSftpCommands() {
-i "$scriptDir/id_rsa" \ -i "$scriptDir/id_rsa" \
-oStrictHostKeyChecking=no \ -oStrictHostKeyChecking=no \
-oUserKnownHostsFile=/dev/null \ -oUserKnownHostsFile=/dev/null \
-b - test@$ip \ -b - $user@$ip \
> "$redirect" 2>&1 > "$redirect" 2>&1
} }
@ -86,7 +88,7 @@ function testMinimalContainerStart() {
docker run \ docker run \
--name "$tmpContainerName" \ --name "$tmpContainerName" \
-d "$sftpImageName" \ -d "$sftpImageName" \
minimal::1111 \ minimal \
> "$redirect" > "$redirect"
sleep 1 sleep 1
@ -120,18 +122,59 @@ function testContainerIsRunning() {
function testLoginUsingSshKey() { function testLoginUsingSshKey() {
$skipAllTests && skip && return 0 $skipAllTests && skip && return 0
runSftpCommands "exit" runSftpCommands "$sftpContainerName" "test" "exit"
assertReturn $? 0 assertReturn $? 0
} }
function testWritePermission() { function testWritePermission() {
$skipAllTests && skip && return 0 $skipAllTests && skip && return 0
runSftpCommands "cd share" "mkdir test" "exit" runSftpCommands "$sftpContainerName" "test" "cd share" "mkdir test" "exit"
test -d "$tmpDir/test" test -d "$tmpDir/test"
assertReturn $? 0 assertReturn $? 0
} }
# Bind-mount folder using script in /etc/sftp.d/
function testCustomContainerStart() {
$skipAllTests && skip && return 0
tmpContainerName="$sftpContainerName""_custom"
mkdir -p "$tmpDir/custom/bindmount"
echo "mkdir -p /home/custom/bindmount && \
chown custom /home/custom/bindmount && \
mount --bind /custom /home/custom/bindmount" \
> "$tmpDir/mount.sh"
chmod +x "$tmpDir/mount.sh"
docker run \
--privileged=true \
--name "$tmpContainerName" \
-v "$scriptDir/id_rsa.pub":/home/custom/.ssh/keys/id_rsa.pub:ro \
-v "$tmpDir/custom/bindmount":/custom \
-v "$tmpDir/mount.sh":/etc/sftp.d/mount.sh \
--expose 22 \
-d "$sftpImageName" \
custom:123 \
> "$redirect"
sleep 1
ps="$(docker ps -q -f name="$tmpContainerName")"
assertNotEqual "$ps" ""
runSftpCommands "$tmpContainerName" "custom" "cd bindmount" "mkdir test" "exit"
test -d "$tmpDir/custom/bindmount/test"
assertReturn $? 0
if [ "$output" != "quiet" ]; then
docker logs "$tmpContainerName"
fi
if [ "$cleanup" == "cleanup" ]; then
docker rm -fv "$tmpContainerName" > "$redirect"
fi
}
############################################################################## ##############################################################################
# Run tests # Run tests