Support encrypted passwords and custom UID/GID

Dockerfile

@@ -9,11 +9,12 @@ RUN apt-get update && \
 # sshd needs this directory to run
 RUN mkdir -p /var/run/sshd
 
-# Add configuration and run script
+# Add configuration and script
 ADD . /root
 WORKDIR /root
-RUN mv sshd_config /etc/ssh/sshd_config
+RUN mv sshd_config /etc/ssh/sshd_config && \
+    chmod +x run
 
 EXPOSE 22
 
-CMD ["/bin/bash", "run"]
+CMD ["./run"]

README.md

@@ -1,36 +1,63 @@
 sftp
 ====
 
-Simple and easy to use SFTP server based on Debian
+Easy to use SFTP (*SSH File Transfer Protocol*) server.
 
 Usage
 -----
 
-- Define users and passwords in comma separated list with SFTP_USERS ("user1:pass1,user2:pass2").
+- Define users and passwords in comma separated list with SFTP_USERS (syntax:
+  `user:pass[:e][:[uid][:gid]][,...]`).
+  - You must set custom UID and/or GID for your users if you want them to make
+    changes to your mounted volumes with permissions matching your host
+    filesystem.
 - Mount volumes in user's home folder.
-
-The users are chrooted to their home folders, so it is important to mount the volumes in separate folders inside the user's home folder (/home/your-user/**your-folder**).
+  - The users are chrooted to their home directory, so you must mount the
+    volumes in separate directories inside the user's home directory
+    (/home/user/**mounted-directory**).
 
 Examples
 --------
 
-Simple (one user and one folder):
+### Single user and volume
 
 ```
 docker run \
-    -e SFTP_USERS="foo:123" \
-    -v "/sftp/share:/home/foo/share" \
+    -e SFTP_USERS='foo:123' \
+    -v "/host/share:/home/foo/share" \
     -p 2222:22 -d atmoz/sftp
 ```
 
-Multiple users and folders:
+### Multiple users and volumes
 
 ```
 docker run \
-    -e SFTP_USERS="foo:123,bar:abc" \
-    -v "/sftp/share:/home/foo/share" \
-    -v "/sftp/ebooks:/home/foo/ebooks" \
-    -v "/sftp/http:/home/bar/http" \
+    -e SFTP_USERS='foo:123,bar:abc' \
+    -v "/host/share:/home/foo/share" \
+    -v "/host/documents:/home/foo/documents" \
+    -v "/host/http:/home/bar/http" \
     -p 2222:22 -d atmoz/sftp
 ```
 
+### Custom UID and GID
+
+```
+SFTP_USERS='foo:123:1001:100'
+```
+
+Only custom GID:
+
+```
+SFTP_USERS='foo:123::100'
+```
+
+### Encrypted password
+
+Add `:e` behind password to mark it as encrypted:
+
+```
+SFTP_USERS='foo:$1$0G2g0GSt$ewU0t6GXG15.0hWoOX8X9.:e:1001:100'
+```
+
+Tip: you can use makepasswd to generate encrypted passwords:
+`echo -n 123 | makepasswd --crypt-md5 --clearfrom -`

run

@@ -1,17 +1,35 @@
 #!/bin/bash
 
-# Add users
+# Add users (user:pass[:e][:[uid][:gid]][,...])
 IFS=',' read -a users <<< "$SFTP_USERS"
 for userData in "${users[@]}"; do
     IFS=':' read -a data <<< "$userData"
     user="${data[0]}"
     pass="${data[1]}"
 
-    useradd $user
-    echo "$user:$pass" | chpasswd
+    if [ "${data[2]}" == "e" ]; then
+        chpasswdParams="-e"
+        uid="${data[3]}"
+        gid="${data[4]}"
+    else
+        uid="${data[2]}"
+        gid="${data[3]}"
+    fi
+
+    useraddParams="-m -N"
+
+    if [ -n "$uid" ]; then
+        useraddParams="$useraddParams -o -u $uid"
+    fi
+
+    if [ -n "$gid" ]; then
+        useraddParams="$useraddParams -g $gid"
+    fi
+
+    useradd $useraddParams "$user"
+    echo "$user:$pass" | chpasswd $chpasswdParams
     chown root:root /home/$user
     chmod 755 /home/$user
-    chown -R $user:users /home/$user/*
 done
 
 # Run SSH