Docker container providing SFTP using an S3 bucket for the users' home directories.
docker pull ryanwinchester/s3fsftp:latest- For local dev, set the required environment variables in the
.envfile. - For production, set the ENV variables for the container runtime.
- Programs in
./scripts/sftp.dwill automatically run when the container starts. - Build docker container with
docker compose build(or./scripts/docker/build.sh). - Run docker container with
docker compose up(or./scripts/docker/run.sh).
AWS_S3_AUTHFILE- The name of the auth file used by s3fs (defaults to/etc/passwd-s3fs).AWS_S3_BUCKET* - The name of the bucket in S3 to mount.AWS_S3_CREDENTIALS* - AWS S3 credentials (key and ID).AWS_S3_MOUNT- The path to mount the bucket (defaults to/opt/s3fs/bucket)AWS_S3_REGION* - The region of the S3 bucket (e.g.ca-central-1).AWS_S3_URL* - The S3 url (e.g.https://s3.ca-central-1.amazonaws.com).SSH_HOST_DSA_KEY(base64-encoded)SSH_HOST_DSA_PUBLIC_KEY(base64-encoded)SSH_HOST_ECDSA_KEY(base64-encoded)SSH_HOST_ECDSA_PUBLIC_KEY(base64-encoded)SSH_HOST_ED25519_KEY(base64-encoded)SSH_HOST_ED25519_PUBLIC_KEY(base64-encoded)SSH_HOST_RSA_KEY(base64-encoded)SSH_HOST_RSA_PUBLIC_KEY(base64-encoded)USER_CONFIG* (base64-encoded)
*required
AWS_S3_CREDENTIALS
${AWS_KEY_ID}:${AWS_SECRET_ACCESS_KEY}USER_CONFIG (base64-encoded):
{
"users": [
{
"username": "foo",
"uid": 1004,
"gid": 1000,
"folders": [
{"path": "outgoing", "umask": "0770"}
],
"publicKeys": [
"ssh-rsa AAAAB3NzaC1yc2EAAAH+PqrlQ83wwpayFqTITgqZWL+UE8= foobar@example.com"
]
}
]
}- Built on
atmoz/sftp - Relies on
s3fs-fuse - Used part of the mounting script from
efrecon/docker-s3fs-client's entrypoint file.