Add MinIO authomatic sync

Dockerfile

@@ -1,6 +1,19 @@
-FROM alpine:latest
-MAINTAINER Adrian Dvergsdal [atmoz.net]
+FROM golang:1.13-alpine
+
+LABEL maintainer="Miguel Angel <[email protected]>"
+
+ENV GOPATH /go
+ENV CGO_ENABLED 0
+ENV GO111MODULE on
+ENV MC_RELEASE RELEASE.2019-10-09T22-54-57Z
 
+RUN  \
+     apk add --no-cache git && \
+     git clone https://github.com/minio/mc && cd mc && \
+     git checkout ${MC_RELEASE} && \
+     go install -v -ldflags "$(go run buildscripts/gen-ldflags.go)"
+
+FROM alpine:latest
 # Steps done in one RUN layer:
 # - Install packages
 # - Fix default group (1000 does not exist)
@@ -14,6 +27,7 @@ RUN echo "@community http://dl-cdn.alpinelinux.org/alpine/edge/community" >> /et
 
 COPY files/sshd_config /etc/ssh/sshd_config
 COPY files/create-sftp-user /usr/local/bin/
+COPY --from=0 /go/bin/mc /usr/local/bin/
 COPY files/entrypoint /
 
 EXPOSE 22

README.md

@@ -1,18 +1,10 @@
 # SFTP
 
-![Docker Automated build](https://img.shields.io/docker/automated/atmoz/sftp.svg) ![Docker Build Status](https://img.shields.io/docker/build/atmoz/sftp.svg) ![Docker Stars](https://img.shields.io/docker/stars/atmoz/sftp.svg) ![Docker Pulls](https://img.shields.io/docker/pulls/atmoz/sftp.svg)
-
-![OpenSSH logo](https://raw.githubusercontent.com/atmoz/sftp/master/openssh.png "Powered by OpenSSH")
-
-# Supported tags and respective `Dockerfile` links
-
-- [`debian-stretch`, `debian`, `latest` (*Dockerfile*)](https://github.com/atmoz/sftp/blob/master/Dockerfile) [![](https://images.microbadger.com/badges/image/atmoz/sftp.svg)](http://microbadger.com/images/atmoz/sftp "Get your own image badge on microbadger.com")
-- [`debian-jessie` (*Dockerfile*)](https://github.com/atmoz/sftp/blob/debian-jessie/Dockerfile) [![](https://images.microbadger.com/badges/image/atmoz/sftp:debian-jessie.svg)](http://microbadger.com/images/atmoz/sftp:debian-jessie "Get your own image badge on microbadger.com")
-- [`alpine` (*Dockerfile*)](https://github.com/atmoz/sftp/blob/alpine/Dockerfile) [![](https://images.microbadger.com/badges/image/atmoz/sftp:alpine.svg)](http://microbadger.com/images/atmoz/sftp:alpine "Get your own image badge on microbadger.com")
+![OpenSSH logo](https://raw.githubusercontent.com/thar/sftpminiogateway/master/openssh.png "Powered by OpenSSH")
 
 # Securely share your files
 
-Easy to use SFTP ([SSH File Transfer Protocol](https://en.wikipedia.org/wiki/SSH_File_Transfer_Protocol)) server with [OpenSSH](https://en.wikipedia.org/wiki/OpenSSH).
+Easy to use SFTP ([SSH File Transfer Protocol](https://en.wikipedia.org/wiki/SSH_File_Transfer_Protocol)) server with [OpenSSH](https://en.wikipedia.org/wiki/OpenSSH) to ([MinIO](https://min.io)) gateway.
 This is an automated build linked with the [debian](https://hub.docker.com/_/debian/) and [alpine](https://hub.docker.com/_/alpine/) repositories.
 
 # Usage
@@ -32,38 +24,30 @@ This is an automated build linked with the [debian](https://hub.docker.com/_/deb
     own home directory, so make sure there are at least one subdirectory if you
     want them to upload files.
   - For consistent server fingerprint, mount your own host keys (i.e. `/etc/ssh/ssh_host_*`)
+- Define MinIO server in `MINIO_URL`, `MINIO_ACCESS_KEY` and `MINIO_SECRET_KEY` environment variables
 
 # Examples
 
 ## Simplest docker run example
 
 ```
-docker run -p 22:22 -d atmoz/sftp foo:pass:::upload
+docker run -p 2222:22 -d --env MINIO_URL=http://localhost:9000 --env MINIO_ACCESS_KEY=AKIAIOSFODNN7EXAMPLE --env MINIO_SECRET_KEY=wJalrXUtnFEMIK7MDENGbPxRfiCYEXAMPLEKEY thar/sftpminiogateway foo:pass:::foobucket
 ```
 
-User "foo" with password "pass" can login with sftp and upload files to a folder called "upload". No mounted directories or custom UID/GID. Later you can inspect the files and use `--volumes-from` to mount them somewhere else (or see next example).
-
-## Sharing a directory from your computer
-
-Let's mount a directory and set UID:
-
-```
-docker run \
-    -v /host/upload:/home/foo/upload \
-    -p 2222:22 -d atmoz/sftp \
-    foo:pass:1001
-```
+User "foo" with password "pass" can login with sftp and upload files to a folder called "foobucket". The files will be backed up automatically to a bucket with name "foobucket" in the MinIO server.
 
 ### Using Docker Compose:
 
 ```
 sftp:
-    image: atmoz/sftp
-    volumes:
-        - /host/upload:/home/foo/upload
+    image: thar/sftpminiogateway
+    environment:
+        - MINIO_URl=http://localhost:9000
+        - MINIO_ACCESS_KEY=AKIAIOSFODNN7EXAMPLE
+        - MINIO_SECRET_KEY=wJalrXUtnFEMIK7MDENGbPxRfiCYEXAMPLEKEY
     ports:
         - "2222:22"
-    command: foo:pass:1001
+    command: foo:pass:::foobucket
 ```
 
 ### Logging in
@@ -75,16 +59,15 @@ The OpenSSH server runs by default on port 22, and in this example, we are forwa
 ```
 docker run \
     -v /host/users.conf:/etc/sftp/users.conf:ro \
-    -v mySftpVolume:/home \
-    -p 2222:22 -d atmoz/sftp
+    -p 2222:22 -d thar/sftpminiogateway
 ```
 
 /host/users.conf:
 
 ```
-foo:123:1001:100
-bar:abc:1002:100
-baz:xyz:1003:100
+foo:123:1001:100:foobucket
+bar:abc:1002:100:barbucket
+baz:xyz:1003:100:bazbucket
 ```
 
 ## Encrypted password
@@ -93,9 +76,11 @@ Add `:e` behind password to mark it as encrypted. Use single quotes if using ter
 
 ```
 docker run \
-    -v /host/share:/home/foo/share \
-    -p 2222:22 -d atmoz/sftp \
-    'foo:$1$0G2g0GSt$ewU0t6GXG15.0hWoOX8X9.:e:1001'
+    --env MINIO_URL=http://localhost:9000 \
+    --env MINIO_ACCESS_KEY=AKIAIOSFODNN7EXAMPLE \
+    --env MINIO_SECRET_KEY=wJalrXUtnFEMIK7MDENGbPxRfiCYEXAMPLEKEY \
+    -p 2222:22 -d thar/sftpminiogateway \
+    'foo:$1$0G2g0GSt$ewU0t6GXG15.0hWoOX8X9.:e::foobucket'
 ```
 
 Tip: you can use [atmoz/makepasswd](https://hub.docker.com/r/atmoz/makepasswd/) to generate encrypted passwords:  
@@ -109,9 +94,11 @@ Mount public keys in the user's `.ssh/keys/` directory. All keys are automatical
 docker run \
     -v /host/id_rsa.pub:/home/foo/.ssh/keys/id_rsa.pub:ro \
     -v /host/id_other.pub:/home/foo/.ssh/keys/id_other.pub:ro \
-    -v /host/share:/home/foo/share \
-    -p 2222:22 -d atmoz/sftp \
-    foo::1001
+    --env MINIO_URL=http://localhost:9000 \
+    --env MINIO_ACCESS_KEY=AKIAIOSFODNN7EXAMPLE \
+    --env MINIO_SECRET_KEY=wJalrXUtnFEMIK7MDENGbPxRfiCYEXAMPLEKEY \
+    -p 2222:22 -d thar/sftpminiogateway \
+    foo::::foobucket
 ```
 
 ## Providing your own SSH host key (recommended)
@@ -122,9 +109,11 @@ This container will generate new SSH host keys at first run. To avoid that your
 docker run \
     -v /host/ssh_host_ed25519_key:/etc/ssh/ssh_host_ed25519_key \
     -v /host/ssh_host_rsa_key:/etc/ssh/ssh_host_rsa_key \
-    -v /host/share:/home/foo/share \
-    -p 2222:22 -d atmoz/sftp \
-    foo::1001
+    --env MINIO_URL=http://localhost:9000 \
+    --env MINIO_ACCESS_KEY=AKIAIOSFODNN7EXAMPLE \
+    --env MINIO_SECRET_KEY=wJalrXUtnFEMIK7MDENGbPxRfiCYEXAMPLEKEY \
+    -p 2222:22 -d thar/sftpminiogateway \
+    foo::::foobucket
 ```
 
 Tip: you can generate your keys with these commands:
@@ -134,38 +123,6 @@ ssh-keygen -t ed25519 -f ssh_host_ed25519_key < /dev/null
 ssh-keygen -t rsa -b 4096 -f ssh_host_rsa_key < /dev/null
 ```
 
-## Execute custom scripts or applications
-
-Put your programs in `/etc/sftp.d/` and it will automatically run when the container starts.
-See next section for an example.
-
-## Bindmount dirs from another location
-
-If you are using `--volumes-from` or just want to make a custom directory available in user's home directory, you can add a script to `/etc/sftp.d/` that bindmounts after container starts.
-
-```
-#!/bin/bash
-# File mounted as: /etc/sftp.d/bindmount.sh
-# Just an example (make your own)
-
-function bindmount() {
-    if [ -d "$1" ]; then
-        mkdir -p "$2"
-    fi
-    mount --bind $3 "$1" "$2"
-}
-
-# Remember permissions, you may have to fix them:
-# chown -R :users /data/common
-
-bindmount /data/admin-tools /home/admin/tools
-bindmount /data/common /home/dave/common
-bindmount /data/common /home/peter/common
-bindmount /data/docs /home/peter/docs --read-only
-```
-
-**NOTE:** Using `mount` requires that your container runs with the `CAP_SYS_ADMIN` capability turned on. [See this answer for more information](https://github.com/atmoz/sftp/issues/60#issuecomment-332909232).
-
 # What's the difference between Debian and Alpine?
 
 The biggest differences are in size and OpenSSH version. [Alpine](https://hub.docker.com/_/alpine/) is 10 times smaller than [Debian](https://hub.docker.com/_/debian/). OpenSSH version can also differ, as it's two different teams maintaining the packages. Debian is generally considered more stable and only bugfixes and security fixes are added after each Debian release (about 2 years). Alpine has a faster release cycle (about 6 months) and therefore newer versions of OpenSSH. As I'm writing this, Debian has version 7.4 while Alpine has version 7.5. Recommended reading: [Comparing Debian vs Alpine for container & Docker apps](https://www.turnkeylinux.org/blog/alpine-vs-debian)

files/create-sftp-user

@@ -93,11 +93,14 @@ fi
 if [ -n "$dir" ]; then
     IFS=',' read -ra dirArgs <<< "$dir"
     for dirPath in "${dirArgs[@]}"; do
+        bucket="$dirPath"
         dirPath="/home/$user/$dirPath"
         if [ ! -d "$dirPath" ]; then
             log "Creating directory: $dirPath"
             mkdir -p "$dirPath"
             chown -R "$uid:users" "$dirPath"
+            mc mirror minio/${bucket} ${dirPath}
+            mc mirror -w --overwrite ${dirPath} minio/${bucket} &
         else
             log "Directory already exists: $dirPath"
         fi

files/entrypoint

@@ -11,6 +11,7 @@ reArgSkip='^([[:blank:]]*#.*|[[:blank:]]*)$' # comment or empty line
 userConfPath="/etc/sftp/users.conf"
 userConfPathLegacy="/etc/sftp-users.conf"
 userConfFinalPath="/var/run/sftp/users.conf"
+minioConfPath="/root/.mc/config.json"
 
 function log() {
     echo "[$0] $*" >&2
@@ -29,6 +30,25 @@ if [ ! -f "$userConfPath" ] && [ -f "$userConfPathLegacy" ]; then
     ln -s "$userConfPathLegacy" "$userConfPath"
 fi
 
+# Create minio config file
+if [ ! -f "$minioConfPath" ]; then
+    mkdir -p "$(dirname $minioConfPath)"
+    cat > $minioConfPath << EOF
+{
+	"version": "9",
+	"hosts": {
+		"minio": {
+			"url": "${MINIO_URL}",
+			"accessKey": "${MINIO_ACCESS_KEY}",
+			"secretKey": "${MINIO_SECRET_KEY}",
+			"api": "S3v4",
+			"lookup": "auto"
+		}
+	}
+}
+EOF
+fi
+
 # Create users only on first run
 if [ ! -f "$userConfFinalPath" ]; then
     mkdir -p "$(dirname $userConfFinalPath)"