|
@@ -0,0 +1,37 @@
|
|
|
+FROM docker.io/alpine:3.13.2
|
|
|
+
|
|
|
+ARG OPENSSH_SERVER_PACKAGE_VERSION=8.4_p1-r3
|
|
|
+ENV SSHD_HOST_KEYS_DIR=/etc/ssh/host_keys
|
|
|
+ENV CLIENT_USER=nonroot
|
|
|
+ENV CLIENT_HOME=/home/$CLIENT_USER
|
|
|
+ARG CHROOT_PATH=/data
|
|
|
+RUN apk add --no-cache \
|
|
|
+ openssh-server="$OPENSSH_SERVER_PACKAGE_VERSION" \
|
|
|
+ openssh-sftp-server="$OPENSSH_SERVER_PACKAGE_VERSION" \
|
|
|
+ && mkdir "$SSHD_HOST_KEYS_DIR" \
|
|
|
+ && adduser -S -h "$CLIENT_HOME" "$CLIENT_USER" \
|
|
|
+ && sed -i "s/^$CLIENT_USER:!:/$CLIENT_USER:*:/" /etc/shadow \
|
|
|
+ && mkdir "$CLIENT_HOME/.ssh" \
|
|
|
+ && chmod -c a+rX "$CLIENT_HOME/.ssh" \
|
|
|
+ && mkdir "$CHROOT_PATH" \
|
|
|
+ && chmod -c a+rX "$CHROOT_PATH"
|
|
|
+VOLUME $SSHD_HOST_KEYS_DIR
|
|
|
+VOLUME $CHROOT_PATH
|
|
|
+
|
|
|
+COPY sshd_config /etc/ssh/sshd_config
|
|
|
+EXPOSE 2200/tcp
|
|
|
+
|
|
|
+ENV SSH_CLIENT_PUBLIC_KEYS=
|
|
|
+COPY entrypoint.sh /
|
|
|
+ENTRYPOINT ["/entrypoint.sh"]
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+USER 0
|
|
|
+CMD ["/usr/sbin/sshd", "-D", "-e"]
|
|
|
+
|
|
|
+
|
|
|
+ARG REVISION=
|
|
|
+LABEL org.opencontainers.image.title="single-user openssh server restricted to sftp access" \
|
|
|
+ org.opencontainers.image.source="https://github.com/fphammerle/docker-sftpd" \
|
|
|
+ org.opencontainers.image.revision="$REVISION"
|