[docker] docker-compose pure-ftpd ssh-server구성

docker-compose pure-ftpd ssh-server 구성

 

참고사항:

pure-ftpd ubuntu 14.04

ssh-server ubuntu 16.04

vmware NAT 환경시 문제가 생길수 있습니다. Bridge 환경으로 테스트 하시기 바랍니다.

 

Github

test@docker-test:~$ git clone https://github.com/visualwork/Docker-test.git

/Docker-test/test04 에 있습니다. 🙂

 

디렉토리 구조

ftp-server$ tree

├── docker-compose.yml
├── pure-ftpd
│       ├── Dockerfile
│       └── pureftpd.passwd
└── ssh-server
    └── Dockerfile

 

docker-compose 를 구성하기 위하여 디렉토리를 생성 합니다. 

test@docker-test:~$ mkdir ftp-server
test@docker-test:~$ cd ftp-server/
test@docker-test:~/ftp-server$ mkdir pure-ftpd
test@docker-test:~/ftp-server$ mkdir ssh-server
test@docker-test:~/ftp-server$ sudo mkdir /ftp-data
test@docker-test:~/ftp-server$ sudo chown test:test /ftp-data/

 

docker-compose.yml 파일 생성

test@docker-test:~/ftp-server$ pwd
/home/test/ftp-server
test@docker-test:~/ftp-server$ vi docker-compose.yml

version: '3'

services:
  pure-ftpd:
    build:
      context: pure-ftpd
    image: ftp/pure-ftpd:14.04
    container_name: ftpd
    ports:
      - "21:21"
      - "20000-20099:20000-20099"
    volumes:
      - "/ftp-data:/home/ftp"
    restart: always

  ssh-server:
    build:
      context: ssh-server
    image: ssh-server
    container_name: ssh-server
    ports:
      - "12341:22"
    volumes:
      - "/ftp-data:/home/test/ftp:ro"
    restart: always

 

 

ssh-server Dockerfile 생성

test@docker-test:~/ftp-server$ cd ssh-server/
test@docker-test:~/ftp-server/ssh-server$ vi Dockerfile
FROM ubuntu:16.04
MAINTAINER Sven Dowideit <SvenDowideit@docker.com>
 
#RUN apt-get update && apt-get install -y openssh-server
RUN apt-get update && apt-get install -y openssh-server \
&& mkdir /var/run/sshd \
&& useradd -ms /bin/bash test \
&& sed -ie 's/test:!/test:\$6\$pIPlIFrg\$WZRTmOoouwD6L\/IDgz8fw97agQjdeXticOJyayjUYwmiuNKkJE92rBtr0XDXhVE4rSi9PkWv8rtnA0rCuR6ts\//g' /etc/shadow \
&& sed -i 's/PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config \
&& sed 's@session\s*required\s*pam_loginuid.so@session optional pam_loginuid.so@g' -i /etc/pam.d/sshd
 
#COPY data/* /.ROOT/
 
ENV NOTVISIBLE "in users profile"
RUN echo "export VISIBLE=now" >> /etc/profile
 
EXPOSE 22
CMD ["/usr/sbin/sshd", "-D"]

test user 의 패스워드는 test1234 입니다.

 

pure-ftpd Dockerfile 생성

FROM ubuntu:14.04

MAINTAINER test@test

RUN apt-get update && \
apt-get install pure-ftpd openssl libpam-dev libcap2-dev libldap2-dev libmysqlclient-dev libmysqlclient15-dev libpq-dev libssl-dev po-debconf dpkg-dev debhelper -y

RUN mkdir /tmp/pure-ftpd/ && \
        cd /tmp/pure-ftpd/ && \
        apt-get source pure-ftpd && \
        cd pure-ftpd-* && \
        sed -i '/^optflags=/ s/$/ --without-capabilities/g' ./debian/rules && \
        dpkg-buildpackage -b -uc
RUN dpkg -i /tmp/pure-ftpd/pure-ftpd-common*.deb
RUN apt-get -y install openbsd-inetd
RUN dpkg -i /tmp/pure-ftpd/pure-ftpd_*.deb
RUN apt-mark hold pure-ftpd pure-ftpd-common
RUN cd /etc/pure-ftpd && \
adduser ftpd-data && \
mkdir /home/ftp && \
chown ftpd-data:ftpd-data -R /home/ftp && \
echo yes > ./conf/ChrootEveryone && \
echo yes > ./conf/DontResolve && \
echo yes > ./conf/NoChmod && \
echo yes > ./conf/ProhibitDotFilesWrite && \
echo yes > ./conf/CustomerProof && \
echo '20000 20099' > ./conf/PassivePortRange && \
echo ',21' > ./conf/Bind && \
echo '2' > ./conf/TLS && \
openssl req -x509 -nodes -days 1825 -newkey rsa:2048 -keyout /etc/ssl/private/pure-ftpd.pem -out /etc/ssl/private/pure-ftpd.pem -subj "/C=KR/ST=SouthKorea/L=Seoul/O=test.com/OU=IT Department/CN=ftp.test.com"
ADD pureftpd.passwd /etc/pure-ftpd/
RUN pure-pw mkdb
RUN ln -sf /dev/stdout /var/log/pure-ftpd/transfer.log
CMD /usr/sbin/pure-ftpd -l puredb:/etc/pure-ftpd/pureftpd.pdb -x -u 30 -H -S ,21 -O clf:/var/log/pure-ftpd/transfer.log -Z -A -p 20000:20099 -E -R -8 UTF-8 -Y 2
EXPOSE 21/tcp 20000-20099/tcp

 

pureftpd.passwd file 생성

test@docker-test:~/ftp-server/pure-ftpd$ pwd
/home/test/ftp-server/pure-ftpd
test@docker-test:~/ftp-server/pure-ftpd$ vi pureftpd.passwd
test:$1$P4DB31/0$iIPf8.YJ6XP6k1zsmQtJq1:1000:1000::/home/ftp/./::::::::::::

(pure-ftpd VirtualUser 생성시 pureftpd.passwd 파일에 계정을 추가 하면 됩니다.)

test / test1234 입니다.

 

ftp-server 실행

test@docker-test:~/ftp-server$ docker-compose up -d --build
test@docker-test:~/ftp-server$ docker ps
CONTAINER ID        IMAGE                 COMMAND                  CREATED             STATUS              PORTS                                                      NAMES
25725255d655        ftp/pure-ftpd:14.04   "/bin/sh -c '/usr/sb…"   8 seconds ago       Up 6 seconds        0.0.0.0:21->21/tcp, 0.0.0.0:20000-20099->20000-20099/tcp   ftpd
b319c9a53cb3        ssh-server            "/usr/sbin/sshd -D"      8 seconds ago       Up 6 seconds        0.0.0.0:12341->22/tcp                                      ssh-server
test@docker-test:~/ftp-server$

 

pure-ftp user 생성시 참고

test@docker-test:~/ftp-server$ docker ps
CONTAINER ID        IMAGE                 COMMAND                  CREATED             STATUS              PORTS                                                      NAMES
6906ee88690b        ftp/pure-ftpd:14.04   "/bin/sh -c '/usr/sb…"   37 seconds ago      Up 35 seconds       0.0.0.0:21->21/tcp, 0.0.0.0:20000-20099->20000-20099/tcp   ftpd
c48bb291d39e        ssh-server            "/usr/sbin/sshd -D"      37 seconds ago      Up 35 seconds       0.0.0.0:12341->22/tcp                                      ssh-server
test@docker-test:~/ftp-server$ docker exec -it 6906ee88690b /bin/bash

root@6906ee88690b:/# pure-pw useradd test1 -u ftpd-data -g ftpd-data -d /home/ftp
Password:
Enter it again:
root@6906ee88690b:/# pure-pw mkdb


root@6906ee88690b:/# cat /etc/pure-ftpd/pureftpd.passwd
test:$1$P4DB31/0$iIPf8.YJ6XP6k1zsmQtJq1:1000:1000::/home/ftp/./::::::::::::
test1:$1$R4VNLgS0$Upx3H9Fky0V/LJ9uNALim.:1000:1000::/home/ftp/./::::::::::::

 

pureftpd.passwd 파일에 user:password 필드로 입력하면 됩니다.

컨테이너의  /etc/pure-ftpd/pureftpd.passwd 파일에서 패스워드를 확인 가능 합니다.

test@docker-test:~/ftp-server/pure-ftpd$ cat pureftpd.passwd
test:$1$P4DB31/0$iIPf8.YJ6XP6k1zsmQtJq1:1000:1000::/home/ftp/./::::::::::::

 

 

filezilla 접속테스트

 

별도로 Test는 진행하지 않았지만 sshfs 로 mount 를 할수 있습니다.

ssh-server port 12341 로 mount 하여 사용할수 있습니다. 🙂

 

 

 

 

댓글 남기기