Add FTP docker compose

docker/.env-default

@@ -91,6 +91,26 @@ HOST_ETC_KEEP_CONF=no
 # Keep empty for get nginx container ip
 HOST_ETC_HOST_IP=
 
+# FTP
+#FTP_DB_TABLE_NAME=ftp_users
+#
+#FTP_PORT_BIND=21
+#FTP_PASSIVE_PORT_1=30000
+#FTP_PASSIVE_PORT_2=30001
+#FTP_PASSIVE_PORT_3=30002
+#FTP_PASSIVE_PORT_4=30003
+#FTP_PASSIVE_PORT_5=30004
+#FTP_PASSIVE_PORT_6=30005
+#FTP_PASSIVE_PORT_7=30006
+#FTP_PASSIVE_PORT_8=30007
+#FTP_PASSIVE_PORT_9=30008
+#FTP_PASSIVE_PORT_10=30009
+#
+#FTP_SUBJECT_COUNTRY=BY
+#FTP_SUBJECT_CITY=Minsk
+#FTP_SUBJECT_ORGANIZATION=NoName
+#FTP_SUBJECT_DOMAIN=sample.com
+
 # AWS COMMANDS (-SERVICES- will be replaced)
 # "-" will be replaced to "_" (in composer command)
 # YOU NEED SET PROJECT_ENV_PATH_FORCE

docker/docker-compose.ftp.yml

@@ -0,0 +1,36 @@
+version: '2'
+
+services:
+ ftp:
+ image: drummerroma/pureftpd-mysql
+ hostname: ftpserver
+ container_name: ${COMPOSE_PROJECT_NAME}_ftp
+ entrypoint: /bin/bash -c "chmod 764 /home/run.sh && /home/run.sh"
+ environment:
+ - MYSQL_HOST=${MYSQL_HOST}
+ - MYSQL_PORT=${MYSQL_PORT}
+ - MYSQL_DATABASE=${MYSQL_DATABASE}
+ - MYSQL_USER=${MYSQL_USER}
+ - MYSQL_PASSWORD=${MYSQL_PASSWORD}
+ - SUBJ_C=${FTP_SUBJECT_COUNTRY}
+ - SUBJ_L=${FTP_SUBJECT_CITY}
+ - SUBJ_O=${FTP_SUBJECT_ORGANIZATION}
+ - SUBJ_CN=${FTP_SUBJECT_DOMAIN}
+ - FTP_DB_TABLE_NAME=${FTP_DB_TABLE_NAME}
+ ports:
+ - ${FTP_PORT_BIND}:21
+ - ${FTP_PASSIVE_PORT_1}:30000
+ - ${FTP_PASSIVE_PORT_2}:30001
+ - ${FTP_PASSIVE_PORT_3}:30002
+ - ${FTP_PASSIVE_PORT_4}:30003
+ - ${FTP_PASSIVE_PORT_5}:30004
+ - ${FTP_PASSIVE_PORT_6}:30005
+ - ${FTP_PASSIVE_PORT_7}:30006
+ - ${FTP_PASSIVE_PORT_8}:30007
+ - ${FTP_PASSIVE_PORT_9}:30008
+ - ${FTP_PASSIVE_PORT_10}:30009
+ volumes:
+ - ${PACKAGE_DOCKER_FOLDER}/ftp/run.sh:/home/run.sh
+ - ${PROJECT_DOCKER_FOLDER}/ftp/logs:/var/log/pure-ftpd
+ # Override to your folder if needed
+ - ${PROJECT_DOCKER_FOLDER}/ftp/data:/ftpdata

docker/ftp/data/.gitignore

@@ -0,0 +1,2 @@
+*
+!.gitignore

docker/ftp/ftp_users.sql

@@ -0,0 +1,21 @@
+create table ftp_users
+(
+ User varchar(16) default '' not null,
+ status enum ('0', '1') default '0' not null,
+ Password varchar(64) default '' not null,
+ Uid varchar(11) default '-1' not null,
+ Gid varchar(11) default '-1' not null,
+ Dir varchar(128) default '' not null,
+ ULBandwidth smallint default '0' not null,
+ DLBandwidth smallint default '0' not null,
+ comment tinytext not null,
+ ipaccess varchar(15) default '*' not null,
+ QuotaSize smallint default '0' not null,
+ QuotaFiles int default '0' not null,
+ constraint User
+ unique (User)
+)
+ charset = utf8;
+
+alter table ftp_users
+ add primary key (User);

docker/ftp/logs/.gitignore

@@ -0,0 +1,2 @@
+*
+!.gitignore

docker/ftp/run.sh

@@ -0,0 +1,40 @@
+#!/bin/bash
+
+cat << EOM > /etc/pure-ftpd/db/mysql.conf
+MYSQLServer $MYSQL_HOST
+MYSQLPort $MYSQL_PORT
+MYSQLUser $MYSQL_USER
+MYSQLPassword $MYSQL_PASSWORD
+MYSQLDatabase $MYSQL_DATABASE
+MYSQLCrypt md5
+MYSQLGetPW SELECT Password FROM $FTP_DB_TABLE_NAME WHERE User="\L" AND status="1" AND (ipaccess="*" OR ipaccess="\R")
+MYSQLGetUID SELECT Uid FROM $FTP_DB_TABLE_NAME WHERE User="\L" AND status="1" AND (ipaccess="*" OR ipaccess="\R")
+MYSQLGetGID SELECT Gid FROM $FTP_DB_TABLE_NAME WHERE User="\L" AND status="1" AND (ipaccess="*" OR ipaccess="\R")
+MYSQLGetDir SELECT Dir FROM $FTP_DB_TABLE_NAME WHERE User="\L" AND status="1" AND (ipaccess="*" OR ipaccess="\R")
+MYSQLGetDir SELECT CONCAT('/ftpdata/', Dir) FROM $FTP_DB_TABLE_NAME WHERE User="\L" AND status="1" AND (ipaccess="*" OR ipaccess="\R")
+MySQLGetQTAFS SELECT QuotaFiles FROM $FTP_DB_TABLE_NAME WHERE User="\L" AND status="1" AND (ipaccess="*" OR ipaccess="\R")
+MySQLGetQTASZ SELECT QuotaSize FROM $FTP_DB_TABLE_NAME WHERE User="\L" AND status="1" AND (ipaccess="*" OR ipaccess="\R")
+MySQLGetBandwidthUL SELECT ULBandwidth FROM $FTP_DB_TABLE_NAME WHERE User="\L" AND status="1" AND (ipaccess="*" OR ipaccess="\R")
+MySQLGetBandwidthDL SELECT DLBandwidth FROM $FTP_DB_TABLE_NAME WHERE User="\L" AND status="1" AND (ipaccess="*" OR ipaccess="\R")
+EOM
+
+# for options see: https://go2linux.garron.me/linux/2010/05/how-install-secure-pure-ftp-server-chrooted-virtual-users-743/
+echo ",21" > /etc/pure-ftpd/conf/Bind
+echo "yes" > /etc/pure-ftpd/conf/ChrootEveryone
+echo "yes" > /etc/pure-ftpd/conf/CreateHomeDir
+echo "yes" > /etc/pure-ftpd/conf/DontResolve
+echo "no" > /etc/pure-ftpd/conf/PAMAuthentication
+echo "no" > /etc/pure-ftpd/conf/UnixAuthentication
+echo "30000 30009" > /etc/pure-ftpd/conf/PassivePortRange
+echo "yes" > /etc/pure-ftpd/conf/VerboseLog
+echo "yes" > /etc/pure-ftpd/conf/BrokenClientsCompatibility
+# If you want to allow FTP and TLS sessions, run
+echo 1 > /etc/pure-ftpd/conf/TLS
+echo 10 > /etc/pure-ftpd/conf/MaxIdleTime
+echo "yes" > /etc/pure-ftpd/conf/IPV4Only
+
+openssl req -x509 -nodes -days 7300 -newkey rsa:2048 -keyout /etc/ssl/private/pure-ftpd.pem -out /etc/ssl/private/pure-ftpd.pem -subj "/C=${SUBJ_C}/ST=/L=${SUBJ_L}/O=${SUBJ_O}/OU=/CN=${SUBJ_CN}"
+chmod 600 /etc/ssl/private/pure-ftpd.pem
+
+chown -R ftpuser:ftpgroup /ftpdata
+service pure-ftpd-mysql restart && tail -f /var/log/*.log

docs/ENVIRONMENTS.md

@@ -5,6 +5,7 @@
  - [Server envs](#server-envs)
  - [Mysql envs](#mysql-envs)
  - [Redis envs](#redis-envs)
+ - [FTP envs](#ftp-envs)
  - [SSH envs](#ssh-envs)
  - [PHP-FPM envs](#php-fpm-envs)
  - [Testing envs](#testing-envs)
@@ -80,6 +81,20 @@ Property | Values | Description
 `REDIS_PASSWORD` | `(string)` | Redis password
 `REDIS_DATABASE` | `(string)` | Redis database
 
+## <a id="ftp-envs"></a>FTP env (service: ftp)
+
+`-f !!docker-compose.ftp.yml` add to `SERVICES` (default: not added)
+
+Property | Values | Description
+---------|--------|------------
+`FTP_DB_TABLE_NAME`| `(string)` `Default: ftp_users` | Mysql table name where stored ftp users
+`FTP_PORT_BIND`| `(int)` `Default: 21` | FTP primary port
+`FTP_PASSIVE_PORT_1-10` | `(int)` `Default: 30000-30009` | FTP passive ports 
+`FTP_SUBJECT_COUNTRY` | `(string)` | Country code (ISO 3166-1 alpha-2). For SSL
+`FTP_SUBJECT_CITY` | `(string)` | City name. For SSL
+`FTP_SUBJECT_ORGANIZATION` | `(string)` | Organization name. For SSL
+`FTP_SUBJECT_DOMAIN` | `(string)` | Organization name. For SSL
+
 ## <a id="ssh-envs"></a>SSH env (service: server)
 
 `-f !!docker-compose.yml` add to `SERVICES` (default: added)