diff --git a/.github/workflows/container_build.yml b/.github/workflows/container_build.yml new file mode 100644 index 0000000..cb35fd9 --- /dev/null +++ b/.github/workflows/container_build.yml @@ -0,0 +1,39 @@ +name: Build and Push Image +on: [ push,workflow_dispatch ] + +jobs: + build: + name: Build and push image + environment: MainCI + runs-on: ubuntu-20.04 + + steps: + - uses: actions/checkout@v3 + + - name: Shellcheck + id: Shellcheck + uses: ludeeus/action-shellcheck@master + + - name: Build Image + id: build-image + uses: redhat-actions/buildah-build@v2 + with: + image: vsftpd + tags: latest ${{ github.sha }} + containerfiles: | + ./Dockerfile + + # Podman Login action (https://github.com/redhat-actions/podman-login) also be used to log in, + # in which case 'username' and 'password' can be omitted. + - name: Push To docker.io + id: push-to-docker + uses: redhat-actions/push-to-registry@v2 + with: + image: ${{ steps.build-image.outputs.image }} + tags: ${{ steps.build-image.outputs.tags }} + registry: docker.io/osadal + username: osadal + password: ${{ secrets.REGISTRY_PASSWORD }} + + - name: Print image url + run: echo "Image pushed to ${{ steps.push-to-docker.outputs.registry-paths }}" diff --git a/Dockerfile b/Dockerfile old mode 100644 new mode 100755 diff --git a/README.md b/README.md index 38b1799..1481840 100644 --- a/README.md +++ b/README.md @@ -122,6 +122,12 @@ This image uses environment variables to allow the configuration of some paramet * Accepted values: * Description: Set to YES if you want to disable the PORT security check that ensures that outgoing data connections can only connect to the client. Only enable if you know what you are doing! Legitimate use for this is to facilitate FXP support. +---- +* Variable name: `LISTEN_PORT` +* Default value: 21 +* Accepted values: Any valid port number. +* Description: Set to a port above 1024 if you are using podman in rootless mode. + ---- Exposed ports and volumes diff --git a/run-vsftpd.sh b/run-vsftpd.sh index e731236..baf4c35 100644 --- a/run-vsftpd.sh +++ b/run-vsftpd.sh @@ -7,7 +7,8 @@ fi # If no env var has been specified, generate a random password for FTP_USER: if [ "$FTP_PASS" = "**Random**" ]; then - export FTP_PASS=`cat /dev/urandom | tr -dc A-Z-a-z-0-9 | head -c${1:-16}` + FTP_PASS=$(tr -dc A-Z-a-z-0-9 /etc/vsftpd/virtual_users.txt # Set passive mode parameters: if [ "$PASV_ADDRESS" = "**IPv4**" ]; then - export PASV_ADDRESS=$(/sbin/ip route|awk '/default/ { print $3 }') + PASV_ADDRESS=$(/sbin/ip route|awk '/default/ { print $3 }') + export PASV_ADDRESS fi -echo "pasv_address=${PASV_ADDRESS}" >> /etc/vsftpd/vsftpd.conf -echo "pasv_max_port=${PASV_MAX_PORT}" >> /etc/vsftpd/vsftpd.conf -echo "pasv_min_port=${PASV_MIN_PORT}" >> /etc/vsftpd/vsftpd.conf -echo "pasv_addr_resolve=${PASV_ADDR_RESOLVE}" >> /etc/vsftpd/vsftpd.conf -echo "pasv_enable=${PASV_ENABLE}" >> /etc/vsftpd/vsftpd.conf -echo "file_open_mode=${FILE_OPEN_MODE}" >> /etc/vsftpd/vsftpd.conf -echo "local_umask=${LOCAL_UMASK}" >> /etc/vsftpd/vsftpd.conf -echo "xferlog_std_format=${XFERLOG_STD_FORMAT}" >> /etc/vsftpd/vsftpd.conf -echo "reverse_lookup_enable=${REVERSE_LOOKUP_ENABLE}" >> /etc/vsftpd/vsftpd.conf -echo "pasv_promiscuous=${PASV_PROMISCUOUS}" >> /etc/vsftpd/vsftpd.conf -echo "port_promiscuous=${PORT_PROMISCUOUS}" >> /etc/vsftpd/vsftpd.conf +{ echo "pasv_address=${PASV_ADDRESS}"; echo "pasv_max_port=${PASV_MAX_PORT}"; echo "pasv_min_port=${PASV_MIN_PORT}"; echo "pasv_addr_resolve=${PASV_ADDR_RESOLVE}"; echo "pasv_enable=${PASV_ENABLE}"; echo "file_open_mode=${FILE_OPEN_MODE}"; echo "local_umask=${LOCAL_UMASK}"; echo "xferlog_std_format=${XFERLOG_STD_FORMAT}"; echo "reverse_lookup_enable=${REVERSE_LOOKUP_ENABLE}"; echo "pasv_promiscuous=${PASV_PROMISCUOUS}"; echo "port_promiscuous=${PORT_PROMISCUOUS}"; echo "listen_port=${LISTEN_PORT}"; } >> /etc/vsftpd/vsftpd.conf # Get log file path -export LOG_FILE=`grep xferlog_file /etc/vsftpd/vsftpd.conf|cut -d= -f2` +LOG_FILE=$(grep xferlog_file /etc/vsftpd/vsftpd.conf|cut -d= -f2) +export LOG_FILE # stdout server info: if [ ! $LOG_STDOUT ]; then @@ -62,7 +55,7 @@ cat << EOB ยท Redirect vsftpd log to STDOUT: No. EOB else - /usr/bin/ln -sf /dev/stdout $LOG_FILE + /usr/bin/ln -sf /dev/stdout "$LOG_FILE" fi # Run vsftpd: