sftp icon indicating copy to clipboard operation
sftp copied to clipboard
verified publisher icon atmoz

I want my users to use the data directory that is on my PVC on Kubernetes and not HOME directory

Open Skyhikeeper opened this issue 2 years ago • 1 comments

HI have installed the sftp with users, but the users are being created in the home directory, I need the users to be created in the directory that is on my PV storage so that it can be shared. I have also tried the sharing script that is available on the git page, but that does not seem to help. what is the best methos to allow multiple users to shar the same external directory easily.

Skyhikeeper avatar Jun 11 '23 05:06 Skyhikeeper

The bindmount script should allow you to do such. The bad part is that you must run with "privileged: true", disabling container isolation (ref. issue).

You can create a config map like this:

apiVersion: v1
kind: ConfigMap
metadata:
  name: sftp-mount-config
data:
  bindmount.sh: |-
    #!/bin/bash
    # File mounted as: /etc/sftp.d/bindmount.sh
    # Just an example (make your own)

    function bindmount() {
        if [ -d "$1" ]; then
            mkdir -p "$2"
        fi
        mount --bind $3 "$1" "$2"
    }

    # Remember permissions, you may have to fix them:
    # chown -R :users /data/common

    bindmount /files/your_folder /home/user1/your_folder
    bindmount /files/your_folder /home/user2/your_folder
    # add as many users you want

And then deployment would look like this:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: sftp-server
  labels:
    app: sftp-server
spec:
  replicas: 1
  selector:
    matchLabels:
      app: sftp-server
  template:
    metadata:
      labels:
        app: sftp-server
    spec:
      volumes:
        - name: sftp-data-vol
          persistentVolumeClaim:
            claimName: pvc-data
        - name: sftp-users-config-volume
          configMap:
            name: sftp-users-config
            items:
              - key: users.conf
                path: users.conf
            defaultMode: 420
        - name: sftp-mount-config-volume
          configMap:
            name: sftp-mount-config
            items:
              - key: bindmount.sh
                path: bindmount.sh
            defaultMode: 493 # Executable permission
      containers:
        - name: sftp-server
          image: atmoz/sftp
          ports:
            - containerPort: 22
              protocol: TCP
          resources: {}
          volumeMounts:
            - name: sftp-users-config-volume
              mountPath: /etc/sftp/users.conf
              subPath: users.conf # Here I'm passing users as a configmap, you could also pass by args if I'm not mistaken
            - name: sftp-mount-config-volume
              mountPath: /etc/sftp.d/bindmount.sh
              subPath: bindmount.sh
            - name: sftp-data-vol
              mountPath: /files
          securityContext:
            privileged: true

danton721 avatar Nov 15 '23 16:11 danton721