Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

I want my users to use the data directory that is on my PVC on Kubernetes and not HOME directory #376

Open
Skyhikeeper opened this issue Jun 11, 2023 · 1 comment
Open

I want my users to use the data directory that is on my PVC on Kubernetes and not HOME directory #376

Skyhikeeper opened this issue Jun 11, 2023 · 1 comment

Comments

@Skyhikeeper
Copy link

HI have installed the sftp with users, but the users are being created in the home directory, I need the users to be created in the directory that is on my PV storage so that it can be shared. I have also tried the sharing script that is available on the git page, but that does not seem to help. what is the best methos to allow multiple users to shar the same external directory easily.
@danton721
Copy link

danton721 commented Nov 15, 2023
edited
Loading

The bindmount script should allow you to do such. The bad part is that you must run with "privileged: true", disabling container isolation (ref. issue).

You can create a config map like this:

apiVersion: v1
kind: ConfigMap
metadata:
  name: sftp-mount-config
data:
  bindmount.sh: |-
    #!/bin/bash
    # File mounted as: /etc/sftp.d/bindmount.sh
    # Just an example (make your own)

    function bindmount() {
        if [ -d "$1" ]; then
            mkdir -p "$2"
        fi
        mount --bind $3 "$1" "$2"
    }

    # Remember permissions, you may have to fix them:
    # chown -R :users /data/common

    bindmount /files/your_folder /home/user1/your_folder
    bindmount /files/your_folder /home/user2/your_folder
    # add as many users you want

And then deployment would look like this:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: sftp-server
  labels:
    app: sftp-server
spec:
  replicas: 1
  selector:
    matchLabels:
      app: sftp-server
  template:
    metadata:
      labels:
        app: sftp-server
    spec:
      volumes:
        - name: sftp-data-vol
          persistentVolumeClaim:
            claimName: pvc-data
        - name: sftp-users-config-volume
          configMap:
            name: sftp-users-config
            items:
              - key: users.conf
                path: users.conf
            defaultMode: 420
        - name: sftp-mount-config-volume
          configMap:
            name: sftp-mount-config
            items:
              - key: bindmount.sh
                path: bindmount.sh
            defaultMode: 493 # Executable permission
      containers:
        - name: sftp-server
          image: atmoz/sftp
          ports:
            - containerPort: 22
              protocol: TCP
          resources: {}
          volumeMounts:
            - name: sftp-users-config-volume
              mountPath: /etc/sftp/users.conf
              subPath: users.conf # Here I'm passing users as a configmap, you could also pass by args if I'm not mistaken
            - name: sftp-mount-config-volume
              mountPath: /etc/sftp.d/bindmount.sh
              subPath: bindmount.sh
            - name: sftp-data-vol
              mountPath: /files
          securityContext:
            privileged: true

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@danton721 @Skyhikeeper