Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

sshd_config - make 'Port' config key overridable using an env var #382

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

sshd_config - make 'Port' config key overridable using an env var #382

wants to merge 2 commits into from

Conversation

FXHibon
Copy link

@FXHibon FXHibon commented Jul 17, 2023
edited

As atmoz/sftp is a docker image by design, one can already simply change the exposed port of the running server using the appropriate docker run options, to map the internal port 22 to any external port.
It works very well in the majority of cases, as I've been able to experiment it myself.

However, there are a few cases where it is either not wanted or not possible to use this port mapping features.

For example, if you use atmoz/sftp in a CircleCI build, you won't be able to change the port mapping ( https://discuss.circleci.com/t/change-db-containers-ports/30234/6 ), even while the port 22 is reserved by CircleCI, and not usable to containers launched in the tests.

I've read about the custom scripts located in /etc/sftp.d ( https://github.com/atmoz/sftp#execute-custom-scripts-or-applications ) that might already allow one to override everything we want, but that might sounds a bit overengineered to provide a custom executable bash scripts to update a simple config key (this is opinionated, I'm ready to hear any different opinions on this)

Given the reasons listed above, I feel that it is reasonable to allow a user to override the SSHD port using a simple environment variable.

This Pull Request suggests an implementation of this.

@adrian-amaglio
Copy link

Hello,
I made it work with the current image by adding this script in /etc/sftp.d/
It allow you to change any SSHD configuration parameter via env vars.
For instance, you can set the ssh port by setting the SSHD_CONFIG_Port env var.

#!/bin/bash    
    
config_file=/etc/ssh/sshd_config    
    
# Browse env var        
while IFS='=' read key value ; do    
    # Until we get this specific prefix        
    if [[ "$key" == SSHD_CONFIG_* ]] ; then    
        key=${key#SSHD_CONFIG_}                    
                                       
        # If the config instruction exists in the config file    
        if [ -n "$(grep -F "$key" "$config_file")" ] ; then      
            # Replace it                                         
            sed -i "s#^$key .*\$#$key $value#" "$config_file"      
        else        
            # Else, add it                                           
            echo "$key $value" >> "$config_file"    
        fi        
    fi            
done < <(env)

@adrian-amaglio adrian-amaglio mentioned this pull request Oct 11, 2023
Open
@christianbur christianbur mentioned this pull request Oct 30, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@FXHibon @adrian-amaglio