From 29c403000908b66438c5e66de869bce793e5a288 Mon Sep 17 00:00:00 2001
From: maximumultraist <maximumultraist@cloaca.mozmail.com>
Date: Sat, 25 Jan 2025 00:13:24 -0500
Subject: [PATCH] Fix owner on /content

---
 compose.sftp.yml | 17 ++++++++++++++++-
 1 file changed, 16 insertions(+), 1 deletion(-)

diff --git a/compose.sftp.yml b/compose.sftp.yml
index 10b1a12..7a8fca7 100644
--- a/compose.sftp.yml
+++ b/compose.sftp.yml
@@ -14,12 +14,27 @@ services:
     secrets:
       - ssh_password
     volumes:
-      - content:/content
+      - content:/content:rw
     ports:
       - 2220:2222
     deploy:
       restart_policy:
         condition: on-failure
+  # The following is an admittedly hacky way of setting the owner
+  # of the `content` volume to the unprivileged `sftp` user, so
+  # that content can be transferred through the unprivileged sshd process
+  # using `scp` etc.
+  sshstart:
+    image: lscr.io/linuxserver/openssh-server:latest
+    user: root
+    depends_on:
+      - ssh
+    deploy:
+      restart_policy:
+        condition: none
+    volumes:
+      - content:/content:rw
+    entrypoint: [ "bash", "-c", "sleep 10 && chown -R 1000:1000 /content"]
 
 secrets:
   ssh_password: