generated from coop-cloud/example
	sftp #4
| @ -26,3 +26,7 @@ COMPOSE_FILE="compose.yml" | ||||
|  | ||||
| # Optionally handle all URL requests using a single file (commonly index.html) | ||||
| #SINGLE_PAGE_SITE_HANDLER=/index.html | ||||
|  | ||||
| # Enable an SSH server to allow SFTP uploads to the web root | ||||
| #COMPOSE_FILE="$COMPOSE_FILE:compose.sftp.yml" | ||||
| #PUBLIC_KEY="ssh-ed25519 AAAAC3NzaJ1lZDI1NTE5AAAAIXqf4nxUxuGmLOaxXXXXXXXXoM/GwhcrAgmtbgXToaYmCJ user@host" # Replace with a public key you generate | ||||
							
								
								
									
										15
									
								
								README.md
									
									
									
									
									
								
							
							
						
						
									
										15
									
								
								README.md
									
									
									
									
									
								
							| @ -28,5 +28,20 @@ Custom HTML website, served using Nginx. | ||||
| abra app cp YOURAPPDOMAIN index.html app:/usr/share/nginx/html | ||||
| ``` | ||||
|  | ||||
| ## Allowing upload via SSH/SFTP | ||||
| To allow management of your site's files using scp, rsync or other SSH-based tools: | ||||
| 1. If you don't already have one, generate an SSH keypair using `ssh-keygen` | ||||
| 1. `abra app config YOURAPPDOMAIN` | ||||
| 2. Uncomment these lines and add your public key: | ||||
| ``` | ||||
| #COMPOSE_FILE="$COMPOSE_FILE:compose.sftp.yml" | ||||
| #PUBLIC_KEY="ssh-ed25519 AAAAC3NzaJ1lZDI1NTE5AAAAIXqf4nxUxuGmLOaxXXXXXXXXoM/GwhcrAgmtbgXToaYmCJ user@host" # Replace with a public key you generate | ||||
| ``` | ||||
| 3. `abra app undeploy YOURAPPDOMAIN` | ||||
| 3. `abra app deploy YOURAPPDOMAIN` | ||||
| 4. Test the SSH connection: `ssh -p 2220 sftp@YOURAPPDOMAIN` | ||||
| 5. You can copy local files into the server's web root with a command like: `scp -r -P 2220 * sftp@YOURAPPDOMAIN:/content` | ||||
|  | ||||
|  | ||||
| [`abra`]: https://git.autonomic.zone/autonomic-cooperative/abra | ||||
| [`coop-cloud/traefik`]: https://git.autonomic.zone/coop-cloud/traefik | ||||
|  | ||||
							
								
								
									
										41
									
								
								compose.sftp.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										41
									
								
								compose.sftp.yml
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,41 @@ | ||||
| version: "3.8" | ||||
| services: | ||||
|   ssh: | ||||
|     image: lscr.io/linuxserver/openssh-server:latest | ||||
|     networks: | ||||
|       - proxy | ||||
|     environment: | ||||
|       - PUID=1000 | ||||
|       - PGID=1000 | ||||
|       - TZ=Etc/UTC | ||||
|       - USER_NAME=sftp | ||||
|       - PUBLIC_KEY | ||||
|     volumes: | ||||
|       - content:/content:rw | ||||
|     ports: | ||||
|       - 2220:2222 | ||||
|     deploy: | ||||
|       restart_policy: | ||||
|         condition: on-failure | ||||
|   # The following is an admittedly hacky way of setting the owner | ||||
|   # of the `content` volume to the unprivileged `sftp` user, so | ||||
|   # that content can be transferred through the unprivileged sshd process | ||||
|   # using `scp` etc. | ||||
|   sshstart: | ||||
|     image: lscr.io/linuxserver/openssh-server:latest | ||||
|     user: root | ||||
|     depends_on: | ||||
|       - ssh | ||||
|     deploy: | ||||
|       restart_policy: | ||||
|         condition: none | ||||
|     volumes: | ||||
|       - content:/content:rw | ||||
|     entrypoint: [ "bash", "-c", "sleep 10 && chown -R 1000:1000 /content"] | ||||
|  | ||||
| volumes: | ||||
|   content: | ||||
|  | ||||
| networks: | ||||
|   proxy: | ||||
|     external: true | ||||
		Reference in New Issue
	
	Block a user