forked from emmekappa/sftp-to-s3
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathentrypoint
42 lines (34 loc) · 1.13 KB
/
entrypoint
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
#!/bin/bash
# Initialize variables
user=$SFTP_USER
pass=$SFTP_PASSWORD
aws_access_key_id=$AWS_ACCESS_KEY_ID
aws_secret_access_key=$AWS_SECRET_ACCESS_KEY
bucket=$S3_BUCKET
key=$S3_KEY
kms_key_id=$KMS_KEY_ID
dir=/$user
creds=/aws
# Create mount directory
mkdir -p $dir
# Create sftp user
adduser --disabled-password --gecos "" $user
echo "$user:$pass" | chpasswd
# Create credentials file and change its permissions
echo $aws_access_key_id:$aws_secret_access_key > $creds
chmod 600 $creds
# Arguments for using with s3fs command
awscreds="-o passwd_file=$creds"
allow_other="-o allow_other"
allow_user="-o uid=$(id -u $user)"
https="-o url=https://s3.amazonaws.com"
# Set encryption if kms_key_id is passed
[[ -z ${kms_key_id} ]] && encryption="" || encryption="-o use_sse=k:$kms_key_id"
# Run command with arguments
s3fs $bucket:$key $dir $awscreds $allow_other $allow_user $encryption $https
# Remove content from user home directory and create symbolic link to mount directory
rm -vfr /home/$user
ln -s $dir /home/$user
printf "SFTP user: $user\nS3 Bucket: $bucket\nS3 Key: $key\n"
echo "Ready to accept connections..."
exec /usr/sbin/sshd -D