FTP Server VSFTPD meets alpine

FTP Server image with: (http://vsftpd.beasts.org)
State: Working but could be improved here and there.

Getting Started

Syntax: docker -d [Options] jusito/vsftpd-alpine:*TAG*

Which use case? Choose your Tag below.
Pick name & password. -e MY_NAME="docker" -e MY_PASSWORD="MySecurePW"
Which ID do the data have or should they keep? -e MY_USER_ID="124" -e MY_GROUP_ID="124"
Give me 12 ports (20, 21, 10090-10100 in the container): -p 10020:20 -p 10021:21 -p 10090-10100:10090-10100
Volume to access? -v VolumeToManage:/home/*USER*/

Example:

Only one user
FTP Login docker, password MySecurePW
Data uploaded should be owned by user 124 and group 124
External ports are 10020, 10021, 10090-10100
A volume with existing data or a new volume should be used

docker run -d \
 -e MY_NAME="docker" -e MY_PASSWORD="MySecurePW" \
 -e MY_USER_ID="10000" -e MY_GROUP_ID="10000" \
 -p 10020:20 -p 10021:21 -p 10090-10100:10090-10100 \
 -v VolumeToManage:/home/docker/ \
 jusito/vsftpd-alpine:simple

Example for Windows-Network-Mount:

You need: -e pasv_address="YourHostIP(not domain)"

docker run -d \
 -e MY_NAME="docker" -e MY_PASSWORD="MySecurePW" \
 -e MY_USER_ID="10000" -e MY_GROUP_ID="10000" \
 -p 10020:20 -p 10021:21 -p 10090-10100:10090-10100 \
 -v VolumeToManage:/home/docker/ \
 -e pasv_address="YourHostIP(not domain)" \
 jusito/vsftpd-alpine:simple

Environment Variables

(all variables from x, all default values)[http://vsftpd.beasts.org/vsftpd_conf.html]:

windows mount

pasv_address => set to ip for windows usage
thanks to
https://github.com/onjin/docker-alpine-vsftpd

free to change

VSFTPD Configuration (click me)

Not in man page, but needed for dockerize:

|Name|Default|
|——|———-|
|seccomp_sandbox|YES|
|allow_writeable_chroot|YES|

In man page:

|Name|Default|
|——|———-|
|allow_anon_ssl|NO|
|anon_mkdir_write_enable|NO|
|anon_other_write_enable|NO|
|anon_upload_enable|NO|
|anon_world_readable_only|YES|
|anonymous_enable|YES|
|ascii_download_enable|NO|
|ascii_upload_enable|NO|
|async_abor_enable|NO|
|background|NO|
|check_shell|YES|
|chmod_enable|YES|
|chown_uploads|NO|
|chroot_list_enable|NO|
|chroot_local_user|NO|
|connect_from_port_20|NO|
|debug_ssl|NO|
|delete_failed_uploads|NO|
|deny_email_enable|NO|
|dirlist_enable|YES|
|dirmessage_enable|NO|
|download_enable|YES|
|dual_log_enable|NO|
|force_dot_files|NO|
|force_anon_data_ssl|NO|
|force_anon_logins_ssl|NO|
|force_local_data_ssl|YES|
|force_local_logins_ssl|YES|
|guest_enable|NO|
|hide_ids|NO|
|implicit_ssl|NO|
|listen|YES|
|listen_ipv6|NO|
|local_enable|NO|
|lock_upload_files|YES|
|log_ftp_protocol|NO|
|ls_recurse_enable|NO|
|mdtm_write|YES|
|no_anon_password|NO|
|no_log_lock|NO|
|one_process_model|NO|
|passwd_chroot_enable|NO|
|pasv_addr_resolve|NO|
|pasv_enable|YES|
|pasv_promiscuous|NO|
|port_enable|YES|
|port_promiscuous|NO|
|require_cert|NO|
|require_ssl_reuse|YES|
|run_as_launching_user|NO|
|secure_email_list_enable|NO|
|session_support|NO|
|setproctitle_enable|NO|
|ssl_enable|NO|
|ssl_request_cert|YES|
|ssl_sslv2|NO|
|ssl_sslv3|NO|
|ssl_tlsv1|YES|
|strict_ssl_read_eof|NO|
|strict_ssl_write_shutdown|NO|
|syslog_enable|NO|
|tcp_wrappers|NO|
|text_userdb_names|NO|
|tilde_user_enable|NO|
|use_localtime|NO|
|use_sendfile|YES|
|userlist_deny|YES|
|userlist_enable|NO|
|validate_cert|NO|
|virtual_use_local_privs|NO|
|write_enable|NO|
|xferlog_enable|NO|
|xferlog_std_format|NO|
|accept_timeout|60|
|anon_max_rate|0|
|anon_umask|077|
|chown_upload_mode|0600|
|connect_timeout|60|
|data_connection_timeout|300|
|delay_failed_login|1|
|delay_successful_login|0|
|file_open_mode|0666|
|ftp_data_port|20|
|idle_session_timeout|300|
|listen_port|21|
|local_max_rate|0|
|local_umask|077|
|max_clients|0|
|max_login_fails|3|
|max_per_ip|0|
|pasv_max_port|0|
|pasv_min_port|0|
|trans_chunk_size|0|
|anon_root|””|
|banned_email_file|”/etc/vsftpd.banned_emails”|
|banner_file|””|
|ca_certs_file|””|
|chown_username|”root”|
|chroot_list_file|”/etc/vsftpd.chroot_list”|
|cmds_allowed|””|
|cmds_denied|””|
|deny_file|””|
|dsa_cert_file|””|
|dsa_private_key_file|””|
|email_password_file|”/etc/vsftpd.email_passwords”|
|ftp_username|”ftp”|
|ftpd_banner|””|
|guest_username|”ftp”|
|hide_file|””|
|listen_address|””|
|listen_address6|””|
|local_root|””|
|message_file|”.message”|
|nopriv_user|”nobody”|
|pam_service_name|”ftp”|
|pasv_address|””|
|rsa_cert_file|”/usr/share/ssl/certs/vsftpd.pem”|
|rsa_private_key_file|””|
|secure_chroot_dir|”/usr/share/empty”|
|ssl_ciphers|”DES-CBC3-SHA”|
|user_config_dir|””|
|user_sub_token|””|
|userlist_file|”/etc/vsftpd.user_list”|
|vsftpd_log_file|”/var/log/vsftpd.log”|
|xferlog_file|”/var/log/xferlog”|

internal (please don’t change)

VSFTPD Configuration (click me)

Additional Informations

Bug Windows

pasv_address => set to ip for windows usage
(thanks to onjin@git)[https://github.com/onjin/docker-alpine-vsftpd]
Example Mount: ftp://1.2.3.4:10021

FAQ

seccomp_sandbox=NO ? (500 OOPS: 500 OOPS: child died)[https://bugzilla.redhat.com/show_bug.cgi?id=845980]
anonymous_enable=YES ? Username: anonymous
allow_writeable_chroot=NO & chroot_local_user=NO? 500 OOPS: vsftpd: refusing to run with writable root inside chroot
pasv_enable=YES ? Data Connection
write_enable=YES ? any FTP command allowed
passwd_chroot_enable=YES ? jail is per user, derived from home path “.”
local_enable=YES ? Local Accounts can use ftp connections
local_umask ? Permissions