0
点赞
收藏
分享

微信扫一扫

Docker Compose 构建 vsftpd

正义的杰克船长 2022-04-05 阅读 177
docker

vsftpd

创建目标文件夹

cd /usr/local
mkdir docker
cd docker
mkdir vsftpd
cd vsftpd

创建docker-compose.yml

内容如下:

version: '3.1'
services:
  #服务名称
  ftp:
    #容器名称
    container_name: ftp
    #镜像名称
    image:  docker.io/fauria/vsftpd
    #总是重启后启动
    restart: always
    #端口映射
    ports:
      - "21:21"
      - "20:20"
      - "55540-55550:55540-55550"
    #挂载
    volumes:
      - ./data:/home/vsftpd/ycq
      - ./conf/vsftpd.conf:/etc/vsftpd/vsftpd.conf
    #环境变量
    environment:
      - FTP_USER=ycq
      - FTP_PASS=123456
      - PASV_ADDRESS=#宿主机IP
      - PASV_MIN_PORT=55540
      - PASV_MAX_PORT=55550

创建配置vsftpd.conf

# Run in the foreground to keep the container running:
background=NO

# Allow anonymous FTP? (Beware - allowed by default if you comment this out).
anonymous_enable=NO

# Uncomment this to allow local users to log in.
local_enable=YES

## Enable virtual users
guest_enable=YES

## Virtual users will use the same permissions as anonymous
virtual_use_local_privs=YES

# Uncomment this to enable any form of FTP write command.
write_enable=YES

## PAM file name
pam_service_name=vsftpd_virtual

## Home Directory for virtual users
user_sub_token=$USER
local_root=/home/vsftpd/$USER

# You may specify an explicit list of local users to chroot() to their home
# directory. If chroot_local_user is YES, then this list becomes a list of
# users to NOT chroot().
chroot_local_user=YES

# Workaround chroot check.
# See https://www.benscobie.com/fixing-500-oops-vsftpd-refusing-to-run-with-writable-root-inside-chroot/
# and http://serverfault.com/questions/362619/why-is-the-chroot-local-user-of-vsftpd-insecure
allow_writeable_chroot=YES

## Hide ids from user
hide_ids=YES

## Enable logging
xferlog_enable=YES
xferlog_file=/var/log/vsftpd/vsftpd.log

## Enable active mode
port_enable=YES
connect_from_port_20=YES
ftp_data_port=20

##?Disable seccomp filter sanboxing
seccomp_sandbox=NO
pasv_addr_resolve=YES
pasv_enable=YES
pasv_address=##宿主机IP
pasv_max_port=55550
pasv_min_port=55540
idle_session_timeout=0
pasv_enable=YES
xferlog_std_format=NO
reverse_lookup_enable=YES
pasv_promiscuous=NO
pasv_address=##宿主机IP
pasv_max_port=55550
pasv_min_port=55540
pasv_addr_resolve=YES
pasv_enable=YES
file_open_mode=0666
local_umask=077
xferlog_std_format=NO
reverse_lookup_enable=YES
pasv_promiscuous=NO
port_promiscuous=NO
举报

相关推荐

0 条评论