SftpGo是一款高性能、功能齊全、易用可配置的一款sftp server 服務,基於go開發。目前在linux、macos下均可以穩定運行(windows個人未測試)。數據可以持久化到主流的數據庫,諸如Mysql、PostgreSQL、Sqlilte.
sftpgo主要組成
- 服務端主程序: sftpgosever
- cli腳本: sftpcli
數據目錄
- conf存儲服務配置文件
- data創建sftp用戶目錄
- backups存儲應用備份數據
本次基於k8s運行服務、mysql5.7做持久化存儲、騰訊雲NFS服務做數據目錄、configmap掛載配置文件、nginx stream提供域名映射tcp訪問
構建鏡像
直接拉取
<code>docker pull taylordang/sftpgo:v1.0/<code>
本地基於Dockerfile構建
<code>查看具體文檔: [https://github.com/dtcka/sftpgo/tree/master/docker/sftpgo/alpine](https://github.com/dtcka/sftpgo/tree/master/docker/sftpgo/alpine)/<code>
構建腳手架
<code>構建腳本: [https://github.com/dtcka/sftpgo/blob/master/docker/rest-api-cli/Dockerfile](https://github.com/dtcka/sftpgo/blob/master/docker/rest-api-cli/Dockerfile)/<code>
標準配置文件
<code>{
"sftpd": {
"bind_port": 2022,
"bind_address": "0.0.0.0",
"idle_timeout": 15,
"max_auth_tries": 0,
"umask": "0022",
"banner": "",
"upload_mode": 0,
"actions": {
"execute_on": [],
"command": "",
"http_notification_url": ""
},
"keys": [],
"kex_algorithms": [],
"ciphers": [],
"macs": [],
"login_banner_file": "",
"setstat_mode": 0,
"enabled_ssh_commands": [
"md5sum",
"sha1sum",
"cd",
"pwd",
"scp"
],
"keyboard_interactive_auth_program": "",
"proxy_protocol": 0,
"proxy_allowed": []
},
"data_provider": {
"driver": "mysql",
"name": "sftpgo",
"host": "xxxxxx",
"port": 9999,
"username": "sftpgo",
"password": "xxxxx",
"sslmode": 0,
"connection_string": "",
"users_table": "users",
"manage_users": 1,
"track_quota": 2,
"pool_size": 0,
"users_base_dir": "",
"actions": {
"execute_on": [],
"command": "",
"http_notification_url": ""
},
"external_auth_program": "",
"external_auth_scope": 0,
"credentials_path": "credentials",
"pre_login_program": ""
},
"httpd": {
"bind_port": 8080,
"bind_address": "0.0.0.0",
"templates_path": "templates",
"static_files_path": "static",
"backups_path": "backups",
"auth_user_file": "",
"certificate_file": "",
"certificate_key_file": ""
}
}/<code>運行應用
以上服務配置準備完成之後,運行容器會在數據庫中自動生成對應的表
提供服務外部入庫
1. 設置內網服務入口
<code>apiVersion: v1 kind: Service metadata: name: sftpgo namespace: sftp spec: clusterIP: xxxx externalTrafficPolicy: Cluster ports: - name: 8080-8080-tcp nodePort: 31807 port: 8080 protocol: TCP targetPort: 8080 - name: 2022-2022-tcp nodePort: 30865 port: 2022 protocol: TCP targetPort: 2022 selector: k8s-app: sftpgo qcloud-app: sftpgo sessionAffinity: None type: LoadBalancer status: loadBalancer: ingress: - ip: xxxx/<code>
2. 設置外部服務入口
- nginx配置文件 ``` apiVersion: v1 data: nginx.conf: |- user nginx; worker_processes auto; error_log /var/log/nginx/error.log warn; pid /var/run/nginx.pid; events { worker_connections 1024; } stream { server { listen 2022; proxy_pass sftpgo服務對應的內網ip:2022; } } kind: ConfigMap metadata: name: tcp-config namespace: sftp
<code> ##### 3.測試下服務狀態以及數據目錄權限 
測試ok:數據權限UID GID需要設置為1003.
##### 4. 設置域名解析到nginx的externalIps即可實現域名訪問  ---
附:/<code>
sftpgo服務源碼:https://github.com/dtcka/sftpgo/tree/master/docker/sftpgo/alpine sftpgo容器相關鏡像:https://hub.docker.com/repository/docker/taylordang/sftpgo sftpgo腳手架:https://hub.docker.com/repository/docker/taylordang/sftp-api-cli
```
本文由博客一文多發平臺 OpenWrite 發佈!
分享到:
