5 changed files with 38 additions and 19 deletions
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@ -11,14 +11,14 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: Check out the codebase.
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
      - name: Install hadolint.
        run: |
          sudo curl -L https://github.com/hadolint/hadolint/releases/download/v$HADOLINT_VERSION/hadolint-$(uname -s)-$(uname -m) -o /usr/local/bin/hadolint
          sudo chmod 755 /usr/local/bin/hadolint
        env:
-          HADOLINT_VERSION: 2.8.0
+          HADOLINT_VERSION: 2.12.0
      - name: Run hadolint.
        run: |
@ -30,7 +30,7 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: Check out the codebase.
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
      - name: Find an open port.
        run: |
@ -63,12 +63,15 @@ jobs:
        with:
          image-ref: ${{ github.repository }}:${{ github.run_id }}
          exit-code: '1'
          skip-files: '/etc/ssl/certs/vsftpd.pem'
          severity: 'CRITICAL,HIGH'
      - name: Run Trivy vulnerability scanner.
        uses: aquasecurity/trivy-action@master
        with:
          image-ref: ${{ github.repository }}:nossl
          exit-code: '1'
          severity: 'CRITICAL,HIGH'
  deploy:
    if: startsWith(github.ref, 'refs/tags/v')
@ -84,7 +87,7 @@ jobs:
          echo ::set-output name=VERSION::${TAG%-*}
      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v1
+        uses: docker/setup-buildx-action@v2
      - name: Login to Quay
        uses: docker/login-action@v1
@ -94,7 +97,7 @@ jobs:
          password: ${{ secrets.QUAY_PASSWORD }}
      - name: Push to Quay
-        uses: docker/build-push-action@v2
+        uses: docker/build-push-action@v3
        with:
          file: ./Dockerfile
          pull: true
@ -108,7 +111,7 @@ jobs:
          VERSION: ${{ steps.get_version.outputs.VERSION }}
      - name: Push nossl to Quay
-        uses: docker/build-push-action@v2
+        uses: docker/build-push-action@v3
        with:
          file: ./Dockerfile_nossl
          pull: true
--- a/4
+++ b/4
@ -1,8 +1,8 @@
-FROM alpine:3.15.0
+FROM alpine:3.18.4
 LABEL maintainer="Amin Vakil <info@aminvakil.com>"
-RUN apk --no-cache add vsftpd=3.0.5-r1
+RUN apk --no-cache add vsftpd=3.0.5-r2
 COPY vsftpd.pem /etc/ssl/certs/vsftpd.pem
 COPY start_vsftpd.sh /usr/local/bin/start_vsftpd.sh
--- a/4
+++ b/4
@ -1,8 +1,8 @@
-FROM alpine:3.15.0
+FROM alpine:3.18.4
 LABEL maintainer="Amin Vakil <info@aminvakil.com>"
-RUN apk --no-cache add vsftpd=3.0.5-r1
+RUN apk --no-cache add vsftpd=3.0.5-r2
 COPY start_vsftpd.sh /usr/local/bin/start_vsftpd.sh
 COPY vsftpd.conf_nossl /etc/vsftpd/vsftpd.conf
--- a/README.md
+++ b/README.md
@ -1,6 +1,16 @@
 # docker-alpine-ftp-server-tls
 Small and flexible docker image with vsftpd server with tls
 # Important Note
 I think upstream has made it more complicated than it needs to be since this commit and I'm not merging its commits anymore, although I cherry-pick some of them when I see fit.
 https://github.com/delfer/docker-alpine-ftp-server/commit/fbf9afd9368d63a225e093bae227fa878de46b2c
 Also for future reference this is the PR of this commit: https://github.com/delfer/docker-alpine-ftp-server/pull/36
 FOr further discussion about this you can use [this issue](https://github.com/aminvakil/docker-alpine-ftp-server-tls/issues/14).
 ## Usage
 ```
 docker run -d \
@ -14,9 +24,9 @@ docker run -d \
 ## Configuration
 Environment variables:
- `USERS` - space and `|` separated list (optional, default: `ftp|alpineftp`)
+- `USERS` - space and `|` separated list (optional, default: `alpineftp|alpineftp`)
  - format `name1|password1|[folder1][|uid1] name2|password2|[folder2][|uid2]`
- `ADDRESS` - external address witch clients can connect passive ports (optional)
+- `ADDRESS` - external address to which clients can connect for passive ports (optional, should resolve to ftp server ip address)
 - `MIN_PORT` - minimum port number to be used for passive connections (optional, default `21000`)
 - `MAX_PORT` - maximum port number to be used for passive connections (optional, default `21010`)
--- a/start_vsftpd.sh
+++ b/start_vsftpd.sh
@ -1,6 +1,6 @@
 #!/bin/sh
 #Remove all ftp users
-#grep '/ftp/' /etc/passwd | cut -d':' -f1 | xargs -n1 deluser
+grep '/ftp/' /etc/passwd | cut -d':' -f1 | xargs -r -n1 deluser
 #Create users
 #USERS='name1|password1|[folder1][|uid1] name2|password2|[folder2][|uid2]'
@ -14,11 +14,12 @@
 #Default user 'ftp' with password 'alpineftp'
 if [ -z "$USERS" ]; then
-  USERS="amin|alpineftp"
+  USERS="alpineftp|alpineftp"
 fi
 for i in $USERS ; do
  NAME=$(echo $i | cut -d'|' -f1)
  GROUP=$NAME
  PASS=$(echo $i | cut -d'|' -f2)
  FOLDER=$(echo $i | cut -d'|' -f3)
  UID=$(echo $i | cut -d'|' -f4)
@ -29,11 +30,16 @@ for i in $USERS ; do
  if [ ! -z "$UID" ]; then
    UID_OPT="-u $UID"
    #Check if the group with the same ID already exists
    GROUP=$(getent group $UID | cut -d: -f1)
    if [ ! -z "$GROUP" ]; then
      GROUP_OPT="-G $GROUP"
    fi
  fi
-  echo -e "$PASS\n$PASS" | adduser -h $FOLDER -s /sbin/nologin $UID_OPT $NAME
+  echo -e "$PASS\n$PASS" | adduser -h $FOLDER -s /sbin/nologin $UID_OPT $GROUP_OPT $NAME
  mkdir -p $FOLDER
-  chown $NAME:$NAME $FOLDER
+  chown $NAME:$GROUP $FOLDER
  unset NAME PASS FOLDER UID
 done