sftpgo/docker
Nicola Murino d812c86812
docker: push images to GHCR too
use numeric id for user inside Dockerfile
2020-10-18 19:18:51 +02:00
..
rest-api-cli remove py extension from REST API CLI 2020-10-08 16:02:04 +02:00
sftpgo Linux pkgs: move data directory to /srv/sftpgo 2020-10-14 22:25:58 +02:00
README.md docker: push images to GHCR too 2020-10-18 19:18:51 +02:00

Official Docker image

SFTPGo provides an official Docker image, it is available on both Docker Hub and on GitHub Container Registry.

How to use the SFTPGo image

Start a sftpgo server instance

Starting a SFTPGo instance is simple:

docker run --name some-sftpgo -p 127.0.0.1:8080:8080 -p 2022:2022 -d "drakkan/sftpgo:tag"

... where some-sftpgo is the name you want to assign to your container, and tag is the tag specifying the SFTPGo version you want. See the list above for relevant tags.

Now visit http://localhost:8080/ and create a new SFTPGo user. The SFTP service is available on port 2022.

Container shell access and viewing SFTPGo logs

The docker exec command allows you to run commands inside a Docker container. The following command line will give you a bash shell inside your sftpgo container:

docker exec -it some-sftpgo bash

The logs are available through Docker's container log:

docker logs some-sftpgo

Where to Store Data

Important note: There are several ways to store data used by applications that run in Docker containers. We encourage users of the SFTPGo images to familiarize themselves with the options available, including:

  • Let Docker manage the storage for SFTPGo data by writing them to disk on the host system using its own internal volume management. This is the default and is easy and fairly transparent to the user. The downside is that the files may be hard to locate for tools and applications that run directly on the host system, i.e. outside containers.
  • Create a data directory on the host system (outside the container) and mount this to a directory visible from inside the container. This places the SFTPGo files in a known location on the host system, and makes it easy for tools and applications on the host system to access the files. The downside is that the user needs to make sure that the directory exists, and that e.g. directory permissions and other security mechanisms on the host system are set up correctly. The SFTPGo images run using 1000 as uid and gid.

The Docker documentation is a good starting point for understanding the different storage options and variations, and there are multiple blogs and forum postings that discuss and give advice in this area. We will simply show the basic procedure here for the latter option above:

  1. Create a data directory on a suitable volume on your host system, e.g. /my/own/sftpgodata.
  2. Create a home directory for the sftpgo container user on your host system e.g. /my/own/sftpgohome.
  3. Start your SFTPGo container like this:
docker run --name some-sftpgo \
    -p 127.0.0.1:8080:8090 \
    -p 2022:2022 \
    --mount type=bind,source=/my/own/sftpgodata,target=/srv/sftpgo \
    --mount type=bind,source=/my/own/sftpgohome,target=/var/lib/sftpgo \
    -e SFTPGO_HTTPD__BIND_PORT=8090 \
    -d "drakkan/sftpgo:tag"

As you can see SFTPGo uses two volumes:

  • /srv/sftpgo to handle persistent data. The default home directory for SFTP/FTP/WebDAV users is /srv/sftpgo/data/<username>. Backups are stored in /srv/sftpgo/backups
  • /var/lib/sftpgo is the home directory for the sftpgo system user defined inside the container. This is the container working directory too, host keys will be created here when using the default configuration.

Configuration

The runtime configuration can be customized via environment variables that you can set passing the -e option to the docker run command or inside the environment section if you are using docker stack deploy or docker-compose.

Please take a look here to learn how to configure SFTPGo via environment variables.

Alternately you can mount your custom configuration file to /var/lib/sftpgo or /var/lib/sftpgo/.config/sftpgo.

Image Variants

The sftpgo images comes in many flavors, each designed for a specific use case. The edge and edge-alpinetags are updated after each new commit.

sftpgo:<version>

This is the defacto image, it is based on Debian, available in the debian official image. If you are unsure about what your needs are, you probably want to use this one.

sftpgo:<version>-alpine

This image is based on the popular Alpine Linux project, available in the alpine official image. Alpine Linux is much smaller than most distribution base images (~5MB), and thus leads to much slimmer images in general.

This variant is highly recommended when final image size being as small as possible is desired. The main caveat to note is that it does use musl libc instead of glibc and friends, so certain software might run into issues depending on the depth of their libc requirements. However, most software doesn't have an issue with this, so this variant is usually a very safe choice. See this Hacker News comment thread for more discussion of the issues that might arise and some pro/con comparisons of using Alpine-based images.