From ca1ca39058c5d825a9eaa37306e181c024ead8d7 Mon Sep 17 00:00:00 2001
From: Frank Bischof <info@meer-web.nl>
Date: Wed, 3 Apr 2024 16:19:49 +0200
Subject: [PATCH] Initial checkin

---
 .gitignore |  4 +++
 README.md  | 12 +++++++++
 ftp.yml    | 71 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
 3 files changed, 87 insertions(+)
 create mode 100644 .gitignore
 create mode 100644 README.md
 create mode 100644 ftp.yml

diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..5dc588b
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,4 @@
+/data
+/data/*
+/ssh-rsa
+/ssh-rsa/*
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..50959be
--- /dev/null
+++ b/README.md
@@ -0,0 +1,12 @@
+## vsFTPd for Kubernetes
+### Settings
+You can create users under the configmap users value.\
+This is just a plaintext file where you can also use secrets for.\
+**Please note that now username:password is set which is VERY insecure!**\
+**Please remove this entry and add strong credentials!**
+
+The SSH-RSA key will be created when not existing.\
+This will be placed in the ssh-rsa folder.
+
+The service is listening on port 2022.\
+This can be configured in the service configuration.
diff --git a/ftp.yml b/ftp.yml
new file mode 100644
index 0000000..d5ef638
--- /dev/null
+++ b/ftp.yml
@@ -0,0 +1,71 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: ftp
+data:
+  # Key-value pairs can be added here
+  users: |
+    username:password
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: ftp
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: ftp
+  template:
+    metadata:
+      labels:
+        app: ftp
+    spec:
+      containers:
+      - name: ftp
+        image: timoreymann/chrooted-ftp
+        ports:
+        - containerPort: 2022
+        env:
+        - name: BANNER
+          value: "Welcome to my sFTP server!"
+        - name: USER_FTP_POSTFIX
+          value: "/data"
+        volumeMounts:
+        - name: data-volume
+          mountPath: /data
+        - name: ftp
+          mountPath: /opt/chrooted-ftp/users
+          subPath: users
+        - name: ssh-rsa
+          mountPath: /opt/chrooted-ftp/ssh_hostkeys
+        command: ["/bin/sh", "-c", "
+                    if [ ! -f /opt/chrooted-ftp/ssh_hostkeys/ssh_host_rsa_key ];
+                    then cd /opt/chrooted-ftp/ssh_hostkeys/ &&
+                    ssh-keygen -f ssh_host_rsa_key -t rsa -P ''; fi &&
+                    cd /opt/chrooted-ftp &&
+                    tini -- /entrypoint"]
+      volumes:
+      - name: data-volume
+        hostPath:
+          path: /home/wtfawk/k8s-ftp/data/
+      - name: ssh-rsa
+        hostPath:
+          path: /home/wtfawk/k8s-ftp/ssh-rsa
+      - name: ftp
+        configMap:
+          name: ftp
+          defaultMode: 0700
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: ftp-service
+spec:
+  selector:
+    app: ftp
+  ports:
+  - name: sftp
+    port: 2022
+    targetPort: 2022
+  type: NodePort