script for adding, all data under one folder

.gitignore

@@ -1,3 +1,4 @@
+data/
 home/
 users/
 sshd_config/

Makefile

@@ -0,0 +1,21 @@
+
+
+service-up:
+	docker-compose up --build -d -t 1
+
+service-logs:
+	docker-compose logs -f -t
+
+service-force-restart:
+	docker-compose build
+	docker-compose up -d --force-recreate -t 1
+	docker-compose logs -f -t
+
+service-down:
+	docker-compose down -t 1
+
+service-bash:
+	docker-compose exec ssh-ftp-server bash
+
+update-users:
+	docker-compose exec ssh-ftp-server update_users.sh

build/run.sh

@@ -1,7 +1,6 @@
 #!/bin/bash
-set -e
-set -x
-set -u
+set -exu
+shopt -s nullglob
 basedir=/var/ssh-box/
 test -f "$basedir"/ssh-cache/ssh_host_rsa_key || {
     ssh-keygen -A
@@ -19,12 +18,15 @@ Subsystem sftp /usr/lib/ssh/sftp-server -u 002
 EOF
     rsync -va /etc/ssh/ "$basedir"/ssh-cache/
 }
-mkdir -p "$basedir"/users
+mkdir -p "$basedir"/users "$basedir"/ssh-cache "$basedir"/home
 rsync -va --del "$basedir"/ssh-cache/ /etc/ssh/
-chown -R $USR "$basedir"
+chown -R $USR "$basedir"/users "$basedir"/ssh-cache
 chown -R root:root /etc/ssh/
 chmod 0644 /etc/ssh/*
 chmod 0600 /etc/ssh/*key
+chmod 0700 "$basedir"/ssh-cache/ "$basedir"/users/
+chmod 0600 "$basedir"/ssh-cache/*
+chmod 0711 "$basedir"
 
 if getent group box; then
   echo Group already added
@@ -32,8 +34,10 @@ else
   groupadd -g $GRP box
 fi
 
-chown root:root /home
-chmod 0755 /home
+rmdir /home
+chown root:root "$basedir"/home
+chmod 0711 "$basedir"/home
+ln -sfT "$basedir"/home /home
 
 touch /tmp/empty_keys
 chmod 0200 /tmp/empty_keys

build/update_users.sh

@@ -39,5 +39,7 @@ for file in *; do
   rm -f "/home/$user/.ssh/authorized_keys"
   chown -R "$user":box "/home/$user/data"
   chmod -R u+rwX,g+rwX,o+X "/home/$user/data"
+  chmod 0600 "$file"
+  chown $USR "$file"
 done
-
+chmod 0700 /var/ssh-box/users

docker-compose.yaml

@@ -8,7 +8,6 @@ services:
     ports:
       - "0.0.0.0:${EXPOSE}:22"
     volumes:
-      - ./home/:/home/
       - ./data/:/var/ssh-box/
     environment:
       - USR=${USR}

run.sh

@@ -1,2 +0,0 @@
-#!/bin/bash
-docker-compose up --build -d -t 1

test-run.sh

@@ -1,5 +0,0 @@
-#!/bin/bash
-set -e
-docker-compose build
-docker-compose up -d --force-recreate -t 1
-docker-compose logs -f -t

update-users.sh

@@ -1,3 +0,0 @@
-#!/bin/bash
-set -e
-docker-compose exec ssh-ftp-server update_users.sh

user-add

@@ -0,0 +1,28 @@
+#!/bin/bash
+set -eu
+echo Existing users
+ls -1 data/users/
+
+plusone=$( ls -1 data/users | sed 's/-.*//' | tail -n 1 )
+if [[ -z "$plusone" ]]; then
+  plusone=2000
+fi
+plusone=$(( plusone + 1 ))
+
+echo Add user, select UID
+read -e -i $plusone new_uid
+echo Type username
+read -e new_user
+
+echo data/users/"${new_uid}-${new_user}"
+echo Edit authorized_keys, or break process
+read foo
+
+eval ${EDITOR:- vim} data/users/"${new_uid}-${new_user}"
+
+
+if test -s data/users/"${new_uid}-${new_user}"; then
+    echo Running user update
+    make update-users
+fi
+