From 1c3b90c4cd22c14a7eaee7883696fcc0d8a83678 Mon Sep 17 00:00:00 2001 From: Michel Jung Date: Sat, 18 Sep 2021 13:02:56 +0200 Subject: [PATCH] Add SCP server for uploading client files Fixes #180 --- .../faf-client-upload/authorized_keys | 0 .../faf-client-upload/faf-client-upload.env | 2 ++ config.template/faf-traefik/traefik.yml | 2 ++ docker-compose.yml | 24 +++++++++++++++++++ 4 files changed, 28 insertions(+) create mode 100644 config.template/faf-client-upload/authorized_keys create mode 100644 config.template/faf-client-upload/faf-client-upload.env diff --git a/config.template/faf-client-upload/authorized_keys b/config.template/faf-client-upload/authorized_keys new file mode 100644 index 00000000..e69de29b diff --git a/config.template/faf-client-upload/faf-client-upload.env b/config.template/faf-client-upload/faf-client-upload.env new file mode 100644 index 00000000..ef4372a7 --- /dev/null +++ b/config.template/faf-client-upload/faf-client-upload.env @@ -0,0 +1,2 @@ +SSH_USERS=data:1000:1000 +RSYNC_MODE=true diff --git a/config.template/faf-traefik/traefik.yml b/config.template/faf-traefik/traefik.yml index 3b41f779..29cc5c59 100644 --- a/config.template/faf-traefik/traefik.yml +++ b/config.template/faf-traefik/traefik.yml @@ -8,6 +8,8 @@ entryPoints: address: ":80" web-secure: address: ":443" + client-upload: + address: ":8022" # Listen for changes on docker and the dynamic configuration file providers: diff --git a/docker-compose.yml b/docker-compose.yml index 7b035c95..a2c4e5f6 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -428,6 +428,30 @@ services: - "traefik.http.routers.faf-user-service.tls.certresolver=default" - "traefik.http.services.faf-user-service.loadbalancer.server.port=8080" + # + # An SCP server that allows uploading client update files via rsync. Example command: + # + # rsync -avz -e "ssh -p 8022" /build/client/ data@client-upload.faforever.com:client + # + faf-client-upload: + container_name: faf-client-upload + image: panubo/sshd@sha256:4be2259311faba55fe9aa5bcac7ae5a3766c8dc64c71af45c0c002d48743e7d9 + networks: + faf: + aliases: + - "faf-client-upload" + restart: unless-stopped + volumes: + - ./data/content/client:/home/data/client + - ./config/faf-client-upload/authorized_keys:/etc/authorized_keys/data:ro + env_file: ./config/faf-client-upload/faf-client-upload.env + labels: + - "traefik.enable=true" + - "traefik.tcp.routers.faf-client-upload.rule=HostSNI(`*`)" + - "traefik.tcp.routers.faf-client-upload.entryPoints=client-upload" + - "traefik.tcp.routers.faf-client-upload.service=faf-client-upload" + - "traefik.tcp.services.faf-client-upload.loadbalancer.server.port=22" + networks: faf: driver: bridge