bla

srcs/requirements/adminer/srcs/start.sh

@@ -1,3 +0,0 @@
-#!/bin/sh
-telegraf &
-pure-ftpd -p 21000:21000

srcs/requirements/adminer/srcs/vsftpd.conf

@@ -1,11 +0,0 @@
-listen=YES
-local_enable=YES
-xferlog_enable=YES
-connect_from_port_20=YES
-pam_service_name=vsftpd
-seccomp_sandbox=NO
-write_enable=YES
-secure_chroot_dir=/var/empty
-anonymous_enable=YES
-anon_root=/srv/ftp
-no_anon_password=YES

srcs/requirements/ftp/Dockerfile

@@ -2,13 +2,11 @@ FROM alpine
 RUN sleep 10
 RUN apk update
 RUN apk add openssl
-RUN apk add pure-ftpd --repository http://dl-3.alpinelinux.org/alpine/edge/testing/ --allow-untrusted
+RUN apk add pure-ftpd
-#RUN apk add vsftpd
-#COPY srcs/start.sh /root/start.sh
-#COPY srcs/vsftpd.conf /etc/vsftpd/vsftpd.conf
 WORKDIR /root/
+COPY srcs/pure-ftpd.conf /etc/pure-ftp.conf
 RUN adduser --disabled-password admin
 RUN echo "admin:password" | chpasswd
-CMD pure-ftpd -p 21000:21000
+CMD pure-ftpd /etc/pure-ftp.conf
 EXPOSE 21/tcp
 EXPOSE 21000/tcp

srcs/requirements/ftp/srcs/pure-ftpd.conf

@@ -0,0 +1,466 @@
+############################################################
+#                                                          #
+#             Configuration file for pure-ftpd             #
+#                                                          #
+############################################################
+
+# If you want to run Pure-FTPd with this configuration
+# instead of command-line options, please run the
+# following command :
+#
+# ${exec_prefix}/sbin/sbin/pure-ftpd /etc/pure-ftpd.conf
+#
+# Online documentation:
+# https://www.pureftpd.org/project/pure-ftpd/doc
+
+
+# Restrict users to their home directory
+
+ChrootEveryone               yes
+
+
+
+# If the previous option is set to "no", members of the following group
+# won't be restricted. Others will be. If you don't want chroot()ing anyone,
+# just comment out ChrootEveryone and TrustedGID.
+
+# TrustedGID                   100
+
+
+
+# Turn on compatibility hacks for broken clients
+
+BrokenClientsCompatibility   no
+
+
+
+# Maximum number of simultaneous users
+
+MaxClientsNumber             50
+
+
+
+# Run as a background process
+
+Daemonize                    yes
+
+
+
+# Maximum number of simultaneous clients with the same IP address
+
+MaxClientsPerIP              8
+
+
+
+# If you want to log all client commands, set this to "yes".
+# This directive can be specified twice to also log server responses.
+
+VerboseLog                   no
+
+
+
+# List dot-files even when the client doesn't send "-a".
+
+DisplayDotFiles              yes
+
+
+
+# Disallow authenticated users - Act only as a public FTP server.
+
+AnonymousOnly                no
+
+
+
+# Disallow anonymous connections. Only accept authenticated users.
+
+NoAnonymous                  no
+
+
+
+# Syslog facility (auth, authpriv, daemon, ftp, security, user, local*)
+# The default facility is "ftp". "none" disables logging.
+
+SyslogFacility               ftp
+
+
+
+# Display fortune cookies
+
+# FortunesFile                 /usr/share/fortune/zippy
+
+
+
+# Don't resolve host names in log files. Recommended unless you trust
+# reverse host names, and don't care about DNS resolution being possibly slow.
+
+DontResolve                  yes
+
+
+
+# Maximum idle time in minutes (default = 15 minutes)
+
+MaxIdleTime                  15
+
+
+
+# LDAP configuration file (see README.LDAP)
+
+# LDAPConfigFile               /etc/pureftpd-ldap.conf
+
+
+
+# MySQL configuration file (see README.MySQL)
+
+# MySQLConfigFile              /etc/pureftpd-mysql.conf
+
+
+# PostgreSQL configuration file (see README.PGSQL)
+
+# PGSQLConfigFile              /etc/pureftpd-pgsql.conf
+
+
+# PureDB user database (see README.Virtual-Users)
+
+# PureDB                       /etc/pureftpd.pdb
+
+
+# Path to pure-authd socket (see README.Authentication-Modules)
+
+# ExtAuth                      /var/run/ftpd.sock
+
+
+
+# If you want to enable PAM authentication, uncomment the following line
+
+# PAMAuthentication            yes
+
+
+
+# If you want simple Unix (/etc/passwd) authentication, uncomment this
+
+# UnixAuthentication           yes
+
+
+
+# Please note that LDAPConfigFile, MySQLConfigFile, PAMAuthentication and
+# UnixAuthentication can be used specified once, but can be combined
+# together. For instance, if you use MySQLConfigFile, then UnixAuthentication,
+# the SQL server will be used first. If the SQL authentication fails because the
+# user wasn't found, a new attempt will be done using system authentication.
+# If the SQL authentication fails because the password didn't match, the
+# authentication chain stops here. Authentication methods are chained in
+# the order they are given.
+
+
+
+# 'ls' recursion limits. The first argument is the maximum number of
+# files to be displayed. The second one is the max subdirectories depth.
+
+LimitRecursion               10000 8
+
+
+
+# Are anonymous users allowed to create new directories?
+
+AnonymousCanCreateDirs       no
+
+
+
+# If the system load is greater than the given value, anonymous users
+# aren't allowed to download.
+
+MaxLoad                      4
+
+
+
+# Port range for passive connections - keep it as broad as possible.
+
+# PassivePortRange             21000 21000
+
+
+
+# Force an IP address in PASV/EPSV replies. - for NAT.
+# Symbolic host names are also accepted for gateways with dynamic IP
+# addresses.
+
+# ForcePassiveIP               192.168.0.1
+
+
+
+# Upload/download ratio for anonymous users.
+
+# AnonymousRatio               1 10
+
+
+
+# Upload/download ratio for all users.
+# This directive supersedes the previous one.
+
+# UserRatio                    1 10
+
+
+
+# Disallow downloads of files owned by the "ftp" system user;
+# files that were uploaded but not validated by a local admin.
+
+AntiWarez                    yes
+
+
+
+# IP address/port to listen to (default=all IP addresses, port 21).
+
+# Bind                         127.0.0.1,21
+
+
+
+# Maximum bandwidth for anonymous users in KB/s
+
+# AnonymousBandwidth           8
+
+
+
+# Maximum bandwidth for *all* users (including anonymous) in KB/s
+# Use AnonymousBandwidth *or* UserBandwidth, not both.
+
+# UserBandwidth                8
+
+
+
+# File creation mask. <umask for files>:<umask for dirs> .
+# 177:077 if you feel paranoid.
+
+Umask                        133:022
+
+
+
+# Minimum UID for an authenticated user to log in.
+# For example, a value of 100 prevents all users whose user id is below
+# 100 from logging in. If you want "root" to be able to log in, use 0.
+
+MinUID                       100
+
+
+
+# Allow FXP transfers for authenticated users.
+
+AllowUserFXP                 no
+
+
+
+# Allow anonymous FXP for anonymous and non-anonymous users.
+
+AllowAnonymousFXP            no
+
+
+
+# Users can't delete/write files starting with a dot ('.')
+# even if they own them. But if TrustedGID is enabled, that group
+# will exceptionally have access to dot-files.
+
+ProhibitDotFilesWrite        no
+
+
+
+# Prohibit *reading* of files starting with a dot (.history, .ssh...)
+
+ProhibitDotFilesRead         no
+
+
+
+# Don't overwrite files. When a file whose name already exist is uploaded,
+# it gets automatically renamed to file.1, file.2, file.3, ...
+
+AutoRename                   no
+
+
+
+# Prevent anonymous users from uploading new files (no = upload is allowed)
+
+AnonymousCantUpload          no
+
+
+
+# Only connections to this specific IP address are allowed to be
+# non-anonymous. You can use this directive to open several public IPs for
+# anonymous FTP, and keep a private firewalled IP for remote administration.
+# You can also only allow a non-routable local IP (such as 10.x.x.x) for
+# authenticated users, and run a public anon-only FTP server on another IP.
+
+# TrustedIP                    10.1.1.1
+
+
+
+# To add the PID to log entries, uncomment the following line.
+
+# LogPID                       yes
+
+
+
+# Create an additional log file with transfers logged in a Apache-like format :
+# fw.c9x.org - jedi [13/Apr/2017:19:36:39] "GET /ftp/linux.tar.bz2" 200 21809338
+# This log file can then be processed by common HTTP traffic analyzers.
+
+# AltLog                       clf:/var/log/pureftpd.log
+
+
+
+# Create an additional log file with transfers logged in a format optimized
+# for statistic reports.
+
+# AltLog                       stats:/var/log/pureftpd.log
+
+
+
+# Create an additional log file with transfers logged in the standard W3C
+# format (compatible with many HTTP log analyzers)
+
+# AltLog                       w3c:/var/log/pureftpd.log
+
+
+
+# Disallow the CHMOD command. Users cannot change perms of their own files.
+
+# NoChmod                      yes
+
+
+
+# Allow users to resume/upload files, but *NOT* to delete them.
+
+# KeepAllFiles                 yes
+
+
+
+# Automatically create home directories if they are missing
+
+# CreateHomeDir                yes
+
+
+
+# Enable virtual quotas. The first value is the max number of files.
+# The second value is the maximum size, in megabytes.
+# So 1000:10 limits every user to 1000 files and 10 MB.
+
+# Quota                        1000:10
+
+
+
+# If your pure-ftpd has been compiled with standalone support, you can change
+# the location of the pid file. The default is /var/run/pure-ftpd.pid
+
+# PIDFile                      /var/run/pure-ftpd.pid
+
+
+
+# If your pure-ftpd has been compiled with pure-uploadscript support,
+# this will make pure-ftpd write info about new uploads to
+# /var/run/pure-ftpd.upload.pipe so pure-uploadscript can read it and
+# spawn a script to handle the upload.
+# Don't enable this option if you don't actually use pure-uploadscript.
+
+# CallUploadScript             yes
+
+
+
+# This option is useful on servers where anonymous upload is
+# allowed. When the partition is more that percententage full,
+# new uploads are disallowed.
+
+MaxDiskUsage                   99
+
+
+
+# Set to 'yes' to prevent users from renaming files.
+
+# NoRename                     yes
+
+
+
+# Be 'customer proof': forbids common customer mistakes such as
+# 'chmod 0 public_html', that are valid, but can cause customers to
+# unintentionally shoot themselves in the foot.
+
+CustomerProof                yes
+
+
+
+# Per-user concurrency limits. Will only work if the FTP server has
+# been compiled with --with-peruserlimits.
+# Format is: <max sessions per user>:<max anonymous sessions>
+# For example, 3:20 means that an authenticated user can have up to 3 active
+# sessions, and that up to 20 anonymous sessions are allowed.
+
+# PerUserLimits                3:20
+
+
+
+# When a file is uploaded and there was already a previous version of the file
+# with the same name, the old file will neither get removed nor truncated.
+# The file will be stored under a temporary name and once the upload is
+# complete, it will be atomically renamed. For example, when a large PHP
+# script is being uploaded, the web server will keep serving the old version and
+# later switch to the new one as soon as the full file will have been
+# transferred. This option is incompatible with virtual quotas.
+
+# NoTruncate                   yes
+
+
+
+# This option accepts three values:
+# 0: disable SSL/TLS encryption layer (default).
+# 1: accept both cleartext and encrypted sessions.
+# 2: refuse connections that don't use the TLS security mechanism,
+#    including anonymous sessions.
+# Do _not_ uncomment this blindly. Double check that:
+# 1) The server has been compiled with TLS support (--with-tls),
+# 2) A valid certificate is in place,
+# 3) Only compatible clients will log in.
+
+# TLS                          1
+
+
+# Cipher suite for TLS sessions.
+# The default suite is secure and setting this property is usually
+# only required to *lower* the security to cope with legacy clients.
+# Prefix with -C: in order to require valid client certificates.
+# If -C: is used, make sure that clients' public keys are present on
+# the server.
+
+# TLSCipherSuite               HIGH
+
+
+
+# Certificate file, for TLS
+# The certificate itself and the keys can be bundled into the same
+# file or split into two files.
+# CertFile is for a cert+key bundle, CertFileAndKey for separate files.
+# Use only one of these.
+
+# CertFile                     /etc/ssl/private/pure-ftpd.pem
+# CertFileAndKey               "/etc/pure-ftpd.pem" "/etc/pure-ftpd.key"
+
+
+
+# Unix socket of the external certificate handler, for TLS
+
+# ExtCert                      /var/run/ftpd-certs.sock
+
+
+# Listen only to IPv4 addresses in standalone mode (ie. disable IPv6)
+# By default, both IPv4 and IPv6 are enabled.
+
+# IPV4Only                     yes
+
+
+
+# Listen only to IPv6 addresses in standalone mode (i.e. disable IPv4)
+# By default, both IPv4 and IPv6 are enabled.
+
+# IPV6Only                     yes
+
+
+
+# Append the content of another file, if the file exists.
+# If the file doesn't exist, the directive is ignored.
+# More files can be recursively included.
+
+# Include                      additional_configuration.conf

srcs/requirements/ftp/srcs/start.sh

@@ -1,2 +0,0 @@
-#!/bin/sh
-pure-ftpd -p 21000:21000

srcs/requirements/ftp/srcs/vsftpd.conf

@@ -1,30 +0,0 @@
-ftpd_banner=A very rigorous evaluator I might say.
-listen=YES
-anonymous_enable=NO
-local_enable=YES
-write_enable=YES
-local_umask=022
-dirmessage_enable=YES
-xferlog_enable=YES
-xferlog_std_format=YES
-chroot_local_user=YES
-allow_writeable_chroot=YES
-pam_service_name=vsftpd
-tcp_wrappers=YES
-rsa_cert_file=/etc/ssl/private/vsftpd.crt
-rsa_private_key_file=/etc/ssl/private/vsftpd.key
-ssl_enable=YES
-allow_anon_ssl=NO
-force_local_data_ssl=YES
-force_local_logins_ssl=YES
-ssl_tlsv1=YES
-ssl_sslv2=NO
-ssl_sslv3=NO
-require_ssl_reuse=NO
-ssl_ciphers=HIGH
-#pasv_address=127.0.0.1
-#pasv_addr_resolve=NO
-pasv_enable=YES
-pasv_min_port=21000
-pasv_max_port=21000
-port_enable=YES

srcs/requirements/redis/srcs/start.sh

@@ -1,3 +0,0 @@
-#!/bin/sh
-telegraf &
-pure-ftpd -p 21000:21000

srcs/requirements/redis/srcs/vsftpd.conf

@@ -1,11 +0,0 @@
-listen=YES
-local_enable=YES
-xferlog_enable=YES
-connect_from_port_20=YES
-pam_service_name=vsftpd
-seccomp_sandbox=NO
-write_enable=YES
-secure_chroot_dir=/var/empty
-anonymous_enable=YES
-anon_root=/srv/ftp
-no_anon_password=YES