Docker SFTP server, part 2

calendar April 20, 2021 nav_categories Tech nav_categories Networking nav_tags docker nav_tags nas nav_tags networking nav_tags nfs nav_tags sftp

I needed a quick SFTP server, and did a short post about it previously.

However, I wanted the ability to run a Docker container that wasn't on my NAS, so I had to mount the NFS share from within Docker.

Using this Docker composer file did the trick:

version: "3.2"

services:
  sftp:
    image: atmoz/sftp
    container_name: sftpserver
    volumes:
      - files:/home/bob
    ports:
      - "2223:22"
    command: bob:bobspassword:1001

volumes:
  files:
    driver: local
    driver_opts:
      type: nfs
      o: nfsvers=2,addr=192.168.1.10,rw
      device: ":/mnt/VD01/files2share"

It took a while to figure out the syntax of the NFS share as part of the compose file, and ran into a NFS version issue.

docker-compose -f ./sftp.yaml up -d
Creating volume "tom_files" with local driver
Creating sftpserver . . . error

ERROR: for sftpserver  Cannot start service sftp: error while mounting volume '/var/snap/docker/common/var-lib-docker/volumes/tom_files/_data': failed to mount local volume: mount :/mnt/VD01/files2share:/var/snap/docker/common/var-lib-docker/volumes/tom_files/_data, data: nfsvers=4,addr=192.168.1.10: protocol not supported
ERROR: Encountered errors while bringing up the project.

Turns out my NAS only supports NFSv2, but I was specifying NFSv4 in the composer file:

rpcinfo 192.168.1.10 | egrep 'service|nfs'
   program version netid     address                service    owner
    100003    2    tcp       0.0.0.0.8.1            nfs        superuser
    100003    3    tcp       0.0.0.0.8.1            nfs        superuser

Once I changed the ‘nfsvers' from 4 to 2 (correct version posed on line 18 in the composer file above), the Docker container was created without issue:

docker-compose -f ./sftp.yaml up -d
Creating volume "tom_files" with local driver
Creating tom_sftp_1 . . . done

Testing the SFTP server connectivity and correct mapping of the NFS share:

sftp -P 2223 bob@192.168.1.61
The authenticity of host '[192.168.1.61]:2223 ([192.168.1.61]:2223)' can't be established.
ED25519 key fingerprint is SHA256:im7sBSrk9TnGiqDj5T0Jz8XXLprzeiJ4goX+j/rIxcc.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '[192.168.1.61]:2223' (ED25519) to the list of known hosts.
bob@192.168.1.61's password:
Connected to 192.168.1.61.
sftp> ls
testfile1	testfile2
sftp> exit