the

Dockerfile

@@ -0,0 +1,11 @@
+FROM docker.io/alpine:latest
+
+ADD banner.txt /etc/vsftpd/banner.txt
+ADD vsftpd.pem /etc/vsftpd/vsftpd.pem
+ADD vsftpd.key /etc/vsftpd/vsftpd.key
+ADD vsftpd.conf /etc/vsftpd/vsftpd.conf
+
+ADD setup.sh /setup.sh
+RUN /setup.sh
+CMD /usr/sbin/vsftpd /etc/vsftpd/vsftpd.conf
+#CMD sh

banner.txt

@@ -0,0 +1,2 @@
+I love piracy, stealing shit's my favorite thing!
+I wanna fuck it up and torrent the whole world!

readme.md

@@ -0,0 +1,18 @@
+# vsftpd-anon
+## A quick, anonymous ftp server docker image
+
+This image is meant for running something like a public read-only share. User accounts are _not_ supported and all data access is meant to be read only via ftp anonymous login.
+
+### Up-and-Running
+
+    docker run -d -p 20-21:20-21 -p 65500-65515:65500-65515 -v /tmp:/var/ftp:ro git.incest.world/ashley/vsftpd-anon
+
+### Runtime Configuration Options
+
+None, modify `/etc/vsftpd/vsftpd.conf` to configure and/or replace `/etc/vsftpd/vsftpd.key` and `/etc/vsftpd/vsftpd.pem` for SSL/TLS.
+
+### Notes
+
+*   Ensure you use _:ro_ at the end of your bind mount declaration!
+*   We utilize ftp passive mode so we can define the ports we need and not have to use `--net=host`. This is the preferred way to use ftp!
+*   You can find some great documentation on configuration options and other vsftpd information on the [Archwiki⁠](https://wiki.archlinux.org/index.php/Very_Secure_FTP_Daemon) and in the [man page⁠](https://security.appspot.com/vsftpd/vsftpd_conf.html)

setup.sh

@@ -0,0 +1,9 @@
+#!/usr/bin/env sh
+
+apk update && \
+apk upgrade && \
+apk add openssl vsftpd && \
+mkdir -p /var/ftp && \
+mkdir -p /var/run/vsftpd/empty && \
+chmod 777 /etc /etc/vsftpd /etc/vsftpd/vsftpd.pem /etc/vsftpd/vsftpd.key && \
+chown vsftp:ftp /etc/vsftpd/vsftpd.pem /etc/vsftpd/vsftpd.key

vsftpd.conf

@@ -0,0 +1,37 @@
+# Basic config
+listen=YES
+anonymous_enable=YES
+dirmessage_enable=YES
+use_localtime=YES
+connect_from_port_20=YES
+secure_chroot_dir=/var/run/vsftpd/empty
+write_enable=NO
+seccomp_sandbox=NO
+xferlog_std_format=NO
+log_ftp_protocol=YES
+anon_root=/var/ftp
+pasv_max_port=65515
+pasv_min_port=65500
+max_per_ip=0
+max_login_fails=0
+max_clients=0
+anon_max_rate=6250000
+banner_file=/etc/vsftpd/banner.txt
+
+# SSL
+ssl_enable=YES
+allow_anon_ssl=YES
+require_ssl_reuse=NO
+rsa_cert_file=/etc/vsftpd/vsftpd.pem
+rsa_private_key_file=/etc/vsftpd/vsftpd.key
+
+ssl_tlsv1=YES
+ssl_sslv2=NO
+ssl_sslv3=NO
+
+# Logging
+xferlog_enable=YES
+xferlog_std_format=NO
+log_ftp_protocol=YES
+#vsftpd_log_file=/var/log/vsftpd.log
+vsftpd_log_file=/proc/1/fd/1

vsftpd.key

@@ -0,0 +1,28 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCa3w8XoMKxfUo4
+fp+0cB7ue7hZj4M/mEtCsoC5Dt4GzEXDe0IwK1Cl5aXk+e7MBAAAQVMC59wgChy6
+HCmBCgz82825RarvqAF0/9+VPqwsu9nhK91CsVf58IF6OcaMDvx58ZtLHTU17Mol
+Ua8UVz71dvD2L8YlXWulu7STJmENhO6Fm4IFNKN1qo64397E1NDUT2u2XJEl39m5
+00L3uJ2W7KChdG5zum7fkFweMCG9OjfrlrS2V94Y0NTt/EYXinelzmEICgCQEBPo
+HPbzPc8vwnNWILfLd0hygxvDVOe4XPRQWVXBPXGR1+lFuEZYLxPg2ALcEVM1FD+D
+AqiPXwDFAgMBAAECggEAEFOlpqsG+2km8u++bGpJiIC4fZCYmJK4lG53DYtYssTE
+MgiDgMqANQ0RwSLsHsvpKB2635qL5UDLqH8hjP3/QoT1miuTCrLefHQhIP27bvfa
+z1cte0Nw7+N/8t+2Y7uMuFpVMcUBgA7XfLmwyGcuNvh0DLAapoPDvnQcZErufls0
+JXvMte2Ki5kIxAGl7lACBK+muMZRq/zVfys9X4sBXzqkPy3T5ld833d801FFR3Ns
+l/R4bzmM2FGJ/1dHG/081xiCxKBPzMGGPUVzPNALtkkB4UcP58cBNhLZDWU6tl4d
+Kf9dfXJwv0hhVVq2zECVL2aKYZvmT50TavQF2beqoQKBgQDWTD0SsvN1q/KrfKyJ
+zW6Y+ilc8ECV50qAUugEjnX9yJU9L3IHOcfxS3yWNTF200/YF/Kl3SYwFfF2DYRf
+50+3I5JdL4HBVArpR86ZYsqZ1P8ThrEXR8qzvNBRL82YlE/yHz5PDdHAY178aQxG
+Vd0JiwqcUb55sUwPNetNpdqqmQKBgQC5AljVJ0N+5GAFbwWl0VkWz+Wua4NOV983
+Fzo4kJi9JLYwk/v9eHEE3G26K+i/RCae/P1g7q949L229N/agbvG+w0406NkIwjM
+QmzN5kqnIeWkbA/NBWaDjR+AIKdIMJTJ3fBSqq3AKUe7oNRO5XqiZttgri4+gKe6
+no4BqSxvDQKBgB5+rtowWPDPzTKWBT9+2lQulSBCmA484Z8tLRMo6qV4m7QfQkzA
+7jDqGwqM+0L7gwsvLTppI/wHw1qXRdUX54IaL8PO9Nn8Cal0rHOrWUVWyA2RRzYW
+40N8hPBoqwshX9cGlylMwCJugZ/Nmw+PPGsVPCdOgppynm4zsA5Woa1RAoGAfJmy
+DkyVTp6sdLxjB1xJLe3yeFf8ZQUVVlsUYQgxdiGFeo4QBpPZOjbix6HO7RIPGMC2
+PVRDZakfJFsjcFwzhT2LmBwhTM2znS2XbcyNtqZDrUsCEUhz1GF1N6vGPf5KFvKc
+anB8+JBUuW8FzeULhNjVIvXsOzgWvr8OUNwJCvkCgYEAwIEEiD0umR2o/PQqq4f5
+5jMPpRnJU7nKto0vtY8CuzqHbXyohwnFOGi0KX2F9VGQTKOAYvND548Tl2kJSPSU
+uTRDNZBCIY4Rqb9suO09Iz3DLio1/UxWqZv5beWGqbGhgGBj8nO98KhyHBk5Jck1
+2DjXg/JJmmfLYpYa73nxu7I=
+-----END PRIVATE KEY-----

vsftpd.pem

@@ -0,0 +1,20 @@
+-----BEGIN CERTIFICATE-----
+MIIDMzCCAhugAwIBAgIUee40g5p4rL9rJjH/5iRYwRl0jwIwDQYJKoZIhvcNAQEL
+BQAwKTELMAkGA1UEBhMCWFgxDDAKBgNVBAgMA04vQTEMMAoGA1UECgwDTi9BMB4X
+DTI0MTAxMjE4NTk0OVoXDTI2MTAwMjE4NTk0OVowKTELMAkGA1UEBhMCWFgxDDAK
+BgNVBAgMA04vQTEMMAoGA1UECgwDTi9BMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
+MIIBCgKCAQEAmt8PF6DCsX1KOH6ftHAe7nu4WY+DP5hLQrKAuQ7eBsxFw3tCMCtQ
+peWl5PnuzAQAAEFTAufcIAocuhwpgQoM/NvNuUWq76gBdP/flT6sLLvZ4SvdQrFX
++fCBejnGjA78efGbSx01NezKJVGvFFc+9Xbw9i/GJV1rpbu0kyZhDYTuhZuCBTSj
+daqOuN/exNTQ1E9rtlyRJd/ZudNC97idluygoXRuc7pu35BcHjAhvTo365a0tlfe
+GNDU7fxGF4p3pc5hCAoAkBAT6Bz28z3PL8JzViC3y3dIcoMbw1TnuFz0UFlVwT1x
+kdfpRbhGWC8T4NgC3BFTNRQ/gwKoj18AxQIDAQABo1MwUTAdBgNVHQ4EFgQUf1hv
+WZT46wX0z9Ld+hAqxAxSWvswHwYDVR0jBBgwFoAUf1hvWZT46wX0z9Ld+hAqxAxS
+WvswDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAO78KgXgEh8V8
+hLDtoRsZ0JX1zUMIFvZCcV/6s7qbaviBgP4+AFgNVZ+QFlprQamHCpx09Tuz8PNM
+/PMoTdBx+8zlveGd7AFacykTvpvthvxREY+0zJSrHZ86fEmvkpx8QAaDpKyhVHtx
+0RhcuZyw4aN+di7ikAdb+sady9lPopTro5ir+Ubyw5OT4YKz1ItO3qPENaNDiJAW
+UH4bSTBl1ASO10YKVkCYYuFugk56CdqCdiPy+iThxW4zvGa4TDKokgY4KqMFc2oM
+Cv6Xe34RJbvJkmVvWeidJ3oET3LsvGDJ+RN6PyZzX/XCezDQHdCw1Y2M3gX8Fyw/
+72/MpizBmQ==
+-----END CERTIFICATE-----