# Original code from https://github.com/gituser173/docker-scp-server
# This image is designed to collaborate with the Docker Hub image httpd:2.4
FROM debian:stable

ENV AUTHORIZED_KEYS_FILE=/authorized_keys USERID=33 GROUPID=33
RUN apt update \
 && apt install -y openssh-server

RUN rm -f /etc/ssh/ssh_host_* \
 && groupadd --non-unique --gid $GROUPID data \
 && useradd --non-unique --uid $USERID --gid $GROUPID --no-create-home --home-dir /home data \
 && mkdir -p /home/data \
 && chown root:root /home/data \
 && mkdir -p /etc/ssh/host_keys/ \
 && echo "AuthorizedKeysFile $AUTHORIZED_KEYS_FILE" >> /etc/ssh/sshd_config \
 && echo "HostKey /etc/ssh/host_keys/ssh_host_ecdsa_key" >> /etc/ssh/sshd_config \
 && echo "HostKey /etc/ssh/host_keys/ssh_host_ed25519_key" >> /etc/ssh/sshd_config \
 && echo "X11Forwarding no" >> /etc/ssh/sshd_config \
 && echo "AllowTcpForwarding no" >> /etc/ssh/sshd_config \
 && echo "ChrootDirectory %h" >> /etc/ssh/sshd_config \
 && echo "ForceCommand internal-sftp" >> /etc/ssh/sshd_config \
 && touch $AUTHORIZED_KEYS_FILE \
 && chown data:data $AUTHORIZED_KEYS_FILE \
 && chmod 0600 $AUTHORIZED_KEYS_FILE \
 && mkdir /var/run/sshd && chmod 0755 /var/run/sshd \
 && echo "+:@data:ALL" >> /etc/security/access.conf

ADD entrypoint.sh /

EXPOSE 22
VOLUME /etc/ssh/host_keys
VOLUME /home/data

CMD ["/entrypoint.sh"]