Lightweight SCP/rsync Dockerfile

Dockerfile

FROM debian:stable-slim

RUN apt-get update
RUN apt-get install -y openssh-server rssh rsync \
 && rm -f /etc/ssh/ssh_host_*

RUN useradd --uid 1000 --no-create-home --shell /usr/bin/rssh data \
 && mkdir /home/data \
 && chown data: /home/data \
 && chmod 0700 /home/data

ENV AUTHORIZED_KEYS_FILE /authorized_keys
RUN echo "AuthorizedKeysFile $AUTHORIZED_KEYS_FILE" >>/etc/ssh/sshd_config \
 && touch $AUTHORIZED_KEYS_FILE \
 && chown data $AUTHORIZED_KEYS_FILE \
 && chmod 0600 $AUTHORIZED_KEYS_FILE
RUN mkdir /var/run/sshd && chmod 0755 /var/run/sshd

RUN echo "allowscp" >> /etc/rssh.conf
RUN echo "allowsftp" >> /etc/rssh.conf
RUN echo "allowrsync" >> /etc/rssh.conf

ADD entrypoint.sh /

CMD ["/entrypoint.sh"]
EXPOSE 22
VOLUME /home/data

entrypoint.sh

#!/bin/bash

# This won't be executed if keys already exist (i.e. from a volume)
ssh-keygen -A

# Copy authorized keys from ENV variable
echo $AUTHORIZED_KEYS | base64 -d >>$AUTHORIZED_KEYS_FILE

# Chown data folder (if mounted as a volume for the first time)
# chown data:data /home/data

# Run sshd on container start
exec /usr/sbin/sshd -D -e