如何理解sftp server服务SftpGo

如何理解sftp server服务SftpGo，相信很多没有经验的人对此束手无策，为此本文总结了问题出现的原因和解决方法，通过这篇文章希望你能解决这个问题。

SftpGo是一款高性能、功能齐全、易用可配置的一款sftp server 服务，基于go开发。目前在linux、macos下均可以稳定运行(windows个人未测试)。数据可以持久化到主流的数据库，诸如Mysql、PostgreSQL、Sqlilte.

sftpgo主要组成

• 服务端主程序: sftpgosever

• cli脚本: sftpcli

数据目录

• conf存储服务配置文件

• data创建sftp用户目录

• backups存储应用备份数据

本次基于k8s运行服务、mysql5.7做持久化存储、腾讯云NFS服务做数据目录、configmap挂载配置文件、nginx stream提供域名映射tcp访问

构建镜像

直接拉取

docker pull taylordang/sftpgo:v1.0

本地基于Dockerfile构建

查看具体文档: [https://github.com/dtcka/sftpgo/tree/master/docker/sftpgo/alpine](https://github.com/dtcka/sftpgo/tree/master/docker/sftpgo/alpine)

构建脚手架

构建脚本: [https://github.com/dtcka/sftpgo/blob/master/docker/rest-api-cli/Dockerfile](https://github.com/dtcka/sftpgo/blob/master/docker/rest-api-cli/Dockerfile)

标准配置文件

{       "sftpd": {               "bind_port": 2022,               "bind_address": "0.0.0.0",               "idle_timeout": 15,               "max_auth_tries": 0,               "umask": "0022",               "banner": "",               "upload_mode": 0,               "actions": {                       "execute_on": [],                       "command": "",                       "http_notification_url": ""               },               "keys": [],               "kex_algorithms": [],               "ciphers": [],               "macs": [],               "login_banner_file": "",               "setstat_mode": 0,               "enabled_ssh_commands": [                       "md5sum",                       "sha1sum",                       "cd",                       "pwd",                       "scp"               ],               "keyboard_interactive_auth_program": "",               "proxy_protocol": 0,               "proxy_allowed": []       },       "data_provider": {               "driver": "mysql",               "name": "sftpgo",               "host": "xxxxxx",               "port": 9999,               "username": "sftpgo",               "password": "xxxxx",               "sslmode": 0,               "connection_string": "",               "users_table": "users",               "manage_users": 1,               "track_quota": 2,               "pool_size": 0,               "users_base_dir": "",               "actions": {                       "execute_on": [],                       "command": "",                       "http_notification_url": ""               },               "external_auth_program": "",               "external_auth_scope": 0,               "credentials_path": "credentials",               "pre_login_program": ""       },       "httpd": {               "bind_port": 8080,               "bind_address": "0.0.0.0",               "templates_path": "templates",               "static_files_path": "static",               "backups_path": "backups",               "auth_user_file": "",               "certificate_file": "",               "certificate_key_file": ""       }}

运行应用

以上服务配置准备完成之后，运行容器会在数据库中自动生成对应的表

提供服务外部入库

1. 设置内网服务入口

apiVersion: v1kind: Servicemetadata: name: sftpgo namespace: sftpspec: clusterIP: xxxx externalTrafficPolicy: Cluster ports: - name: 8080-8080-tcp   nodePort: 31807   port: 8080   protocol: TCP   targetPort: 8080 - name: 2022-2022-tcp   nodePort: 30865   port: 2022   protocol: TCP   targetPort: 2022 selector:   k8s-app: sftpgo   qcloud-app: sftpgo sessionAffinity: None type: LoadBalancerstatus: loadBalancer:   ingress:   - ip: xxxx

2. 设置外部服务入口

- nginx配置文件 ``` apiVersion: v1 data: nginx.conf: |- user nginx; worker_processes auto; error_log /var/log/nginx/error.log warn; pid /var/run/nginx.pid; events { worker_connections 1024; } stream { server { listen 2022; proxy_pass sftpgo服务对应的内网ip:2022; } } kind: ConfigMap metadata: name: tcp-config namespace: sftp

##### 3.测试下服务状态以及数据目录权限![image.png](https://oscimg.oschina.net/oscnet/up-bee83bd7e27b4e982526a9d3c88a450f7fe.png)
测试ok：数据权限UID GID需要设置为1003.
##### 4. 设置域名解析到nginx的externalIps即可实现域名访问![image.png](https://oscimg.oschina.net/oscnet/up-331b767e5d7c85d5f06f1a9c01daa105227.png)---

附：

看完上述内容，你们掌握如何理解sftp server服务SftpGo的方法了吗？如果还想学到更多技能或想了解更多相关内容，欢迎关注行业资讯频道，感谢各位的阅读！