Add public key config via configuration.Users.PublicKeys (#16)

antoinedeschenes · web-flow · commit 31c19d18ce1e · 2020-05-05T12:21:00.000+03:00
diff --git a/README.md b/README.md
@@ -136,6 +136,7 @@ You can customize the values of the helm deployment by using the following Value
 | `configuration.Users[].Username`                            | Set the user's username                                                          | N/A                                                     |
 | `configuration.Users[].Password`                            | Set the user's password. If empty or `null`, password authentication is disabled | N/A                                                     |
 | `configuration.Users[].PasswordIsEncrypted`                 | `true` or `false`. Indicates if the password value is already encrypted          | `false`                                                 |
+| `configuration.Users[].PublicKeys`                          | Set the user's public keys                                                       | `[]`                                                    |
 | `configuration.Users[].UID`                                 | Sets the user's UID.                                                             | `null`                                                  |
 | `configuration.Users[].GID`                                 | Sets the user's GID. A group is created for this value and the user is included  | `null`                                                  |
 | `configuration.Users[].Chroot`                              | If set, will override global `Chroot` settings for this user.                    | `null`                                                  |
diff --git a/src/ES.SFTP.Host/Business/Configuration/UserDefinition.cs b/src/ES.SFTP.Host/Business/Configuration/UserDefinition.cs
@@ -11,5 +11,6 @@ public class UserDefinition
         public int? GID { get; set; }
         public ChrootDefinition Chroot { get; set; }
         public List<string> Directories { get; set; } = new List<string>();
+        public List<string> PublicKeys { get; set; } = new List<string>();
     }
 }
diff --git a/src/ES.SFTP.Host/Orchestrator.cs b/src/ES.SFTP.Host/Orchestrator.cs
@@ -413,7 +413,15 @@ await ProcessUtil.QuickRun("chown",
             if (File.Exists(sshAuthKeysPath)) File.Delete(sshAuthKeysPath);
             var authKeysBuilder = new StringBuilder();
             foreach (var file in Directory.GetFiles(sshKeysDir))
+            {
+                _logger.LogDebug("Adding public key '{file}' for user '{user}'", file, username);
                 authKeysBuilder.AppendLine(await File.ReadAllTextAsync(file));
+            }
+            foreach (var publicKey in user.PublicKeys)
+            {
+                _logger.LogDebug("Adding public key from config for user '{user}'", username);
+                authKeysBuilder.AppendLine(publicKey);
+            }
             await File.WriteAllTextAsync(sshAuthKeysPath, authKeysBuilder.ToString());
             await ProcessUtil.QuickRun("chown", $"{user.Username} {sshAuthKeysPath}");
             await ProcessUtil.QuickRun("chmod", $"400 {sshAuthKeysPath}");
diff --git a/src/deploy/docker-compose/docker-compose.override.dev.yaml b/src/deploy/docker-compose/docker-compose.override.dev.yaml
@@ -9,5 +9,4 @@ services:
       - "2222:22"
     volumes:
     - ../samples/sample.dev.sftp.json:/app/config/sftp.json:ro
-    - ../samples/.ssh/id_demo_rsa.pub:/home/demo/.ssh/keys/id_rsa.pub:ro
-    - ../samples/.ssh/id_demo2_rsa.pub:/home/demo2/.ssh/keys/id_rsa.pub:ro
+    - ../samples/.ssh/id_demo2_rsa.pub:/home/demo2/.ssh/keys/id_rsa.pub:ro
diff --git a/src/deploy/samples/sample.dev.sftp.json b/src/deploy/samples/sample.dev.sftp.json
@@ -9,11 +9,14 @@
     "Users": [
         {
             "Username": "demo",
-            "Password": "demo"
+            "Password": "demo",
+            "PublicKeys": [
+                "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC++8/LkNAu1DPEjnBhzjTF3dkFY+jbRDIsQ/2JkGpRdEHmcCMBTMZGL9PCEEGjWo1Lfocfnk5hWrcloTMCh+rD5VCFNyPCEePK6nyEzZHwcQk9t6dWQwyjtLG8uAhVA30sl0Uw48YcNl9aF8FzpPMWnC7omM2VQPqq0Le05Hu50q0rW97z0vnxpQe+gdNhXOTq0FQ+J2wCwGc7Lxn5uXmZEozmZvlyFVEw6eFlyo9BwLluTHqd5wh9z+jx2U8dQfnIofrgd2Dp86tGNnvS59L/T/0llP8mbvTZNfusMJiO4gNNlsYhj4lQxUQaDL7gy9fxl8Pqf0eGnpOXluSMpAET1oFY5kKgHbfl6peepZzPQ77LQZDNDkrTwqc47VDNlxkdBmV9mp1R+C6no8Ws1Rkk+xYoNbXy6wVOEZy6VSydOy1OsUPpc1hMALYtkxNs88RBeVi/2uQZ8ssXwyKhTIs4zB0JXnSJbOrnkE/NiR8m6r7Nj21oRPcg0Jihl6gq7nU= winromulus@Maximus"
+            ]
         },
         {
             "Username": "demo2",
             "Password": "demo2"
         }
     ]
-}
+}

Original file line number	Diff line number	Diff line change
`@@ -11,5 +11,6 @@ public class UserDefinition`
`11`	`11`	`public int? GID { get; set; }`
`12`	`12`	`public ChrootDefinition Chroot { get; set; }`
`13`	`13`	`public List<string> Directories { get; set; } = new List<string>();`
	`14`	`+ public List<string> PublicKeys { get; set; } = new List<string>();`
`14`	`15`	`}`
`15`	`16`	`}`
Original file line number	Diff line number	Diff line change
`@@ -9,11 +9,14 @@`
`9`	`9`	`"Users": [`
`10`	`10`	`{`
`11`	`11`	`"Username": "demo",`
`12`		`- "Password": "demo"`
	`12`	`+ "Password": "demo",`
	`13`	`+ "PublicKeys": [`
	`14`	+ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC++8/LkNAu1DPEjnBhzjTF3dkFY+jbRDIsQ/2JkGpRdEHmcCMBTMZGL9PCEEGjWo1Lfocfnk5hWrcloTMCh+rD5VCFNyPCEePK6nyEzZHwcQk9t6dWQwyjtLG8uAhVA30sl0Uw48YcNl9aF8FzpPMWnC7omM2VQPqq0Le05Hu50q0rW97z0vnxpQe+gdNhXOTq0FQ+J2wCwGc7Lxn5uXmZEozmZvlyFVEw6eFlyo9BwLluTHqd5wh9z+jx2U8dQfnIofrgd2Dp86tGNnvS59L/T/0llP8mbvTZNfusMJiO4gNNlsYhj4lQxUQaDL7gy9fxl8Pqf0eGnpOXluSMpAET1oFY5kKgHbfl6peepZzPQ77LQZDNDkrTwqc47VDNlxkdBmV9mp1R+C6no8Ws1Rkk+xYoNbXy6wVOEZy6VSydOy1OsUPpc1hMALYtkxNs88RBeVi/2uQZ8ssXwyKhTIs4zB0JXnSJbOrnkE/NiR8m6r7Nj21oRPcg0Jihl6gq7nU= winromulus@Maximus"
	`15`	`+ ]`
`13`	`16`	`},`
`14`	`17`	`{`
`15`	`18`	`"Username": "demo2",`
`16`	`19`	`"Password": "demo2"`
`17`	`20`	`}`
`18`	`21`	`]`
`19`		`-}`
	`22`	`+}`