28 lines
891 B
Bash
28 lines
891 B
Bash
#!/usr/bin/bash
|
|
|
|
mkdir /etc/sftpgo
|
|
|
|
# Generate SFTPGo key pair
|
|
ssh-keygen -f /etc/sftpgo/ed25519 -t ed25519 -N "" -C ""
|
|
# Generate fingerprints
|
|
fp=($(ssh-keygen -l -f /etc/sftpgo/ed25519))
|
|
echo ${fp[1]} > /etc/sftpgo/ed25519.fp
|
|
ssh-keygen -lv -f /etc/sftpgo/ed25519 | tail -n +2 > /etc/sftpgo/ed25519.asciiart
|
|
# Generate SSHFP record
|
|
echo ht.servnest.test. 86400 SSHFP 4 2 $(cut -d ' ' -f 2 /etc/sftpgo/ed25519.pub | base64 -d | sha256sum | cut -d ' ' -f 1) >> /srv/servnest/reg/servnest.test.zone
|
|
|
|
cp /install/sftpgo.toml /etc/sftpgo/
|
|
touch /etc/sftpgo/banner.txt
|
|
|
|
usermod -aG $sftpgo $servnest # Add user servnest to group sftpgo
|
|
|
|
chown -R $sftpgo: /etc/sftpgo
|
|
chmod -R u=rX,g=rX,o= /etc/sftpgo
|
|
chmod u=r,g=,o= /etc/sftpgo/ed25519
|
|
|
|
# For systemd
|
|
cp /install/sftpgo.service /etc/systemd/system/
|
|
|
|
# Allow listening on privileged ports
|
|
setcap 'cap_net_bind_service=+ep' /usr/local/bin/sftpgo
|