feat(sftpgo): mount config json as file instead of path

[bdashrad]

This leaves other things (currently just /etc/sftpgo/moduli) in place, to make it easier to enable diffie-hellman key exchange.

This file was added in sftpgo 2.4.2 https://github.com/drakkan/sftpgo/blob/v2.4.2/Dockerfile#L50 https://github.com/drakkan/sftpgo/commit/29d1993a3b302e0e0499801aff2b53aa014beca7

[sagikazarmark]

I recall problems with sftpgo when not overwriting that mount completely. Something about having multiple types of configurations in the same dir (and sftpgo loading one arbitrarily).

Can you please make sure/check that's not happening?

[bdashrad]

I am running this branch in production, mounting only the secrets file in the path without issue.

sftpgo@sftpgo-5cc458474f-8f4kn:~$ ls -la /etc/sftpgo/
total 580
drwxr-xr-x 1 sftpgo sftpgo   4096 Jan  7 09:28 .
drwxr-xr-x 1 root   root     4096 Jan 24 16:51 ..
-rw-r--r-- 1 sftpgo sftpgo 577771 Jul  1  2022 moduli
-rw-r--r-- 1 root   sftpgo    328 Jan 24 16:51 sftpgo.json

[bdashrad]

@sagikazarmark Just wanted to check in on this PR, mounting the whole directory in the path makes /etc/sftpgo/moduli inaccessible, which is required for diffie-hellman algorithms to function.

[bdashrad]

Just following up again, I'd love to get this included instead of maintaining my fork for longer 😄

[bdashrad]

@sagikazarmark could I possibly get a review on this one when you have some availability?🙏

[bdashrad]

Thanks so much. I try not to be a other but I also know I get sidetracked myself sometimes!

[sagikazarmark]

No worries! I receive dozens (if not hundreds) of emails from GitHub on a daily basis, so I need the occasional ping.