Set up an FTP Server for your WQHD Camera using Docker
Update: This tutorial only works with Active (PORT Mode) uploads. For Passive (PASV) mode please read our tutorial Set up a Passive FTP Server for your WQHD Camera using Docker
Update: Extended tutorial to Set up a Secure FTP Server for your WQHD Camera using Docker by adding TLS encryption.
Q: I want to use my cameras FTP service to upload alarm recordings and snapshot series to my Linux Server (Raspberry Pi).
A: The simplest way would be to use your Internet Router as FTP Server. If you want to use a Linux Server like an Raspberry Pi we recommend using the sFTP Service instead of FTP or FTPS. But of course you can also set up your own FTP server instead. I would recommend building an vsftpd Docker image for this task.
Preparing the Docker Image
Start by creating a work directory and your Dockerfile, e.g. :
mkdir -p /opt/vsftpd/ftpuser && cd /opt/vsftpd
nano DockerfileAnd add the following content:
# Dockerfile for vsftpd on CentOS7
FROM centos:7
MAINTAINER m.polinowski@instar.com
RUN yum -y update; yum -y install which vsftpd net-tools vsftpd-sysvinit; yum clean all
COPY vusers.txt /etc/vsftpd/
RUN db_load -T -t hash -f /etc/vsftpd/vusers.txt /etc/vsftpd/vsftpd-virtual-user.db; rm -v /etc/vsftpd/vusers.txt; \
chmod 600 /etc/vsftpd/vsftpd-virtual-user.db
COPY vsftpd.conf /etc/vsftpd/
COPY vsftpd.virtual /etc/pam.d/
RUN mkdir -p /home/vftp/ftpuser; chown -R ftp:ftp /home/vftp
EXPOSE 20 21
CMD ["/usr/sbin/vsftpd","-obackground=NO"]This Dockerfile will take the CentOS as a base image - this can be replaced by any flavour of Enterprise Linux. The next step installs the vsftpd service and creates the FTP User account for us. After that we need to copy the following configuration files into the image - all of the need to be created in the same directory where we placed our Dockerfile:
FTP User Login
vusers.txt
ftpuser
mypasswordThis is the user we will have to use to connect to the FTP server - change both the username and password according to your needs.
FTP User Configuration
vsftpd.virtual
#%PAM-1.0
auth required pam_userdb.so db=/etc/vsftpd/vsftpd-virtual-user
account required pam_userdb.so db=/etc/vsftpd/vsftpd-virtual-user
session required pam_loginuid.soServer Configuration
vsftpd.conf
anonymous_enable=NO
local_enable=YES
virtual_use_local_privs=YES
write_enable=YES
local_umask=022
pam_service_name=vsftpd.virtual
guest_enable=YES
user_sub_token=$USER
local_root=/home/vftp/$USER
chroot_local_user=YES
allow_writeable_chroot=YES
hide_ids=YES
xferlog_enable=YES
xferlog_file=/var/log/vsftpd.logLet's start with a very basic configuration.
Starting the Docker Container
Build the Image
With those 4 files in place we are now ready to build our Docker image:
docker build -t vsftpd .Export the Image (Optional)
This will have build our image and named it vsftpd. We can export this image and place it where we need it - skip this step if you are already on the system you want to use for your server:
docker save -o vsftpd.docker vsftpd:latestCopy the exported vsftpd.docker file to your offline PC and import it:
docker load -i vsftpd.dockerRun the Container
Make sure that the FTP user directory exists and can be written to by your Docker user:
mkdir -p /opt/vsftpd/ftpuser
chmod 755 -R /opt/vsftpd/*Make sure that the home directory
/opt/vsftpd/ftpuseris set to777to prevent the FTP write error ftp 550 Create directory operation failed. or 553 Could not create file.
And run the container with - note if you build the image locally it will be called vsftpd:latest. If you imported it it will be called localhost/vsftpd:latest and you have to change the name below:
docker run -d \
--name vsftpd \
--net=host \
--privileged \
--rm \
-v /opt/vsftpd/ftpuser/:/home/vftp/ftpuser/ \
vsftpd:latestVerify that the Server is Operational
We can now verify that our server is active for example with the lftp client (apt install lftp):
lftp -d -u ftpuser 192.168.2.111
Password: mypassword
---- Resolving host address...
---- 1 address found: 192.168.2.111Use your FTP servers IP address, e.g. 192.168.2.111, and your FTP login, e.g. ftpuser/mypassword, to login. Use the ls command to see details about your connection:
lftp ftpuser@192.168.2.111:~> ls
---- Connecting to 192.168.2.111 (192.168.2.111) port 21
<--- 220 (vsFTPd 3.0.2)
---> FEAT
<--- 211-Features:
<--- EPRT
<--- EPSV
<--- MDTM
<--- PASV
<--- REST STREAM
<--- SIZE
<--- TVFS
<--- UTF8
<--- 211 End
---> AUTH TLS
<--- 530 Please login with USER and PASS.
---> OPTS UTF8 ON
<--- 200 Always in UTF8 mode.
---> USER ftpuser
<--- 331 Please specify the password.
---> PASS XXXX
<--- 230 Login successful.
---> PWD
<--- 257 "/"
---> PASV
<--- 227 Entering Passive Mode (192,168,2,111,47,12).
---- Connecting data socket to (192.168.2.111) port 12044
---- Data connection established
---> LIST
<--- 150 Here comes the directory listing.
---- Got EOF on data connection
---- Closing data socket
-rwxr-xr-x 1 ftp ftp 194654 Dec 29 07:16 T21122908162800.jpg
<--- 226 Directory send OK.
---- Closing idle connection
---> QUIT
<--- 221 Goodbye.
---- Closing control socketOr in a more graphical way use Filezilla:
Make sure that you use the Active aka Port mode here:
Try to connect and create a folder inside the home director. If you see ftp 550 Create directory operation failed. you have to re-run chmod 755 /opt/vsftpd/ftpuser to make sure that you have write permissions.
Connecting an INSTAR IP Camera
Make sure to set the Mode to PORT:
Full HD Cameras
WQHD Cameras
