Trying to get the container running with ftps using testcontainers

[derwild]

Hy all,

I'm using this image for E2E Tests in my java client by starting and managing it with testcontainers.
this works great for "normal" ftp, but I have issues getting ftps running.

One major issue is, that I can not provide the ip/fqdn when first starting the container, because a random free ip will be assigned to the container when it is first started. This means I have to start it first, then generate the certificate (I created java code using bouncycastle for that) and lastly giving it to the container.

According to the documentation, pure-ftpd should be able to see the certificate as soon as it is placed into the folder, but this has not happened for me. The certificate is just ignored.
I then switched over to starting and stopping the container, generating the certificate using the ip, putting it into the folder and then restarting the container.
This doesn't work either though as the container justs stops without any error.

This is the container log, reported by testcontainers:

Log enabled, see /var/log/messages

TLS Enabled

Creating user...

tail: cannot open '/var/log/pure-ftpd/pureftpd.log' for reading: No such file or directory

Password: 

Enter it again: 

Setting default port range to: 30000:30009

Setting default max clients to: 5

Setting default max connections per ip to: 5

Starting Pure-FTPd:

  pure-ftpd  -l puredb:/etc/pure-ftpd/pureftpd.pdb -E -j -R -P 172.17.0.1 -d -d  --tls=1  -p 30000:30009 -c 5 -C 5

This is the code I use to start the container:

GenericContainer<?> ftpContainer =
    new GenericContainer<>(DockerImageName.parse("stilliard/pure-ftpd:latest"))
        .withFileSystemBind(
            // A folder in the local temp dir
            dataFolder.toAbsolutePath().toString(),
            "/home/" + username,
            BindMode.READ_WRITE)
        .withFileSystemBind(
            // A folder in the local temp dir
            certFolder.toAbsolutePath().toString(),
            "/etc/ssl/private",
            BindMode.READ_WRITE)
        .withEnv("PUBLICHOST", "172.17.0.1")
        .withEnv("FTP_USER_NAME", username)
        .withEnv("FTP_USER_PASS", password)
        .withEnv("FTP_USER_HOME", "/home/" + username)
        .withEnv("FTP_MAX_CLIENTS", maxClients() + "")
        .withEnv("ADDED_FLAGS", "-d -d")
        .withPrivilegedMode(true)
        .withExposedPorts(21);

ftpContainer.start();

ftpContainer.execInContainer("ln /etc/localtime /srv/ftp/etc/localtime");
// Workaround according to https://github.com/stilliard/docker-pure-ftpd/issues/157
ftpContainer.execInContainer("sed -i '/imklog/s/^/#/' /etc/rsyslog.conf");

String ip = ftpContainer
    .getContainerInfo()
    .getNetworkSettings()
    .getNetworks()
    // bridge should always be the network to be able to access the container from the host
    .get("bridge")
    .getIpAddress();

// My method to generate a (signed) certificate. I can provide the code if needed
SslCertificate sslCertificate = TestUtil.generateSslCertificate(ip);

ftpContainer.stop();
Files.writeString(
    certFolder.resolve("pure-ftpd.pem"),
    sslCertificate.getPrivateKeyAsPem() + sslCertificate.getCertificateAsPem());
ftpContainer.start();

Thanks in advance for any help,
Chris