Within work we have a virtual environment with NFS storage but no central repository for images etc. This would be handy to have a NFS share that is full of commonly used images and software packages for our routers so that we can easily transfer files to Juniper devices but also virtual machines.

Solution

The solution I have come up with is a virtual machine that runs Ubuntu which has the NFS share mounted in /nfs. I have then utilized docker containers to create SCP and HTTP access to only this specific mount point.

NFS

To mount the NFS share created in NetApp I used the following article written by myself here.

Docker

SCP

To use SCP I have used the atmoz/sftp docker image. This allows us to allow access to only the /nfs file directory and nothing else.

This can be run in my environment as:
docker run -d -v /nfs/:/home/axians/share -p 2222:22 -d atmoz/sftp username:password:1000

HTTP File Browser

A handy feature to download software onto a device is to just browse a HTTP page and have access to the files in a download only capacity. For this I found mohamnag/nginx-file-browser which gived a nice graphical view of your file server.

To run this docker container in our environment we are using the following command:
docker run -p 80:80 -d -v /nfs/:/opt/www/files/ mohamnag/nginx-file-browser

Samba

I might look into this so its more of a reminder.
https://hub.docker.com/r/stanback/alpine-samba

Docker Compose

I can start these containers with one easy command.
docker-compose up -d

version: "3"
services:
  sftp:
    image: atmoz/sftp
    volumes:
        - /nfs/:/home/axians/share
    ports:
        - "2222:22"
    command: username:password:1000
    restart: always
  file-browser:
    image: mohamnag/nginx-file-browser
    volumes:
        - /nfs/:/opt/www/files/
    ports:
        - "80:80"
    restart: always