docs: fix markdown lint warnings

2020-06-15 23:46:11 +02:00 · 2020-06-15 23:46:11 +02:00 · c491133aff
commit c491133aff
parent 37418a7630
16 changed files with 105 additions and 100 deletions
--- a/docs/account.md
+++ b/docs/account.md
@ -14,18 +14,18 @@ For each account, the following properties can be configured:
 - `quota_size` maximum size allowed as bytes. 0 means unlimited.
 - `quota_files` maximum number of files allowed. 0 means unlimited.
 - `permissions` the following per directory permissions are supported:
-    - `*` all permissions are granted
-    - `list` list items is allowed
-    - `download` download files is allowed
-    - `upload` upload files is allowed
-    - `overwrite` overwrite an existing file, while uploading, is allowed. `upload` permission is required to allow file overwrite
-    - `delete` delete files or directories is allowed
-    - `rename` rename files or directories is allowed if this permission is granted on target path. You can enable rename in a more controlled way granting `delete` permission on source directory and `upload` permission on target directory
-    - `create_dirs` create directories is allowed
-    - `create_symlinks` create symbolic links is allowed
-    - `chmod` changing file or directory permissions is allowed. On Windows, only the 0200 bit (owner writable) of mode is used; it controls whether the file's read-only attribute is set or cleared. The other bits are currently unused. Use mode 0400 for a read-only file and 0600 for a readable+writable file.
-    - `chown` changing file or directory owner and group is allowed. Changing owner and group is not supported on Windows.
-    - `chtimes` changing file or directory access and modification time is allowed
+  - `*` all permissions are granted
+  - `list` list items is allowed
+  - `download` download files is allowed
+  - `upload` upload files is allowed
+  - `overwrite` overwrite an existing file, while uploading, is allowed. `upload` permission is required to allow file overwrite
+  - `delete` delete files or directories is allowed
+  - `rename` rename files or directories is allowed if this permission is granted on target path. You can enable rename in a more controlled way granting `delete` permission on source directory and `upload` permission on target directory
+  - `create_dirs` create directories is allowed
+  - `create_symlinks` create symbolic links is allowed
+  - `chmod` changing file or directory permissions is allowed. On Windows, only the 0200 bit (owner writable) of mode is used; it controls whether the file's read-only attribute is set or cleared. The other bits are currently unused. Use mode 0400 for a read-only file and 0600 for a readable+writable file.
+  - `chown` changing file or directory owner and group is allowed. Changing owner and group is not supported on Windows.
+  - `chtimes` changing file or directory access and modification time is allowed
 - `upload_bandwidth` maximum upload bandwidth as KB/s, 0 means unlimited.
 - `download_bandwidth` maximum download bandwidth as KB/s, 0 means unlimited.
 - `allowed_ip`, List of IP/Mask allowed to login. Any IP address not contained in this list cannot login. IP/Mask must be in CIDR notation as defined in RFC 4632 and RFC 4291, for example "192.0.2.0/24" or "2001:db8::/32"
--- a/docs/build-from-source.md
+++ b/docs/build-from-source.md
@ -41,4 +41,4 @@ You should get a version that includes git commit, build date and available feat
 ```bash
 $ ./sftpgo -v
 SFTPGo 0.9.6-dev-15298b0-dirty-2020-05-22T21:25:51Z -gcs -s3 +bolt +mysql +pgsql -sqlite +portable
-```
+```
--- a/docs/custom-actions.md
+++ b/docs/custom-actions.md
@ -44,7 +44,6 @@ If the `hook` defines an HTTP URL then this URL will be invoked as HTTP POST. Th
 - `endpoint`, not null for S3 backend if configured
 - `status`, integer. 0 means an error occurred. 1 means no error

-
 The HTTP request will use the global configuration for HTTP clients.

 The `actions` struct inside the "data_provider" configuration section allows you to configure actions on user add, update, delete.
--- a/docs/dynamic-user-mod.md
+++ b/docs/dynamic-user-mod.md
@ -35,7 +35,7 @@ In other words while using "External Authentication" the external program receiv

 Let's see a very basic example. Our sample program will grant access to the existing user `test_user` only in the time range 10:00-18:00. Other users will not be modified since the program will terminate with no output.

-```
+```shell
 #!/bin/bash

 CURRENT_TIME=`date +%H:%M`
@ -51,4 +51,3 @@ fi
 ```

 Please note that this is a demo program and it might not work in all cases. For example, the username should be obtained by parsing the JSON serialized user and not by searching the username inside the JSON as shown here.
-
--- a/docs/external-auth.md
+++ b/docs/external-auth.md
@ -37,7 +37,7 @@ You can combine the scopes. For example, 3 means password and public key, 5 mean

 Let's see a very basic example. Our sample authentication program will only accept user `test_user` with any password or public key.

-```
+```shell
 #!/bin/sh

 if test "$SFTPGO_AUTHD_USERNAME" = "test_user"; then
--- a/docs/full-configuration.md
+++ b/docs/full-configuration.md
@ -4,7 +4,7 @@

 The SFTPGo executable can be used this way:

-```
+```console
 Usage:
  sftpgo [command]

@ -148,4 +148,4 @@ Let's see some examples:
 - To set sftpd `bind_port`, you need to define the env var `SFTPGO_SFTPD__BIND_PORT`
 - To set the `execute_on` actions, you need to define the env var `SFTPGO_SFTPD__ACTIONS__EXECUTE_ON`. For example `SFTPGO_SFTPD__ACTIONS__EXECUTE_ON=upload,download`

-Please note that, to override configuration options with environment variables, a configuration file containing the options to override is required. You can, for example, deploy the default configuration file and then override the options you need to customize using environment variables.
+Please note that, to override configuration options with environment variables, a configuration file containing the options to override is required. You can, for example, deploy the default configuration file and then override the options you need to customize using environment variables.
--- a/docs/keyboard-interactive.md
+++ b/docs/keyboard-interactive.md
@ -29,7 +29,7 @@ The authentication must finish within 60 seconds.

 Let's see a very basic example. Our sample keyboard interactive authentication program will ask for 2 sets of questions and accept the user if the answer to the last question is `answer3`.

-```
+```shell
 #!/bin/sh

 echo '{"questions":["Question1: ","Question2: "],"instruction":"This is a sample for keyboard interactive authentication","echos":[true,false]}'
@ -42,15 +42,15 @@ echo '{"questions":["Question3: "],"instruction":"","echos":[true]}'
 read ANSWER3

 if test "$ANSWER3" = "answer3"; then
-	echo '{"auth_result":1}'
+  echo '{"auth_result":1}'
 else
-	echo '{"auth_result":-1}'
+  echo '{"auth_result":-1}'
 fi
 ```

 and here is an example where SFTPGo checks the user password for you:

-```
+```shell
 #!/bin/sh

 echo '{"questions":["Password: "],"instruction":"This is a sample for keyboard interactive authentication","echos":[false],"check_password":1}'
@ -66,9 +66,9 @@ echo '{"questions":["One time token: "],"instruction":"","echos":[false]}'
 read ANSWER2

 if test "$ANSWER2" = "token"; then
-	echo '{"auth_result":1}'
+  echo '{"auth_result":1}'
 else
-	echo '{"auth_result":-1}'
+  echo '{"auth_result":-1}'
 fi
 ```

@ -85,7 +85,7 @@ The HTTP response code must be 200 and the body must contain the same JSON struc

 Let's see a basic sample, the configured hook is `http://127.0.0.1:8000/keyIntHookPwd`, as soon as the user try to login, SFTPGo makes this HTTP POST request:

-```
+```shell
 POST /keyIntHookPwd HTTP/1.1
 Host: 127.0.0.1:8000
 User-Agent: Go-http-client/1.1
@ -100,7 +100,7 @@ as you can see in this first requests `answers` and `questions` are null.

 Here is the response that instructs SFTPGo to ask for the user password and to check it:

-```
+```shell
 HTTP/1.1 200 OK
 Date: Tue, 31 Mar 2020 21:15:24 GMT
 Server: WSGIServer/0.2 CPython/3.8.2
@ -113,7 +113,7 @@ Content-Length: 143

 The user enters the correct password and so SFTPGo makes a new HTTP POST, please note that the `request_id` is the same of the previous request, this time the asked `questions` and the user's `answers` are not null:

-```
+```shell
 POST /keyIntHookPwd HTTP/1.1
 Host: 127.0.0.1:8000
 User-Agent: Go-http-client/1.1
@ -126,7 +126,7 @@ Accept-Encoding: gzip

 Here is the HTTP response that istructs SFTPGo to ask for a new question:

-```
+```shell
 HTTP/1.1 200 OK
 Date: Tue, 31 Mar 2020 21:15:27 GMT
 Server: WSGIServer/0.2 CPython/3.8.2
@ -139,7 +139,7 @@ Content-Length: 66

 As soon as the user answer to this question, SFTPGo will make a new HTTP POST request with the user's answers:

-```
+```shell
 POST /keyIntHookPwd HTTP/1.1
 Host: 127.0.0.1:8000
 User-Agent: Go-http-client/1.1
@ -152,7 +152,7 @@ Accept-Encoding: gzip

 Here is the final HTTP response that allows the user login:

-```
+```shell
 HTTP/1.1 200 OK
 Date: Tue, 31 Mar 2020 21:15:29 GMT
 Server: WSGIServer/0.2 CPython/3.8.2
@ -161,4 +161,4 @@ X-Frame-Options: SAMEORIGIN
 Content-Length: 18

 {"auth_result": 1}
-```
+```
--- a/docs/logs.md
+++ b/docs/logs.md
@ -5,50 +5,50 @@ The log file is a stream of JSON structs. Each struct has a `sender` field that
 The logs can be divided into the following categories:

 - **"app logs"**, internal logs used to debug SFTPGo:
-    - `sender` string. This is generally the package name that emits the log
-    - `time` string. Date/time with millisecond precision
-    - `level` string
-    - `message` string
+  - `sender` string. This is generally the package name that emits the log
+  - `time` string. Date/time with millisecond precision
+  - `level` string
+  - `message` string
 - **"transfer logs"**, SFTP/SCP transfer logs:
-    - `sender` string. `Upload` or `Download`
-    - `time` string. Date/time with millisecond precision
-    - `level` string
-    - `elapsed_ms`, int64. Elapsed time, as milliseconds, for the upload/download
-    - `size_bytes`, int64. Size, as bytes, of the download/upload
-    - `username`, string
-    - `file_path` string
-    - `connection_id` string. Unique connection identifier
-    - `protocol` string. `SFTP` or `SCP`
+  - `sender` string. `Upload` or `Download`
+  - `time` string. Date/time with millisecond precision
+  - `level` string
+  - `elapsed_ms`, int64. Elapsed time, as milliseconds, for the upload/download
+  - `size_bytes`, int64. Size, as bytes, of the download/upload
+  - `username`, string
+  - `file_path` string
+  - `connection_id` string. Unique connection identifier
+  - `protocol` string. `SFTP` or `SCP`
 - **"command logs"**, SFTP/SCP command logs:
-    - `sender` string. `Rename`, `Rmdir`, `Mkdir`, `Symlink`, `Remove`, `Chmod`, `Chown`, `Chtimes`, `SSHCommand`
-    - `level` string
-    - `username`, string
-    - `file_path` string
-    - `target_path` string
-    - `filemode` string. Valid for sender `Chmod` otherwise empty
-    - `uid` integer. Valid for sender `Chown` otherwise -1
-    - `gid` integer. Valid for sender `Chown` otherwise -1
-    - `access_time` datetime as YYYY-MM-DDTHH:MM:SS. Valid for sender `Chtimes` otherwise empty
-    - `modification_time` datetime as YYYY-MM-DDTHH:MM:SS. Valid for sender `Chtimes` otherwise empty
-    - `ssh_command`, string. Valid for sender `SSHCommand` otherwise empty
-    - `connection_id` string. Unique connection identifier
-    - `protocol` string. `SFTP`, `SCP` or `SSH`
+  - `sender` string. `Rename`, `Rmdir`, `Mkdir`, `Symlink`, `Remove`, `Chmod`, `Chown`, `Chtimes`, `SSHCommand`
+  - `level` string
+  - `username`, string
+  - `file_path` string
+  - `target_path` string
+  - `filemode` string. Valid for sender `Chmod` otherwise empty
+  - `uid` integer. Valid for sender `Chown` otherwise -1
+  - `gid` integer. Valid for sender `Chown` otherwise -1
+  - `access_time` datetime as YYYY-MM-DDTHH:MM:SS. Valid for sender `Chtimes` otherwise empty
+  - `modification_time` datetime as YYYY-MM-DDTHH:MM:SS. Valid for sender `Chtimes` otherwise empty
+  - `ssh_command`, string. Valid for sender `SSHCommand` otherwise empty
+  - `connection_id` string. Unique connection identifier
+  - `protocol` string. `SFTP`, `SCP` or `SSH`
 - **"http logs"**, REST API logs:
-    - `sender` string. `httpd`
-    - `level` string
-    - `remote_addr` string. IP and port of the remote client
-    - `proto` string, for example `HTTP/1.1`
-    - `method` string. HTTP method (`GET`, `POST`, `PUT`, `DELETE` etc.)
-    - `user_agent` string
-    - `uri` string. Full uri
-    - `resp_status` integer. HTTP response status code
-    - `resp_size` integer. Size in bytes of the HTTP response
-    - `elapsed_ms` int64. Elapsed time, as milliseconds, to complete the request
-    - `request_id` string. Unique request identifier
+  - `sender` string. `httpd`
+  - `level` string
+  - `remote_addr` string. IP and port of the remote client
+  - `proto` string, for example `HTTP/1.1`
+  - `method` string. HTTP method (`GET`, `POST`, `PUT`, `DELETE` etc.)
+  - `user_agent` string
+  - `uri` string. Full uri
+  - `resp_status` integer. HTTP response status code
+  - `resp_size` integer. Size in bytes of the HTTP response
+  - `elapsed_ms` int64. Elapsed time, as milliseconds, to complete the request
+  - `request_id` string. Unique request identifier
 - **"connection failed logs"**, logs for failed attempts to initialize a connection. A connection can fail for an authentication error or other errors such as a client abort or a timeout if the login does not happen in two minutes
-    - `sender` string. `connection_failed`
-    - `level` string
-    - `username`, string. Can be empty if the connection is closed before an authentication attempt
-    - `client_ip` string.
-    - `login_type` string. Can be `publickey`, `password`, `keyboard-interactive` or `no_auth_tryed`
-    - `error` string. Optional error description
+  - `sender` string. `connection_failed`
+  - `level` string
+  - `username`, string. Can be empty if the connection is closed before an authentication attempt
+  - `client_ip` string.
+  - `login_type` string. Can be `publickey`, `password`, `keyboard-interactive` or `no_auth_tryed`
+  - `error` string. Optional error description
--- a/docs/metrics.md
+++ b/docs/metrics.md
@ -15,4 +15,4 @@ Several counters and gauges are available, for example:
 - Go's runtime details about GC, number of gouroutines and OS threads
 - Process information like CPU, memory, file descriptor usage and start time

-Please check the `/metrics` page for more details.
+Please check the `/metrics` page for more details.
--- a/docs/performance.md
+++ b/docs/performance.md
@ -3,13 +3,16 @@
 SFTPGo can easily saturate a Gigabit connection on low end hardware with no special configuration, this is generally enough for most use cases.

 For Multi-Gig connections, some performance improvements and comparisons with OpenSSH have been discussed [here](https://github.com/drakkan/sftpgo/issues/69), most of them have been included in the master branch. To summarize:
+
 - In current state with all performance improvements applied, SFTP performance is very close to OpenSSH however CPU usage is higher. SCP performance match OpenSSH.
 - The main bottlenecks are the encryption and the messages authentication, so if you can use a fast cipher with implicit messages authentication, such as `aes128-gcm@openssh.com`, you will get a big performance boost.
 - SCP protocol is much simpler than SFTP and so, the multi-platform, SFTPGo's SCP implementation performs better than SFTP.
 - Load balancing with HAProxy can greatly improve the performance if CPU not become the bottleneck.

 ## Benchmark
+
 ### Hardware specification
+
 **Server** ||
 --- | --- |
 OS| Debian 10.2 x64 |
@ -41,6 +44,7 @@ Server's CPU is in Eco mode, you can expect better results in certain cases with
 The Message Authentication Code (MAC) used is `hmac-sha2-256`.

 ##### SFTP
+
 Download:

 Stream|Baseline MB/s|Devel MB/s|Optimized MB/s|Balanced MB/s|OpenSSH MB/s|
@ -62,6 +66,7 @@ Stream|Baseline MB/s|Devel MB/s|Optimized MB/s|Balanced MB/s|OpenSSH MB/s|
 8|605|1210|1368|1273|1820|

 ##### SCP
+
 Download:

 Stream|Baseline MB/s|Devel MB/s|Optimized MB/s|Balanced MB/s|OpenSSH MB/s|
@ -87,6 +92,7 @@ Stream|Baseline MB/s|Devel MB/s|Optimized MB/s|Balanced MB/s|OpenSSH MB/s|
 With this cipher the messages authentication is implicit, no SHA256 computation is needed.

 ##### SFTP
+
 Download:

 Stream|Baseline MB/s|Devel MB/s|Optimized MB/s|Balanced MB/s|OpenSSH MB/s|
@ -108,6 +114,7 @@ Stream|Baseline MB/s|Devel MB/s|Optimized MB/s|Balanced MB/s|OpenSSH MB/s|
 8|1042|1578|<--|1433|1893|

 ##### SCP
+
 Download:

 Stream|Baseline MB/s|Devel MB/s|Optimized MB/s|Balanced MB/s|OpenSSH MB/s|
@ -129,27 +136,27 @@ Stream|Baseline MB/s|Devel MB/s|Optimized MB/s|Balanced MB/s|OpenSSH MB/s|
 8|1733|1744|<--|1664|2510|

 ### Optimizations applied
- AES-CTR optimization of Go compiler for x86_64, there is a [patch](https://go-review.googlesource.com/c/go/+/51670) that hasn't been merged yet, you can apply it yourself.

+- AES-CTR optimization of Go compiler for x86_64, there is a [patch](https://go-review.googlesource.com/c/go/+/51670) that hasn't been merged yet, you can apply it yourself.

 ### HAProxy configuration

 Here is the relevant HAProxy configuration used for the `Balanced` test configuration:

-```
+```console
 frontend sftp
-    bind 	:2222
-    mode 	tcp
+    bind   :2222
+    mode   tcp
    timeout  client  600s
    default_backend sftpgo

 backend sftpgo
-    mode	tcp
-    balance	roundrobin
-    timeout	connect 10s
-    timeout	server  600s
-    timeout	queue   30s
-    option 	tcp-check
+    mode    tcp
+    balance roundrobin
+    timeout connect 10s
+    timeout server  600s
+    timeout queue   30s
+    option  tcp-check
    tcp-check expect string SSH-2.0-

    server sftpgo1 127.0.0.1:2022 check send-proxy-v2 weight 10 inter 10s rise 2 fall 3
--- a/docs/portable-mode.md
+++ b/docs/portable-mode.md
@ -2,7 +2,7 @@

 SFTPGo allows to share a single directory on demand using the `portable` subcommand:

-```
+```console
 sftpgo portable --help
 To serve the current working directory with auto generated credentials simply use:

@ -49,11 +49,10 @@ In portable mode, SFTPGo can advertise the SFTP service and, optionally, the cre

 Here is an example of the advertised service including credentials as seen using `avahi-browse`:

-```
+```console
 = enp0s31f6 IPv4 SFTPGo portable 53705                         SFTP File Transfer   local
   hostname = [p1.local]
   address = [192.168.1.230]
   port = [53705]
   txt = ["password=EWOo6pJe" "user=user" "version=0.9.3-dev-b409523-dirty-2019-10-26T13:43:32Z"]
 ```
-
--- a/docs/profiling.md
+++ b/docs/profiling.md
@ -20,4 +20,4 @@ For example you can:

 - download a 30 seconds CPU profile from the URL `/debug/pprof/profile?seconds=30`
 - download a sampling of memory allocations of live objects from the URL `/debug/pprof/heap?gc=1`
- download a sampling of all past memory allocations from the URL `/debug/pprof/allocs`
+- download a sampling of all past memory allocations from the URL `/debug/pprof/allocs`
--- a/docs/rest-api.md
+++ b/docs/rest-api.md
@ -8,21 +8,21 @@ REST API can be protected using HTTP basic authentication and exposed via HTTPS.

 For example, you can keep SFTPGo listening on localhost and expose it externally configuring a reverse proxy using Apache HTTP Server this way:

-```
+```shell
 ProxyPass /api/v1 http://127.0.0.1:8080/api/v1
 ProxyPassReverse /api/v1 http://127.0.0.1:8080/api/v1
 ```

 and you can add authentication with something like this:

-```
+```shell
 <Location /api/v1>
-	AuthType Digest
-	AuthName "Private"
-	AuthDigestDomain "/api/v1"
-	AuthDigestProvider file
-	AuthUserFile "/etc/httpd/conf/auth_digest"
-	Require valid-user
+  AuthType Digest
+  AuthName "Private"
+  AuthDigestDomain "/api/v1"
+  AuthDigestProvider file
+  AuthUserFile "/etc/httpd/conf/auth_digest"
+  Require valid-user
 </Location>
 ```

--- a/docs/s3.md
+++ b/docs/s3.md
@ -3,6 +3,7 @@
 To connect SFTPGo to AWS, you need to specify credentials, a `bucket` and a `region`. Here is the list of available [AWS regions](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html#concepts-available-regions). For example, if your bucket is at `Frankfurt`, you have to set the region to `eu-central-1`. You can specify an AWS [storage class](https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html) too. Leave it blank to use the default AWS storage class. An endpoint is required if you are connecting to a Compatible AWS Storage such as [MinIO](https://min.io/).

 AWS SDK has different options for credentials. [More Detail](https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html). We support:
+
 1. Providing [Access Keys](https://docs.aws.amazon.com/general/latest/gr/aws-sec-cred-types.html#access-keys-and-secret-access-keys).
 2. Use IAM roles for Amazon EC2
 3. Use IAM roles for tasks if your application uses an ECS task definition
--- a/docs/virtual-folders.md
+++ b/docs/virtual-folders.md
@ -28,4 +28,4 @@ Using the REST API you can:
 If you remove a folder, from the data provider, any users relationships will be cleared up. If the deleted folder is included inside the user quota you need to do a user quota scan to update its quota. An orphan virtual folder will not be automatically deleted since if you add it again later then a quota scan is needed and it could be quite expensive, anyway you can easily list the orphan folders using the REST API and delete them if they are not needed anymore.

 Overlapping virtual paths are not allowed for the same user, overlapping mapped paths are allowed only if quota tracking is globally disabled inside the configuration file (`track_quota` must be set to `0`).
-Virtual folders are supported for local filesystem only.
+Virtual folders are supported for local filesystem only.
--- a/docs/web-admin.md
+++ b/docs/web-admin.md
@ -5,4 +5,4 @@ With the default `httpd` configuration, the web admin is available at the follow

 [http://127.0.0.1:8080/web](http://127.0.0.1:8080/web)

-The web interface can be protected using HTTP basic authentication and exposed via HTTPS. If you need more advanced security features, you can setup a reverse proxy as explained for the [REST API](./rest-api.md).
+The web interface can be protected using HTTP basic authentication and exposed via HTTPS. If you need more advanced security features, you can setup a reverse proxy as explained for the [REST API](./rest-api.md).