Nicola Murino
15cde2dd1a
improve test coverage
2021-05-23 22:29:55 +02:00
Nicola Murino
50e441849a
try to make the web admin more user friendly
...
removed all the textarea with fields separated using "::".
This should, hopefully, improve user experience
2021-05-23 22:02:01 +02:00
Nicola Murino
02bb09ec01
remove deprecated file extensions filters
...
these filters were deprecated a long time ago, everyone should use
patterns filters now
2021-05-22 12:28:05 +02:00
Nicola Murino
402947a43c
update deps
2021-05-22 10:42:30 +02:00
Nicola Murino
b9bc8d722d
try to improve web client credentials page
...
I should do the same for the admin page too
2021-05-22 09:54:27 +02:00
Nicola Murino
0cb5c49cf3
map path resolution errors to Permission errors
...
this way the affected paths will be ignored in WebDAV
Fixes #432
2021-05-21 13:04:22 +02:00
Nicola Murino
9fc4be6d40
minor doc fixes
2021-05-20 18:34:38 +02:00
Nicola Murino
ecfed4dc04
Add a Getting Started Guide
2021-05-20 18:16:27 +02:00
dependabot[bot]
b415e4d98f
Bump github.com/lib/pq from 1.10.1 to 1.10.2 ( #429 )
...
Bumps [github.com/lib/pq](https://github.com/lib/pq ) from 1.10.1 to 1.10.2.
- [Release notes](https://github.com/lib/pq/releases )
- [Commits](https://github.com/lib/pq/compare/v1.10.1...v1.10.2 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-17 09:27:16 +02:00
Nicola Murino
7d059efe06
add an example backup script
2021-05-16 22:28:08 +02:00
Nicola Murino
60cfbd2989
setup: auto login after creating the first admin
2021-05-16 21:36:57 +02:00
Nicola Murino
8ecf64f481
httpclient: accepts timeouts as float
...
Fixes #428
2021-05-16 12:50:06 +02:00
Nicola Murino
019b0f2fd5
http cookie: add max-age and samesite
...
update deps too
2021-05-16 09:13:00 +02:00
Nicola Murino
15d6cd144a
another try to better understand the random webdav test case failure
2021-05-15 08:56:36 +02:00
Nicola Murino
f59f62317e
sftpd: fix file upload resume detection
...
WinSCP does not set the APPEND flag while resuming a file upload,
so we detect a file upload resume if the TRUNCATE flag is not set.
The APPEND flag is now ignored.
Fixes #420
2021-05-15 08:39:01 +02:00
Nicola Murino
f2b93c0402
add a setup screen to create the first admin user
...
If you prefer to auto-create the first admin you can enable the
"create_default_admin" configuration key and SFTPGo will work as before.
You can also create the first admin by loading initial data: now you can
set both username and password, before you could only change the password
2021-05-14 19:21:15 +02:00
Nicola Murino
0540b8780e
redact credentials within hooks
...
go-retryablehttp does not redact credentials, so we still log them
when we use it
https://github.com/hashicorp/go-retryablehttp/pull/133
2021-05-12 22:44:17 +02:00
Nicola Murino
fa45c9c138
allow to execute actions for file operations and SSH commands synchronously
...
The actions to run synchronously can be configured via the `execute_sync`
configuration key.
Executing an action synchronously means that SFTPGo will not return a result
code to the client until your hook have completed its execution.
Fixes #409
2021-05-11 12:45:14 +02:00
Nicola Murino
b67cd0d3df
ensure no client is connected before running max connections test cases
2021-05-11 08:04:57 +02:00
Nicola Murino
c8f7fc9bc9
httpd/webdav: add a list of hosts allowed to send proxy headers
...
X-Forwarded-For, X-Real-IP and X-Forwarded-Proto headers will be ignored
for hosts not included in this list.
This is a backward incompatible change, before the proxy headers were
always used
2021-05-11 06:54:06 +02:00
dependabot[bot]
f1b998ce16
Bump github.com/otiai10/copy from 1.5.1 to 1.6.0 ( #414 )
...
Bumps [github.com/otiai10/copy](https://github.com/otiai10/copy ) from 1.5.1 to 1.6.0.
- [Release notes](https://github.com/otiai10/copy/releases )
- [Commits](https://github.com/otiai10/copy/compare/v1.5.1...v1.6.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-10 14:02:09 +02:00
dependabot[bot]
aaa758e978
Bump github.com/minio/sio from 0.2.1 to 0.3.0 ( #412 )
...
Bumps [github.com/minio/sio](https://github.com/minio/sio ) from 0.2.1 to 0.3.0.
- [Release notes](https://github.com/minio/sio/releases )
- [Commits](https://github.com/minio/sio/compare/v0.2.1...v0.3.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-10 11:34:01 +02:00
dependabot[bot]
716946a148
Bump github.com/aws/aws-sdk-go from 1.38.35 to 1.38.36 ( #413 )
...
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go ) from 1.38.35 to 1.38.36.
- [Release notes](https://github.com/aws/aws-sdk-go/releases )
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.38.35...v1.38.36 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-10 11:10:58 +02:00
Nicola Murino
15934d72cc
webdav test: increase log size
...
the latest 10 lines are not enough to understand the issue, try with 20
2021-05-09 10:09:25 +02:00
Nicola Murino
8f6cdacd00
allow to limit the number of per-host connections
2021-05-08 19:45:21 +02:00
Nicola Murino
8f736da4b8
webdav test: add some more logs
...
QuotaLimits test case sometime fails when running in CI, try to
understand the reason
2021-05-07 22:24:06 +02:00
Nicola Murino
4ea4202b99
httpd/webdav: use a custom listener with read and write deadlines
2021-05-07 20:41:20 +02:00
Nicola Murino
d4bfc3f6b5
fix lint configuration and a warning
2021-05-06 22:06:22 +02:00
Nicola Murino
23d9ebfc91
add a basic front-end web interface for end-users
...
Fixes #339 #321 #398
2021-05-06 21:35:43 +02:00
dependabot[bot]
5c99f4fb60
Bump github.com/shirou/gopsutil/v3 from 3.21.3 to 3.21.4 ( #406 )
...
Bumps [github.com/shirou/gopsutil/v3](https://github.com/shirou/gopsutil ) from 3.21.3 to 3.21.4.
- [Release notes](https://github.com/shirou/gopsutil/releases )
- [Commits](https://github.com/shirou/gopsutil/compare/v3.21.3...v3.21.4 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-03 14:44:07 +02:00
dependabot[bot]
2263c7e20f
Bump github.com/hashicorp/go-retryablehttp from 0.6.8 to 0.7.0 ( #405 )
...
Bumps [github.com/hashicorp/go-retryablehttp](https://github.com/hashicorp/go-retryablehttp ) from 0.6.8 to 0.7.0.
- [Release notes](https://github.com/hashicorp/go-retryablehttp/releases )
- [Commits](https://github.com/hashicorp/go-retryablehttp/compare/v0.6.8...v0.7.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-03 14:43:53 +02:00
dependabot[bot]
515b2d917e
Bump github.com/fclairamb/ftpserverlib from 0.13.0 to 0.13.1 ( #404 )
...
Bumps [github.com/fclairamb/ftpserverlib](https://github.com/fclairamb/ftpserverlib ) from 0.13.0 to 0.13.1.
- [Release notes](https://github.com/fclairamb/ftpserverlib/releases )
- [Commits](https://github.com/fclairamb/ftpserverlib/compare/v0.13.0...v0.13.1 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-03 13:29:54 +02:00
dependabot[bot]
af4723356d
Bump github.com/lestrrat-go/jwx from 1.1.7 to 1.2.0 ( #403 )
...
Bumps [github.com/lestrrat-go/jwx](https://github.com/lestrrat-go/jwx ) from 1.1.7 to 1.2.0.
- [Release notes](https://github.com/lestrrat-go/jwx/releases )
- [Changelog](https://github.com/lestrrat-go/jwx/blob/main/Changes )
- [Commits](https://github.com/lestrrat-go/jwx/compare/v1.1.7...v1.2.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-03 13:29:16 +02:00
dependabot[bot]
068dd34a38
Bump github.com/aws/aws-sdk-go from 1.38.25 to 1.38.30 ( #402 )
...
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go ) from 1.38.25 to 1.38.30.
- [Release notes](https://github.com/aws/aws-sdk-go/releases )
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.38.25...v1.38.30 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-03 11:41:25 +02:00
dependabot[bot]
b16a5c2caf
Bump github.com/go-chi/chi/v5 from 5.0.2 to 5.0.3 ( #401 )
...
Bumps [github.com/go-chi/chi/v5](https://github.com/go-chi/chi ) from 5.0.2 to 5.0.3.
- [Release notes](https://github.com/go-chi/chi/releases )
- [Changelog](https://github.com/go-chi/chi/blob/master/CHANGELOG.md )
- [Commits](https://github.com/go-chi/chi/compare/v5.0.2...v5.0.3 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-03 11:41:09 +02:00
Nicola Murino
a383957cfa
OpenAPI: document that also folder-quota-update supports partial updates
2021-04-28 19:33:32 +02:00
Nicola Murino
00f97aabb4
OpenAPI: document that quota-update support partial updates
...
If the update mode is "add" and you pass only used_quota_size or only
used_quota_files the missing field will remain unchanged
2021-04-28 19:16:15 +02:00
Nicola Murino
32db0787bb
add an example script for scheduled quota updates
2021-04-26 21:53:09 +02:00
Nicola Murino
1275328fdf
Authentication errors: try to avoid user enumeration
...
Fixes #395
2021-04-26 19:48:21 +02:00
Nicola Murino
7778716fa7
update crypto and net dependencies
2021-04-25 18:12:02 +02:00
dependabot[bot]
77476d0f56
Bump github.com/aws/aws-sdk-go from 1.38.21 to 1.38.25 ( #394 )
...
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go ) from 1.38.21 to 1.38.25.
- [Release notes](https://github.com/aws/aws-sdk-go/releases )
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.38.21...v1.38.25 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-25 17:07:59 +02:00
dependabot[bot]
c7a1fc2996
Bump cloud.google.com/go/storage from 1.14.0 to 1.15.0 ( #392 )
...
Bumps [cloud.google.com/go/storage](https://github.com/googleapis/google-cloud-go ) from 1.14.0 to 1.15.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/master/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/spanner/v1.14.0...spanner/v1.15.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-25 17:07:36 +02:00
dependabot[bot]
e7d8e73be8
Bump github.com/lib/pq from 1.10.0 to 1.10.1 ( #391 )
...
Bumps [github.com/lib/pq](https://github.com/lib/pq ) from 1.10.0 to 1.10.1.
- [Release notes](https://github.com/lib/pq/releases )
- [Commits](https://github.com/lib/pq/compare/v1.10.0...v1.10.1 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-25 17:07:26 +02:00
dependabot[bot]
3ee27f4370
Bump golangci/golangci-lint-action from v2 to v2.5.2 ( #389 )
...
Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action ) from v2 to v2.5.2.
- [Release notes](https://github.com/golangci/golangci-lint-action/releases )
- [Commits](https://github.com/golangci/golangci-lint-action/compare/v2...5c56cd6c9dc07901af25baab6f2b0d9f3b7c3018 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-25 16:41:17 +02:00
Nicola Murino
92424cd1c2
dependabot: limit the number of open pull requests
2021-04-25 16:39:41 +02:00
Nicola Murino
0190dad984
docker: update github script to v4
2021-04-25 15:59:29 +02:00
Nicola Murino
198258f4e7
add dependabot
...
Fixes #388
2021-04-25 15:54:19 +02:00
Nicola Murino
5be4b6bd44
localfs: fix subdir check if the user has the root dir as home
2021-04-25 14:36:29 +02:00
Nicola Murino
3941255733
docs: fix a typo
2021-04-25 09:42:19 +02:00
Nicola Murino
46998252e5
use bcrypt as default password hashing algo
...
argon2id has a high memory cost and, if not properly tuned, it can lead to
resource starvation.
Advanced users can still configure and use argon2id.
Passwords stored as argon2id will continue to work
2021-04-25 09:38:33 +02:00