beenull/sftpgo-mirror

mirror of https://github.com/drakkan/sftpgo.git synced 2024-11-22 15:40:23 +00:00

Author	SHA1	Message	Date
Nicola Murino	dcc3292dbc	web setup: add an optional installation code The purpose of this code is to prevent anyone who can access to the initial setup screen from creating an admin user Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-02-27 13:08:47 +01:00
Nicola Murino	7f674a7fb3	add more details to the server status page add all supported fields to the OpenAPI docs Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-02-26 16:43:29 +01:00
Nicola Murino	b64d3c2fbf	simplify rename permission before this patch we allow a rename in the following cases: - the user has rename permission on both source and target path - the user has delete permission on source path and create/upload on target path we now check only the rename/rename_files/rename_dirs permissions. This is what SFTPGo users expect. This is a backward incompatible change and it will not backported to the 2.2.x branch Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-02-26 12:19:09 +01:00
Nicola Murino	7fc5cb80d6	deb/rpm packages: attempt to set the `cap_net_bind_service` capability so the service can bind to privileged ports without running as root user Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-02-26 10:10:51 +01:00
Andrea Mattia	92460f811f	Simplify sed commands in Dockerfile(s) Closes #740 Signed-off-by: Andrea Mattia <andrea.mattia@kireygroup.com>	2022-02-25 20:58:26 +01:00
Nicola Murino	e18ad55067	S3: add support for session tokens Fixes #736 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-02-25 15:30:04 +01:00
Nicola Murino	4e9dae6fa4	allow to cache external authentications Fixes #733 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-02-25 11:51:10 +01:00
Nicola Murino	f5a0559be6	don't execute fs check if the user has recent activity The check could be expensive with some backends and is generally only required the first time that a user logs in Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-02-24 16:11:35 +01:00
Nicola Murino	670018f05e	OIDC: add profile and email scope to OAuth2 config Fixes #728 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-02-22 10:20:14 +01:00
Nicola Murino	8bbf54d2b6	azure blobs: add support for multipart downloads Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-02-21 19:01:31 +01:00
Nicola Murino	d31cccf85f	azblob: switch to the new azure-go-sdk Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-02-20 14:43:24 +01:00
Nicola Murino	c19b03a3f7	shares: add permission to deny sharing without password Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-02-19 13:31:58 +01:00
Nicola Murino	c6b8644828	OIDC: execute pre-login hook after IDP authentication so the SFTPGo users can be auto-created using the hook Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-02-19 10:53:35 +01:00
Nicola Murino	f1a255aa6c	httpd: allow to restrict allowed hosts ... ... and to add security headers to the responses Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-02-17 18:22:27 +01:00
Nicola Murino	876bf8aa4f	sftpfs: improve remove we know if the client asks to remove a file or directory so let's use the appropriate command without letting the sftp library guess the appropriate behavior Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-02-16 16:46:28 +01:00
Nicola Murino	900e519ff1	SFTP: respect file open flags also for file creation Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-02-16 16:05:56 +01:00
Nicola Murino	f1832d4478	shares: add an upload form for shares with write scope Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-02-15 19:19:25 +01:00
Nicola Murino	ebbbf81e65	logger: fix UTC time func Fixes #719 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-02-14 12:30:00 +01:00
Nicola Murino	1fccd05e9e	allow to configure the minimum version of TLS to be enabled Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-02-13 15:56:07 +01:00
Nicola Murino	66945c0a02	Web UIs: add OpenID Connect support Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-02-13 14:30:20 +01:00
Nicola Murino	fa0ca8fe89	quota summary and docs improvements Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-02-08 12:43:08 +01:00
clach04	c478c7dae9	Docker readme typo Signed-off-by: clach04 <clach04@gmail.com>	2022-02-06 19:21:35 +01:00
Nicola Murino	9382db751c	make HTTP shares browsable if you share a single folder with read scope, you can now browse the share and download single files Fixes #674 See #677 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-02-06 16:46:43 +01:00
Nicola Murino	7e2a8e70c9	update zerolog deps The updated version avoid to always create a socket connected to the journald on application start. Now the socket is only created if we log to the journald Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-02-03 17:55:36 +01:00
Nicola Murino	cd35636939	S3: add a timeout for single part uploads Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-02-01 12:15:56 +01:00
Nicola Murino	d51adb041e	update data transfer quota only if the current IP has some limits Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-01-31 19:30:25 +01:00
Nicola Murino	02db00d008	dataprovider: add naming rules naming rules allow to support case insensitive usernames, trim trailing and leading white spaces, and accept any valid UTF-8 characters in usernames. If you were enabling `skip_natural_keys_validation` now you need to set `naming_rules` to `1` Fixes #687 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-01-31 18:01:37 +01:00
Nicola Murino	fb2d59ec92	data provider: add config options for certs validation/authentication Fixes #682 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-01-30 18:04:03 +01:00
Nicola Murino	1df1225eed	add support for data transfer bandwidth limits with total limit or separate settings for uploads and downloads and overrides based on the client's IP address. Limits can be reset using the REST API Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-01-30 11:42:36 +01:00
Moroi	aca71bff7a	Fixed typo Signed-off-by: Moroi <4635854+Rango-dz@users.noreply.github.com>	2022-01-26 22:00:59 +01:00
Jeremy Clerc	9709aed5e6	httpd: webpath redirect using status found (302) 301 MovedPermanently is cached by the browser which can be annoying when it is is on base path like / while one may reuse the domain (e.g. localhost) for other apps/tests. Fixes #695 Signed-off-by: Jeremy Clerc <jeremy@clerc.io>	2022-01-26 21:50:37 +01:00
Nicola Murino	d2a4178846	check quota usage between ongoing transfers Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-01-20 18:19:20 +01:00
Nicola Murino	d73be7aee5	remove the use of some unnecessary pointers Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-01-16 12:09:17 +01:00
Nicola Murino	ffe7f7ff16	doc improvements and minor changes Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-01-16 09:50:23 +01:00
Nicola Murino	a6ed6fc721	pattern filters: don't allow files in hidden dirs Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-01-15 19:06:02 +01:00
Nicola Murino	c3831de94e	add hide policy to pattern filters Disallowed files/dirs can be completly hidden. This may cause performance issues for large directories Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-01-15 17:16:49 +01:00
Marc	9b6b9cca3d	systemd-security: add some easy wins We can tighten security by adding the following to the systemd service file: * NoNewPrivileges: should never be needed * DevicePolicy: only basics required * PrivateDevices: only needs mounted stuff, never devs * ProtectSystem: no need to change boot * RestrictAddressFamilies: INET, UNIX only Signed-off-by: Marc <mail@lpcvoid.com>	2022-01-15 13:31:59 +01:00
Nicola Murino	64d1ea2d89	update deps Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-01-13 18:48:08 +01:00
Nicola Murino	1c51239da8	Admin UI: allow to create multiple users/folders from templates the clone button is not needed anymore, you can select a user and click on template to generate one or more similar users or you can create users/folders from an empty template Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-01-12 19:01:19 +01:00
Nicola Murino	51c15de892	web admin: simplify user page The page to add/edit users should be less less intimidating now. All the advanced settings are hidden by default. Permissions are set to any, so if you also have a users base dir set, to add a user you have to simply set username, password or public key and save Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-01-10 19:44:16 +01:00
Nicola Murino	b8efb1b8ec	squash database migrations. Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-01-09 12:25:53 +01:00
Nicola Murino	ec1d20f46f	sshd: improve docs about supported ciphers, KEX and MACs also added a check to ensure that the configured values are valid Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-01-06 18:09:49 +01:00
Nicola Murino	1f619d5ea6	make the sdk a separate module The SFTPGo SDK now is at the following URL https://github.com/sftpgo/sdk Fixes #657 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-01-06 11:54:43 +01:00
Nicola Murino	6d3d94a01f	move kms implementation outside the sdk package Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-01-06 10:11:47 +01:00
Nicola Murino	0a3d94f73d	log at info level the service configurations Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-01-05 13:22:49 +01:00
Nicola Murino	7c68b03d07	move plugin handling outside the sdk package Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-01-05 11:37:45 +01:00
Nicola Murino	2912b2e92e	sdk: add a logger interface we are now ready to make the sdk a separate module Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-01-04 16:07:41 +01:00
Nicola Murino	a6fe802370	move kms definitions to the sdk package This is the first step to make the sdk a separate module Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-01-04 12:49:30 +01:00
Nicola Murino	ad483b7581	httpd: switch back to chi Recoverer now that the required patch is merged Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-01-04 09:48:16 +01:00
Nicola Murino	df86955f28	eventsearcher plugin: add support to search for provider, bucket, endpoint Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-01-03 17:02:52 +01:00

... 2 3 4 5 6 ...

1243 commits