beenull/sftpgo-mirror
1
0
Fork 0
mirror of https://github.com/drakkan/sftpgo.git synced 2024-11-22 15:40:23 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
1194 commits 8 branches 49 tags 49 MiB
Commit graph

157 commits

Author SHA1 Message Date
Nicola Murino
78233ff9a3
web UI/REST API: add password reset 
In order to reset the password from the admin/client user interface,
an SMTP configuration must be added and the user/admin must have an email
address.
You can prohibit the reset functionality on a per-user basis by using a
specific restriction.

Fixes #597
 2021-11-13 13:25:43 +01:00
Nicola Murino
3bc58f5988
WebClient/REST API: add sharing support 2021-11-06 14:13:20 +01:00
Nicola Murino
64e87d64bd
web client UI: allow to edit plain text files 
Fixes #567
 2021-10-09 14:17:28 +02:00
Nicola Murino
9ca0b46f30
UI connections page: add a refresh button 2021-10-07 18:28:31 +02:00
Nicola Murino
1b4a1fbbe5
add data retention check hook 2021-10-03 15:17:49 +02:00
Nicola Murino
cc134cad9a
data retention: allow to notify results via e-mail 2021-10-02 22:25:41 +02:00
Nicola Murino
ba1febba73
rework user and admin profiles 
users and admins can now also update their email and description
 2021-09-29 18:46:15 +02:00
Maharanjan
0661876e99
Added email field for user account 2021-09-25 19:06:13 +02:00
Nicola Murino
7bad65a43e
user: add a permission to disable changing api key authentication 
also implement the missing APIs to enable/disable api key authentication
 2021-09-06 18:46:35 +02:00
Nicola Murino
101c2962ab
web client UI: add a permission to disable password change 
Fixes #528
 2021-09-05 18:49:13 +02:00
Nicola Murino
8a4c21b64a
add builtin two-factor auth support 
The builtin two-factor authentication is based on time-based one time
passwords (RFC 6238) which works with Authy, Google Authenticator and
other compatible apps.
 2021-09-04 12:11:04 +02:00
Nicola Murino
fe953d6b38
REST API: add support for API key authentication 2021-08-17 18:08:32 +02:00
Nicola Murino
0503215e7a
web client: try to prevent browsers from caching requests 
Fixes #493
 2021-08-03 19:58:03 +02:00
Nicola Murino
90b324d707
Add a link on the login pages to switch between admin and web client login 
The links are hidden if only the web admin or only thw web client is
enabled and can also be controlled using the "hide_login_url" setting

Fixes #485
 2021-07-27 18:43:00 +02:00
Nicola Murino
3a22aae34f
web UI: add support for upload, create dirs, rename, delete 2021-07-26 20:55:49 +02:00
Nicola Murino
83c7453957
user API: allow to disable writes ... 
... even if the user has permissions for these actions
 2021-07-23 21:41:02 +02:00
Nicola Murino
85a47810ff
S3: expose more properties, possible backward incompatible change 
Before these changes we implictly set S3ForcePathStyle if an endpoint
was provided.

This can cause issues with some S3 compatible object storages and must
be explicitly set now.

AWS is also deprecating this setting

https://aws.amazon.com/it/blogs/aws/amazon-s3-path-deprecation-plan-the-rest-of-the-story/
 2021-07-23 16:56:48 +02:00
Nicola Murino
e1a2451c22
s3: allow to configure the chunk download timeout 2021-07-11 18:39:45 +02:00
Manuel Reithuber
a4157e83e9 template fsconfig: updated form-group css classes so we can further improve onFilesystemChanged() 
it doesn't reference any vfs providers at all anymore :)
 2021-06-19 19:27:54 +02:00
Manuel Reithuber
13f23838a1 template fsconfig.html: using string provider name in onFilesystemChanged() 2021-06-19 19:27:54 +02:00
Manuel Reithuber
fd4c388b23 added vfs.ListProviders() and using it in template fsconfig.html (added a new ListFSProviders template function for that) 2021-06-19 19:27:54 +02:00
Manuel Reithuber
c07dc74d48 template fsconfig.html: simplified code in onFilesystemChanged() 2021-06-19 19:27:54 +02:00
Nicola Murino
9d3d7db29c
azblob: store SAS URL as kms.Secret 2021-06-11 22:27:36 +02:00
Nicola Murino
4be6307d87
webadmin: add defender page 2021-06-08 13:24:28 +02:00
Nicola Murino
feec2118bb
improve defender and quotas REST API 2021-06-07 21:52:43 +02:00
Nicola Murino
43182fc25e
OpenAPI: add users API 
These new APIs match the web client features.

I'm aware that some API do not follow REST best practises.

I want to avoid things likes "/user/folders/<path>"

where "path" must be encoded and making it optional create issues, so
I defined resources as query parameters instead of path parameters
 2021-06-05 16:07:09 +02:00
Nicola Murino
423d8306be
webclient: allow to download multiple files as zip 2021-05-30 23:07:46 +02:00
Nicola Murino
7a85c66ee7
webclient: defer file list rendering 
combined with server side processing I can now list a directory with
about 100.000 files in less than 2 seconds without losing client side
filtering and pagination
 2021-05-27 09:40:46 +02:00
Nicola Murino
1223957f91
webclient: use different icons based on the file extension 2021-05-24 19:09:03 +02:00
Nicola Murino
50e441849a
try to make the web admin more user friendly 
removed all the textarea with fields separated using "::".
This should, hopefully, improve user experience
 2021-05-23 22:02:01 +02:00
Nicola Murino
02bb09ec01
remove deprecated file extensions filters 
these filters were deprecated a long time ago, everyone should use
patterns filters now
 2021-05-22 12:28:05 +02:00
Nicola Murino
b9bc8d722d
try to improve web client credentials page 
I should do the same for the admin page too
 2021-05-22 09:54:27 +02:00
Nicola Murino
ecfed4dc04
Add a Getting Started Guide 2021-05-20 18:16:27 +02:00
Nicola Murino
f2b93c0402
add a setup screen to create the first admin user 
If you prefer to auto-create the first admin you can enable the
"create_default_admin" configuration key and SFTPGo will work as before.

You can also create the first admin by loading initial data: now you can
set both username and password, before you could only change the password
 2021-05-14 19:21:15 +02:00
Nicola Murino
c8f7fc9bc9
httpd/webdav: add a list of hosts allowed to send proxy headers 
X-Forwarded-For, X-Real-IP and X-Forwarded-Proto headers will be ignored
for hosts not included in this list.

This is a backward incompatible change, before the proxy headers were
always used
 2021-05-11 06:54:06 +02:00
Nicola Murino
4ea4202b99
httpd/webdav: use a custom listener with read and write deadlines 2021-05-07 20:41:20 +02:00
Nicola Murino
23d9ebfc91
add a basic front-end web interface for end-users 
Fixes #339 #321 #398
 2021-05-06 21:35:43 +02:00
Nicola Murino
0bc4db9950
web admin: make base url configurable 2021-04-09 22:02:48 +02:00
Nicola Murino
0823928f98
allow to disable login filesystem checks 
SFTPGo requires that the user's home directory, virtual folder root,
and intermediate paths to virtual folders exist to work properly.
If you already know that the required directories exist, disabling
these checks will speed up login.
 2021-04-05 17:57:30 +02:00
Nicola Murino
f895059660
web: add responsive table style to connections too 
Fixed a small issue for sftpfs too
 2021-04-05 11:28:28 +02:00
Nicola Murino
fdf3f23df5
allow to disable some hooks on a per-user basis 
This way you can, for example, mix external and internal users
 2021-04-04 22:32:25 +02:00
Nicola Murino
ea26d7786c
sftpfs: add buffering support 
this way we improve performance over high latency networks
 2021-04-03 16:00:55 +02:00
Nicola Murino
6eb43baf3d
web: fix content type for folders form 
Fixes #367
 2021-04-01 19:42:18 +02:00
Nicola Murino
183bedd6ed
webui: add responsive extension 2021-03-28 11:02:11 +02:00
Nicola Murino
2a89a8f664
webui: minor improvements 2021-03-27 22:23:01 +01:00
Mike Unitskyi
5939ac4801
Increase uid:gid limits (#362) 
Fixes #361
 2021-03-25 17:11:42 +01:00
Nicola Murino
d6dc3a507e
extend virtual folders support to all storage backends 
Fixes #241
 2021-03-21 19:15:47 +01:00
Nicola Murino
055506e518
sftpfs: add an option to disable concurrent reads 2021-03-06 15:41:40 +01:00
Nicola Murino
df41f0c556
add a setting to skip natural keys validation 
Enabling the "skip_natural_keys_validation" data provider setting,
the natural keys for REST API/Web Admin as usernames, admin names,
folder names are not restricted to unreserved URI chars

Fixes #334 #308
 2021-03-04 09:48:53 +01:00
Nicola Murino
a6e36e7cad
FTP: improve TLS certificate authentication 
For each user you can now configure:

- TLS certificate auth
- TLS certificate auth and password
- Password auth

For TLS auth, the certificate common name must match the name provided
using the "USER" FTP command
 2021-02-28 12:10:40 +01:00
Nicola Murino
2146b83343
data providers: add filesystem to folder ... 
... and some descriptive fields.
The filesystem support for virtual folders will be implemented in
future commits
 2021-02-24 19:40:29 +01:00
Nicola Murino
b1ce6eb85b
web admin: allow to set an empty password for SFTPGo users 2021-02-15 19:38:53 +01:00
Nicola Murino
267d9f1831
web ui: allow to create folders from a template 2021-02-04 19:09:43 +01:00
Nicola Murino
e9dd4ecdf0
web admin: add CSRF 2021-02-03 08:55:28 +01:00
Nicola Murino
78bf808322
virtual folders: change dataprovider structure 
This way we no longer depend on the local file system path and so we can
add support for cloud backends in future updates
 2021-02-01 19:04:15 +01:00
Nicola Murino
02679d6df3
web ui: save the state of the tables 
the state will be saved for 1 hour
 2021-01-27 08:41:21 +01:00
Nicola Murino
54321c5240
web ui: allow to create multiple users from a template 2021-01-25 21:31:33 +01:00
Nicola Murino
5fcbf2528f
html templates: minor improvements 2021-01-24 17:43:54 +01:00
Nicola Murino
ea096db8e4
sftpfs: set the correct file mode 2021-01-23 10:32:15 +01:00
Nicola Murino
2b9ba1d520
web admin: try to uniform UI 2021-01-23 09:28:45 +01:00
Nicola Murino
80f5ccd357
web admin: add backup/restore 2021-01-22 19:42:18 +01:00
Nicola Murino
41a1af863e
OpenAPI: minor changes 2021-01-18 13:24:38 +01:00
Nicola Murino
778ec9b88f
REST API v2 
- add JWT authentication
- admins are now stored inside the data provider
- admin access can be restricted based on the source IP: both proxy
  header and connection IP are checked
- deprecate REST API CLI: it is not relevant anymore

Some other changes to the REST API can still happen before releasing
SFTPGo 2.0.0

Fixes #197
 2021-01-17 22:29:08 +01:00
Nicola Murino
d6b3acdb62
add REST API for the defender 2021-01-02 19:33:24 +01:00
Nicola Murino
e536a638c9
web UI: improve user cloning 2020-12-26 15:11:38 +01:00
Jochen Munz
bc397002d4
Feature: Clone existing user via web admin (#259) 
UI based cloning of an existing user. The "add user" screen is prepopulated with existing user data.

Resolves drakkan/sftpgo#225
 2020-12-26 14:58:59 +01:00
Nicola Murino
c69d63c1f8
add support for multiple bindings 
Fixes #253
 2020-12-23 16:12:30 +01:00
Nicola Murino
a6985075b9
add sftpfs storage backend 
Fixes #224
 2020-12-12 10:31:09 +01:00
Nicola Murino
50982229e1
REST API: add a method to get the status of the services 
added a status page to the built-in web admin
 2020-12-08 11:18:34 +01:00
Nicola Murino
4a88ea5c03
add Data At Rest Encryption support 2020-12-05 13:48:13 +01:00
Nicola Murino
634b723b5d
add KMS support 
Fixes #226
 2020-11-30 21:46:34 +01:00
Nicola Murino
4bb9d07dde
user: add a free text field 
Fixes #230
 2020-11-25 22:26:34 +01:00
Nicola Murino
dccc583b5d
add a dedicated struct to store encrypted credentials 
also gcs credentials are now encrypted, both on disk and inside the
provider.

Data provider is automatically migrated and load data will accept
old format too but you should upgrade to the new format to avoid future
issues
 2020-11-22 21:53:04 +01:00
Nicola Murino
e3eca424f1
web admin: allow both allowed and denied extensions/patterns for a dir 
this fix a regression introduced in the previous commit
 2020-11-16 19:21:50 +01:00
Nicola Murino
a6355e298e
add support for limit files using shell like patterns 
Fixes #209
 2020-11-15 22:04:48 +01:00
Ryan Gough
c0f47a58f2
web admin: clarify that the directories for permissions are relative 
Fixes #222
 2020-11-15 09:11:36 +01:00
Nicola Murino
fcfdd633f6
Azure Blob: update SDK and add access tier support 2020-10-30 22:17:17 +01:00
Nicola Murino
e54828a7b8
add metrics for Azure Blob storage 2020-10-26 19:01:17 +01:00
Nicola Murino
5ff8f75917
add Azure Blob support 2020-10-25 08:18:48 +01:00
Nicola Murino
3925c7ff95 REST API/Web admin: add a parameter to disconnect a user after an update 
This way you can force the user to login again and so to use the updated
configuration.

A deleted user will be automatically disconnected.

Fixes #163

Improved some docs too.
 2020-09-01 16:10:26 +02:00
Nicola Murino
f3228713bc Allow individual protocols to be enabled per user 
Fixes #154
 2020-08-17 12:49:20 +02:00
Nicola Murino
fa5333784b add a maximum allowed size for a single upload 2020-08-16 20:17:02 +02:00
Nicola Murino
7896d2eef7 improve CI/CD workflows 2020-07-10 23:31:53 +02:00
Nicola Murino
4f0a936ca0 web admin: fix Microsoft edge compatibility 
Edge does not support trimEnd
 2020-06-29 11:46:02 +02:00
Nicola Murino
8306b6bde6 refactor virtual folders 
The same virtual folder can now be shared among users and different
folder quota limits for each user are supported.

Fixes #120
 2020-06-07 23:30:18 +02:00
Nicola Murino
738c7ab43e sftpd: add support for SSH user certificate authentication 
This add support for PROTOCOL.certkeys vendor extension:

https://cvsweb.openbsd.org/src/usr.bin/ssh/PROTOCOL.certkeys?rev=1.8

Fixes #117

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2020-05-15 20:08:53 +02:00
Nicola Murino
3f75d46a16 sftpd: add support for excluding virtual folders from user quota limit 
Fixes #110
 2020-05-01 15:27:53 +02:00
Nicola Murino
1770da545d s3: upload concurrency is now configurable 
Please note that if the upload bandwidth between the SFTP client and
SFTPGo is greater than the upload bandwidth between SFTPGo and S3 then
the SFTP client have to wait for the upload of the last parts to S3
after it ends the file upload to SFTPGo, and it may time out.
Keep this in mind if you customize parts size and upload concurrency
 2020-03-13 19:13:58 +01:00
Nicola Murino
de3e69f846 s3: add documentation and test cases for upload part size 2020-03-13 17:28:55 +01:00
Michael Bonfils
cdf1233065 s3: export PartSize parameter 
By default AWS SDK use part_size of 5 MB. For big files,
it is not ideal case. For Hadoop, it is not uncommon to
use 512 MB.
 2020-03-13 17:28:04 +01:00
Nicola Murino
b885d453a2 filters: we can now set allowed and denied files extensions 2020-03-01 22:10:29 +01:00
Nicola Murino
45b9366dd0 add support for virtual folders 
directories outside the user home directory can be exposed as virtual folders
 2020-02-23 11:30:26 +01:00
Nicola Murino
bc11cdd8d5 add support for per user authentication methods 
You can, for example, deny one or more authentication methods to one or
more users.
 2020-02-19 22:39:30 +01:00
Nicola Murino
ae8ed75ae5 gcs: add support for automatic credentials 
We can now also support implicit credentials using the Application
Default Credentials strategy
 2020-02-19 09:41:15 +01:00
Nicola Murino
d6fa853a37 add support for integrated database schema migrations 
added the "initprovider" command to initialize the database structure.
If we change the database schema the required changes will be checked
at startup and automatically applyed.
 2020-02-08 14:44:25 +01:00
Nicola Murino
3491717c26 add support for serving Google Cloud Storage over SFTP/SCP 
Each user can be mapped with a Google Cloud Storage bucket or a bucket
virtual folder
 2020-01-31 19:04:00 +01:00
Nicola Murino
4463421028 S3: add support for serving virtual folders 
inside the same bucket each user can be assigned to a virtual folder.
This is similar to a chroot directory for local filesystem
 2020-01-19 23:23:09 +01:00
Nicola Murino
a4834f4a83 add basic S3-Compatible Object Storage support 
we have now an interface for filesystem backeds, this make easy to add
new filesystem backends
 2020-01-19 07:41:05 +01:00
Nicola Murino
5cf4a47b48 web interface: fix setting expiration date 
editor autoformatting changed the meaning of the code
 2020-01-09 12:14:33 +01:00
Nicola Murino
1b1c740b29 Add support for allowed/denied IP/Mask 
Login can be restricted to specific ranges of IP address or to a specific IP
address.

Please apply the appropriate SQL upgrade script to add the filter field to your
database.

The filter database field will allow to add other filters without requiring a
new database migration
 2019-12-30 18:37:50 +01:00