Google Cloud Storage credentials are now always stored within the data
provider.
Added a migration to read credentials from disk and store them inside the
data provider.
After v2.3 we can also remove credentials_path
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
if defined only the listed IPs/networks can access the configured
services, all other client connections will be dropped before they
even try to authenticate
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
... and deprecate this setting.
In the future we'll remove prefer_database_credentials and
credentials_path and we will not allow the credentials to be saved on
the filesystem
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
Automatic backup are enabled by default, a new backup will be saved
each day at midnight.
The backups_path setting was moved from the httpd section to the
data_provider one, please adjust your configuration file and or your
env vars
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
The purpose of this code is to prevent anyone who can access to
the initial setup screen from creating an admin user
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
naming rules allow to support case insensitive usernames, trim trailing
and leading white spaces, and accept any valid UTF-8 characters in
usernames.
If you were enabling `skip_natural_keys_validation` now you need to
set `naming_rules` to `1`
Fixes#687
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
SFTPGo is now fully auditable, all fs and provider events that change
something are notified and can be collected using hooks/plugins.
There are some backward incompatible changes for command hooks
The builtin two-factor authentication is based on time-based one time
passwords (RFC 6238) which works with Authy, Google Authenticator and
other compatible apps.
If you prefer to auto-create the first admin you can enable the
"create_default_admin" configuration key and SFTPGo will work as before.
You can also create the first admin by loading initial data: now you can
set both username and password, before you could only change the password
The actions to run synchronously can be configured via the `execute_sync`
configuration key.
Executing an action synchronously means that SFTPGo will not return a result
code to the client until your hook have completed its execution.
Fixes#409
X-Forwarded-For, X-Real-IP and X-Forwarded-Proto headers will be ignored
for hosts not included in this list.
This is a backward incompatible change, before the proxy headers were
always used
