beenull/sftpgo
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
1931 commits 8 branches 48 tags 35 MiB
Commit graph

636 commits

Author SHA1 Message Date
Nicola Murino
9382db751c
make HTTP shares browsable 
if you share a single folder with read scope, you can now browse the share
and download single files

Fixes #674
See #677

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-02-06 16:46:43 +01:00
Nicola Murino
7e2a8e70c9
update zerolog deps 
The updated version avoid to always create a socket connected to the
journald on application start.

Now the socket is only created if we log to the journald

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-02-03 17:55:36 +01:00
Nicola Murino
cd35636939
S3: add a timeout for single part uploads 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-02-01 12:15:56 +01:00
Nicola Murino
1df1225eed
add support for data transfer bandwidth limits 
with total limit or separate settings for uploads and downloads and
overrides based on the client's IP address.

Limits can be reset using the REST API

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-01-30 11:42:36 +01:00
Nicola Murino
d2a4178846
check quota usage between ongoing transfers 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-01-20 18:19:20 +01:00
Nicola Murino
c3831de94e
add hide policy to pattern filters 
Disallowed files/dirs can be completly hidden. This may cause performance
issues for large directories

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-01-15 17:16:49 +01:00
Nicola Murino
64d1ea2d89
update deps 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-01-13 18:48:08 +01:00
Nicola Murino
51c15de892
web admin: simplify user page 
The page to add/edit users should be less less intimidating now.
All the advanced settings are hidden by default. Permissions are set
to any, so if you also have a users base dir set, to add a user
you have to simply set username, password or public key and save

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-01-10 19:44:16 +01:00
Nicola Murino
b8efb1b8ec
squash database migrations. 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-01-09 12:25:53 +01:00
Nicola Murino
ec1d20f46f
sshd: improve docs about supported ciphers, KEX and MACs 
also added a check to ensure that the configured values are valid

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-01-06 18:09:49 +01:00
Nicola Murino
1f619d5ea6
make the sdk a separate module 
The SFTPGo SDK now is at the following URL

https://github.com/sftpgo/sdk

Fixes #657

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-01-06 11:54:43 +01:00
Nicola Murino
2912b2e92e
sdk: add a logger interface 
we are now ready to make the sdk a separate module

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-01-04 16:07:41 +01:00
Nicola Murino
ad483b7581
httpd: switch back to chi Recoverer now that the required patch is merged 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-01-04 09:48:16 +01:00
Nicola Murino
00ec426a80
notifier plugins: add provider, bucket and endpoint to nottifier params 
Fixes #656

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-01-02 19:22:44 +01:00
Nicola Murino
222db53410
notifiers plugin: replace params with a struct 
Fixes #658

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-01-02 15:16:35 +01:00
Nicola Murino
e3f3997c5e
set version to 2.2.1 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2021-12-31 13:42:03 +01:00
Nicola Murino
f78090e47f
update deps 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2021-12-29 18:11:00 +01:00
Nicola Murino
4d7a4aa99a
check rename source and target 2021-12-28 12:03:52 +01:00
Nicola Murino
7d8823307f
defender: add provider driver 
Fixes #616
 2021-12-25 12:08:07 +01:00
Nicola Murino
8174349032
console logger: enable colors on Windows too ... 
... now that zerolog supports this feature
 2021-12-20 18:47:18 +01:00
Nicola Murino
ced73ed04e
REST API: add an option to create missing dirs 2021-12-19 12:14:53 +01:00
Nicola Murino
a587228cf0
add support for metadata plugins 2021-12-16 18:18:36 +01:00
Nicola Murino
0bb141960f
add support for different bandwidth limits based on client IP 2021-12-10 18:43:26 +01:00
Nicola Murino
c153330ab8
web client: use fetch to upload files 
also add REST API to upload a single file as POST body
 2021-12-08 19:25:22 +01:00
Nicola Murino
5b4ef0ee3b
windows installer: rename the sample configuration with the default values 
The previous name sftpgo.json.default could create confusion for Windows
users
 2021-12-05 07:58:53 +01:00
Nicola Murino
30d98326ca
docker: update alpine image to 3.15 2021-12-03 19:33:37 +01:00
Nicola Murino
4df0ae82ac
web client: allow downloading of single shared files without compression 
Fixes #629
 2021-11-30 20:32:10 +01:00
Nicola Murino
c330ac8418
CI: add windows arm64 2021-11-28 18:56:30 +01:00
Nicola Murino
015aa36c56
loaddata: improve shares restore 
usage and timestamps are now preserved
 2021-11-27 11:12:51 +01:00
Nicola Murino
4652f9ede8
FTPD: allow to set different passive IPs based on the client's IP address 2021-11-25 12:45:09 +01:00
Nicola Murino
fb8f013ea7
web: update permissions on cookie refresh 2021-11-20 10:48:39 +01:00
Nicola Murino
52f3a98cc8
preserve GCS credentials on update if not set 
credentials were not preserved if "prefer_database_credentials" was
set to true

Fixes #613
 2021-11-15 19:12:58 +01:00
Nicola Murino
0833b4698e
httpd service: add CORS support 2021-11-13 23:14:50 +01:00
Nicola Murino
78233ff9a3
web UI/REST API: add password reset 
In order to reset the password from the admin/client user interface,
an SMTP configuration must be added and the user/admin must have an email
address.
You can prohibit the reset functionality on a per-user basis by using a
specific restriction.

Fixes #597
 2021-11-13 13:25:43 +01:00
Nicola Murino
b331dc5686
web client: show share last use and used tokens 2021-11-07 09:53:35 +01:00
Nicola Murino
3bc58f5988
WebClient/REST API: add sharing support 2021-11-06 14:13:20 +01:00
Nicola Murino
570964deb3
add post-disconnect hook 
Fixes #587
 2021-10-29 19:55:18 +02:00
Nicola Murino
31984ffec1
update logo and add it to windows exe and installer 
thanks to @asheroto for donating the new logo
 2021-10-23 19:27:39 +02:00
Nicola Murino
74fc3aaf37
REST API: add events search 2021-10-23 15:47:21 +02:00
Nicola Murino
97d0a48557
plugins: improve notifier and searcher 2021-10-20 19:39:49 +02:00
Nicola Murino
f131ef130b
add a link to the new events store plugin 2021-10-16 17:08:34 +02:00
Nicola Murino
4a6a4ce28d
sftpfs: map path resolution error to permission denied 
we do the same for os fs so that the problematic directory is excluded
from the webdav listing instead of failing the whole directory listing
 2021-10-16 10:32:18 +02:00
Nicola Murino
a80ac80fcd
pkgs: update nfpm to 2.7 and use xz as compression for both deb and rpm 2021-10-13 09:15:04 +02:00
Nicola Murino
64e87d64bd
web client UI: allow to edit plain text files 
Fixes #567
 2021-10-09 14:17:28 +02:00
Nicola Murino
6eb154bb74
webdav: add support for lock discovery 2021-10-06 09:11:56 +02:00
Nicola Murino
1b4a1fbbe5
add data retention check hook 2021-10-03 15:17:49 +02:00
Nicola Murino
cc134cad9a
data retention: allow to notify results via e-mail 2021-10-02 22:25:41 +02:00
Nicola Murino
1459150024
WebDAV: improve logs 2021-10-01 20:37:23 +02:00
Nicola Murino
e6f969cb04
web UI: update js and css deps 2021-09-30 10:23:25 +02:00
Nicola Murino
ba1febba73
rework user and admin profiles 
users and admins can now also update their email and description
 2021-09-29 18:46:15 +02:00
Nicola Murino
4ab2e4088a
CI docker: remove armv7 support 
building docker images now takes too long and often fails with random
errors. I have to restart the build several times to be able to push
the images to docker hub and gcr
 2021-09-27 10:25:21 +02:00
Nicola Murino
da0ccc6426
add SMTP support 
it will be used in future update to add email sending capabilities
 2021-09-26 20:25:37 +02:00
Nicola Murino
da5a061b65
add basic REST APIs for data retention 
Fixes #495
 2021-09-25 12:20:31 +02:00
Nicola Murino
6ea38188e8
minor fixes and doc improvements 2021-09-18 10:50:17 +02:00
Nicola Murino
5c34d814d6
fix a possible nil pointer dereference 
it can happen by upgrading from very old versions
 2021-09-11 14:19:17 +02:00
Nicola Murino
0eca4f1866
update deps 2021-09-08 12:29:47 +02:00
Nicola Murino
374de07c7b
update deps 2021-09-04 13:30:23 +02:00
Nicola Murino
8a4c21b64a
add builtin two-factor auth support 
The builtin two-factor authentication is based on time-based one time
passwords (RFC 6238) which works with Authy, Google Authenticator and
other compatible apps.
 2021-09-04 12:11:04 +02:00
Nicola Murino
be3857d572
dataprovider: add timestamp fields for users and admins 2021-08-19 15:51:43 +02:00
Nicola Murino
5a549a88fe
update to Go 1.17 2021-08-18 14:39:56 +02:00
Nicola Murino
fe953d6b38
REST API: add support for API key authentication 2021-08-17 18:08:32 +02:00
Nicola Murino
ced2e16f41
add support for password validation rules 
Fixes #494
 2021-08-06 18:56:07 +02:00
Nicola Murino
a3c087456b
ftpd: add some security checks 2021-08-05 18:38:15 +02:00
dependabot[bot]
9541843ff7
Bump github.com/shirou/gopsutil/v3 from 3.21.6 to 3.21.7 (#491) 
Bumps [github.com/shirou/gopsutil/v3](https://github.com/shirou/gopsutil) from 3.21.6 to 3.21.7.
- [Release notes](https://github.com/shirou/gopsutil/releases)
- [Commits](https://github.com/shirou/gopsutil/compare/v3.21.6...v3.21.7)

---
updated-dependencies:
- dependency-name: github.com/shirou/gopsutil/v3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-08-02 10:11:09 +02:00
Nicola Murino
7640612a95
update deps 2021-07-31 10:22:38 +02:00
mmcgeefeedo
3ae8abda9e
sftpd: add folder prefix middleware 2021-07-29 00:32:55 +02:00
Nicola Murino
a7313e4492
webdav: add new test cases and fix some lock related issues 
Our net/webdav branch now include the following patches:

https://github.com/golang/net/pull/92
https://github.com/golang/net/pull/93
https://github.com/golang/net/pull/94
 2021-07-25 09:55:14 +02:00
Nicola Murino
ae8ccadad2
users API: add API to create, delete, rename files and directories 2021-07-23 10:19:27 +02:00
Nicola Murino
c900cde8e4
notifiers plugin: add settings to retry unhandled events 2021-07-20 12:51:21 +02:00
Nicola Murino
13183a9f76
deps cleanup 2021-07-17 15:42:59 +02:00
Nicola Murino
6d313f6d8f
expose KMS as plugin 2021-07-16 18:22:42 +02:00
Nicola Murino
776dffcf12
kms: improve modularity 2021-07-13 21:17:21 +02:00
Nicola Murino
bd5191dfc5
add experimental plugin system 2021-07-11 15:26:51 +02:00
Nicola Murino
302ec2558c
add notifications for mkdir/rmdir 2021-07-03 18:07:55 +02:00
Nicola Murino
04001f7ad3
FTP: try to return more specific error codes/messages for some errors 
We now return 552 code for quota exceeded errors and 553 in the following
cases:

- filename denied by a filter
- no upload permission
- no overwrite permission
- pre upload hook error

Fixes #442
 2021-06-28 19:40:04 +02:00
Nicola Murino
076b2f0ee0
modules: add v2 support 2021-06-26 07:31:41 +02:00
Nicola Murino
0c2640bbab
update deps 2021-06-19 09:56:49 +02:00
Nicola Murino
47ebe42375
FTP: fix LIST on files 2021-06-15 06:38:56 +02:00
Nicola Murino
d992f0ffcc
update deps 2021-06-13 08:54:22 +02:00
Nicola Murino
43182fc25e
OpenAPI: add users API 
These new APIs match the web client features.

I'm aware that some API do not follow REST best practises.

I want to avoid things likes "/user/folders/<path>"

where "path" must be encoded and making it optional create issues, so
I defined resources as query parameters instead of path parameters
 2021-06-05 16:07:09 +02:00
Nicola Murino
423d8306be
webclient: allow to download multiple files as zip 2021-05-30 23:07:46 +02:00
Nicola Murino
3b46e6a6fb
add support for a global temp path 
Fixes #436
 2021-05-27 15:38:27 +02:00
Nicola Murino
402947a43c
update deps 2021-05-22 10:42:30 +02:00
dependabot[bot]
b415e4d98f
Bump github.com/lib/pq from 1.10.1 to 1.10.2 (#429) 
Bumps [github.com/lib/pq](https://github.com/lib/pq) from 1.10.1 to 1.10.2.
- [Release notes](https://github.com/lib/pq/releases)
- [Commits](https://github.com/lib/pq/compare/v1.10.1...v1.10.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-05-17 09:27:16 +02:00
Nicola Murino
019b0f2fd5
http cookie: add max-age and samesite 
update deps too
 2021-05-16 09:13:00 +02:00
Nicola Murino
f59f62317e
sftpd: fix file upload resume detection 
WinSCP does not set the APPEND flag while resuming a file upload,
so we detect a file upload resume if the TRUNCATE flag is not set.
The APPEND flag is now ignored.

Fixes #420
 2021-05-15 08:39:01 +02:00
Nicola Murino
0540b8780e
redact credentials within hooks 
go-retryablehttp does not redact credentials, so we still log them
when we use it

https://github.com/hashicorp/go-retryablehttp/pull/133
 2021-05-12 22:44:17 +02:00
dependabot[bot]
f1b998ce16
Bump github.com/otiai10/copy from 1.5.1 to 1.6.0 (#414) 
Bumps [github.com/otiai10/copy](https://github.com/otiai10/copy) from 1.5.1 to 1.6.0.
- [Release notes](https://github.com/otiai10/copy/releases)
- [Commits](https://github.com/otiai10/copy/compare/v1.5.1...v1.6.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-05-10 14:02:09 +02:00
dependabot[bot]
aaa758e978
Bump github.com/minio/sio from 0.2.1 to 0.3.0 (#412) 
Bumps [github.com/minio/sio](https://github.com/minio/sio) from 0.2.1 to 0.3.0.
- [Release notes](https://github.com/minio/sio/releases)
- [Commits](https://github.com/minio/sio/compare/v0.2.1...v0.3.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-05-10 11:34:01 +02:00
dependabot[bot]
716946a148
Bump github.com/aws/aws-sdk-go from 1.38.35 to 1.38.36 (#413) 
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.38.35 to 1.38.36.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.38.35...v1.38.36)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-05-10 11:10:58 +02:00
Nicola Murino
23d9ebfc91
add a basic front-end web interface for end-users 
Fixes #339 #321 #398
 2021-05-06 21:35:43 +02:00
dependabot[bot]
5c99f4fb60
Bump github.com/shirou/gopsutil/v3 from 3.21.3 to 3.21.4 (#406) 
Bumps [github.com/shirou/gopsutil/v3](https://github.com/shirou/gopsutil) from 3.21.3 to 3.21.4.
- [Release notes](https://github.com/shirou/gopsutil/releases)
- [Commits](https://github.com/shirou/gopsutil/compare/v3.21.3...v3.21.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-05-03 14:44:07 +02:00
dependabot[bot]
2263c7e20f
Bump github.com/hashicorp/go-retryablehttp from 0.6.8 to 0.7.0 (#405) 
Bumps [github.com/hashicorp/go-retryablehttp](https://github.com/hashicorp/go-retryablehttp) from 0.6.8 to 0.7.0.
- [Release notes](https://github.com/hashicorp/go-retryablehttp/releases)
- [Commits](https://github.com/hashicorp/go-retryablehttp/compare/v0.6.8...v0.7.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-05-03 14:43:53 +02:00
dependabot[bot]
515b2d917e
Bump github.com/fclairamb/ftpserverlib from 0.13.0 to 0.13.1 (#404) 
Bumps [github.com/fclairamb/ftpserverlib](https://github.com/fclairamb/ftpserverlib) from 0.13.0 to 0.13.1.
- [Release notes](https://github.com/fclairamb/ftpserverlib/releases)
- [Commits](https://github.com/fclairamb/ftpserverlib/compare/v0.13.0...v0.13.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-05-03 13:29:54 +02:00
dependabot[bot]
af4723356d
Bump github.com/lestrrat-go/jwx from 1.1.7 to 1.2.0 (#403) 
Bumps [github.com/lestrrat-go/jwx](https://github.com/lestrrat-go/jwx) from 1.1.7 to 1.2.0.
- [Release notes](https://github.com/lestrrat-go/jwx/releases)
- [Changelog](https://github.com/lestrrat-go/jwx/blob/main/Changes)
- [Commits](https://github.com/lestrrat-go/jwx/compare/v1.1.7...v1.2.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-05-03 13:29:16 +02:00
dependabot[bot]
068dd34a38
Bump github.com/aws/aws-sdk-go from 1.38.25 to 1.38.30 (#402) 
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.38.25 to 1.38.30.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.38.25...v1.38.30)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-05-03 11:41:25 +02:00
dependabot[bot]
b16a5c2caf
Bump github.com/go-chi/chi/v5 from 5.0.2 to 5.0.3 (#401) 
Bumps [github.com/go-chi/chi/v5](https://github.com/go-chi/chi) from 5.0.2 to 5.0.3.
- [Release notes](https://github.com/go-chi/chi/releases)
- [Changelog](https://github.com/go-chi/chi/blob/master/CHANGELOG.md)
- [Commits](https://github.com/go-chi/chi/compare/v5.0.2...v5.0.3)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-05-03 11:41:09 +02:00
Nicola Murino
7778716fa7
update crypto and net dependencies 2021-04-25 18:12:02 +02:00
dependabot[bot]
77476d0f56
Bump github.com/aws/aws-sdk-go from 1.38.21 to 1.38.25 (#394) 
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.38.21 to 1.38.25.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.38.21...v1.38.25)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-04-25 17:07:59 +02:00
dependabot[bot]
c7a1fc2996
Bump cloud.google.com/go/storage from 1.14.0 to 1.15.0 (#392) 
Bumps [cloud.google.com/go/storage](https://github.com/googleapis/google-cloud-go) from 1.14.0 to 1.15.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases)
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/master/CHANGES.md)
- [Commits](https://github.com/googleapis/google-cloud-go/compare/spanner/v1.14.0...spanner/v1.15.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-04-25 17:07:36 +02:00
dependabot[bot]
e7d8e73be8
Bump github.com/lib/pq from 1.10.0 to 1.10.1 (#391) 
Bumps [github.com/lib/pq](https://github.com/lib/pq) from 1.10.0 to 1.10.1.
- [Release notes](https://github.com/lib/pq/releases)
- [Commits](https://github.com/lib/pq/compare/v1.10.0...v1.10.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-04-25 17:07:26 +02:00
Nicola Murino
bc88503f25
sql providers: reuse the same context where appropriate 2021-04-19 18:58:53 +02:00
Nicola Murino
4b98f37df1
back to development 2021-04-10 09:40:02 +02:00
Nicola Murino
b389f93d97
allow to select sha256-simd using an env var 2021-04-07 16:25:58 +02:00
Nicola Murino
74e0223eb9
remove sha256-simd usage 
sha256-simd is now deprecated

https://github.com/minio/sha256-simd/issues/58

This could slow down sha256 computation on some CPU
 2021-04-05 18:23:40 +02:00
Nicola Murino
0823928f98
allow to disable login filesystem checks 
SFTPGo requires that the user's home directory, virtual folder root,
and intermediate paths to virtual folders exist to work properly.
If you already know that the required directories exist, disabling
these checks will speed up login.
 2021-04-05 17:57:30 +02:00
Nicola Murino
fdf3f23df5
allow to disable some hooks on a per-user basis 
This way you can, for example, mix external and internal users
 2021-04-04 22:32:25 +02:00
Nicola Murino
a43854ae9b
OpenAPI: document that secrets are automatically encrypted before saving 2021-03-28 11:23:06 +02:00
Nicola Murino
5f49af1780
external auth: allow to inspect and preserve an existing user 2021-03-26 15:19:01 +01:00
Nicola Murino
6bc5c64a3a
webdav: ignore path, perm and not exist errors in PROPFIND 
Fixes #340
 2021-03-24 13:32:20 +01:00
Nicola Murino
70e035315e
data provider: add CockroachDB support 2021-03-23 19:14:15 +01:00
Nicola Murino
800e64404b
update deps 2021-03-22 08:55:35 +01:00
Nicola Murino
67ea75cf03
improve OpenAPI schema so it is better rendered on Stoplight 2021-03-07 18:41:56 +01:00
Nicola Murino
055506e518
sftpfs: add an option to disable concurrent reads 2021-03-06 15:41:40 +01:00
Nicola Murino
88122ba2f8
update jwtauth to v5 2021-03-05 18:50:45 +01:00
Nicola Murino
ad07fc78eb
update nfpm and deps 2021-03-03 18:39:58 +01:00
Nicola Murino
534b253c20
WebDAV: improve TLS certificate authentication 
For each user you can now configure:

- TLS certificate auth
- TLS certificate auth and password
- Password auth

For TLS certificate auth, the certificate common name is used as
username
 2021-03-01 19:28:11 +01:00
Nicola Murino
a6e36e7cad
FTP: improve TLS certificate authentication 
For each user you can now configure:

- TLS certificate auth
- TLS certificate auth and password
- Password auth

For TLS auth, the certificate common name must match the name provided
using the "USER" FTP command
 2021-02-28 12:10:40 +01:00
Nicola Murino
4b2edff6dd
update deps 2021-02-24 22:27:52 +01:00
Nicola Murino
8cc2dfe5c2
update pkg/sftp 
we don't need my branch anymore now that all the required features for
the sftpfs are available upstream too
 2021-02-22 16:27:45 +01:00
Nicola Murino
49830516be
squash database migrations and remove compat code 2021-02-22 08:37:50 +01:00
Nicola Murino
1129a868a5
Improve powershell completion 
cobra 1.1.3 has much better powershell support
 2021-02-13 09:10:35 +01:00
Nicola Murino
51f110bc7b
sftpd: add statvfs@openssh.com support 2021-02-11 19:45:52 +01:00
Nicola Murino
05ae0ea5f2
config: fix bindings backward compatibility 2021-02-06 09:53:31 +01:00
Nicola Murino
fc9082c422
webdav: try to handle HEAD for collection too 
The underlying golang webdav library returns Method Not Allowed for
HEAD requests on directories:

https://github.com/golang/net/blob/master/webdav/webdav.go#L210

let's see if we can workaround this inside SFTPGo itself in a similar
way as we do for GET.

The HEAD response will not return a Content-Length, we cannot handle
this inside SFTPGo.

Fixes #294
 2021-02-03 22:36:13 +01:00
Nicola Murino
78bf808322
virtual folders: change dataprovider structure 
This way we no longer depend on the local file system path and so we can
add support for cloud backends in future updates
 2021-02-01 19:04:15 +01:00
Nicola Murino
80f5ccd357
web admin: add backup/restore 2021-01-22 19:42:18 +01:00
Nicola Murino
820169c5c6
windows service: simplify code 
update testify to 1.7.0 too
 2021-01-21 19:07:13 +01:00
Nicola Murino
778ec9b88f
REST API v2 
- add JWT authentication
- admins are now stored inside the data provider
- admin access can be restricted based on the source IP: both proxy
  header and connection IP are checked
- deprecate REST API CLI: it is not relevant anymore

Some other changes to the REST API can still happen before releasing
SFTPGo 2.0.0

Fixes #197
 2021-01-17 22:29:08 +01:00
Nicola Murino
aa40b04576
update deps 2021-01-05 12:40:49 +01:00
Nicola Murino
72b2c83392
defender: allow hot-reloading for safe and block lists 2021-01-04 17:52:14 +01:00
Nicola Murino
037d89a320
add support for a basic built-in defender 
It can help to prevent DoS and brute force password guessing
 2021-01-02 14:05:09 +01:00
Nicola Murino
3c16a19269
FTP: update ftpserverlib 
fixes another sneaky bug
 2020-12-28 09:22:52 +01:00
Nicola Murino
b3c6d79f51
FTP: add support for ASCII transfer mode 
the default remain binary, a client have to explicitly request an
ASCII transfer
 2020-12-27 09:48:56 +01:00
Nicola Murino
2a95d031ea
FTP: add support for AVBL command 2020-12-25 11:14:08 +01:00
Nicola Murino
1dce1eff48
improve FTP support 
- allow to disable active mode
- allow to disable SITE commands
- add optional support for calculating hash value of files
- add optional support for the non standard COMB command
 2020-12-24 18:48:06 +01:00
Nicola Murino
c69d63c1f8
add support for multiple bindings 
Fixes #253
 2020-12-23 16:12:30 +01:00
Nicola Murino
65e6d5475f
update ftpserverlib to include the latest fixes and features 2020-12-18 08:49:32 +01:00
Nicola Murino
15609cdbc7
fix build on FreeBSD 
see https://github.com/otiai10/copy/pull/36
 2020-12-17 14:46:31 +01:00
Nicola Murino
f876c728ad
add support for the latest ftpserverlib and azblob versions 2020-12-17 13:40:36 +01:00
Nicola Murino
a6985075b9
add sftpfs storage backend 
Fixes #224
 2020-12-12 10:31:09 +01:00
Nicola Murino
ab1bf2ad44
update deps 2020-12-06 22:20:53 +01:00
Nicola Murino
4a88ea5c03
add Data At Rest Encryption support 2020-12-05 13:48:13 +01:00
Nicola Murino
634b723b5d
add KMS support 
Fixes #226
 2020-11-30 21:46:34 +01:00
Nicola Murino
5d789a01b7
update pkg/sftp 
These patches are now merged upstream:

https://github.com/pkg/sftp/pull/392
https://github.com/pkg/sftp/pull/393
 2020-11-18 19:06:12 +01:00
Nicola Murino
ca0ff0d630
add a File interface so we can avoid to use os.File directly 2020-11-17 19:36:39 +01:00
Nicola Murino
969b38586e
update pkg/sftp to fix requests accumulation 
Include this patch:

https://github.com/pkg/sftp/pull/393

to avoid request accumulation (no underlying fd) if we return an error.
Before this patch the accumulated requests are released only when the
client disconnects.

We use our fork for now to include

https://github.com/pkg/sftp/pull/392

too
 2020-11-16 19:49:26 +01:00
Nicola Murino
e3eca424f1
web admin: allow both allowed and denied extensions/patterns for a dir 
this fix a regression introduced in the previous commit
 2020-11-16 19:21:50 +01:00
Nicola Murino
dc845fa2f4
webdav: fix permission errors if the client try to read multiple times 2020-11-14 19:19:41 +01:00
Nicola Murino
19a619ff65
Linux pkgs: use python3 for API CLI inside generated deb 2020-11-14 09:10:45 +01:00
Nicola Murino
14035f407e
set version to 1.2.0 2020-11-08 06:14:03 +01:00
Nicola Murino
4edb9cd6b9
simplify some code 2020-11-07 18:05:47 +01:00
Nicola Murino
1d5d184720
webdav file: ensure to close the reader only once 2020-11-05 09:30:38 +01:00
Nicola Murino
0a14297b48
webdav: performance improvements and bug fixes 
we need my custom golang/x/net/webdav fork for now

https://github.com/drakkan/net/tree/sftpgo
 2020-11-04 19:11:40 +01:00
Nicola Murino
57bec976ae
document heathz endpoint 2020-11-01 10:39:10 +01:00
Nicola Murino
fcfdd633f6
Azure Blob: update SDK and add access tier support 2020-10-30 22:17:17 +01:00
Nicola Murino
ac3bae00fc
add support for SFTP subsystem mode 
Fixes #204
 2020-10-29 19:23:33 +01:00
Nicola Murino
5ff8f75917
add Azure Blob support 2020-10-25 08:18:48 +01:00
Nicola Murino
d12819932a
update cobra to v1.1.1 
this version fix the man page generation so we don't need to use
our branch anymore
 2020-10-18 21:52:42 +02:00
Nicola Murino
756c3d0503
fix man page generation 
other minor changes
 2020-10-17 22:14:04 +02:00
Nicola Murino
ce9387f1ab
update dependencies and some docs 2020-10-09 20:25:42 +02:00
Nicola Murino
2d6c0388af
update deps 2020-10-04 18:29:42 +02:00
Nicola Murino
4d19d87720
pkgs: use glob notation to include static folder 2020-10-02 18:16:49 +02:00
Nicola Murino
55515fee95
update deps, GCS can no finally use attribute selection 
See https://github.com/googleapis/google-cloud-go/pull/2661
 2020-09-28 12:51:19 +02:00
Nicola Murino
38f06ab373 ftpd: fix TLS for active connections 
See https://github.com/fclairamb/ftpserverlib/issues/177

Some minor doc improvements
 2020-09-17 09:45:40 +02:00
Nicola Murino
61003c8079 sftpd: add lstat support 2020-09-11 09:30:25 +02:00
Nicola Murino
b9c381e26f sftpd: update pkg/sftp 
The patch to open a file in read/write mode is now merged
 2020-09-06 11:40:31 +02:00
Nicola Murino
542554fb2c replace the library to verify UNIX's crypt(3) passwords 2020-09-04 21:08:09 +02:00
Nicola Murino
afc411c51b adjust runtime.GOMAXPROCS to match the container CPU quota, if any 2020-09-03 18:09:45 +02:00
Nicola Murino
dbed110d02 WebDAV: add caching for authenticated users 
In this way we get a big performance boost
 2020-08-31 19:25:17 +02:00
Nicola Murino
4748e6f54d
sftpd: handle read and write from the same handle (#158) 
Fixes #155
 2020-08-31 06:45:22 +02:00
Nicola Murino
2746c0b0f1 move stat to base connection and differentiate between Stat and Lstat 
we will use Lstat once it will be exposed in pkg/sftp
 2020-08-25 18:23:00 +02:00
Nicola Murino
701a6115f8 ftpd: use ftpserverlib master, the tls patch is now merged 2020-08-24 23:06:10 +02:00
Nicola Murino
56b00addc4 docker: try to improve the docs 
See #159
 2020-08-24 15:46:31 +02:00
Nicola Murino
5208e4a4ca sftpd: improve truncate 
quota usage and max allowed write size are now properly updated after a
truncate
 2020-08-22 10:12:00 +02:00
Nicola Murino
f41ce6619f sftpd: add SSH_FXP_FSETSTAT support 
This change will fix file editing from sshfs, we need this patch

https://github.com/pkg/sftp/pull/373

for pkg/sftp to support this feature
 2020-08-20 13:54:36 +02:00
Nicola Murino
8b0a1817b3 add check password hook 
its main use case is to allow to easily support things like password+OTP for
protocols without keyboard interactive support such as FTP and WebDAV
 2020-08-19 19:36:12 +02:00
Nicola Murino
0dbf0cc81f WebDAV: add CORS support 2020-08-15 15:55:20 +02:00
Nicola Murino
196a56726e FTP improvements 
- add a setting to require TLS
- add symlink support

require TLS 1.2 for all TLS connections
 2020-08-15 13:02:25 +02:00
Nicola Murino
a9e21c282a add WebDAV support 
Fixes #147
 2020-08-11 23:56:10 +02:00
Nicola Murino
fa41bfd06a Cloud backends: add support for FTP REST command 
So partial downloads are now supported as for local fs
 2020-08-03 18:03:09 +02:00
Nicola Murino
8839c34d53 FTP: implements ClientDriverExtensionRemoveDir 
Fixes #149 for FTP too
 2020-08-03 17:36:43 +02:00
Nicola Murino
2a9f7db1e2 Cloud FS: don't propagate the error if removing a folder returns not found 
for Cloud FS the folders are virtual and they, generally, disappear when the
last file is removed.

This fix doesn't work for FTP protocol for now.

Fixes #149
 2020-07-31 19:24:57 +02:00
Nicola Murino
59a21158a6 fix FTP quota limits test case 
It failed sometime due to a bug in the ftp client library used in test
cases. The failure was more frequent on FreeBSD but it could happen in
any supported OS. It was not systematic since we use small files in
test cases.

See https://github.com/jlaffaye/ftp/pull/192
 2020-07-30 19:52:29 +02:00
Nicola Murino
93ce96d011 add support for the venerable FTP protocol 
Fixes #46
 2020-07-29 21:56:56 +02:00
Nicola Murino
4e41a5583d refactoring: add common package 
The common package defines the interfaces that a protocol must implement
and contain code that can be shared among supported protocols.

This way should be easier to support new protocols
 2020-07-24 23:39:38 +02:00
Nicola Murino
96cbce52f9 cmd: add shell completion and man pages generators 2020-07-08 23:21:33 +02:00
Nicola Murino
fc32286045 update deps 2020-07-05 22:54:00 +02:00
Nicola Murino
403b9a8310 replace Travis with GitHub actions 2020-06-20 21:57:51 +02:00
Nicola Murino
33436488e2 update deps 2020-06-20 16:09:55 +02:00
Nicola Murino
3d48fa7382 ssh commands: add sftpgo-copy and sftpgo-remove 
Fixes #122
 2020-06-13 22:48:51 +02:00
Nicola Murino
760cc9ba5a partial auth: fix public key query response 
more details here:

https://github.com/golang/crypto/pull/130#issuecomment-633191423
 2020-05-24 12:13:14 +02:00
Nicola Murino
469d36d979 certificate auth: fix source address checking inside crypto/ssh 
So we can avoid to check source address ourself

81aafe6d26

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2020-05-16 15:15:32 +02:00
Nicola Murino
82fb7f8cf0 update proxyproto to v0.1.3 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2020-05-14 20:10:33 +02:00
Nicola Murino
e0183217b6 test cases: simplify TestLoginInvalidFs 
we can simulate an invalid filesystem config using a GCS user without a
credentials file
 2020-05-07 19:47:46 +02:00
Nicola Murino
f066b7fb9c use upstream pipeat 
my patches are now merged
 2020-05-07 00:05:40 +02:00
Nicola Murino
da90dbe645 tests: update config to use testify 
we should port the other test cases to testify too
 2020-05-02 15:47:23 +02:00
Nicola Murino
4f668bf558 simplify some httpd related code 
and update chi, cobra and viper
 2020-04-21 19:24:38 +02:00
Nicola Murino
5a5912ea66 switch to my pkg/sftp branch and enable the request-server allocator 
This way we have performance comparable to OpenSSH if the cipher
isn't the bottleneck
 2020-04-10 23:35:57 +02:00
Nicola Murino
b1c7317cf6 add support for partial authentication 
Multi-step authentication is activated disabling all single-step
auth methods for a given user
 2020-04-09 23:32:42 +02:00
Nicola Murino
fb9e188e36 systemd service: add ExecReload 2020-04-05 11:36:29 +02:00
Nicola Murino
c93d8cecfc update deps 
chi 4.1.0 requires some minor code changes
 2020-04-03 22:30:30 +02:00
Nicola Murino
952b10a9f6 update boltdb to v1.3.4 
update other deps too
 2020-03-21 10:12:30 +01:00
Nicola Murino
f55851bdc8 update nathanaelle password to v2 
Fixes #97
 2020-03-20 17:25:38 +01:00
Nicola Murino
ddcb500c51 update pipeat 
it contains my latest performance patch that remove extraneous
allocation.

This improve performance for S3 and GCS
 2020-03-15 01:36:19 +01:00
Nicola Murino
e8664c0ce4 docker: update docs 
update dependencies too
 2020-03-14 15:27:03 +01:00
Nicola Murino
3b002ddc86 improve performance 
- use latest pkg/sftp that contains my latest performance patch
- replace default crypto with my branch that use minio sha256-simd
instead of Golang SHA256 implementation, this improve performance on
some hardware
 2020-03-13 19:37:51 +01:00
Nicola Murino
ed1c7cac17 update deps 
we now use git master for pkg/sftp: it includes the performance patches
from my copy branch.
 2020-03-02 10:13:49 +01:00
Nicola Murino
830e3d1f64 Support for HAProxy PROXY protocol 
you can proxy and/or load balance the SFTP/SCP service without losing
the information about the client's address.
 2020-02-27 09:21:30 +01:00
Nicola Murino
382c6fda89 updated dependencies 
fix CVE-2020-9283
 2020-02-21 00:23:00 +01:00
Nicola Murino
0b7be1175d parse ssh commands with shlex 
instead of use our bugged home made method.

Fixes #72
 2020-02-14 16:17:32 +01:00
Nicola Murino
8b039e0447 httpd: add support for basic auth and HTTPS 2020-02-04 00:08:00 +01:00
Nicola Murino
31a433cda2 update deps and simplify some code 2020-01-31 23:26:56 +01:00
Nicola Murino
3491717c26 add support for serving Google Cloud Storage over SFTP/SCP 
Each user can be mapped with a Google Cloud Storage bucket or a bucket
virtual folder
 2020-01-31 19:04:00 +01:00
Nicola Murino
5f4efc9148 S3: add metrics 2020-01-23 23:17:00 +01:00
Nicola Murino
7ebbbe5c29 S3: update pipeat to the latest commit in my fork 
Here are the main improvements:

- unliked files works on windows too
- the uploads are now synced on the lower speed between the SFTP client write
and the upload speed to S3

This commit increase the external auth timeout to 60 seconds too
 2020-01-22 19:42:23 +01:00
Nicola Murino
a4834f4a83 add basic S3-Compatible Object Storage support 
we have now an interface for filesystem backeds, this make easy to add
new filesystem backends
 2020-01-19 07:41:05 +01:00
Nicola Murino
ec194d73d2 update pkg/sftp to a stable version ... 
... now that it contains all the needed patches.
Remove an hack for setstat with empty attrs, it is now handled in pkg/sftp.
Update other dependencies too.
 2020-01-11 14:29:30 +01:00
Nicola Murino
c7e55db4e0 update dependencies 2019-12-30 19:27:50 +01:00
Nicola Murino
363b9ccc7f sftpd: explicitly configure supported SFTP extensions 
update pkg/sftp to a git revision that includes the needed patch

https://github.com/pkg/sftp/pull/315
 2019-11-12 07:37:47 +01:00
Nicola Murino
77db2bd3d1 fix posix rename 
update pkg/sftp to a git revision that includes:

https://github.com/pkg/sftp/pull/316

add a test case here too and update other deps
 2019-11-08 08:43:27 +01:00
Nicola Murino
c5a6ca5650 portable mode: advertise service via multicast dns 
Fixes #51
 2019-10-26 18:25:53 +02:00
Nicola Murino
2932dba5cc update modules deps 2019-10-14 08:36:39 +02:00
Nicola Murino
bba78763e1 add a test case and document sha512crypt passwords support 2019-09-15 12:23:27 +02:00
Nicola Murino
7eb5b01169 add Prometheus support 
some basic counters and gauges are now exposed
 2019-09-13 18:45:36 +02:00
Nicola Murino
fd59f35108 update pkg/sftp to the latest master 
Our pull request to handle transfer errors is now merged, so updating
pkg/sftp should fix #36
 2019-09-13 08:30:22 +02:00
Nicola Murino
cc2ccb3dd7 go.sum cleanup 2019-09-03 12:18:19 +02:00
Nicola Murino
4a1b67454e set version to 0.9.1 2019-09-02 09:36:02 +02:00
Nicola Murino
0e6113eef6 remove uneeded deps using go mod tidy 2019-08-27 15:59:00 +02:00
Nicola Murino
2785a1c7c7 update modules deps 2019-08-27 10:26:04 +02:00
Nicola Murino
96a39a36bb dataprovider: add support for bbolt key/value store 
This way there is an alternative for embedded/small systems if CGO
is disabled at build time and so SQLite support cannot be compiled
 2019-08-12 18:31:31 +02:00
Nicola Murino
8f421b7d0f switch to viper for configuration and use cobra for cli 2019-08-07 22:46:52 +02:00
Nicola Murino
80b9c40489 add support for atomic upload 
Atomic uploads are now configurable. The default upload mode remains
non atomic
 2019-08-04 09:37:58 +02:00
Nicola Murino
14f919df47 simplify some code 2019-07-21 00:19:17 +02:00
Nicola Murino
22b8dc7f1d fix misspells and ineffectual assignments 2019-07-20 21:17:53 +02:00
Nicola Murino
31cd4d7139 first version 2019-07-20 12:26:52 +02:00