Commit graph

1353 commits

Author SHA1 Message Date
Nicola Murino
6f4475ff72
httpfs: add support for UNIX domain sockets
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-06-12 18:29:49 +02:00
Nicola Murino
0b9a96ec6b
restore fast path for recursive permissions check and update some docs
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-06-12 12:04:48 +02:00
Nicola Murino
f0f5ee392b
OpenAPI schema: improve compatibility with some generators
Fixes #875

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-06-11 19:07:05 +02:00
Nicola Murino
dadaca141a
sql providers: remove prepared statements
preparing a statement without reusing it is useless

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-06-11 11:57:06 +02:00
Nicola Murino
7ab30099dd
add httpfs
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-06-11 10:41:34 +02:00
Nicola Murino
3170991aa8
MySQL: groups is a reserved keyword since MySQL 8.0.2
add MySQL to CI, testing with MariaDB is not enough

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-06-10 18:08:15 +02:00
Nicola Murino
118744a860
parse IP proxy header also if listening on UNIX domain socket
Fixes #867

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-06-09 08:37:37 +02:00
Nicola Murino
fe6a3f2ce8
web UIs: fix date formatting on Safari
Fixes #869

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-06-09 07:37:50 +02:00
Nicola Murino
75efaa9741
APT and YUM repo are now available
This is possible thanks to the Oregon State University's free
mirroring service

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-06-09 07:30:09 +02:00
Nicola Murino
560e7f316a
allow to set an additional shared data path at build time
This is useful to simplify brew package

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-06-04 21:24:50 +02:00
Nicola Murino
eee5d74e87
back to development
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-06-04 19:29:46 +02:00
Nicola Murino
9ae473fcdc
set version to 2.3.0
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-06-04 05:01:48 +02:00
Nicola Murino
b774289c6d
change default value for naming_rules to 1
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-06-03 16:09:02 +02:00
Nicola Murino
ecf715880f
update docs
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-06-03 14:36:38 +02:00
Nicola Murino
b2e28fe3a2
groups: apply placeholders to the fs config of virtual folders
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-06-02 09:45:01 +02:00
Nicola Murino
cc2f23bd89
trim values for string lists which can be set as env vars
See #857

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-05-31 18:22:18 +02:00
Nicola Murino
7329cd804b
Fixes #855
update OpenAPI definition, add test cases, fix lint

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-05-30 19:01:12 +02:00
sunilke
84e3132ed1
Feat private key passphrase for sftpfs (#855)
Signed-off-by: Sunil Keswani <sunilke@zeta.tech>
2022-05-30 19:00:39 +02:00
Nicola Murino
f6b11c2d01
httpd/webdav: allow to configure trusted proxy header and depth
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-05-28 19:47:23 +02:00
Nicola Murino
32da923dfe
httpd: add a setting to customize tokens validation
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-05-28 13:28:50 +02:00
Nicola Murino
91dfa501f8
improve some docs
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-05-27 10:09:53 +02:00
Nicola Murino
7c724e18fe
add support for ACME compliant certificate authorities
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-05-27 07:39:55 +02:00
Nicola Murino
302f83c7a4
CI: fix for cockroach 22
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-05-24 11:31:49 +02:00
Nicola Murino
984ca1fb7e
web UIs: update js and css deps
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-05-23 19:14:39 +02:00
Nicola Murino
87f6a18476
web admin UI: add column visibility control to the groups table as well
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-05-22 19:19:14 +02:00
Nicola Murino
90c21458b8
OIDC: add support for implicit roles
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-05-22 14:38:25 +02:00
Nicola Murino
f536c64043
admin UI: allow to control columns visibility and ordering
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-05-22 11:45:49 +02:00
Nicola Murino
1a33b5bb53
allow different TLS certificates for each binding
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-05-21 16:34:47 +02:00
Nicola Murino
0ecaa862bd
web UIs: allow to replace the default CSS
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-05-21 11:05:58 +02:00
Nicola Murino
751946f47a
allow to customize timeout and env vars for program based hooks
Fixes #847

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-05-20 19:30:54 +02:00
Nicola Murino
796ea1dde9
allow to store temporary sessions within the data provider
so we can persist password reset codes, OIDC auth sessions and tokens.
These features will also work in multi-node setups without sicky
sessions now

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-05-19 19:49:51 +02:00
Tim Birkett
a87aa9b98e
feat: make MFA status visible in WebAdmin (#844)
Signed-off-by: Tim Birkett <tim.birkett@sainsburys.co.uk>
2022-05-17 19:27:12 +02:00
Nicola Murino
9abd186166
external auth http hook: properly serialize the user in the POST body
For historical reasons we send the json serialized user as a string field.
I Initially copied the code used in the script hook where it is appropriate
to convert the JSON user to string.

After some time I have noticed this error, I know that changing it now might
break existing external authentication hooks but we cannot continue with
this mistake, new users are surprised by this behavior, sorry

Fixes #836

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-05-15 18:26:07 +02:00
Nicola Murino
18d0bf9dc3
execute db migrations holding a database-level lock
so migrations cannot be executed concurrently if you run them from multiple
SFTPGo instances at the same time.

CockroachDB doesn't support database-level locks

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-05-15 15:25:12 +02:00
Nicola Murino
c9bd08cf9c
UI branding: use the short name on the login pages
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-05-15 07:30:36 +02:00
Nicola Murino
d2f4edcdb6
sftpd statvfs: check the virtual quota against that of the filesystem
if the virtual quota limit is greater than the filesystem available space,
we need to return the filesystem limits

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-05-14 14:53:26 +02:00
Nicola Murino
67abf03fe3
web UIs: move common css to a separate template file
so we can reuse it instead of copying the same CSS every time

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-05-14 11:54:55 +02:00
Nicola Murino
5d7f6960f3
web UIs: add branding support
Fixes #829

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-05-13 19:40:52 +02:00
Paul Laffitte
4bea9ed760
add sftpgo logo on login pages (#835)
Signed-off-by: Paul Laffitte <paul.laffitte@enix.fr>
2022-05-13 17:12:52 +02:00
Nicola Murino
4995cf1b02
defender: allow to load blocklist/safelist also from config/env vars
Fixes #831

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-05-13 14:46:07 +02:00
Tim Birkett
a5d0cbbe44
chore: fix a linting error (#834)
Signed-off-by: Tim Birkett <tim.birkett@sainsburys.co.uk>
2022-05-13 11:14:38 +02:00
Tim Birkett
7b1a0d3cd3
chore: disallow all crawlers with robots.txt (#833)
Signed-off-by: Tim Birkett <tim.birkett@sainsburys.co.uk>
2022-05-13 09:23:43 +02:00
Nicola Murino
1e0b3a2a8c
web client: add share mode read/write
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-05-09 19:09:43 +02:00
Nicola Murino
e72bb1e124
allow building with bolt provider disabled
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-05-09 11:19:29 +02:00
Nicola Murino
164621289c
awscontainer: add a flag to disable the installation code
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-05-07 12:50:49 +02:00
Nicola Murino
737109b2b8
sftpfs: add more ciphers, KEXs and MACs
they are negotiated according to the order.
Restrictions are generally configured server side.
I want to avoid to expose other settings for now.

Fixes #817

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-05-06 09:21:57 +02:00
Herbert He
8b8e27b702
docs(cn): support README translation for Simplified Chinese (#818)
Signed-off-by: Herbert <herbert.he0229@gmail.com>
2022-05-05 19:15:49 +02:00
Dylan Legendre
4b099640de
Updating typos in openapi/swagger documentation as well as various markdown documentation files (#816)
Signed-off-by: Dylan Legendre <dylanlegendre09@gmail.com>
2022-05-05 18:26:22 +02:00
Nicola Murino
80da2dc722
try to automatically find shared data dirs in system-wide paths
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-05-05 11:27:19 +02:00
Nicola Murino
61947e67ae
ftpd: add basic wildcard support
this is the minimal implementation to allow mget and similar commands with
wildcards.

We only support wildcard for the last path level, for example:

- mget *.xml is supported
- mget dir/*.xml is supported
- mget */*.xml is not supported

Removed . and .. from FTP directory listing

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-05-04 19:32:02 +02:00