beenull/sftpgo
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
1159 commits 8 branches 48 tags 35 MiB
Commit graph

312 commits

Author SHA1 Message Date
Nicola Murino
00a02dc14d
howto: add two-factor authentication 2021-12-19 18:08:12 +01:00
Nicola Murino
a587228cf0
add support for metadata plugins 2021-12-16 18:18:36 +01:00
Nicola Murino
a7c0b07a2a
add session id to notifier plugins/hook 2021-12-04 17:27:24 +01:00
Nicola Murino
dc1cc88a46
keyboard interactive hooks: allow to validate passcode 2021-12-04 15:14:44 +01:00
Nicola Murino
bedc8e288b
web client: add support for integrating external viewers/editors 2021-12-03 18:33:08 +01:00
Nicola Murino
6ee51c5cc1
kms: remove support for compat secrets 
also document how to activate the deprecated builtin provider
 2021-12-01 17:53:19 +01:00
Nicola Murino
0f8170c10f
improve some docs and disable telemetry server by default 2021-11-29 17:58:10 +01:00
Nicola Murino
f2480ce5c9
improve chtimes handling on open files 2021-11-26 19:00:44 +01:00
Nicola Murino
4652f9ede8
FTPD: allow to set different passive IPs based on the client's IP address 2021-11-25 12:45:09 +01:00
Nicola Murino
9fb43b2c46
docs: clarify how multi-step auth works with external authentication 
Fixes #617
 2021-11-24 11:27:32 +01:00
Nicola Murino
3d6b09e949
REST API: expose OpenAPI schema and render it using Swagger UI 
Fixes #609
 2021-11-21 09:32:51 +01:00
Nicola Murino
0833b4698e
httpd service: add CORS support 2021-11-13 23:14:50 +01:00
Nicola Murino
ee5c5e033d
S3: add ACL support 
Fixes #610
 2021-11-13 16:05:40 +01:00
Nicola Murino
78233ff9a3
web UI/REST API: add password reset 
In order to reset the password from the admin/client user interface,
an SMTP configuration must be added and the user/admin must have an email
address.
You can prohibit the reset functionality on a per-user basis by using a
specific restriction.

Fixes #597
 2021-11-13 13:25:43 +01:00
Nicola Murino
dfcfcee208
Windows: fix UTC time logging 2021-11-06 16:27:01 +01:00
Nicola Murino
094ee1522e
logger: add a flag to use UTC time for logging 2021-11-06 15:18:16 +01:00
Nicola Murino
3bc58f5988
WebClient/REST API: add sharing support 2021-11-06 14:13:20 +01:00
Nicola Murino
570964deb3
add post-disconnect hook 
Fixes #587
 2021-10-29 19:55:18 +02:00
Nicola Murino
31984ffec1
update logo and add it to windows exe and installer 
thanks to @asheroto for donating the new logo
 2021-10-23 19:27:39 +02:00
Nicola Murino
74fc3aaf37
REST API: add events search 2021-10-23 15:47:21 +02:00
Nicola Murino
97d0a48557
plugins: improve notifier and searcher 2021-10-20 19:39:49 +02:00
Nicola Murino
f131ef130b
add a link to the new events store plugin 2021-10-16 17:08:34 +02:00
Nicola Murino
4a6a4ce28d
sftpfs: map path resolution error to permission denied 
we do the same for os fs so that the problematic directory is excluded
from the webdav listing instead of failing the whole directory listing
 2021-10-16 10:32:18 +02:00
Nicola Murino
4aa9686e3b
refactor custom actions 
SFTPGo is now fully auditable, all fs and provider events that change
something are notified and can be collected using hooks/plugins.

There are some backward incompatible changes for command hooks
 2021-10-10 13:08:05 +02:00
Nicola Murino
64e87d64bd
web client UI: allow to edit plain text files 
Fixes #567
 2021-10-09 14:17:28 +02:00
Nicola Murino
ea01c3a125
rate limiting: allow to exclude IP addresses/ranges 
Fixes #563
 2021-10-03 20:50:05 +02:00
Nicola Murino
1b4a1fbbe5
add data retention check hook 2021-10-03 15:17:49 +02:00
Nicola Murino
ec81a7ac29
actions: add a specific protocol for data retention 2021-10-03 10:22:47 +02:00
Nicola Murino
22d28a37b6
cmd: improve completion sub-commands 2021-10-03 08:14:57 +02:00
Nicola Murino
cc134cad9a
data retention: allow to notify results via e-mail 2021-10-02 22:25:41 +02:00
Nicola Murino
ba1febba73
rework user and admin profiles 
users and admins can now also update their email and description
 2021-09-29 18:46:15 +02:00
Nicola Murino
da0ccc6426
add SMTP support 
it will be used in future update to add email sending capabilities
 2021-09-26 20:25:37 +02:00
Nicola Murino
da5a061b65
add basic REST APIs for data retention 
Fixes #495
 2021-09-25 12:20:31 +02:00
Nicola Murino
6ea38188e8
minor fixes and doc improvements 2021-09-18 10:50:17 +02:00
Nicola Murino
101c2962ab
web client UI: add a permission to disable password change 
Fixes #528
 2021-09-05 18:49:13 +02:00
Nicola Murino
59140a6d51
add additional data to MFA secrets and fix pointers management 2021-09-05 14:10:12 +02:00
Nicola Murino
8a4c21b64a
add builtin two-factor auth support 
The builtin two-factor authentication is based on time-based one time
passwords (RFC 6238) which works with Authy, Google Authenticator and
other compatible apps.
 2021-09-04 12:11:04 +02:00
Nicola Murino
b903a6e46f
data provider: remove default admin 
you need to load initial data or set "create_default_admin" to true
and the appropriate env vars if you don't want to use the web admin
setup screen to create the default admin
 2021-08-20 10:37:51 +02:00
Nicola Murino
bcf088f586
data provider: update internal caches if the data provider is shared 2021-08-20 09:35:06 +02:00
Nicola Murino
0a558203da
improve proxy documentation 
Fixes #507
 2021-08-18 15:27:07 +02:00
Nicola Murino
5a549a88fe
update to Go 1.17 2021-08-18 14:39:56 +02:00
Nicola Murino
fe953d6b38
REST API: add support for API key authentication 2021-08-17 18:08:32 +02:00
erwiese
05c62b9f40
add documentation for defender scores (#500) 
Co-authored-by: Erwin Wiesensarter <erwin.wiesensarter@bkg.bund.de>
 2021-08-13 15:40:33 +02:00
Nicola Murino
555dc3b0c0
transfer logs: add FTP mode 2021-08-10 13:07:38 +02:00
Nicola Murino
a20373b613
add support for auth plugins 2021-08-08 17:09:48 +02:00
Nicola Murino
ced2e16f41
add support for password validation rules 
Fixes #494
 2021-08-06 18:56:07 +02:00
Nicola Murino
a3c087456b
ftpd: add some security checks 2021-08-05 18:38:15 +02:00
Nicola Murino
1e9a19e326
add a howto to use SFTPGo as OpenSSH's SFTP subsystem 2021-07-31 19:09:09 +02:00
mmcgeefeedo
0046c9960a
add support to override default admin credentials via env vars 2021-07-31 10:39:53 +02:00
Nicola Murino
a26962f367
add dot and dot dot directories to sftp/ftp file listing 2021-07-31 09:42:23 +02:00
Nicola Murino
f778e47d22
sftpd: minor improvements and docs for the prefix middleware 2021-07-29 20:12:23 +02:00
Nicola Murino
90b324d707
Add a link on the login pages to switch between admin and web client login 
The links are hidden if only the web admin or only thw web client is
enabled and can also be controlled using the "hide_login_url" setting

Fixes #485
 2021-07-27 18:43:00 +02:00
Nicola Murino
a7313e4492
webdav: add new test cases and fix some lock related issues 
Our net/webdav branch now include the following patches:

https://github.com/golang/net/pull/92
https://github.com/golang/net/pull/93
https://github.com/golang/net/pull/94
 2021-07-25 09:55:14 +02:00
Nicola Murino
c41ae116eb
improve logging 
Fixes #381
 2021-07-24 20:11:17 +02:00
Nicola Murino
ae8ccadad2
users API: add API to create, delete, rename files and directories 2021-07-23 10:19:27 +02:00
Nicola Murino
5967aa1aa5
FTP: enable ftpserverlib logging and make debug mode configurable 2021-07-20 17:22:08 +02:00
Nicola Murino
c900cde8e4
notifiers plugin: add settings to retry unhandled events 2021-07-20 12:51:21 +02:00
Nicola Murino
5a568b4077
KMS: allow to provide the master encryption key as string 2021-07-17 15:34:48 +02:00
Nicola Murino
030507a2ce
add some docs for the plugin system 2021-07-17 14:14:42 +02:00
Nicola Murino
338301955f
move cloud KMS providers to an external plugin 2021-07-17 13:08:05 +02:00
Nicola Murino
6d313f6d8f
expose KMS as plugin 2021-07-16 18:22:42 +02:00
Nicola Murino
bd5191dfc5
add experimental plugin system 2021-07-11 15:26:51 +02:00
Nicola Murino
302ec2558c
add notifications for mkdir/rmdir 2021-07-03 18:07:55 +02:00
Nicola Murino
ff19879ffd
allow to use a persistent signing key for JWT and CSRF tokens 
Fixes #466
 2021-07-01 20:17:40 +02:00
Nicola Murino
076b2f0ee0
modules: add v2 support 2021-06-26 07:31:41 +02:00
Nicola Murino
ac8d8a3da1
update portable mode docs 2021-06-19 19:40:53 +02:00
Nicola Murino
3bb0ca1d2b
config: remove deprecated configuration keys 2021-06-19 09:47:06 +02:00
Nicola Murino
62744e081b
get HTTPD binding from env: respect the documented default 2021-06-17 15:57:41 +02:00
Nicola Murino
4d97ab9eb9
Let's Encrypt tutorial: use sudo where appropriate 2021-06-14 22:35:08 +02:00
Nicola Murino
8ed13dc4a9
docs: document how to use Let's Encrypt Certificates 2021-06-14 22:05:55 +02:00
Nicola Murino
9d3d7db29c
azblob: store SAS URL as kms.Secret 2021-06-11 22:27:36 +02:00
Nicola Murino
4be6307d87
webadmin: add defender page 2021-06-08 13:24:28 +02:00
Nicola Murino
976f588863
improve docs to enable FTP/WebDAV 
Fixes #447
 2021-06-02 09:49:31 +02:00
Nicola Murino
575bcf1f03
add remote address to transfer and commands logs 2021-06-01 22:28:43 +02:00
Nicola Murino
969c992bfd
pre-upload: execute the hook just before opening the target file 2021-05-31 22:40:47 +02:00
Nicola Murino
c1239fbf59
pre-upload action: add file open flags 
Reading the flags the hook receiver can detect if the client wants to
truncate the target file
 2021-05-31 22:33:23 +02:00
Nicola Murino
c63b923ec3
cryptfs: add support for atomic uploads 2021-05-31 21:45:29 +02:00
Nicola Murino
423d8306be
webclient: allow to download multiple files as zip 2021-05-30 23:07:46 +02:00
Nicola Murino
3b46e6a6fb
add support for a global temp path 
Fixes #436
 2021-05-27 15:38:27 +02:00
Nicola Murino
25a44030f9
actions: add pre-download and pre-upload 
Downloads and uploads can be denied based on hook response
 2021-05-26 07:48:37 +02:00
Nicola Murino
600268ebb8
httpclient: allow to set custom headers 2021-05-25 08:36:01 +02:00
Nicola Murino
50e441849a
try to make the web admin more user friendly 
removed all the textarea with fields separated using "::".
This should, hopefully, improve user experience
 2021-05-23 22:02:01 +02:00
Nicola Murino
b9bc8d722d
try to improve web client credentials page 
I should do the same for the admin page too
 2021-05-22 09:54:27 +02:00
Nicola Murino
9fc4be6d40
minor doc fixes 2021-05-20 18:34:38 +02:00
Nicola Murino
ecfed4dc04
Add a Getting Started Guide 2021-05-20 18:16:27 +02:00
Nicola Murino
8ecf64f481
httpclient: accepts timeouts as float 
Fixes #428
 2021-05-16 12:50:06 +02:00
Nicola Murino
f2b93c0402
add a setup screen to create the first admin user 
If you prefer to auto-create the first admin you can enable the
"create_default_admin" configuration key and SFTPGo will work as before.

You can also create the first admin by loading initial data: now you can
set both username and password, before you could only change the password
 2021-05-14 19:21:15 +02:00
Nicola Murino
fa45c9c138
allow to execute actions for file operations and SSH commands synchronously 
The actions to run synchronously can be configured via the `execute_sync`
configuration key.

Executing an action synchronously means that SFTPGo will not return a result
code to the client until your hook have completed its execution.

Fixes #409
 2021-05-11 12:45:14 +02:00
Nicola Murino
c8f7fc9bc9
httpd/webdav: add a list of hosts allowed to send proxy headers 
X-Forwarded-For, X-Real-IP and X-Forwarded-Proto headers will be ignored
for hosts not included in this list.

This is a backward incompatible change, before the proxy headers were
always used
 2021-05-11 06:54:06 +02:00
Nicola Murino
8f6cdacd00
allow to limit the number of per-host connections 2021-05-08 19:45:21 +02:00
Nicola Murino
23d9ebfc91
add a basic front-end web interface for end-users 
Fixes #339 #321 #398
 2021-05-06 21:35:43 +02:00
Nicola Murino
32db0787bb
add an example script for scheduled quota updates 2021-04-26 21:53:09 +02:00
Nicola Murino
3941255733
docs: fix a typo 2021-04-25 09:42:19 +02:00
Nicola Murino
46998252e5
use bcrypt as default password hashing algo 
argon2id has a high memory cost and, if not properly tuned, it can lead to
resource starvation.

Advanced users can still configure and use argon2id.
Passwords stored as argon2id will continue to work
 2021-04-25 09:38:33 +02:00
Nicola Murino
92638ce93d
add support for hashing password using bcrypt 
argon2id remains the default
 2021-04-20 13:55:09 +02:00
Nicola Murino
6ef85d6026
add, optional, in memory password caching 
Verifying argon2 passwords has a high memory and computational cost,
by enabling, in memory, password caching you reduce this cost
 2021-04-20 09:39:36 +02:00
Nicola Murino
f45c89fc46
add rate limiting support for REST API/web admin too 2021-04-19 08:14:04 +02:00
Nicola Murino
112e3b2fc2
add rate limiting support 2021-04-18 12:31:06 +02:00
Nicola Murino
124c471a2b
FTPD: make sure that the passive ip, if provided, is valid 
The server will refuse to start if the provided passive ip is not a
valid IPv4 address.

Fixes #376
 2021-04-16 15:08:10 +02:00
Nicola Murino
c844fc7477
add support for delayed quota update 
If there are a lot of close uploads, accumulating quota updates can
save you many queries to the data provider
 2021-04-11 08:38:43 +02:00