Nicola Murino
1a33b5bb53
allow different TLS certificates for each binding
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-05-21 16:34:47 +02:00
Nicola Murino
0ecaa862bd
web UIs: allow to replace the default CSS
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-05-21 11:05:58 +02:00
Nicola Murino
751946f47a
allow to customize timeout and env vars for program based hooks
...
Fixes #847
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-05-20 19:30:54 +02:00
Nicola Murino
796ea1dde9
allow to store temporary sessions within the data provider
...
so we can persist password reset codes, OIDC auth sessions and tokens.
These features will also work in multi-node setups without sicky
sessions now
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-05-19 19:49:51 +02:00
Tim Birkett
a87aa9b98e
feat: make MFA status visible in WebAdmin ( #844 )
...
Signed-off-by: Tim Birkett <tim.birkett@sainsburys.co.uk>
2022-05-17 19:27:12 +02:00
Nicola Murino
9abd186166
external auth http hook: properly serialize the user in the POST body
...
For historical reasons we send the json serialized user as a string field.
I Initially copied the code used in the script hook where it is appropriate
to convert the JSON user to string.
After some time I have noticed this error, I know that changing it now might
break existing external authentication hooks but we cannot continue with
this mistake, new users are surprised by this behavior, sorry
Fixes #836
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-05-15 18:26:07 +02:00
Nicola Murino
18d0bf9dc3
execute db migrations holding a database-level lock
...
so migrations cannot be executed concurrently if you run them from multiple
SFTPGo instances at the same time.
CockroachDB doesn't support database-level locks
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-05-15 15:25:12 +02:00
Nicola Murino
c9bd08cf9c
UI branding: use the short name on the login pages
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-05-15 07:30:36 +02:00
Nicola Murino
d2f4edcdb6
sftpd statvfs: check the virtual quota against that of the filesystem
...
if the virtual quota limit is greater than the filesystem available space,
we need to return the filesystem limits
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-05-14 14:53:26 +02:00
Nicola Murino
67abf03fe3
web UIs: move common css to a separate template file
...
so we can reuse it instead of copying the same CSS every time
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-05-14 11:54:55 +02:00
Nicola Murino
5d7f6960f3
web UIs: add branding support
...
Fixes #829
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-05-13 19:40:52 +02:00
Paul Laffitte
4bea9ed760
add sftpgo logo on login pages ( #835 )
...
Signed-off-by: Paul Laffitte <paul.laffitte@enix.fr>
2022-05-13 17:12:52 +02:00
Nicola Murino
4995cf1b02
defender: allow to load blocklist/safelist also from config/env vars
...
Fixes #831
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-05-13 14:46:07 +02:00
Tim Birkett
a5d0cbbe44
chore: fix a linting error ( #834 )
...
Signed-off-by: Tim Birkett <tim.birkett@sainsburys.co.uk>
2022-05-13 11:14:38 +02:00
Tim Birkett
7b1a0d3cd3
chore: disallow all crawlers with robots.txt ( #833 )
...
Signed-off-by: Tim Birkett <tim.birkett@sainsburys.co.uk>
2022-05-13 09:23:43 +02:00
Nicola Murino
1e0b3a2a8c
web client: add share mode read/write
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-05-09 19:09:43 +02:00
Nicola Murino
e72bb1e124
allow building with bolt provider disabled
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-05-09 11:19:29 +02:00
Nicola Murino
164621289c
awscontainer: add a flag to disable the installation code
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-05-07 12:50:49 +02:00
Nicola Murino
737109b2b8
sftpfs: add more ciphers, KEXs and MACs
...
they are negotiated according to the order.
Restrictions are generally configured server side.
I want to avoid to expose other settings for now.
Fixes #817
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-05-06 09:21:57 +02:00
Herbert He
8b8e27b702
docs(cn): support README translation for Simplified Chinese ( #818 )
...
Signed-off-by: Herbert <herbert.he0229@gmail.com>
2022-05-05 19:15:49 +02:00
Dylan Legendre
4b099640de
Updating typos in openapi/swagger documentation as well as various markdown documentation files ( #816 )
...
Signed-off-by: Dylan Legendre <dylanlegendre09@gmail.com>
2022-05-05 18:26:22 +02:00
Nicola Murino
80da2dc722
try to automatically find shared data dirs in system-wide paths
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-05-05 11:27:19 +02:00
Nicola Murino
61947e67ae
ftpd: add basic wildcard support
...
this is the minimal implementation to allow mget and similar commands with
wildcards.
We only support wildcard for the last path level, for example:
- mget *.xml is supported
- mget dir/*.xml is supported
- mget */*.xml is not supported
Removed . and .. from FTP directory listing
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-05-04 19:32:02 +02:00
Nicola Murino
9a37e3d159
back to development
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-05-01 21:51:58 +02:00
Nicola Murino
14fb6c4038
always check recently updated users
...
also fix the query to get users for quota check for sql based providers
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-04-30 11:59:36 +02:00
Nicola Murino
dd9c5b2149
sql provider: enhanced folder mapping query using an upsert
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-04-28 14:49:57 +02:00
Nicola Murino
ecd488a840
data provider: remove prefer_database_credentials
...
Google Cloud Storage credentials are now always stored within the data
provider.
Added a migration to read credentials from disk and store them inside the
data provider.
After v2.3 we can also remove credentials_path
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-04-28 12:55:01 +02:00
Nicola Murino
4a44a7dfe1
improved readlink handling
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-04-27 18:38:46 +02:00
Nicola Murino
16a44a144b
webclient: don't restore checkbox status
...
Fixes #807
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-04-26 09:15:26 +02:00
Nicola Murino
97f8142b1e
azblobfs: update to the latest sdk and fix compatibility
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-04-25 17:34:52 +02:00
Nicola Murino
504cd3efda
add groups support
...
Using groups simplifies the administration of multiple accounts by
letting you assign settings once to a group, instead of multiple
times to each individual user.
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-04-25 15:49:11 +02:00
zemsten
857b6cc10a
Update full-configuration.md ( #799 )
...
NGINX spelling
Signed-off-by: Samuel Zarn <samz@localhost.localdomain>
2022-04-22 09:22:36 +02:00
Nicola Murino
002a06629e
refactoring of user session counters
...
Fixes #792
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-04-14 19:07:41 +02:00
Nicola Murino
5bc0f4f8af
linux pkgs: disable vcs stamping
...
it seems to create build issues since go 1.18.1.
I need to investigate better
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-04-13 10:25:29 +02:00
Nicola Murino
cacfffc5bf
OIDC: add support for custom fields
...
These fields can be used in the pre-login hook to implement custom
logics
Fixes #787
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-04-12 19:31:25 +02:00
dependabot[bot]
87d7854453
Bump codecov/codecov-action from 2 to 3 ( #789 )
...
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action ) from 2 to 3.
- [Release notes](https://github.com/codecov/codecov-action/releases )
- [Changelog](https://github.com/codecov/codecov-action/blob/master/CHANGELOG.md )
- [Commits](https://github.com/codecov/codecov-action/compare/v2...v3 )
---
updated-dependencies:
- dependency-name: codecov/codecov-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-11 09:24:54 +02:00
dependabot[bot]
aa34388de0
Bump actions/download-artifact from 2 to 3 ( #790 )
...
Bumps [actions/download-artifact](https://github.com/actions/download-artifact ) from 2 to 3.
- [Release notes](https://github.com/actions/download-artifact/releases )
- [Commits](https://github.com/actions/download-artifact/compare/v2...v3 )
---
updated-dependencies:
- dependency-name: actions/download-artifact
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-11 09:24:09 +02:00
Nicola Murino
a3f50029ba
update moment.js to v2.29.2
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-04-09 10:05:15 +02:00
Nicola Murino
f9d8b83c2a
sshd: disable by default ssh-rsa host key algo
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-04-04 18:52:19 +02:00
Nicola Murino
7c8bb5b18a
fix quota for uploads outside home dir if rename fails
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-04-03 13:48:56 +02:00
Nicola Murino
254b2ae87f
add support for AWS container
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-04-03 08:52:36 +02:00
Nicola Murino
5a40f998ae
check and update the password hashing algorithm on user login
...
also add ldap md5 variant as per-user request
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-04-02 22:20:21 +02:00
Nicola Murino
77f3400161
allow to mount virtual folders on root (/) path
...
Fixes #783
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-04-02 18:32:46 +02:00
Nicola Murino
3521bacc4a
web user templates: ensure we can save valid users
...
users with no public key and password are now valid after the recent
changes
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-04-01 09:47:54 +02:00
Nicola Murino
55f8171dd1
sshd: add support for host key certificates
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-04-01 08:03:56 +02:00
Nicola Murino
a7b159aebb
ssh user certs: add a revoked list
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-03-31 21:49:06 +02:00
Nicola Murino
5c114b28e3
sshd: we don't need the user certificate
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-03-31 18:16:50 +02:00
Nicola Murino
e079444e8a
update deps
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-03-31 09:54:59 +02:00
Nicola Murino
3cb23ac956
be sure to close an SSH connection if all channels are idle
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-03-30 10:59:25 +02:00
Nicola Murino
8fb256ac91
add link to an external Traefik tutorial
...
update deps
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-03-29 18:13:43 +02:00