sftpgo

Author	SHA1	Message	Date
Nicola Murino	a6fe802370	move kms definitions to the sdk package This is the first step to make the sdk a separate module Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-01-04 12:49:30 +01:00
Nicola Murino	ad483b7581	httpd: switch back to chi Recoverer now that the required patch is merged Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-01-04 09:48:16 +01:00
Nicola Murino	df86955f28	eventsearcher plugin: add support to search for provider, bucket, endpoint Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-01-03 17:02:52 +01:00
Nicola Murino	4d7a4aa99a	check rename source and target	2021-12-28 12:03:52 +01:00
Nicola Murino	7d8823307f	defender: add provider driver Fixes #616	2021-12-25 12:08:07 +01:00
Nicola Murino	ced73ed04e	REST API: add an option to create missing dirs	2021-12-19 12:14:53 +01:00
Nicola Murino	cc73bb811b	change log level from warn to error where appropriate Fixes #649	2021-12-16 19:53:00 +01:00
Nicola Murino	a587228cf0	add support for metadata plugins	2021-12-16 18:18:36 +01:00
Nicola Murino	0bb141960f	add support for different bandwidth limits based on client IP	2021-12-10 18:43:26 +01:00
Nicola Murino	c153330ab8	web client: use fetch to upload files also add REST API to upload a single file as POST body	2021-12-08 19:25:22 +01:00
Nicola Murino	9632b6ee94	events search: improve test cases	2021-12-04 18:18:59 +01:00
Nicola Murino	a7c0b07a2a	add session id to notifier plugins/hook	2021-12-04 17:27:24 +01:00
Nicola Murino	bedc8e288b	web client: add support for integrating external viewers/editors	2021-12-03 18:33:08 +01:00
Nicola Murino	6092b6628e	logs: use info level for login related messages so enabling debug level is not required, for example only to understand that a user exceeded the allowed sessions. Also set the cache update frequency as documented	2021-12-02 19:36:42 +01:00
Nicola Murino	6ee51c5cc1	kms: remove support for compat secrets also document how to activate the deprecated builtin provider	2021-12-01 17:53:19 +01:00
Nicola Murino	4df0ae82ac	web client: allow downloading of single shared files without compression Fixes #629	2021-11-30 20:32:10 +01:00
Nicola Murino	5db31f0fb3	web client: allow to upload/delete multiple files	2021-11-30 18:40:50 +01:00
Nicola Murino	015aa36c56	loaddata: improve shares restore usage and timestamps are now preserved	2021-11-27 11:12:51 +01:00
Nicola Murino	3f3591bae0	web client: allow to preview images and pdf pdf depends on browser support. It does not work on mobile devices.	2021-11-25 19:24:32 +01:00
Nicola Murino	8a8298ad46	web client: improve file upload	2021-11-22 12:25:36 +01:00
Nicola Murino	3d6b09e949	REST API: expose OpenAPI schema and render it using Swagger UI Fixes #609	2021-11-21 09:32:51 +01:00
Nicola Murino	fb8f013ea7	web: update permissions on cookie refresh	2021-11-20 10:48:39 +01:00
Nicola Murino	46157ebbb6	CI docker: remove armv7 support CI is still unreliable if we enable armv7 support	2021-11-16 09:07:10 +01:00
Nicola Murino	24b0352eb6	GCS: add ACL support	2021-11-15 21:57:41 +01:00
Nicola Murino	52f3a98cc8	preserve GCS credentials on update if not set credentials were not preserved if "prefer_database_credentials" was set to true Fixes #613	2021-11-15 19:12:58 +01:00
Nicola Murino	ca730e77a5	add separate permissions to delete and rename files and dirs perm_delete and perm_rename still exist for backward compatibility, now they are an alias to assign both new split permissions	2021-11-14 16:23:33 +01:00
Nicola Murino	0833b4698e	httpd service: add CORS support	2021-11-13 23:14:50 +01:00
Nicola Murino	ee5c5e033d	S3: add ACL support Fixes #610	2021-11-13 16:05:40 +01:00
Nicola Murino	78233ff9a3	web UI/REST API: add password reset In order to reset the password from the admin/client user interface, an SMTP configuration must be added and the user/admin must have an email address. You can prohibit the reset functionality on a per-user basis by using a specific restriction. Fixes #597	2021-11-13 13:25:43 +01:00
Nicola Murino	094ee1522e	logger: add a flag to use UTC time for logging	2021-11-06 15:18:16 +01:00
Nicola Murino	3bc58f5988	WebClient/REST API: add sharing support	2021-11-06 14:13:20 +01:00
Nicola Murino	74fc3aaf37	REST API: add events search	2021-10-23 15:47:21 +02:00
Nicola Murino	97d0a48557	plugins: improve notifier and searcher	2021-10-20 19:39:49 +02:00
Nicola Murino	a80ac80fcd	pkgs: update nfpm to 2.7 and use xz as compression for both deb and rpm	2021-10-13 09:15:04 +02:00
Nicola Murino	4aa9686e3b	refactor custom actions SFTPGo is now fully auditable, all fs and provider events that change something are notified and can be collected using hooks/plugins. There are some backward incompatible changes for command hooks	2021-10-10 13:08:05 +02:00
Nicola Murino	64e87d64bd	web client UI: allow to edit plain text files Fixes #567	2021-10-09 14:17:28 +02:00
Nicola Murino	1b4a1fbbe5	add data retention check hook	2021-10-03 15:17:49 +02:00
Nicola Murino	cc134cad9a	data retention: allow to notify results via e-mail	2021-10-02 22:25:41 +02:00
Nicola Murino	e6f969cb04	web UI: update js and css deps	2021-09-30 10:23:25 +02:00
Nicola Murino	ba1febba73	rework user and admin profiles users and admins can now also update their email and description	2021-09-29 18:46:15 +02:00
Maharanjan	0661876e99	Added email field for user account	2021-09-25 19:06:13 +02:00
Nicola Murino	da5a061b65	add basic REST APIs for data retention Fixes #495	2021-09-25 12:20:31 +02:00
Nicola Murino	bf4b3e6840	httpd: move the check connection middleware before the logger middleware Fixes #543	2021-09-19 08:14:59 +02:00
Nicola Murino	6ea38188e8	minor fixes and doc improvements	2021-09-18 10:50:17 +02:00
Nicola Murino	b5639a51fd	don't generate defender events for HTTP/WebDAV requests with no auth it is quite common for HTTP clients to send a first request without the Authorization header and then send the credentials after receiving a 401 response. We don't want to generate defender events in this case	2021-09-11 18:23:11 +02:00
Nicola Murino	5c34d814d6	fix a possible nil pointer dereference it can happen by upgrading from very old versions	2021-09-11 14:19:17 +02:00
Nicola Murino	7bad65a43e	user: add a permission to disable changing api key authentication also implement the missing APIs to enable/disable api key authentication	2021-09-06 18:46:35 +02:00
Nicola Murino	101c2962ab	web client UI: add a permission to disable password change Fixes #528	2021-09-05 18:49:13 +02:00
Nicola Murino	59140a6d51	add additional data to MFA secrets and fix pointers management	2021-09-05 14:10:12 +02:00
Nicola Murino	8a4c21b64a	add builtin two-factor auth support The builtin two-factor authentication is based on time-based one time passwords (RFC 6238) which works with Authy, Google Authenticator and other compatible apps.	2021-09-04 12:11:04 +02:00
Nicola Murino	b903a6e46f	data provider: remove default admin you need to load initial data or set "create_default_admin" to true and the appropriate env vars if you don't want to use the web admin setup screen to create the default admin	2021-08-20 10:37:51 +02:00
Nicola Murino	be3857d572	dataprovider: add timestamp fields for users and admins	2021-08-19 15:51:43 +02:00
Nicola Murino	fe953d6b38	REST API: add support for API key authentication	2021-08-17 18:08:32 +02:00
Nicola Murino	ced2e16f41	add support for password validation rules Fixes #494	2021-08-06 18:56:07 +02:00
Nicola Murino	0503215e7a	web client: try to prevent browsers from caching requests Fixes #493	2021-08-03 19:58:03 +02:00
Nicola Murino	90b324d707	Add a link on the login pages to switch between admin and web client login The links are hidden if only the web admin or only thw web client is enabled and can also be controlled using the "hide_login_url" setting Fixes #485	2021-07-27 18:43:00 +02:00
Nicola Murino	3a22aae34f	web UI: add support for upload, create dirs, rename, delete	2021-07-26 20:55:49 +02:00
Nicola Murino	c41ae116eb	improve logging Fixes #381	2021-07-24 20:11:17 +02:00
Nicola Murino	83c7453957	user API: allow to disable writes ... ... even if the user has permissions for these actions	2021-07-23 21:41:02 +02:00
Nicola Murino	85a47810ff	S3: expose more properties, possible backward incompatible change Before these changes we implictly set S3ForcePathStyle if an endpoint was provided. This can cause issues with some S3 compatible object storages and must be explicitly set now. AWS is also deprecating this setting https://aws.amazon.com/it/blogs/aws/amazon-s3-path-deprecation-plan-the-rest-of-the-story/	2021-07-23 16:56:48 +02:00
Nicola Murino	ae8ccadad2	users API: add API to create, delete, rename files and directories	2021-07-23 10:19:27 +02:00
Nicola Murino	776dffcf12	kms: improve modularity	2021-07-13 21:17:21 +02:00
Nicola Murino	e1a2451c22	s3: allow to configure the chunk download timeout	2021-07-11 18:39:45 +02:00
Nicola Murino	bd5191dfc5	add experimental plugin system	2021-07-11 15:26:51 +02:00
Nicola Murino	ff19879ffd	allow to use a persistent signing key for JWT and CSRF tokens Fixes #466	2021-07-01 20:17:40 +02:00
Nicola Murino	076b2f0ee0	modules: add v2 support	2021-06-26 07:31:41 +02:00
Manuel Reithuber	fd4c388b23	added vfs.ListProviders() and using it in template fsconfig.html (added a new ListFSProviders template function for that)	2021-06-19 19:27:54 +02:00
Manuel Reithuber	88b10da596	updated utils.LoadTemplate() to call template.ParseFiles() directly and added a way to specify a base template (will be used in the next commit)	2021-06-19 19:27:54 +02:00
Manuel Reithuber	0ff010cc94	added vfs.GetProviderByName(), using it in for sftpgo portable and for parsing the webadmin form field	2021-06-19 19:27:54 +02:00
Nicola Murino	c1b862394d	move other errors to utils package	2021-06-19 13:06:01 +02:00
Manuel Reithuber	f19937b715	move Filesystem config validation to vfs	2021-06-19 12:24:43 +02:00
Nicola Murino	3bb0ca1d2b	config: remove deprecated configuration keys	2021-06-19 09:47:06 +02:00
Nicola Murino	9d3d7db29c	azblob: store SAS URL as kms.Secret	2021-06-11 22:27:36 +02:00
Nicola Murino	4be6307d87	webadmin: add defender page	2021-06-08 13:24:28 +02:00
Nicola Murino	feec2118bb	improve defender and quotas REST API	2021-06-07 21:52:43 +02:00
Nicola Murino	43182fc25e	OpenAPI: add users API These new APIs match the web client features. I'm aware that some API do not follow REST best practises. I want to avoid things likes "/user/folders/<path>" where "path" must be encoded and making it optional create issues, so I defined resources as query parameters instead of path parameters	2021-06-05 16:07:09 +02:00
Nicola Murino	575bcf1f03	add remote address to transfer and commands logs	2021-06-01 22:28:43 +02:00
Nicola Murino	c1239fbf59	pre-upload action: add file open flags Reading the flags the hook receiver can detect if the client wants to truncate the target file	2021-05-31 22:33:23 +02:00
Nicola Murino	c63b923ec3	cryptfs: add support for atomic uploads	2021-05-31 21:45:29 +02:00
Nicola Murino	423d8306be	webclient: allow to download multiple files as zip	2021-05-30 23:07:46 +02:00
Nicola Murino	7a85c66ee7	webclient: defer file list rendering combined with server side processing I can now list a directory with about 100.000 files in less than 2 seconds without losing client side filtering and pagination	2021-05-27 09:40:46 +02:00
Nicola Murino	25a44030f9	actions: add pre-download and pre-upload Downloads and uploads can be denied based on hook response	2021-05-26 07:48:37 +02:00
Nicola Murino	600268ebb8	httpclient: allow to set custom headers	2021-05-25 08:36:01 +02:00
Nicola Murino	1223957f91	webclient: use different icons based on the file extension	2021-05-24 19:09:03 +02:00
Nicola Murino	15cde2dd1a	improve test coverage	2021-05-23 22:29:55 +02:00
Nicola Murino	50e441849a	try to make the web admin more user friendly removed all the textarea with fields separated using "::". This should, hopefully, improve user experience	2021-05-23 22:02:01 +02:00
Nicola Murino	02bb09ec01	remove deprecated file extensions filters these filters were deprecated a long time ago, everyone should use patterns filters now	2021-05-22 12:28:05 +02:00
Nicola Murino	b9bc8d722d	try to improve web client credentials page I should do the same for the admin page too	2021-05-22 09:54:27 +02:00
Nicola Murino	ecfed4dc04	Add a Getting Started Guide	2021-05-20 18:16:27 +02:00
Nicola Murino	60cfbd2989	setup: auto login after creating the first admin	2021-05-16 21:36:57 +02:00
Nicola Murino	019b0f2fd5	http cookie: add max-age and samesite update deps too	2021-05-16 09:13:00 +02:00
Nicola Murino	f2b93c0402	add a setup screen to create the first admin user If you prefer to auto-create the first admin you can enable the "create_default_admin" configuration key and SFTPGo will work as before. You can also create the first admin by loading initial data: now you can set both username and password, before you could only change the password	2021-05-14 19:21:15 +02:00
Nicola Murino	c8f7fc9bc9	httpd/webdav: add a list of hosts allowed to send proxy headers X-Forwarded-For, X-Real-IP and X-Forwarded-Proto headers will be ignored for hosts not included in this list. This is a backward incompatible change, before the proxy headers were always used	2021-05-11 06:54:06 +02:00
Nicola Murino	8f6cdacd00	allow to limit the number of per-host connections	2021-05-08 19:45:21 +02:00
Nicola Murino	4ea4202b99	httpd/webdav: use a custom listener with read and write deadlines	2021-05-07 20:41:20 +02:00
Nicola Murino	d4bfc3f6b5	fix lint configuration and a warning	2021-05-06 22:06:22 +02:00
Nicola Murino	23d9ebfc91	add a basic front-end web interface for end-users Fixes #339 #321 #398	2021-05-06 21:35:43 +02:00
Nicola Murino	a383957cfa	OpenAPI: document that also folder-quota-update supports partial updates	2021-04-28 19:33:32 +02:00
Nicola Murino	00f97aabb4	OpenAPI: document that quota-update support partial updates If the update mode is "add" and you pass only used_quota_size or only used_quota_files the missing field will remain unchanged	2021-04-28 19:16:15 +02:00
Nicola Murino	32db0787bb	add an example script for scheduled quota updates	2021-04-26 21:53:09 +02:00

1 2 3 4 5 ...

325 commits