{{template "base" .}} {{define "title"}}{{.Title}}{{end}} {{define "extra_css"}} {{end}} {{define "page_body"}}
{{.Title}}
{{if .Error}} {{end}} {{if eq .Mode 3}}
Create and save one or more new users or generate a data provider independent JSON file to import.
The following placeholders are supported:

  • %username% will be replaced with the specified username
  • %password% will be replaced with the specified password
They will be replaced, with the specified username and password, in the paths and credentials of the configured storage backend.
The generated users can be saved or exported. Exported users can be imported from the "Maintenance" section of this SFTPGo instance or another. {{if .User.Username}}
Please note that no credentials were copied from user "{{.User.Username}}", you have to set them explicitly. {{end}}
{{end}}
{{if eq .Mode 3}}
Users
For each user set the username and at least one of the password and public key
{{else}}
{{end}} {{if .Roles}}
Users with a role can be managed by global administrators and administrators with the same role
{{end}} {{if ne .Mode 3}}
User must change password from WebClient/REST API at next login
Public keys
{{range $idx, $val := .User.PublicKeys}}
{{else}}
{{end}}
{{end}} {{if .Groups}}
Groups
Group membership impart the group settings (with the exception of membership only groups) if no override exists
{{end}} {{template "fshtml" .FsWrapper}} {{if .VirtualFolders}}
Virtual folders
Quota size -1 means included within user quota, 0 unlimited. Don't set -1 for shared folders. You can use MB/GB/TB suffix. With no suffix we assume bytes
{{range $idx, $val := .User.VirtualFolders}}
Quota size
Quota files
{{else}}
Quota size
Quota files
{{end}}
{{end}}

Values in the 50-70 range are suggested for common use cases. 0 means disabled, any password will be accepted
Password expiration as number of days. 0 means no expiration
Default expiration for newly created shares as number of days
Optional description, for example the user full name
Free form text field

Per-directory permissions. Wildcards are supported in paths, for example "/incoming/*" matches any directory within "/incoming"
{{range $idx, $dirPerms := .User.GetSubDirPermissions -}}
{{else}}
{{end}}
Per-directory pattern restrictions
Comma separated denied or allowed files/directories, based on shell patterns.

Match is case insensitive, set you patterns as lowercase. Denied entries are visible in directory listing by default, you can hide them by setting the "Hidden" policy, but please be aware that this may cause performance issues for large directories. Setting a denied pattern as "*" and allowed pattern/s for the same directory you can create denied except rules, but note that if you allow a directory, everything in it will be allowed unless more specific patterns/permissions are defined.

{{range $idx, $pattern := .User.Filters.GetFlatFilePatterns -}}
{{else}}
{{end}}
Maximun number of concurrent sessions. 0 means no limit
"password" is valid for all supported protocols, "password-over-SSH" only for SSH/SFTP/SCP
Comma separated IP/Mask in CIDR format, example: "192.168.1.0/24,10.8.0.100/32"
Comma separated IP/Mask in CIDR format, example: "192.168.1.0/24,10.8.0.100/32"

0 means no limit. You can use MB/GB/TB suffix
0 means no limit
Maximum upload size for a single file. 0 means no limit. You can use MB/GB/TB suffix
0 means no limit
0 means no limit
Per-source bandwidth speed limits
{{range $idx, $bwLimit := .User.Filters.BandwidthLimits -}}
Comma separated IP/Mask in CIDR format, example: "192.168.1.0/24,10.8.0.100/32"
UL (KB/s). 0 means no limit
DL (KB/s). 0 means no limit
{{else}}
Comma separated IP/Mask in CIDR format, example: "192.168.1.0/24,10.8.0.100/32"
UL (KB/s). 0 means no limit
DL (KB/s). 0 means no limit
{{end}}
Maximum data transfer allowed for uploads. 0 means no limit
Maximum data transfer allowed for downloads. 0 means no limit
Maximum data transfer allowed for uploads + downloads. Replace the individual limits. 0 means no limit

Alternate start directory to use instead of "/". Supported for SFTP/FTP/HTTP
Defines the TLS certificate field to use as username. Ignored if mutual TLS is disabled
Ignored if TLS is globally required for all FTP users
Anonymous users are supported for FTP and WebDAV protocols and have read-only access
Disable checks for existence and automatic creation of home directory and virtual folders
Allow to impersonate this user, in REST API, with an API key
Cache time, in seconds, for users authenticated using an external auth hook. 0 means no cache

{{if eq .Mode 2}}
This way you force the user to login again, if connected, and so to use the new configuration
{{end}}
{{if eq .Mode 3}} {{end}}
{{end}} {{define "extra_js"}} {{template "fsjs"}} {{template "shared_user_group" .}} {{end}}