Mirrors/sftpgo
1
0
Fork 0
mirror of https://github.com/drakkan/sftpgo.git synced 2025-12-07 14:50:55 +03:00
Code Issues Packages Projects Releases Wiki Activity
836 Commits 9 Branches 53 Tags
02bb09ec01708af4b9e0c0da6ed9a6f90fd6dc1c
Commit Graph

836 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Nicola Murino
02bb09ec01 remove deprecated file extensions filters 
these filters were deprecated a long time ago, everyone should use
patterns filters now
 2021-05-22 12:28:05 +02:00
Nicola Murino
402947a43c update deps 2021-05-22 10:42:30 +02:00
Nicola Murino
b9bc8d722d try to improve web client credentials page 
I should do the same for the admin page too
 2021-05-22 09:54:27 +02:00
Nicola Murino
0cb5c49cf3 map path resolution errors to Permission errors 
this way the affected paths will be ignored in WebDAV

Fixes #432
 2021-05-21 13:04:22 +02:00
Nicola Murino
9fc4be6d40 minor doc fixes 2021-05-20 18:34:38 +02:00
Nicola Murino
ecfed4dc04 Add a Getting Started Guide 2021-05-20 18:16:27 +02:00
dependabot[bot]
b415e4d98f Bump github.com/lib/pq from 1.10.1 to 1.10.2 (#429) 
Bumps [github.com/lib/pq](https://github.com/lib/pq) from 1.10.1 to 1.10.2.
- [Release notes](https://github.com/lib/pq/releases)
- [Commits](https://github.com/lib/pq/compare/v1.10.1...v1.10.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-05-17 09:27:16 +02:00
Nicola Murino
7d059efe06 add an example backup script 2021-05-16 22:28:08 +02:00
Nicola Murino
60cfbd2989 setup: auto login after creating the first admin 2021-05-16 21:36:57 +02:00
Nicola Murino
8ecf64f481 httpclient: accepts timeouts as float 
Fixes #428
 2021-05-16 12:50:06 +02:00
Nicola Murino
019b0f2fd5 http cookie: add max-age and samesite 
update deps too
 2021-05-16 09:13:00 +02:00
Nicola Murino
15d6cd144a another try to better understand the random webdav test case failure 2021-05-15 08:56:36 +02:00
Nicola Murino
f59f62317e sftpd: fix file upload resume detection 
WinSCP does not set the APPEND flag while resuming a file upload,
so we detect a file upload resume if the TRUNCATE flag is not set.
The APPEND flag is now ignored.

Fixes #420
 2021-05-15 08:39:01 +02:00
Nicola Murino
f2b93c0402 add a setup screen to create the first admin user 
If you prefer to auto-create the first admin you can enable the
"create_default_admin" configuration key and SFTPGo will work as before.

You can also create the first admin by loading initial data: now you can
set both username and password, before you could only change the password
 2021-05-14 19:21:15 +02:00
Nicola Murino
0540b8780e redact credentials within hooks 
go-retryablehttp does not redact credentials, so we still log them
when we use it

https://github.com/hashicorp/go-retryablehttp/pull/133
 2021-05-12 22:44:17 +02:00
Nicola Murino
fa45c9c138 allow to execute actions for file operations and SSH commands synchronously 
The actions to run synchronously can be configured via the `execute_sync`
configuration key.

Executing an action synchronously means that SFTPGo will not return a result
code to the client until your hook have completed its execution.

Fixes #409
 2021-05-11 12:45:14 +02:00
Nicola Murino
b67cd0d3df ensure no client is connected before running max connections test cases 2021-05-11 08:04:57 +02:00
Nicola Murino
c8f7fc9bc9 httpd/webdav: add a list of hosts allowed to send proxy headers 
X-Forwarded-For, X-Real-IP and X-Forwarded-Proto headers will be ignored
for hosts not included in this list.

This is a backward incompatible change, before the proxy headers were
always used
 2021-05-11 06:54:06 +02:00
dependabot[bot]
f1b998ce16 Bump github.com/otiai10/copy from 1.5.1 to 1.6.0 (#414) 
Bumps [github.com/otiai10/copy](https://github.com/otiai10/copy) from 1.5.1 to 1.6.0.
- [Release notes](https://github.com/otiai10/copy/releases)
- [Commits](https://github.com/otiai10/copy/compare/v1.5.1...v1.6.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-05-10 14:02:09 +02:00
dependabot[bot]
aaa758e978 Bump github.com/minio/sio from 0.2.1 to 0.3.0 (#412) 
Bumps [github.com/minio/sio](https://github.com/minio/sio) from 0.2.1 to 0.3.0.
- [Release notes](https://github.com/minio/sio/releases)
- [Commits](https://github.com/minio/sio/compare/v0.2.1...v0.3.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-05-10 11:34:01 +02:00
dependabot[bot]
716946a148 Bump github.com/aws/aws-sdk-go from 1.38.35 to 1.38.36 (#413) 
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.38.35 to 1.38.36.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.38.35...v1.38.36)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-05-10 11:10:58 +02:00
Nicola Murino
15934d72cc webdav test: increase log size 
the latest 10 lines are not enough to understand the issue, try with 20
 2021-05-09 10:09:25 +02:00
Nicola Murino
8f6cdacd00 allow to limit the number of per-host connections 2021-05-08 19:45:21 +02:00
Nicola Murino
8f736da4b8 webdav test: add some more logs 
QuotaLimits test case sometime fails when running in CI, try to
understand the reason
 2021-05-07 22:24:06 +02:00
Nicola Murino
4ea4202b99 httpd/webdav: use a custom listener with read and write deadlines 2021-05-07 20:41:20 +02:00
Nicola Murino
d4bfc3f6b5 fix lint configuration and a warning 2021-05-06 22:06:22 +02:00
Nicola Murino
23d9ebfc91 add a basic front-end web interface for end-users 
Fixes #339 #321 #398
 2021-05-06 21:35:43 +02:00
dependabot[bot]
5c99f4fb60 Bump github.com/shirou/gopsutil/v3 from 3.21.3 to 3.21.4 (#406) 
Bumps [github.com/shirou/gopsutil/v3](https://github.com/shirou/gopsutil) from 3.21.3 to 3.21.4.
- [Release notes](https://github.com/shirou/gopsutil/releases)
- [Commits](https://github.com/shirou/gopsutil/compare/v3.21.3...v3.21.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-05-03 14:44:07 +02:00
dependabot[bot]
2263c7e20f Bump github.com/hashicorp/go-retryablehttp from 0.6.8 to 0.7.0 (#405) 
Bumps [github.com/hashicorp/go-retryablehttp](https://github.com/hashicorp/go-retryablehttp) from 0.6.8 to 0.7.0.
- [Release notes](https://github.com/hashicorp/go-retryablehttp/releases)
- [Commits](https://github.com/hashicorp/go-retryablehttp/compare/v0.6.8...v0.7.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-05-03 14:43:53 +02:00
dependabot[bot]
515b2d917e Bump github.com/fclairamb/ftpserverlib from 0.13.0 to 0.13.1 (#404) 
Bumps [github.com/fclairamb/ftpserverlib](https://github.com/fclairamb/ftpserverlib) from 0.13.0 to 0.13.1.
- [Release notes](https://github.com/fclairamb/ftpserverlib/releases)
- [Commits](https://github.com/fclairamb/ftpserverlib/compare/v0.13.0...v0.13.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-05-03 13:29:54 +02:00
dependabot[bot]
af4723356d Bump github.com/lestrrat-go/jwx from 1.1.7 to 1.2.0 (#403) 
Bumps [github.com/lestrrat-go/jwx](https://github.com/lestrrat-go/jwx) from 1.1.7 to 1.2.0.
- [Release notes](https://github.com/lestrrat-go/jwx/releases)
- [Changelog](https://github.com/lestrrat-go/jwx/blob/main/Changes)
- [Commits](https://github.com/lestrrat-go/jwx/compare/v1.1.7...v1.2.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-05-03 13:29:16 +02:00
dependabot[bot]
068dd34a38 Bump github.com/aws/aws-sdk-go from 1.38.25 to 1.38.30 (#402) 
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.38.25 to 1.38.30.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.38.25...v1.38.30)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-05-03 11:41:25 +02:00
dependabot[bot]
b16a5c2caf Bump github.com/go-chi/chi/v5 from 5.0.2 to 5.0.3 (#401) 
Bumps [github.com/go-chi/chi/v5](https://github.com/go-chi/chi) from 5.0.2 to 5.0.3.
- [Release notes](https://github.com/go-chi/chi/releases)
- [Changelog](https://github.com/go-chi/chi/blob/master/CHANGELOG.md)
- [Commits](https://github.com/go-chi/chi/compare/v5.0.2...v5.0.3)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-05-03 11:41:09 +02:00
Nicola Murino
a383957cfa OpenAPI: document that also folder-quota-update supports partial updates 2021-04-28 19:33:32 +02:00
Nicola Murino
00f97aabb4 OpenAPI: document that quota-update support partial updates 
If the update mode is "add" and you pass only used_quota_size or only
used_quota_files the missing field will remain unchanged
 2021-04-28 19:16:15 +02:00
Nicola Murino
32db0787bb add an example script for scheduled quota updates 2021-04-26 21:53:09 +02:00
Nicola Murino
1275328fdf Authentication errors: try to avoid user enumeration 
Fixes #395
 2021-04-26 19:48:21 +02:00
Nicola Murino
7778716fa7 update crypto and net dependencies 2021-04-25 18:12:02 +02:00
dependabot[bot]
77476d0f56 Bump github.com/aws/aws-sdk-go from 1.38.21 to 1.38.25 (#394) 
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.38.21 to 1.38.25.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.38.21...v1.38.25)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-04-25 17:07:59 +02:00
dependabot[bot]
c7a1fc2996 Bump cloud.google.com/go/storage from 1.14.0 to 1.15.0 (#392) 
Bumps [cloud.google.com/go/storage](https://github.com/googleapis/google-cloud-go) from 1.14.0 to 1.15.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases)
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/master/CHANGES.md)
- [Commits](https://github.com/googleapis/google-cloud-go/compare/spanner/v1.14.0...spanner/v1.15.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-04-25 17:07:36 +02:00
dependabot[bot]
e7d8e73be8 Bump github.com/lib/pq from 1.10.0 to 1.10.1 (#391) 
Bumps [github.com/lib/pq](https://github.com/lib/pq) from 1.10.0 to 1.10.1.
- [Release notes](https://github.com/lib/pq/releases)
- [Commits](https://github.com/lib/pq/compare/v1.10.0...v1.10.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-04-25 17:07:26 +02:00
dependabot[bot]
3ee27f4370 Bump golangci/golangci-lint-action from v2 to v2.5.2 (#389) 
Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) from v2 to v2.5.2.
- [Release notes](https://github.com/golangci/golangci-lint-action/releases)
- [Commits](https://github.com/golangci/golangci-lint-action/compare/v2...5c56cd6c9dc07901af25baab6f2b0d9f3b7c3018)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-04-25 16:41:17 +02:00
Nicola Murino
92424cd1c2 dependabot: limit the number of open pull requests 2021-04-25 16:39:41 +02:00
Nicola Murino
0190dad984 docker: update github script to v4 2021-04-25 15:59:29 +02:00
Nicola Murino
198258f4e7 add dependabot 
Fixes #388
 2021-04-25 15:54:19 +02:00
Nicola Murino
5be4b6bd44 localfs: fix subdir check if the user has the root dir as home 2021-04-25 14:36:29 +02:00
Nicola Murino
3941255733 docs: fix a typo 2021-04-25 09:42:19 +02:00
Nicola Murino
46998252e5 use bcrypt as default password hashing algo 
argon2id has a high memory cost and, if not properly tuned, it can lead to
resource starvation.

Advanced users can still configure and use argon2id.
Passwords stored as argon2id will continue to work
 2021-04-25 09:38:33 +02:00
Nicola Murino
74b51f0ad3 update nfpm 2021-04-23 22:53:13 +02:00
Nicola Murino
b11865f971 CI: add support for darwin/arm64 
I have no way to test the produced binaries on a real Silicon M1
 2021-04-20 23:00:27 +02:00