Mirrors/sftpgo
1
0
Fork 0
mirror of https://github.com/drakkan/sftpgo.git synced 2025-12-07 14:50:55 +03:00
Code Issues Packages Projects Releases Wiki Activity
1,173 Commits 9 Branches 53 Tags
796ea1dde9e2bf12bdffa4ba3ffdeaa4eef83de5
Commit Graph

162 Commits

Author SHA1 Message Date
Nicola Murino
796ea1dde9 allow to store temporary sessions within the data provider 
so we can persist password reset codes, OIDC auth sessions and tokens.
These features will also work in multi-node setups without sicky
sessions now

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-05-19 19:49:51 +02:00
Nicola Murino
c9bd08cf9c UI branding: use the short name on the login pages 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-05-15 07:30:36 +02:00
Nicola Murino
5d7f6960f3 web UIs: add branding support 
Fixes #829

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-05-13 19:40:52 +02:00
Nicola Murino
4995cf1b02 defender: allow to load blocklist/safelist also from config/env vars 
Fixes #831

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-05-13 14:46:07 +02:00
Dylan Legendre
4b099640de Updating typos in openapi/swagger documentation as well as various markdown documentation files (#816) 
Signed-off-by: Dylan Legendre <dylanlegendre09@gmail.com>
 2022-05-05 18:26:22 +02:00
Nicola Murino
14fb6c4038 always check recently updated users 
also fix the query to get users for quota check for sql based providers

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-04-30 11:59:36 +02:00
Nicola Murino
ecd488a840 data provider: remove prefer_database_credentials 
Google Cloud Storage credentials are now always stored within the data
provider.

Added a migration to read credentials from disk and store them inside the
data provider.

After v2.3 we can also remove credentials_path

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-04-28 12:55:01 +02:00
zemsten
857b6cc10a Update full-configuration.md (#799) 
NGINX spelling

Signed-off-by: Samuel Zarn <samz@localhost.localdomain>
 2022-04-22 09:22:36 +02:00
Nicola Murino
cacfffc5bf OIDC: add support for custom fields 
These fields can be used in the pre-login hook to implement custom
logics

Fixes #787

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-04-12 19:31:25 +02:00
Nicola Murino
f9d8b83c2a sshd: disable by default ssh-rsa host key algo 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-04-04 18:52:19 +02:00
Nicola Murino
254b2ae87f add support for AWS container 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-04-03 08:52:36 +02:00
Nicola Murino
5a40f998ae check and update the password hashing algorithm on user login 
also add ldap md5 variant as per-user request

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-04-02 22:20:21 +02:00
Nicola Murino
55f8171dd1 sshd: add support for host key certificates 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-04-01 08:03:56 +02:00
Nicola Murino
a7b159aebb ssh user certs: add a revoked list 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-03-31 21:49:06 +02:00
Nicola Murino
5cccb872bb add support to redirect HTTP to HTTPS 
Fixes #777

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-03-26 10:00:02 +01:00
Nicola Murino
a31a9dc32c update deps 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-03-21 17:52:18 +01:00
Pr0pHesyer
fa43791ea9 Optimized typography for better readability 
Signed-off-by: Pr0pHesyer <proskire@protonmail.com>
 2022-03-21 15:05:43 +01:00
Nicola Murino
93b9c1617e web UI: allow to load custom css 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-03-19 21:44:27 +01:00
Nicola Murino
4c710d731f update to Go 1.18 
temporarily disabled docker image for ppcle64 as alpine image
is not yet available

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-03-18 21:52:00 +01:00
Nicola Murino
d9f30e7ac5 add a global whitelist 
if defined only the listed IPs/networks can access the configured
services, all other client connections will be dropped before they
even try to authenticate

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-03-17 22:10:52 +01:00
Nicola Murino
7e7f662a23 ensure that defaults defined in code match the default config file 
Fixes #754

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-03-14 10:42:14 +01:00
Nicola Murino
0bec1c6012 change the default value for prefer_database_credentials to true ... 
... and deprecate this setting.

In the future we'll remove prefer_database_credentials and
credentials_path and we will not allow the credentials to be saved on
the filesystem

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-03-13 14:29:11 +01:00
Nicola Murino
5582f5c811 data provider: add automatic backups 
Automatic backup are enabled by default, a new backup will be saved
each day at midnight.

The backups_path setting was moved from the httpd section to the
data_provider one, please adjust your configuration file and or your
env vars

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-03-13 13:45:07 +01:00
Nicola Murino
dcc3292dbc web setup: add an optional installation code 
The purpose of this code is to prevent anyone who can access to
the initial setup screen from creating an admin user

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-02-27 13:08:47 +01:00
Nicola Murino
7fc5cb80d6 deb/rpm packages: attempt to set the cap_net_bind_service capability 
so the service can bind to privileged ports without running as root user

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-02-26 10:10:51 +01:00
Nicola Murino
c6b8644828 OIDC: execute pre-login hook after IDP authentication 
so the SFTPGo users can be auto-created using the hook

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-02-19 10:53:35 +01:00
Nicola Murino
f1a255aa6c httpd: allow to restrict allowed hosts ... 
... and to add security headers to the responses

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-02-17 18:22:27 +01:00
Nicola Murino
1fccd05e9e allow to configure the minimum version of TLS to be enabled 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-02-13 15:56:07 +01:00
Nicola Murino
66945c0a02 Web UIs: add OpenID Connect support 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-02-13 14:30:20 +01:00
Nicola Murino
02db00d008 dataprovider: add naming rules 
naming rules allow to support case insensitive usernames, trim trailing
and leading white spaces, and accept any valid UTF-8 characters in
usernames.

If you were enabling `skip_natural_keys_validation` now you need to
set `naming_rules` to `1`

Fixes #687

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-01-31 18:01:37 +01:00
Nicola Murino
fb2d59ec92 data provider: add config options for certs validation/authentication 
Fixes #682

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-01-30 18:04:03 +01:00
Nicola Murino
1df1225eed add support for data transfer bandwidth limits 
with total limit or separate settings for uploads and downloads and
overrides based on the client's IP address.

Limits can be reset using the REST API

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-01-30 11:42:36 +01:00
Nicola Murino
ec1d20f46f sshd: improve docs about supported ciphers, KEX and MACs 
also added a check to ensure that the configured values are valid

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-01-06 18:09:49 +01:00
Nicola Murino
222db53410 notifiers plugin: replace params with a struct 
Fixes #658

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
 2022-01-02 15:16:35 +01:00
Nicola Murino
7d8823307f defender: add provider driver 
Fixes #616
 2021-12-25 12:08:07 +01:00
Nicola Murino
a587228cf0 add support for metadata plugins 2021-12-16 18:18:36 +01:00
Nicola Murino
bedc8e288b web client: add support for integrating external viewers/editors 2021-12-03 18:33:08 +01:00
Nicola Murino
0f8170c10f improve some docs and disable telemetry server by default 2021-11-29 17:58:10 +01:00
Nicola Murino
4652f9ede8 FTPD: allow to set different passive IPs based on the client's IP address 2021-11-25 12:45:09 +01:00
Nicola Murino
3d6b09e949 REST API: expose OpenAPI schema and render it using Swagger UI 
Fixes #609
 2021-11-21 09:32:51 +01:00
Nicola Murino
0833b4698e httpd service: add CORS support 2021-11-13 23:14:50 +01:00
Nicola Murino
094ee1522e logger: add a flag to use UTC time for logging 2021-11-06 15:18:16 +01:00
Nicola Murino
570964deb3 add post-disconnect hook 
Fixes #587
 2021-10-29 19:55:18 +02:00
Nicola Murino
4aa9686e3b refactor custom actions 
SFTPGo is now fully auditable, all fs and provider events that change
something are notified and can be collected using hooks/plugins.

There are some backward incompatible changes for command hooks
 2021-10-10 13:08:05 +02:00
Nicola Murino
ea01c3a125 rate limiting: allow to exclude IP addresses/ranges 
Fixes #563
 2021-10-03 20:50:05 +02:00
Nicola Murino
1b4a1fbbe5 add data retention check hook 2021-10-03 15:17:49 +02:00
Nicola Murino
22d28a37b6 cmd: improve completion sub-commands 2021-10-03 08:14:57 +02:00
Nicola Murino
cc134cad9a data retention: allow to notify results via e-mail 2021-10-02 22:25:41 +02:00
Nicola Murino
ba1febba73 rework user and admin profiles 
users and admins can now also update their email and description
 2021-09-29 18:46:15 +02:00
Nicola Murino
da0ccc6426 add SMTP support 
it will be used in future update to add email sending capabilities
 2021-09-26 20:25:37 +02:00