sftpgo

mirror of https://github.com/drakkan/sftpgo.git synced 2025-12-07 23:00:55 +03:00

Author	SHA1	Message	Date
Nicola Murino	7c724e18fe	add support for ACME compliant certificate authorities Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-05-27 07:39:55 +02:00
Nicola Murino	90c21458b8	OIDC: add support for implicit roles Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-05-22 14:38:25 +02:00
Nicola Murino	1a33b5bb53	allow different TLS certificates for each binding Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-05-21 16:34:47 +02:00
Nicola Murino	0ecaa862bd	web UIs: allow to replace the default CSS Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-05-21 11:05:58 +02:00
Nicola Murino	751946f47a	allow to customize timeout and env vars for program based hooks Fixes #847 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-05-20 19:30:54 +02:00
Nicola Murino	796ea1dde9	allow to store temporary sessions within the data provider so we can persist password reset codes, OIDC auth sessions and tokens. These features will also work in multi-node setups without sicky sessions now Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-05-19 19:49:51 +02:00
Nicola Murino	c9bd08cf9c	UI branding: use the short name on the login pages Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-05-15 07:30:36 +02:00
Nicola Murino	5d7f6960f3	web UIs: add branding support Fixes #829 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-05-13 19:40:52 +02:00
Nicola Murino	4995cf1b02	defender: allow to load blocklist/safelist also from config/env vars Fixes #831 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-05-13 14:46:07 +02:00
Dylan Legendre	4b099640de	Updating typos in openapi/swagger documentation as well as various markdown documentation files (#816 ) Signed-off-by: Dylan Legendre <dylanlegendre09@gmail.com>	2022-05-05 18:26:22 +02:00
Nicola Murino	14fb6c4038	always check recently updated users also fix the query to get users for quota check for sql based providers Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-04-30 11:59:36 +02:00
Nicola Murino	ecd488a840	data provider: remove prefer_database_credentials Google Cloud Storage credentials are now always stored within the data provider. Added a migration to read credentials from disk and store them inside the data provider. After v2.3 we can also remove credentials_path Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-04-28 12:55:01 +02:00
zemsten	857b6cc10a	Update full-configuration.md (#799 ) NGINX spelling Signed-off-by: Samuel Zarn <samz@localhost.localdomain>	2022-04-22 09:22:36 +02:00
Nicola Murino	cacfffc5bf	OIDC: add support for custom fields These fields can be used in the pre-login hook to implement custom logics Fixes #787 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-04-12 19:31:25 +02:00
Nicola Murino	f9d8b83c2a	sshd: disable by default ssh-rsa host key algo Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-04-04 18:52:19 +02:00
Nicola Murino	254b2ae87f	add support for AWS container Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-04-03 08:52:36 +02:00
Nicola Murino	5a40f998ae	check and update the password hashing algorithm on user login also add ldap md5 variant as per-user request Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-04-02 22:20:21 +02:00
Nicola Murino	55f8171dd1	sshd: add support for host key certificates Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-04-01 08:03:56 +02:00
Nicola Murino	a7b159aebb	ssh user certs: add a revoked list Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-03-31 21:49:06 +02:00
Nicola Murino	5cccb872bb	add support to redirect HTTP to HTTPS Fixes #777 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-03-26 10:00:02 +01:00
Nicola Murino	a31a9dc32c	update deps Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-03-21 17:52:18 +01:00
Pr0pHesyer	fa43791ea9	Optimized typography for better readability Signed-off-by: Pr0pHesyer <proskire@protonmail.com>	2022-03-21 15:05:43 +01:00
Nicola Murino	93b9c1617e	web UI: allow to load custom css Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-03-19 21:44:27 +01:00
Nicola Murino	4c710d731f	update to Go 1.18 temporarily disabled docker image for ppcle64 as alpine image is not yet available Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-03-18 21:52:00 +01:00
Nicola Murino	d9f30e7ac5	add a global whitelist if defined only the listed IPs/networks can access the configured services, all other client connections will be dropped before they even try to authenticate Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-03-17 22:10:52 +01:00
Nicola Murino	7e7f662a23	ensure that defaults defined in code match the default config file Fixes #754 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-03-14 10:42:14 +01:00
Nicola Murino	0bec1c6012	change the default value for prefer_database_credentials to true ... ... and deprecate this setting. In the future we'll remove prefer_database_credentials and credentials_path and we will not allow the credentials to be saved on the filesystem Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-03-13 14:29:11 +01:00
Nicola Murino	5582f5c811	data provider: add automatic backups Automatic backup are enabled by default, a new backup will be saved each day at midnight. The backups_path setting was moved from the httpd section to the data_provider one, please adjust your configuration file and or your env vars Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-03-13 13:45:07 +01:00
Nicola Murino	dcc3292dbc	web setup: add an optional installation code The purpose of this code is to prevent anyone who can access to the initial setup screen from creating an admin user Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-02-27 13:08:47 +01:00
Nicola Murino	7fc5cb80d6	deb/rpm packages: attempt to set the `cap_net_bind_service` capability so the service can bind to privileged ports without running as root user Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-02-26 10:10:51 +01:00
Nicola Murino	c6b8644828	OIDC: execute pre-login hook after IDP authentication so the SFTPGo users can be auto-created using the hook Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-02-19 10:53:35 +01:00
Nicola Murino	f1a255aa6c	httpd: allow to restrict allowed hosts ... ... and to add security headers to the responses Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-02-17 18:22:27 +01:00
Nicola Murino	1fccd05e9e	allow to configure the minimum version of TLS to be enabled Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-02-13 15:56:07 +01:00
Nicola Murino	66945c0a02	Web UIs: add OpenID Connect support Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-02-13 14:30:20 +01:00
Nicola Murino	02db00d008	dataprovider: add naming rules naming rules allow to support case insensitive usernames, trim trailing and leading white spaces, and accept any valid UTF-8 characters in usernames. If you were enabling `skip_natural_keys_validation` now you need to set `naming_rules` to `1` Fixes #687 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-01-31 18:01:37 +01:00
Nicola Murino	fb2d59ec92	data provider: add config options for certs validation/authentication Fixes #682 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-01-30 18:04:03 +01:00
Nicola Murino	1df1225eed	add support for data transfer bandwidth limits with total limit or separate settings for uploads and downloads and overrides based on the client's IP address. Limits can be reset using the REST API Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-01-30 11:42:36 +01:00
Nicola Murino	ec1d20f46f	sshd: improve docs about supported ciphers, KEX and MACs also added a check to ensure that the configured values are valid Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-01-06 18:09:49 +01:00
Nicola Murino	222db53410	notifiers plugin: replace params with a struct Fixes #658 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-01-02 15:16:35 +01:00
Nicola Murino	7d8823307f	defender: add provider driver Fixes #616	2021-12-25 12:08:07 +01:00
Nicola Murino	a587228cf0	add support for metadata plugins	2021-12-16 18:18:36 +01:00
Nicola Murino	bedc8e288b	web client: add support for integrating external viewers/editors	2021-12-03 18:33:08 +01:00
Nicola Murino	0f8170c10f	improve some docs and disable telemetry server by default	2021-11-29 17:58:10 +01:00
Nicola Murino	4652f9ede8	FTPD: allow to set different passive IPs based on the client's IP address	2021-11-25 12:45:09 +01:00
Nicola Murino	3d6b09e949	REST API: expose OpenAPI schema and render it using Swagger UI Fixes #609	2021-11-21 09:32:51 +01:00
Nicola Murino	0833b4698e	httpd service: add CORS support	2021-11-13 23:14:50 +01:00
Nicola Murino	094ee1522e	logger: add a flag to use UTC time for logging	2021-11-06 15:18:16 +01:00
Nicola Murino	570964deb3	add post-disconnect hook Fixes #587	2021-10-29 19:55:18 +02:00
Nicola Murino	4aa9686e3b	refactor custom actions SFTPGo is now fully auditable, all fs and provider events that change something are notified and can be collected using hooks/plugins. There are some backward incompatible changes for command hooks	2021-10-10 13:08:05 +02:00
Nicola Murino	ea01c3a125	rate limiting: allow to exclude IP addresses/ranges Fixes #563	2021-10-03 20:50:05 +02:00

1 2 3 4 5

217 Commits