Mirrors/sftpgo
1
0
Fork 0
mirror of https://github.com/drakkan/sftpgo.git synced 2025-12-07 23:00:55 +03:00
Code Issues Packages Projects Releases Wiki Activity
927 Commits 9 Branches 53 Tags
fe953d6b38fecfc4b14349c48c6ad323fa85ccb5
Commit Graph

106 Commits

Author SHA1 Message Date
Nicola Murino
a20373b613 add support for auth plugins 2021-08-08 17:09:48 +02:00
Nicola Murino
ced2e16f41 add support for password validation rules 
Fixes #494
 2021-08-06 18:56:07 +02:00
Nicola Murino
a3c087456b ftpd: add some security checks 2021-08-05 18:38:15 +02:00
mmcgeefeedo
0046c9960a add support to override default admin credentials via env vars 2021-07-31 10:39:53 +02:00
Nicola Murino
a26962f367 add dot and dot dot directories to sftp/ftp file listing 2021-07-31 09:42:23 +02:00
Nicola Murino
f778e47d22 sftpd: minor improvements and docs for the prefix middleware 2021-07-29 20:12:23 +02:00
Nicola Murino
90b324d707 Add a link on the login pages to switch between admin and web client login 
The links are hidden if only the web admin or only thw web client is
enabled and can also be controlled using the "hide_login_url" setting

Fixes #485
 2021-07-27 18:43:00 +02:00
Nicola Murino
ae8ccadad2 users API: add API to create, delete, rename files and directories 2021-07-23 10:19:27 +02:00
Nicola Murino
5967aa1aa5 FTP: enable ftpserverlib logging and make debug mode configurable 2021-07-20 17:22:08 +02:00
Nicola Murino
c900cde8e4 notifiers plugin: add settings to retry unhandled events 2021-07-20 12:51:21 +02:00
Nicola Murino
5a568b4077 KMS: allow to provide the master encryption key as string 2021-07-17 15:34:48 +02:00
Nicola Murino
030507a2ce add some docs for the plugin system 2021-07-17 14:14:42 +02:00
Nicola Murino
6d313f6d8f expose KMS as plugin 2021-07-16 18:22:42 +02:00
Nicola Murino
bd5191dfc5 add experimental plugin system 2021-07-11 15:26:51 +02:00
Nicola Murino
ff19879ffd allow to use a persistent signing key for JWT and CSRF tokens 
Fixes #466
 2021-07-01 20:17:40 +02:00
Nicola Murino
3bb0ca1d2b config: remove deprecated configuration keys 2021-06-19 09:47:06 +02:00
Nicola Murino
423d8306be webclient: allow to download multiple files as zip 2021-05-30 23:07:46 +02:00
Nicola Murino
3b46e6a6fb add support for a global temp path 
Fixes #436
 2021-05-27 15:38:27 +02:00
Nicola Murino
600268ebb8 httpclient: allow to set custom headers 2021-05-25 08:36:01 +02:00
Nicola Murino
8ecf64f481 httpclient: accepts timeouts as float 
Fixes #428
 2021-05-16 12:50:06 +02:00
Nicola Murino
f2b93c0402 add a setup screen to create the first admin user 
If you prefer to auto-create the first admin you can enable the
"create_default_admin" configuration key and SFTPGo will work as before.

You can also create the first admin by loading initial data: now you can
set both username and password, before you could only change the password
 2021-05-14 19:21:15 +02:00
Nicola Murino
fa45c9c138 allow to execute actions for file operations and SSH commands synchronously 
The actions to run synchronously can be configured via the `execute_sync`
configuration key.

Executing an action synchronously means that SFTPGo will not return a result
code to the client until your hook have completed its execution.

Fixes #409
 2021-05-11 12:45:14 +02:00
Nicola Murino
c8f7fc9bc9 httpd/webdav: add a list of hosts allowed to send proxy headers 
X-Forwarded-For, X-Real-IP and X-Forwarded-Proto headers will be ignored
for hosts not included in this list.

This is a backward incompatible change, before the proxy headers were
always used
 2021-05-11 06:54:06 +02:00
Nicola Murino
8f6cdacd00 allow to limit the number of per-host connections 2021-05-08 19:45:21 +02:00
Nicola Murino
23d9ebfc91 add a basic front-end web interface for end-users 
Fixes #339 #321 #398
 2021-05-06 21:35:43 +02:00
Nicola Murino
32db0787bb add an example script for scheduled quota updates 2021-04-26 21:53:09 +02:00
Nicola Murino
3941255733 docs: fix a typo 2021-04-25 09:42:19 +02:00
Nicola Murino
46998252e5 use bcrypt as default password hashing algo 
argon2id has a high memory cost and, if not properly tuned, it can lead to
resource starvation.

Advanced users can still configure and use argon2id.
Passwords stored as argon2id will continue to work
 2021-04-25 09:38:33 +02:00
Nicola Murino
92638ce93d add support for hashing password using bcrypt 
argon2id remains the default
 2021-04-20 13:55:09 +02:00
Nicola Murino
6ef85d6026 add, optional, in memory password caching 
Verifying argon2 passwords has a high memory and computational cost,
by enabling, in memory, password caching you reduce this cost
 2021-04-20 09:39:36 +02:00
Nicola Murino
f45c89fc46 add rate limiting support for REST API/web admin too 2021-04-19 08:14:04 +02:00
Nicola Murino
112e3b2fc2 add rate limiting support 2021-04-18 12:31:06 +02:00
Nicola Murino
124c471a2b FTPD: make sure that the passive ip, if provided, is valid 
The server will refuse to start if the provided passive ip is not a
valid IPv4 address.

Fixes #376
 2021-04-16 15:08:10 +02:00
Nicola Murino
c844fc7477 add support for delayed quota update 
If there are a lot of close uploads, accumulating quota updates can
save you many queries to the data provider
 2021-04-11 08:38:43 +02:00
Nicola Murino
0bc4db9950 web admin: make base url configurable 2021-04-09 22:02:48 +02:00
Nicola Murino
b389f93d97 allow to select sha256-simd using an env var 2021-04-07 16:25:58 +02:00
Nicola Murino
acb4310c11 add a startup hook 2021-04-05 10:07:59 +02:00
Nicola Murino
5cd27ce529 document Cockroach driver name 2021-03-27 19:41:00 +01:00
Nicola Murino
4c658bb6f0 webdav: add prefix support 2021-03-07 17:10:45 +01:00
Nicola Murino
df41f0c556 add a setting to skip natural keys validation 
Enabling the "skip_natural_keys_validation" data provider setting,
the natural keys for REST API/Web Admin as usernames, admin names,
folder names are not restricted to unreserved URI chars

Fixes #334 #308
 2021-03-04 09:48:53 +01:00
Nicola Murino
534b253c20 WebDAV: improve TLS certificate authentication 
For each user you can now configure:

- TLS certificate auth
- TLS certificate auth and password
- Password auth

For TLS certificate auth, the certificate common name is used as
username
 2021-03-01 19:28:11 +01:00
Nicola Murino
a6e36e7cad FTP: improve TLS certificate authentication 
For each user you can now configure:

- TLS certificate auth
- TLS certificate auth and password
- Password auth

For TLS auth, the certificate common name must match the name provided
using the "USER" FTP command
 2021-02-28 12:10:40 +01:00
Nicola Murino
5da4f931c5 TLS: allow to configure cipher suites 
Fixes #316
 2021-02-18 20:17:16 +01:00
Nicola Murino
46176a54b4 minor doc fixes 2021-02-14 22:08:08 +01:00
Nicola Murino
a21ccad174 web hooks: add mutual TLS support 2021-02-13 14:41:37 +01:00
Nicola Murino
6a6e8fffbc web hooks: improve resilience by adding a configurable retry 
the retryable http client is used for hooks that notify events
 2021-02-12 21:42:49 +01:00
Nicola Murino
57976b4085 httpd: add mTLS and multiple bindings support 2021-01-19 18:59:41 +01:00
Nicola Murino
778ec9b88f REST API v2 
- add JWT authentication
- admins are now stored inside the data provider
- admin access can be restricted based on the source IP: both proxy
  header and connection IP are checked
- deprecate REST API CLI: it is not relevant anymore

Some other changes to the REST API can still happen before releasing
SFTPGo 2.0.0

Fixes #197
 2021-01-17 22:29:08 +01:00
Nicola Murino
72b2c83392 defender: allow hot-reloading for safe and block lists 2021-01-04 17:52:14 +01:00
Nicola Murino
684f4ba1a6 mutal TLS: add support for revocation lists 2021-01-03 17:03:04 +01:00