Difference between revisions of "Sftpgo"
Jump to navigation
Jump to search
| (6 intermediate revisions by the same user not shown) | |||
| Line 12: | Line 12: | ||
docker run --name sftpgo \ | docker run --name sftpgo \ | ||
| + | -p 0.0.0.0:2021:21 \ | ||
| + | -p 0.0.0.0:2080:80 \ | ||
-p 0.0.0.0:8080:8090 \ | -p 0.0.0.0:8080:8090 \ | ||
-p 2022:2022 \ | -p 2022:2022 \ | ||
| + | --mount type=bind,source=/app/sftpgo/sftpgo.json,target=/etc/sftpgo/sftpgo.json \ | ||
--mount type=bind,source=/app/sftpgo/data,target=/srv/sftpgo \ | --mount type=bind,source=/app/sftpgo/data,target=/srv/sftpgo \ | ||
--mount type=bind,source=/app/sftpgo/home,target=/var/lib/sftpgo \ | --mount type=bind,source=/app/sftpgo/home,target=/var/lib/sftpgo \ | ||
| Line 34: | Line 37: | ||
curl -H 'Accept: application/json' -H "Authorization: Bearer ${token}" ${apiurl}/users | curl -H 'Accept: application/json' -H "Authorization: Bearer ${token}" ${apiurl}/users | ||
``` | ``` | ||
| + | |||
| + | # Webdav | ||
| + | |||
| + | ``` | ||
| + | curl --anyauth --user 'myuser:myuserpass' -X MKCOL 'http://host/foo' | ||
| + | curl --anyauth --user 'myuser:myuserpass' -T '/tmp/file.txt' 'http://example.io/foo' # --anyauth --basic or --digest | ||
| + | curl --anyauth --user 'myuser:myuserpass' -X DELETE 'https://example.com/test' -sw '%{http_code}' | ||
| + | curl --anyauth --user 'myuser:myuserpass' -X MOVE --header 'Destination:http://example.io/new.txt' 'https://example.io/old.txt' | ||
| + | curl --anyauth --user 'myuser:myuserpass' 'https://example.io/foo' | ||
| + | |||
| + | Using headers for basic auth | ||
| + | curl -i \ | ||
| + | -H 'Accept:application/json' \ | ||
| + | -H 'Authorization:Basic BASE64_string' \ | ||
| + | http://example.com | ||
| + | ``` | ||
| + | |||
| + | /app/sftpgo/sftpgo.json | ||
| + | ``` | ||
| + | { | ||
| + | "common": { | ||
| + | "idle_timeout": 15, | ||
| + | "upload_mode": 0, | ||
| + | "actions": { | ||
| + | "execute_on": [], | ||
| + | "hook": "" | ||
| + | }, | ||
| + | "setstat_mode": 0, | ||
| + | "proxy_protocol": 0, | ||
| + | "proxy_allowed": [], | ||
| + | "post_connect_hook": "", | ||
| + | "max_total_connections": 0, | ||
| + | "defender": { | ||
| + | "enabled": false, | ||
| + | "ban_time": 30, | ||
| + | "ban_time_increment": 50, | ||
| + | "threshold": 15, | ||
| + | "score_invalid": 2, | ||
| + | "score_valid": 1, | ||
| + | "observation_time": 30, | ||
| + | "entries_soft_limit": 100, | ||
| + | "entries_hard_limit": 150, | ||
| + | "safelist_file": "", | ||
| + | "blocklist_file": "" | ||
| + | } | ||
| + | }, | ||
| + | "sftpd": { | ||
| + | "bindings": [ | ||
| + | { | ||
| + | "port": 2022, | ||
| + | "address": "", | ||
| + | "apply_proxy_config": true | ||
| + | } | ||
| + | ], | ||
| + | "max_auth_tries": 0, | ||
| + | "banner": "", | ||
| + | "host_keys": [], | ||
| + | "kex_algorithms": [], | ||
| + | "ciphers": [], | ||
| + | "macs": [], | ||
| + | "trusted_user_ca_keys": [], | ||
| + | "login_banner_file": "", | ||
| + | "enabled_ssh_commands": [ | ||
| + | "md5sum", | ||
| + | "sha1sum", | ||
| + | "cd", | ||
| + | "pwd", | ||
| + | "scp" | ||
| + | ], | ||
| + | "keyboard_interactive_auth_hook": "", | ||
| + | "password_authentication": true | ||
| + | }, | ||
| + | "ftpd": { | ||
| + | "bindings": [ | ||
| + | { | ||
| + | "port": 21, | ||
| + | "address": "", | ||
| + | "apply_proxy_config": true, | ||
| + | "tls_mode": 0, | ||
| + | "force_passive_ip": "", | ||
| + | "client_auth_type": 0 | ||
| + | } | ||
| + | ], | ||
| + | "banner": "", | ||
| + | "banner_file": "", | ||
| + | "active_transfers_port_non_20": true, | ||
| + | "passive_port_range": { | ||
| + | "start": 50000, | ||
| + | "end": 50100 | ||
| + | }, | ||
| + | "disable_active_mode": false, | ||
| + | "enable_site": false, | ||
| + | "hash_support": 0, | ||
| + | "combine_support": 0, | ||
| + | "certificate_file": "", | ||
| + | "certificate_key_file": "", | ||
| + | "ca_certificates": [], | ||
| + | "ca_revocation_lists": [] | ||
| + | }, | ||
| + | "webdavd": { | ||
| + | "bindings": [ | ||
| + | { | ||
| + | "port": 80, | ||
| + | "address": "", | ||
| + | "enable_https": false, | ||
| + | "client_auth_type": 0 | ||
| + | } | ||
| + | ], | ||
| + | "certificate_file": "", | ||
| + | "certificate_key_file": "", | ||
| + | "ca_certificates": [], | ||
| + | "ca_revocation_lists": [], | ||
| + | "cors": { | ||
| + | "enabled": false, | ||
| + | "allowed_origins": [], | ||
| + | "allowed_methods": [], | ||
| + | "allowed_headers": [], | ||
| + | "exposed_headers": [], | ||
| + | "allow_credentials": false, | ||
| + | "max_age": 0 | ||
| + | }, | ||
| + | "cache": { | ||
| + | "users": { | ||
| + | "expiration_time": 0, | ||
| + | "max_size": 50 | ||
| + | }, | ||
| + | "mime_types": { | ||
| + | "enabled": true, | ||
| + | "max_size": 1000 | ||
| + | } | ||
| + | } | ||
| + | }, | ||
| + | "data_provider": { | ||
| + | "driver": "sqlite", | ||
| + | "name": "sftpgo.db", | ||
| + | "host": "", | ||
| + | "port": 0, | ||
| + | "username": "", | ||
| + | "password": "", | ||
| + | "sslmode": 0, | ||
| + | "connection_string": "", | ||
| + | "sql_tables_prefix": "", | ||
| + | "track_quota": 2, | ||
| + | "pool_size": 0, | ||
| + | "users_base_dir": "/srv/sftpgo/data", | ||
| + | "actions": { | ||
| + | "execute_on": [], | ||
| + | "hook": "" | ||
| + | }, | ||
| + | "external_auth_hook": "", | ||
| + | "external_auth_scope": 0, | ||
| + | "credentials_path": "credentials", | ||
| + | "prefer_database_credentials": false, | ||
| + | "pre_login_hook": "", | ||
| + | "post_login_hook": "", | ||
| + | "post_login_scope": 0, | ||
| + | "check_password_hook": "", | ||
| + | "check_password_scope": 0, | ||
| + | "password_hashing": { | ||
| + | "argon2_options": { | ||
| + | "memory": 65536, | ||
| + | "iterations": 1, | ||
| + | "parallelism": 2 | ||
| + | } | ||
| + | }, | ||
| + | "update_mode": 0 | ||
| + | }, | ||
| + | "httpd": { | ||
| + | "bindings": [ | ||
| + | { | ||
| + | "port": 8080, | ||
| + | "address": "", | ||
| + | "enable_web_admin": true, | ||
| + | "enable_https": false, | ||
| + | "client_auth_type": 0 | ||
| + | } | ||
| + | ], | ||
| + | "templates_path": "templates", | ||
| + | "static_files_path": "static", | ||
| + | "backups_path": "/srv/sftpgo/backups", | ||
| + | "certificate_file": "", | ||
| + | "certificate_key_file": "", | ||
| + | "ca_certificates": [], | ||
| + | "ca_revocation_lists": [] | ||
| + | }, | ||
| + | "telemetry": { | ||
| + | "bind_port": 10000, | ||
| + | "bind_address": "127.0.0.1", | ||
| + | "enable_profiler": false, | ||
| + | "auth_user_file": "", | ||
| + | "certificate_file": "", | ||
| + | "certificate_key_file": "" | ||
| + | }, | ||
| + | "http": { | ||
| + | "timeout": 20, | ||
| + | "retry_wait_min": 2, | ||
| + | "retry_wait_max": 30, | ||
| + | "retry_max": 3, | ||
| + | "ca_certificates": [], | ||
| + | "certificates": [], | ||
| + | "skip_tls_verify": false | ||
| + | }, | ||
| + | "kms": { | ||
| + | "secrets": { | ||
| + | "url": "", | ||
| + | "master_key_path": "" | ||
| + | } | ||
| + | } | ||
| + | } | ||
| + | ``` | ||
| + | # Refs: | ||
| + | - https://computingforgeeks.com/setup-secure-ftp-server-sftp-with-webdav-using-sftpgo/ | ||
Latest revision as of 18:52, 26 March 2022
https://github.com/drakkan/sftpgo
This is an excellent project. Please use it and donate to it with time or $$$.
Bash Examples
/app/sftpgo/up
for dir in /app/sftpgo/data /app/sftpgo/home /app/sftpgo/share; do
mkdir -p $dir
done
docker run --name sftpgo \
-p 0.0.0.0:2021:21 \
-p 0.0.0.0:2080:80 \
-p 0.0.0.0:8080:8090 \
-p 2022:2022 \
--mount type=bind,source=/app/sftpgo/sftpgo.json,target=/etc/sftpgo/sftpgo.json \
--mount type=bind,source=/app/sftpgo/data,target=/srv/sftpgo \
--mount type=bind,source=/app/sftpgo/home,target=/var/lib/sftpgo \
--mount type=bind,source=/app/sftpgo/share,target=/share \
-e SFTPGO_HTTPD__BINDINGS__0__PORT=8090 \
-d "drakkan/sftpgo:latest"
/app/sftpgo/down
docker stop sftpgo docker rm -f sftpgo
/app/sftpgo/apigetusers
rsp=$(curl -s http://admin:password@sftp.example.io:8080/api/v2/token)
token=$(echo $rsp | jq -r '.access_token')
apiurl="http://127.0.0.1:8080/api/v2"
curl -H 'Accept: application/json' -H "Authorization: Bearer ${token}" ${apiurl}/users
Webdav
curl --anyauth --user 'myuser:myuserpass' -X MKCOL 'http://host/foo'
curl --anyauth --user 'myuser:myuserpass' -T '/tmp/file.txt' 'http://example.io/foo' # --anyauth --basic or --digest
curl --anyauth --user 'myuser:myuserpass' -X DELETE 'https://example.com/test' -sw '%{http_code}'
curl --anyauth --user 'myuser:myuserpass' -X MOVE --header 'Destination:http://example.io/new.txt' 'https://example.io/old.txt'
curl --anyauth --user 'myuser:myuserpass' 'https://example.io/foo'
Using headers for basic auth
curl -i \
-H 'Accept:application/json' \
-H 'Authorization:Basic BASE64_string' \
http://example.com
/app/sftpgo/sftpgo.json
{
"common": {
"idle_timeout": 15,
"upload_mode": 0,
"actions": {
"execute_on": [],
"hook": ""
},
"setstat_mode": 0,
"proxy_protocol": 0,
"proxy_allowed": [],
"post_connect_hook": "",
"max_total_connections": 0,
"defender": {
"enabled": false,
"ban_time": 30,
"ban_time_increment": 50,
"threshold": 15,
"score_invalid": 2,
"score_valid": 1,
"observation_time": 30,
"entries_soft_limit": 100,
"entries_hard_limit": 150,
"safelist_file": "",
"blocklist_file": ""
}
},
"sftpd": {
"bindings": [
{
"port": 2022,
"address": "",
"apply_proxy_config": true
}
],
"max_auth_tries": 0,
"banner": "",
"host_keys": [],
"kex_algorithms": [],
"ciphers": [],
"macs": [],
"trusted_user_ca_keys": [],
"login_banner_file": "",
"enabled_ssh_commands": [
"md5sum",
"sha1sum",
"cd",
"pwd",
"scp"
],
"keyboard_interactive_auth_hook": "",
"password_authentication": true
},
"ftpd": {
"bindings": [
{
"port": 21,
"address": "",
"apply_proxy_config": true,
"tls_mode": 0,
"force_passive_ip": "",
"client_auth_type": 0
}
],
"banner": "",
"banner_file": "",
"active_transfers_port_non_20": true,
"passive_port_range": {
"start": 50000,
"end": 50100
},
"disable_active_mode": false,
"enable_site": false,
"hash_support": 0,
"combine_support": 0,
"certificate_file": "",
"certificate_key_file": "",
"ca_certificates": [],
"ca_revocation_lists": []
},
"webdavd": {
"bindings": [
{
"port": 80,
"address": "",
"enable_https": false,
"client_auth_type": 0
}
],
"certificate_file": "",
"certificate_key_file": "",
"ca_certificates": [],
"ca_revocation_lists": [],
"cors": {
"enabled": false,
"allowed_origins": [],
"allowed_methods": [],
"allowed_headers": [],
"exposed_headers": [],
"allow_credentials": false,
"max_age": 0
},
"cache": {
"users": {
"expiration_time": 0,
"max_size": 50
},
"mime_types": {
"enabled": true,
"max_size": 1000
}
}
},
"data_provider": {
"driver": "sqlite",
"name": "sftpgo.db",
"host": "",
"port": 0,
"username": "",
"password": "",
"sslmode": 0,
"connection_string": "",
"sql_tables_prefix": "",
"track_quota": 2,
"pool_size": 0,
"users_base_dir": "/srv/sftpgo/data",
"actions": {
"execute_on": [],
"hook": ""
},
"external_auth_hook": "",
"external_auth_scope": 0,
"credentials_path": "credentials",
"prefer_database_credentials": false,
"pre_login_hook": "",
"post_login_hook": "",
"post_login_scope": 0,
"check_password_hook": "",
"check_password_scope": 0,
"password_hashing": {
"argon2_options": {
"memory": 65536,
"iterations": 1,
"parallelism": 2
}
},
"update_mode": 0
},
"httpd": {
"bindings": [
{
"port": 8080,
"address": "",
"enable_web_admin": true,
"enable_https": false,
"client_auth_type": 0
}
],
"templates_path": "templates",
"static_files_path": "static",
"backups_path": "/srv/sftpgo/backups",
"certificate_file": "",
"certificate_key_file": "",
"ca_certificates": [],
"ca_revocation_lists": []
},
"telemetry": {
"bind_port": 10000,
"bind_address": "127.0.0.1",
"enable_profiler": false,
"auth_user_file": "",
"certificate_file": "",
"certificate_key_file": ""
},
"http": {
"timeout": 20,
"retry_wait_min": 2,
"retry_wait_max": 30,
"retry_max": 3,
"ca_certificates": [],
"certificates": [],
"skip_tls_verify": false
},
"kms": {
"secrets": {
"url": "",
"master_key_path": ""
}
}
}