|
|
Line 14: |
Line 14: |
| |} | | |} |
| </blockquote><!-- Documentation --> | | </blockquote><!-- Documentation --> |
|
| |
| = Locations =
| |
| <blockquote>
| |
| {| class="wikitable"
| |
| |-
| |
| | <code>http://127.0.0.1:8080/web/admin</code> || web admin
| |
| |-
| |
| | <code>/usr/local/etc/sftpgo.json</code> || config file
| |
| |-
| |
| | <code>/var/db/sftpgo</code> ||
| |
| |-
| |
| |}
| |
| </blockquote><!-- Locations -->
| |
|
| |
| = Install =
| |
| <blockquote>
| |
| <syntaxhighlight lang="bash">
| |
| pkg install sftpgo
| |
| </syntaxhighlight>
| |
|
| |
| <syntaxhighlight lang="bash">
| |
| service sftpgo start
| |
| http://127.0.0.1:8080/web/admin # create admin user
| |
| </syntaxhighlight>
| |
| </blockquote><!-- Install -->
| |
|
| |
| = Configuration =
| |
| <blockquote>
| |
| == Database ==
| |
| <blockquote>
| |
| By default uses sqlite, but can use postgres/mysql/cockroachdb.<br>
| |
| Note that if you use sqlite, you won't be able to have concurrent connections.
| |
| </blockquote><!-- Database -->
| |
|
| |
| == Users ==
| |
| <blockquote>
| |
| Create an admin user in the webui<br>
| |
| You can then create consumer users in the webui as well.
| |
|
| |
| Once you've created a directory, you can create it in your filesystem and quickly confirm access with <code>sftp</code>.<br>
| |
| You do not need a real system user account for these users.<br>
| |
| SFTP will provide access to the user's home-directory.
| |
| <syntaxhighlight lang="bash">
| |
| sftp -P 2022 youruser@X.X.X.X # provided password
| |
| </syntaxhighlight>
| |
| </blockquote><!-- Users -->
| |
|
| |
| == Virtual Folders ==
| |
| <blockquote>
| |
| By default, you can access your user's home directory over SFTP.<br>
| |
| If you want to access a directory outside of their home-dir:
| |
|
| |
| <syntaxhighlight lang="yaml">
| |
| - Folders Tab: # create a folder
| |
| - Users Tab: # map a folder to a location within your home-dir so you can access it
| |
| </syntaxhighlight>
| |
| </blockquote><!-- Virtual Folders -->
| |
|
| |
| == Services ==
| |
| <blockquote>
| |
| Based on webdav/ftp, it looks like you disable a service by assinging it <code>port=0</code>
| |
|
| |
| === WebDav ===
| |
| <blockquote>
| |
| Enable webdav by binding a port other than <code>0</code>.
| |
|
| |
| Mounting webdav
| |
| <syntaxhighlight lang="bash">
| |
| # UNTESTED
| |
| aura -A davfs2
| |
| sudo mount.davfs https://foo.com ~/mnt -o rw,uid=username
| |
| </syntaxhighlight>
| |
|
| |
| Access with netrw/cadaver
| |
| <syntaxhighlight lang="bash">
| |
| # UNTESTED
| |
| pacman -S cadaver
| |
| vim 'dav://foo.com:8080/path/to/file' # webdav
| |
| vim 'davs://foo.com:8080/path/to/file' # webdav + ssl
| |
| </syntaxhighlight>
| |
|
| |
| See https://github.com/drakkan/sftpgo/blob/main/docs/howto/getting-started.md#enable-webdav-service
| |
| </blockquote><!-- WebDav -->
| |
| </blockquote><!-- Services -->
| |
|
| |
| == Common ==
| |
| <blockquote>
| |
| <syntaxhighlight lang="yaml">
| |
| common: # defender, general connection settings
| |
| acme: # SSL certificate management
| |
| sftpd: # sftp configuration
| |
| ftpd: # ftp configuration
| |
| webdavd: # webdav configuration
| |
| data_provider: # database configuration
| |
| httpd: # web interface
| |
| telemetry: # pushes metrics to prometheus
| |
| kms: # configure key management
| |
| mfa: # configure multifactor authentication
| |
| smtp: # can send email
| |
| </syntaxhighlight>
| |
|
| |
| You can stop FTP/webdav, if you don't want to use the other services you'll need to block them in your firewall.
| |
|
| |
| Some notable configuration options
| |
| <syntaxhighlight lang="javascript">
| |
| {
| |
| "common": {
| |
| "defender": {
| |
| "enabled": true, // ships with fail2ban
| |
| }
| |
| }
| |
| }
| |
| </syntaxhighlight>
| |
| </blockquote><!-- Common -->
| |
| </blockquote><!-- Configuration -->
| |