An SFTP/WebDav provider, with a UI, rest-API, and user/permission scheme, metrics etc.
It looks a bit heavyweight for just managing access to org files..

Documentation

config docs	https://github.com/drakkan/sftpgo/blob/main/docs/full-configuration.md
getting started	https://github.com/drakkan/sftpgo/blob/main/docs/howto/getting-started.md
github	https://github.com/drakkan/sftpgo

Locations

http://127.0.0.1:8080/web/admin	web admin
/usr/local/etc/sftpgo.json	config file
/var/db/sftpgo

Install

pkg install sftpgo

service sftpgo start
http://127.0.0.1:8080/web/admin  # create admin user

Configuration

Database

By default uses sqlite, but can use postgres/mysql/cockroachdb.
Note that if you use sqlite, you won't be able to have concurrent connections.

Users

Create an admin user in the webui
You can then create consumer users in the webui as well.
Mind the user settings, in particular the home dir, it does not look like you can change this after creation.

Once you've created a directory, you can create it in your filesystem and quickly confirm access with sftp.
You do not need a real system user account for these users.

sftp -P 2022 youruser@X.X.X.X  # provided password

Common

common:         # defender, general connection settings
acme:           # SSL certificate management
sftpd:          # sftp configuration
ftpd:           # ftp configuration
webdavd:        # webdav configuration
data_provider:  # database configuration
httpd:          # web interface
telemetry:      # pushes metrics to prometheus
kms:            # configure key management
mfa:            # configure multifactor authentication
smtp:           # can send email

You can stop FTP/webdav, if you don't want to use the other services you'll need to block them in your firewall.

Some notable configuration options

{
    "common": {
        "defender": {
            "enabled": true, // ships with fail2ban
        }
    }
}