Sftpgo
An SFTP/WebDav provider, with a UI, rest-API, and user/permission scheme, metrics etc.
It looks a bit heavyweight for just managing access to org files..
Documentation
Locations
http://127.0.0.1:8080/web/admin
web admin /usr/local/etc/sftpgo.json
config file /var/db/sftpgo
Install
pkg install sftpgoservice sftpgo start http://127.0.0.1:8080/web/admin # create admin user
Configuration
Database
By default uses sqlite, but can use postgres/mysql/cockroachdb.
Note that if you use sqlite, you won't be able to have concurrent connections.Users
Create an admin user in the webui
You can then create consumer users in the webui as well.
Mind the user settings, in particular the home dir, it does not look like you can change this after creation.
Once you've created a directory, you can create it in your filesystem and quickly confirm access with
sftp
.
You do not need a real system user account for these users.sftp -P 2022 youruser@X.X.X.X # provided passwordCommon
common: # defender, general connection settings acme: # SSL certificate management sftpd: # sftp configuration ftpd: # ftp configuration webdavd: # webdav configuration data_provider: # database configuration httpd: # web interface telemetry: # pushes metrics to prometheus kms: # configure key management mfa: # configure multifactor authentication smtp: # can send emailYou can stop FTP/webdav, if you don't want to use the other services you'll need to block them in your firewall.
Some notable configuration options
{ "common": { "defender": { "enabled": true, // ships with fail2ban } } }