Manually merging SFTPGo PR
This commit is contained in:
parent
81e774dc83
commit
f4ef4c8d2a
7 changed files with 447 additions and 402 deletions
BIN
home/dot_local/etc/branding/favicon.ico
Normal file
BIN
home/dot_local/etc/branding/favicon.ico
Normal file
Binary file not shown.
After Width: | Height: | Size: 15 KiB |
BIN
home/dot_local/etc/branding/logo-color-256x256.png
Normal file
BIN
home/dot_local/etc/branding/logo-color-256x256.png
Normal file
Binary file not shown.
After Width: | Height: | Size: 12 KiB |
BIN
home/dot_local/etc/branding/logo-color-900x900.png
Normal file
BIN
home/dot_local/etc/branding/logo-color-900x900.png
Normal file
Binary file not shown.
After Width: | Height: | Size: 46 KiB |
|
@ -20,6 +20,8 @@ ingress:
|
|||
service: rdp://localhost:3389
|
||||
- hostname: samba.{{ $baseDomain }}
|
||||
service: localhost:8445
|
||||
- hostname: sftp.{{ $baseDomain }}
|
||||
service: tcp://localhost:2022
|
||||
- hostname: vnc.{{ $baseDomain }}
|
||||
service: tcp://localhost:5901
|
||||
{{- if eq .host.softwareGroup "Kubernetes" }}
|
||||
|
|
5
home/dot_local/etc/sftpgo/banner
Normal file
5
home/dot_local/etc/sftpgo/banner
Normal file
|
@ -0,0 +1,5 @@
|
|||
WARNING! Authorized use only. Your IP address has been logged.
|
||||
|
||||
If you choose to ignore this warning and discover a vulnerability
|
||||
that you can explain how to remediate, then please contact brian@megabyte.space
|
||||
for a bounty.
|
|
@ -60,10 +60,8 @@
|
|||
]
|
||||
},
|
||||
"acme": {
|
||||
"domains": [
|
||||
"sftp.{{- $baseDomain -}}"
|
||||
],
|
||||
"email": "{{- .user.cloudflare.username -}}",
|
||||
"domains": ["sftp.{{ $baseDomain }}"],
|
||||
"email": "{{ .user.cloudflare.username }}",
|
||||
"key_type": "4096",
|
||||
"certs_path": "certs",
|
||||
"ca_endpoint": "https://acme-v02.api.letsencrypt.org/directory",
|
||||
|
@ -96,7 +94,7 @@
|
|||
"macs": [],
|
||||
"trusted_user_ca_keys": [],
|
||||
"revoked_user_certs_file": "",
|
||||
"login_banner_file": "",
|
||||
"login_banner_file": "/usr/local/etc/sftpgo/banner",
|
||||
"enabled_ssh_commands": [
|
||||
"md5sum",
|
||||
"sha1sum",
|
||||
|
@ -311,9 +309,9 @@
|
|||
"web_admin": {
|
||||
"name": "",
|
||||
"short_name": "",
|
||||
"favicon_path": "",
|
||||
"logo_path": "",
|
||||
"login_image_path": "",
|
||||
"favicon_path": "/usr/local/etc/branding/favicon.ico",
|
||||
"logo_path": "/usr/local/etc/branding/logo-color-256x256.png",
|
||||
"login_image_path": "/usr/local/etc/branding/logo-color-900x900.png",
|
||||
"disclaimer_name": "",
|
||||
"disclaimer_path": "",
|
||||
"default_css": "",
|
||||
|
@ -322,9 +320,9 @@
|
|||
"web_client": {
|
||||
"name": "",
|
||||
"short_name": "",
|
||||
"favicon_path": "",
|
||||
"logo_path": "",
|
||||
"login_image_path": "",
|
||||
"favicon_path": "/usr/local/etc/branding/favicon.ico",
|
||||
"logo_path": "/usr/local/etc/branding/logo-color-256x256.png",
|
||||
"login_image_path": "/usr/local/etc/branding/logo-color-900x900.png",
|
||||
"disclaimer_name": "",
|
||||
"disclaimer_path": "",
|
||||
"default_css": "",
|
||||
|
@ -363,7 +361,7 @@
|
|||
"hide_support_link": true
|
||||
},
|
||||
"telemetry": {
|
||||
"bind_port": 0,
|
||||
"bind_port": 57500,
|
||||
"bind_address": "127.0.0.1",
|
||||
"enable_profiler": false,
|
||||
"auth_user_file": "",
|
||||
|
@ -397,8 +395,8 @@
|
|||
"mfa": {
|
||||
"totp": [
|
||||
{
|
||||
"name": "Install Doctor",
|
||||
"issuer": "SFTPGo - Install Doctor",
|
||||
"name": "CombineOS",
|
||||
"issuer": "CombineOS - SFTPGo",
|
||||
"algo": "sha1"
|
||||
}
|
||||
]
|
||||
|
@ -406,13 +404,30 @@
|
|||
"smtp": {
|
||||
"host": "smtp.sendgrid.net",
|
||||
"port": 587,
|
||||
"from": "SFTPGo <no-reply@{{ .host.domain }}",
|
||||
"from": "CombineOS SFTPGo <no-reply@{{ .host.domain }}",
|
||||
"user": "apikey",
|
||||
"password": "{{- if (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "SENDGRID_API_KEY")) -}}{{- includeTemplate "secrets/SENDGRID_API_KEY" | decrypt | trim -}}{{- else -}}{{- env "SENDGRID_API_KEY" -}}{{- end -}}",
|
||||
"password": "{{ if (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "SENDGRID_API_KEY")) }}{{ includeTemplate "secrets/SENDGRID_API_KEY" | decrypt | trim }}{{ else }}{{ env "SENDGRID_API_KEY" }}",
|
||||
"auth_type": 0,
|
||||
"encryption": 1,
|
||||
"domain": "",
|
||||
"templates_path": "templates"
|
||||
},
|
||||
"plugins": []
|
||||
"plugins": [
|
||||
{
|
||||
"cmd": "/usr/local/bin/sftpgo-plugin-auth",
|
||||
"type": "auth",
|
||||
"auth_options": {
|
||||
"scope": 1
|
||||
},
|
||||
"args": [
|
||||
"serve",
|
||||
"--ldap-url=ldap://ldap.jumpcloud.com:389",
|
||||
"--ldap-base-dn=ou=Users,o={{ if (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "JUMPCLOUD_ORG_ID")) }}{{ includeTemplate "secrets/JUMPCLOUD_ORG_ID" | decrypt | trim }}{{ else }}{{ env "JUMPCLOUD_ORG_ID" }},dc=jumpcloud,dc=com",
|
||||
"--ldap-bind-dn=uid={{ if (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "JUMPCLOUD_BINDDN_USER")) }}{{ includeTemplate "secrets/JUMPCLOUD_BINDDN_USER" | decrypt | trim }}{{ else }}{{ env "JUMPCLOUD_BINDDN_USER" }},ou=Users,o={{ if (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "JUMPCLOUD_ORG_ID")) }}{{ includeTemplate "secrets/JUMPCLOUD_ORG_ID" | decrypt | trim }}{{ else }}{{ env "JUMPCLOUD_ORG_ID" }},dc=jumpcloud,dc=com",
|
||||
"--ldap-password={{ if (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "JUMPCLOUD_BINDDN_PASSWORD")) }}{{ includeTemplate "secrets/JUMPCLOUD_BINDDN_PASSWORD" | decrypt | trim }}{{ else }}{{ env "JUMPCLOUD_BINDDN_PASSWORD" }}",
|
||||
"--ldap-search-query=(objectClass=inetOrgPerson)"
|
||||
],
|
||||
"auto_mtls": true
|
||||
}
|
||||
]
|
||||
}
|
27
software.yml
27
software.yml
|
@ -7828,15 +7828,20 @@ softwarePackages:
|
|||
fi
|
||||
logg info "Copying ${XDG_CONFIG_HOME:-$HOME/.config}/netdata/health.d/ to $NETDATA_ETC" && sudo cp -rf "${XDG_CONFIG_HOME:-$HOME/.config}/netdata/health.d/" "$NETDATA_ETC"
|
||||
|
||||
### Blocky
|
||||
logg info "Adding Blocky metrics collection to $NETDATA_ETC/go.d/prometheus.conf"
|
||||
if command -v gsed > /dev/null; then
|
||||
SED_UTIL="gsed"
|
||||
else
|
||||
SED_UTIL="sed"
|
||||
fi
|
||||
|
||||
### Blocky
|
||||
logg info "Adding Blocky metrics collection to $NETDATA_ETC/go.d/prometheus.conf"
|
||||
sudo "$SED_UTIL" -i "/jobs:/a\ - name: blocky_local \n url: 'http://127.0.0.1:4000/metrics'" "$NETDATA_ETC/go.d/prometheus.conf"
|
||||
|
||||
### SFTPGo
|
||||
logg info "Adding SFTPGo metrics collection to $NETDATA_ETC/go.d/prometheus.conf"
|
||||
sudo "$SED_UTIL" -i "/jobs:/a\ - name: sftpgo_local \n url: 'http://127.0.0.1:57500/metrics'" "$NETDATA_ETC/go.d/prometheus.conf"
|
||||
|
||||
# Backup current health alarm configuration and apply new one
|
||||
if [ -d /usr/local/lib/netdata ]; then
|
||||
NETDATA_LIB='/usr/local/lib/netdata'
|
||||
|
@ -10346,7 +10351,20 @@ softwarePackages:
|
|||
_name: serverless
|
||||
brew: serverless
|
||||
npm: serverless
|
||||
sftpgo-plugin-auth:
|
||||
_bin: sftpgo-plugin-auth
|
||||
_desc: A plugin for SFTPGo to enable LDAP/Active Directory authentication
|
||||
_docs: null
|
||||
_github: https://github.com/sftpgo/sftpgo-plugin-auth
|
||||
_home: null
|
||||
_name: SFTPGo Authentication Plugin
|
||||
_post: |
|
||||
#!/usr/bin/env bash
|
||||
sudo mv -f $(which sftpgo-plugin-auth) /usr/local/bin/sftpgo-plugin-auth
|
||||
go: github.com/sftpgo/sftpgo-plugin-auth@latest
|
||||
sftpgo:
|
||||
_deps:
|
||||
- sftpgo-plugin-auth
|
||||
_bin: sftpgo
|
||||
_desc: Fully featured and highly configurable SFTP server with optional HTTP/S, FTP/S and WebDAV support - S3, Google Cloud Storage, Azure Blob
|
||||
_docs: null
|
||||
|
@ -10357,6 +10375,11 @@ softwarePackages:
|
|||
#!/usr/bin/env bash
|
||||
sudo mkdir -p /usr/local/etc/sftpgo
|
||||
sudo cp -f "$HOME/.local/etc/sftpgo/sftpgo.json" /usr/local/etc/sftpgo/sftpgo.json
|
||||
sudo cp -f "$HOME/.local/etc/sftpgo/banner" /usr/local/etc/sftpgo/banner
|
||||
sudo mkdir -p /usr/local/etc/branding
|
||||
sudo cp -f "$HOME/.local/etc/branding/favicon.ico" /usr/local/etc/branding/favicon.ico
|
||||
sudo cp -f "$HOME/.local/etc/branding/logo-color-256x256.png" /usr/local/etc/branding/logo-color-256x256.png
|
||||
sudo cp -f "$HOME/.local/etc/branding/logo-color-900x900.png" /usr/local/etc/branding/logo-color-900x900.png
|
||||
sudo sftpgo initprovider
|
||||
_service: sftpgo
|
||||
_service:brew:
|
||||
|
|
Loading…
Reference in a new issue