Flexible, fully featured and highly configurable SFTP server with optional FTP/S and WebDAV support.
Deploy this app to Linode with a free $100 credit!
Fully featured and highly configurable SFTP server with optional HTTP/S, FTP/S and WebDAV support. Several storage backends are supported: local filesystem, encrypted local filesystem, S3 (compatible) Object Storage, Google Cloud Storage, Azure Blob Storage, SFTP.
If you find SFTPGo useful please consider supporting this Open Source project.
Maintaining and evolving SFTPGo is a lot of work - easily the equivalent of a full time job - for me.
I'd like to make SFTPGo into a sustainable long term project and would not like to introduce a dual licensing option and limit some features to the proprietary version only.
If you use SFTPGo, it is in your best interest to ensure that the project you rely on stays healthy and well maintained. This can only happen with your donations and sponsorships
With sponsorships/donations we establish a channel for reciprocal access, ensuring better outcomes for both you and the project.
If you just take and don't return anything back, the project will die in the long run and you will be forced to pay for a similar proprietary solution.
More info.
You can also purchase support plans from the SFTPGo website.
SFTPGo is an Open Source project and you can of course use it for free but please don't ask for free support as well.
We will check the reported issues to see if you are experiencing a bug and if so we'll will fix it, but will only provide support to project sponsors/donors.
If you report an invalid issue or ask for step-by-step support, your issue will remain open with no answer or will be closed as invalid without further explanation. Thanks for understanding.
Let's Encrypt
or other ACME compliant certificate authorities, using the the HTTP-01
or TLS-ALPN-01
challenge types.SFTPGo is developed and tested on Linux. After each commit, the code is automatically built and tested on Linux, macOS, Windows and FreeBSD. Other *BSD variants should work too.
Binary releases for Linux, macOS, and Windows are available. Please visit the releases page.
An official Docker image is available. Documentation is here.
APT and YUM repositories are available.
SFTPGo is also available on some marketplaces:
Purchasing from there will help keep SFTPGo a long-term sustainable project.
On macOS you can install from the Homebrew Formula. On FreeBSD you can install from the SFTPGo port. On DragonFlyBSD you can install SFTPGo from DPorts.
You can easily test new features selecting a commit from the Actions page and downloading the matching build artifacts for Linux, macOS or Windows. GitHub stores artifacts for 90 days.
Alternately, you can build from source.
Getting Started Guide for the Impatient.
A full explanation of all configuration methods can be found here.
Please make sure to initialize the data provider before running the daemon.
To start SFTPGo with the default settings, simply run:
sftpgo serve
Check out this documentation if you want to run SFTPGo as a service.
Before starting the SFTPGo server please ensure that the configured data provider is properly initialized/updated.
For PostgreSQL, MySQL and CockroachDB providers, you need to create the configured database. For SQLite, the configured database will be automatically created at startup. Memory and bolt data providers do not require an initialization but they could require an update to the existing data after upgrading SFTPGo.
SFTPGo will attempt to automatically detect if the data provider is initialized/updated and if not, will attempt to initialize/ update it on startup as needed.
Alternately, you can create/update the required data provider structures yourself using the initprovider
command.
For example, you can simply execute the following command from the configuration directory:
sftpgo initprovider
Take a look at the CLI usage to learn how to specify a different configuration file:
sftpgo initprovider --help
You can disable automatic data provider checks/updates at startup by setting the update_mode
configuration key to 1
.
You can also reset your provider by using the resetprovider
sub-command. Take a look at the CLI usage for more details:
sftpgo resetprovider --help
Please note that some data providers (e.g. MySQL and CockroachDB) do not support schema changes within a transaction, this means that you may end up with an inconsistent schema if migrations are forcibly aborted. CockroachDB doesn't support database-level locks, so make sure you don't execute migrations concurrently.
To start using SFTPGo you need to create an admin user, you can do it in several ways:
create_default_admin
in your configuration file and setting the environment variables SFTPGO_DEFAULT_ADMIN_USERNAME
and SFTPGO_DEFAULT_ADMIN_PASSWORD
SFTPGo supports upgrading from the previous release branch to the current one. Some examples for supported upgrade paths are:
For supported upgrade paths, the data and schema are migrated automatically when SFTPGo starts, alternatively you can use the initprovider
command before starting SFTPGo.
So if, for example, you want to upgrade from 2.0.x to 2.2.x, you must first install version 2.1.x, update the data provider (automatically, by starting SFTPGo or manually using the initprovider
command) and finally install the version 2.2.x. It is recommended to always install the latest available minor version, ie do not install 2.1.0 if 2.1.2 is available.
Loading data from a provider independent JSON dump is supported from the previous release branch to the current one too. After upgrading SFTPGo it is advisable to regenerate the JSON dump from the new version.
If for some reason you want to downgrade SFTPGo, you may need to downgrade your data provider schema and data as well. You can use the revertprovider
command for this task.
As for upgrading, SFTPGo supports downgrading from the previous release branch to the current one.
So, if you plan to downgrade from 2.3.x to 2.2.x, before uninstalling 2.3.x version, you can prepare your data provider executing the following command from the configuration directory:
sftpgo revertprovider
Take a look at the CLI usage to learn how to specify a configuration file:
sftpgo revertprovider --help
The revertprovider
command is not supported for the memory provider.
Please note that we only support the current release branch and the current main branch, if you find a bug it is better to report it rather than downgrading to an older unsupported version.
After starting SFTPGo you can manage users, groups, folders and other resources using:
To support embedded data providers like bolt
and SQLite
, which do not support concurrent connections, we can't have a CLI that directly write users and other resources to the data provider, we always have to use the REST API.
Full details for users, groups, folders, admins and other resources are documented in the OpenAPI schema. If you want to render the schema without importing it manually, you can explore it on Stoplight.
SFTPGo users, groups and folders are virtual and therefore unrelated to the system ones. There is no need to create system-wide users and groups.
Some step-to-step tutorials can be found inside the source tree howto directory.
A user can be created or modified by an external program just before the login. More information about this can be found here.
SFTPGo allows you to configure custom commands and/or HTTP hooks to receive notifications about file uploads, deletions and several other events.
More information about custom actions can be found here.
Directories outside the user home directory or based on a different storage provider can be mapped as virtual folders, more information here.
You can get notified as soon as a new connection is established using the Post-connect hook and after each login using the Post-login hook. You can use your own hook to check passwords.
Each user can be mapped with a S3 Compatible Object Storage /Google Cloud Storage/Azure Blob Storage bucket or a bucket virtual folder.
Each user can be mapped to another SFTP server account or a subfolder of it. More information can be found here.
Data at-rest encryption is supported via the cryptfs backend.
HTTP/S backend allows you to write your own custom storage backend by implementing a REST API. More information can be found here.
Adding new storage backends is quite easy:
GetFilesystem
to return the new backendportable
modeAnyway, some backends require a pay per-use account (or they offer free account for a limited time period only). To be able to add support for such backends or to review pull requests, please provide a test account. The test account must be available for enough time to be able to maintain the backend and do basic tests before each new release.
SFTPGo supports a built-in defender.
Alternately you can use the connection failed logs for integration in tools such as Fail2ban. Example of jails and filters working with systemd
/journald
are available in fail2ban directory.
Details information about account configuration properties can be found here.
SFTPGo can easily saturate a Gigabit connection on low end hardware with no special configuration, this is generally enough for most use cases.
More in-depth analysis of performance can be found here.
SFTPGo releases are feature-driven, we don't have a fixed time based schedule. As a rough estimate, you can expect 1 or 2 new releases per year.
SFTPGo makes use of the third party libraries listed inside go.mod.
We are very grateful to all the people who contributed with ideas and/or pull requests.
Thank you ysura for granting me stable access to a test AWS S3 account.
GNU AGPL-3.0-only
Please login to review this project.
No reviews for this project yet.
Zenko CloudServer, an open-source implementation of a serve…
SeaweedFS is an open source distributed file system support…
An open-source geo-distributed storage service you can self…
Comments (0)
Please login to join the discussion on this project.