PUID=${PUID} PGID=${MEDIA_GID} TZ=${TZ} SFTPGO_GRACE_TIME=80 # must set docker grace time to be > 80 # COMMON # ------ SFTPGO_COMMON__IDLE_TIMEOUT=30 SFTPGO_COMMON__UPLOAD_MODE=2 # SFTPGO_COMMON__ACTIONS__EXECUTE_ON=upload,download SFTPGO_COMMON__TEMP_PATH=/srv/sftpgo/temp SFTPGO_COMMON__MAX_TOTAL_CONNECTIONS=0 SFTPGO_COMMON__MAX_PER_HOST_CONNECTIONS=20 SFTPGO_COMMON__UMASK=002 SFTPGO_COMMON__DEFENDER__ENABLED=true SFTPGO_COMMON__DEFENDER__DRIVER=memory SFTPGO_COMMON__DEFENDER__BAN_TIME=30 SFTPGO_COMMON__DEFENDER__BAN_TIME_INCREMENT=50 SFTPGO_COMMON__DEFENDER__THRESHOLD=15 SFTPGO_COMMON__DEFENDER__SCORE_INVALID=2 SFTPGO_COMMON__DEFENDER__SCORE_VALID=1 SFTPGO_COMMON__DEFENDER__SCORE_LIMIT_EXCEEDED=3 SFTPGO_COMMON__DEFENDER__SCORE_NO_AUTH=0 SFTPGO_COMMON__DEFENDER__OBSERVATION_TIME=30 SFTPGO_COMMON__DEFENDER__ENTRIES_SOFT_LIMIT=100 SFTPGO_COMMON__DEFENDER__ENTRIES_HARD_LIMIT=150 SFTPGO_COMMON__DEFENDER__LOGIN_DELAY__SUCCESS=0 SFTPGO_COMMON__DEFENDER__LOGIN_DELAY__PASSWORD_FAILED=1000 SFTPGO_COMMON__RATE_LIMITERS__0__AVERAGE=100 SFTPGO_COMMON__RATE_LIMITERS__0__PERIOD=1000 SFTPGO_COMMON__RATE_LIMITERS__0__BURST=1 SFTPGO_COMMON__RATE_LIMITERS__0__TYPE=1 SFTPGO_COMMON__RATE_LIMITERS__0__PROTOCOLS=SSH,FTP,DAV,HTTP SFTPGO_COMMON__RATE_LIMITERS__0__GENERATE_DEFENDER_EVENTS=0 SFTPGO_COMMON__RATE_LIMITERS__0__ENTRIES_SOFT_LIMIT=100 SFTPGO_COMMON__RATE_LIMITERS__0__ENTRIES_HARD_LIMIT=150 SFTPGO_COMMON__RATE_LIMITERS__1__AVERAGE=10 SFTPGO_COMMON__RATE_LIMITERS__1__PERIOD=1000 SFTPGO_COMMON__RATE_LIMITERS__1__BURST=1 SFTPGO_COMMON__RATE_LIMITERS__1__TYPE=2 SFTPGO_COMMON__RATE_LIMITERS__1__PROTOCOLS=SSH,FTP SFTPGO_COMMON__RATE_LIMITERS__1__GENERATE_DEFENDER_EVENTS=1 SFTPGO_COMMON__RATE_LIMITERS__1__ENTRIES_SOFT_LIMIT=100 SFTPGO_COMMON__RATE_LIMITERS__1__ENTRIES_HARD_LIMIT=150 # ACME # ---- # refer to https://docs.sftpgo.com/latest/config-file/#acme SFTPGO_ACME__DOMAINS="sthome.org, stokvis.co.za" SFTPGO_ACME__EMAIL="stuurmcp@telkomsa.net" SFTPGO_ACME__KEY_TYPE=4096 SFTPGO_ACME__CERTS_PATH=/srv/sftpgo/certificates SFTPGO_ACME__CA_ENDPOINT=https://acme-staging-v02.api.letsencrypt.org/directory #SFTPGO_ACME__CA_ENDPOINT=https://acme-v02.api.letsencrypt.org/directory SFTPGO_ACME__RENEW_DAYS=30 # cloudflare does not support TLS-ALPN-01 challenge, so we have to use HTTP-01 SFTPGO_ACME__HTTP01_CHALLENGE__PORT=80 SFTPGO_ACME__HTTP01_CHALLENGE__PROXY_HEADER=Host SFTPGO_ACME__HTTP01_CHALLENGE__WEBROOT="/var/www/sftpgo.com" # SFTPGO_ACME__TLS_ALPN01_CHALLENGE=443 # SSH/SFTP server # --------------- SFTPGO_SFTPD__BINDINGS__0__PORT=${TCP_PORT1} SFTPGO_SFTPD__BINDINGS__1__PORT=${TCP_PORT2} SFTPGO_SFTPD__BINDINGS__2__PORT=${TCP_PORT3} SFTPGO_SFTPD__BINDINGS__3__PORT=${TCP_PORT4} SFTPGO_SFTPD__BINDINGS__4__PORT=${TCP_PORT5} SFTPGO_SFTPD__BINDINGS__5__PORT=${TCP_PORT6} SFTPGO_SFTPD__BINDINGS__6__PORT=${TCP_PORT7} SFTPGO_SFTPD__BINDINGS__7__PORT=${TCP_PORT8} # SFTPGO_SFTPD__BINDINGS__0__ADDRESS= # SFTPGO_SFTPD__BINDINGS__1__ADDRESS= # SFTPGO_SFTPD__BINDINGS__2__ADDRESS= # SFTPGO_SFTPD__BINDINGS__3__ADDRESS= # SFTPGO_SFTPD__BINDINGS__4__ADDRESS= # SFTPGO_SFTPD__BINDINGS__5__ADDRESS= # SFTPGO_SFTPD__BINDINGS__6__ADDRESS= # SFTPGO_SFTPD__BINDINGS__7__ADDRESS= SFTPGO_SFTPD__BINDINGS__0__APPLY_PROXY_CONFIG=true SFTPGO_SFTPD__BINDINGS__1__APPLY_PROXY_CONFIG=true SFTPGO_SFTPD__BINDINGS__2__APPLY_PROXY_CONFIG=true SFTPGO_SFTPD__BINDINGS__3__APPLY_PROXY_CONFIG=true SFTPGO_SFTPD__BINDINGS__4__APPLY_PROXY_CONFIG=true SFTPGO_SFTPD__BINDINGS__5__APPLY_PROXY_CONFIG=true SFTPGO_SFTPD__BINDINGS__6__APPLY_PROXY_CONFIG=true SFTPGO_SFTPD__BINDINGS__7__APPLY_PROXY_CONFIG=true SFTPGO_SFTPD__MAX_AUTH_TRIES=6 SFTPGO_SFTPD__HOST_KEYS= SFTPGO_SFTPD__HOST_CERTIFICATES= SFTPGO_SFTPD__HOST_KEY_ALGORITHMS=rsa-sha2-512, rsa-sha2-256, ecdsa-sha2-nistp256, ecdsa-sha2-nistp384, ecdsa-sha2-nistp521, ssh-ed25519 SFTPGO_SFTPD__KEX_ALGORITHMS=curve25519-sha256, ecdh-sha2-nistp256, ecdh-sha2-nistp384, ecdh-sha2-nistp521, diffie-hellman-group14-sha256, diffie-hellman-group-exchange-sha256 SFTPGO_SFTPD__MIN_DH_GROUP_EXCHANGE_KEY_SIZE=2048 SFTPGO_SFTPD__CIPHERS=aes128-gcm@openssh.com, aes256-gcm@openssh.com, chacha20-poly1305@openssh.com, aes128-ctr, aes192-ctr, aes256-ctr SFTPGO_SFTPD__MACS=hmac-sha2-256-etm@openssh.com, hmac-sha2-256 SFTPGO_SFTPD__PUBLIC_KEY_ALGORITHMS=ecdsa-sha2-nistp256, ecdsa-sha2-nistp384, ecdsa-sha2-nistp521, rsa-sha2-512, rsa-sha2-256, ssh-ed25519, sk-ssh-ed25519@openssh.com, sk-ecdsa-sha2-nistp256@openssh.com SFTPGO_SFTPD__TRUSTED_USER_CA_KEYS= SFTPGO_SFTPD__REVOKED_USER_CERTS_FILE= SFTPGO_SFTPD__LOGIN_BANNER_FILE= SFTPGO_SFTPD__ENABLED_SSH_COMMANDS= SFTPGO_SFTPD__KEYBOARD_INTERACTIVE_AUTHENTICATION=true SFTPGO_SFTPD__KEYBOARD_INTERACTIVE_AUTH_HOOK= SFTPGO_SFTPD__PASSWORD_AUTHENTICATION=true # Data provider # ------------- SFTPGO_DATA_PROVIDER__DRIVER=${DB_TYPE} SFTPGO_DATA_PROVIDER__HOST=${POSTGRES_DB_HOST} SFTPGO_DATA_PROVIDER__PORT=${POSTGRES_DB_PORT} SFTPGO_DATA_PROVIDER__NAME=${POSTGRES_DB} SFTPGO_DATA_PROVIDER__USERNAME=${POSTGRES_USER} SFTPGO_DATA_PROVIDER__PASSWORD=${POSTGRES_PASSWORD} # SFTPGO_DATA_PROVIDER__NAME=${POSTGRES_DB_FILE} # SFTPGO_DATA_PROVIDER__USERNAME=${POSTGRES_USER_FILE} # SFTPGO_DATA_PROVIDER__PASSWORD=${POSTGRES_PASSWORD_FILE} SFTPGO_DATA_PROVIDER__SSLMODE=0 # SFTPGO_DATA_PROVIDER__ROOT_CERT= SFTPGO_DATA_PROVIDER__DISABLE_SNI=false # SFTPGO_DATA_PROVIDER__TARGET_SESSION_ATTRS= # SFTPGO_DATA_PROVIDER__CLIENT_CERT= # SFTPGO_DATA_PROVIDER__CLIENT_KEY= # SFTPGO_DATA_PROVIDER__CONNECTION_STRING=postgres://$${POSTGRES_USER}:$${POSTGRES_PASSWORD}@$${POSTGRES_DB_HOST}:$${POSTGRES_DB_PORT}/$${POSTGRES_DB} SFTPGO_DATA_PROVIDER__TRACK_QUOTA=0 SFTPGO_DATA_PROVIDER__DELAYED_QUOTA_UPDATE=10 # SFTPGO_DATA_PROVIDER__USERS_BASE_DIR= SFTPGO_DATA_PROVIDER__EXTERNAL_AUTH_SCOPE=0 SFTPGO_DATA_PROVIDER__CREDENTIALS_PATH=/credentials SFTPGO_DATA_PROVIDER__POST_LOGIN_SCOPE=0 SFTPGO_DATA_PROVIDER__PASSWORD_HASHING__ALGO=argon2id SFTPGO_DATA_PROVIDER__PASSWORD_HASHING__ARGON2_OPTIONS__MEMORY=65536 SFTPGO_DATA_PROVIDER__PASSWORD_HASHING__ARGON2_OPTIONS__PARALLELISM=8 SFTPGO_DATA_PROVIDER__PASSWORD_HASHING__ARGON2_OPTIONS__ITERATIONS=2 SFTPGO_DATA_PROVIDER__PASSWORD_HASHING__BCRYPT_OPTIONS__COST=20 SFTPGO_DATA_PROVIDER__PASSWORD_VALIDATION__ADMINS=80 SFTPGO_DATA_PROVIDER__PASSWORD_VALIDATION__USERS=70 SFTPGO_DATA_PROVIDER__PASSWORD_CACHING=true SFTPGO_DATA_PROVIDER__UPDATE_MODE=0 SFTPGO_DATA_PROVIDER__CREATE_DEFAULT_ADMIN=false SFTPGO_DATA_PROVIDER__NAMING_RULES=5 # Multi-factor authentication # --------------------------- SFTPGO_MFA__TOTP__NAME=Default SFTPGO_MFA__TOTP__ISSUER=STHOME SFTPGO_MFA__TOTP__ALGO=sha1 # SMTP # ---- SFTPGO_SMTP__PORT=25 SFTPGO_SMTP__HOST=${SMTP_HOST} SFTPGO_SMTP__FROM=${SMTP_FROM} SFTPGO_SMTP__USER=${SMTP_USERNAME} SFTPGO_SMTP__PASSWORD=${SMTP_PASSWORD} # SFTPGO_SMTP__HOST=${SMTP_HOST_FILE} # SFTPGO_SMTP__FROM=${SMTP_FROM_FILE} # SFTPGO_SMTP__USER=${SMTP_USERNAME_FILE} # SFTPGO_SMTP__PASSWORD=${SMTP_PASSWORD_FILE} SFTPGO_SMTP__AUTH_TYPE=0 SFTPGO_SMTP__ENCRYPTION=2 # SFTPGO_SMTP__DOMAIN= # SFTPGO_SMTP__TEMPLATES_PATH= SFTPGO_SMTP__DEBUG=1 SFTPGO_SMTP__OAUTH2__PROVIDER=0 # SFTPGO_SMTP__OAUTH2__TENANT= # SFTPGO_SMTP__OAUTH2__CLIENT_ID= # SFTPGO_SMTP__OAUTH2__CLIENT_SECRET= # SFTPGO_SMTP__OAUTH2__REFRESH_TOKEN=