Introduction to sftpgo
sftpgo is a full-featured and highly configurable SFTP server with optional HTTP/S, FTP/S and WebDAV support. Supports multiple storage backends: local file system, encrypted local file system, S3 (compatible) object storage, Google Cloud Storage, Azure Blob Storage, SFTP.
Official website: https://sftpgo.com/
Project address: https://github.com/drakkan/sftpgo
sftpgo installation
Prepare a Linux server. Taking Ubuntu 22.04 server as an example, the docker environment has been installed.
Create sftpgo data storage directory
mkdir -p /data/sftpgo/{<!-- -->data,home}
chown -R 1000:1000 /data/sftpgo/
illustrate:
SFTPGo uses two main volumes:
/srv/sftpgohandles persistent data. The default home directory for SFTP/FTP/WebDAV users is /srv/sftpgo/data/ ./var/lib/sftpgois the home directory of the sftpgo system user defined within the container. This is also the container working directory where the host key will be created when using the default configuration.
Run the sftpgo container
docker run -d --name sftpgo \
--restart always \
-p 8080:8080 \
-p 2022:2022 \
-p 8090:8090 \
--mount type=bind,source=/data/sftpgo/data,target=/srv/sftpgo \
--mount type=bind,source=/data/sftpgo/home,target=/var/lib/sftpgo \
-e TZ=Asia/Shanghai \
-e SFTPGO_HTTPD__BINDINGS__0__PORT=8080 \
-e SFTPGO_WEBDAVD__BINDINGS__0__PORT=8090 \
drakkan/sftpgo:v2.5.4
SFTPGo uses the following default configured TCP ports:
2022is used for SFTP services.8080is used for the web administrator user interface.8090for webdav
View container running status
root@ubuntu:~# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 44d9d989172c drakkan/sftpgo:v2.5.4 "sftpgo serve" 3 hours ago Up 3 hours 0.0.0.0:2022->2022/tcp, :::2022->2022/tcp, 0.0.0.0:8080->8080/ tcp, :::8080->8080/tcp, 0.0.0.0:8090->8090/tcp, :::8090->8090/tcp sftpgo
Access Web GUI
Access its web GUI. To do this, simply open your local system browser and point it to the server or desktop IP address where SFTPGo is installed, port number 8080.
For example:
http://server-ip-addres:8080
Create admin user
After accessing the web GUI, it will ask you to create an administrator account.
Create a new sftp user
Once you have SFTPGo’s dashboard, you can create a new user to access the stored data using any web or local client (such as Filezilla). Click on the User option. Then click on the + icon.
Add the username and password you want to use. You can also add a public key if needed.
You can choose local if using a local file system, but other options such as AWS S3 and Google Cloud Storage are also available.
When the Home Dir is not specified, it defaults to /srv/sftpgo/data/admin1, and the default is maintained here.
Access user web client interface
Visit the following URL in your browser and log in using your new user account details
http://192.168.72.16:8080/web/client
The login interface is as follows:
Here users can easily upload and download files.
Test sftp connection
Test the connection using sftp command
Now test new users. The Linux operating system comes with the sftp command by default. Test the connection to the sftpgo server on the Linux client.
After connection, you can execute the help command to view the supported parameters, and use the put or get command to upload and download files.
root@ubuntu:~# sftp -P 2022 [email protected] The authenticity of host '[192.168.72.16]:2022 ([192.168.72.16]:2022)' can't be established. ED25519 key fingerprint is SHA256:Op + 5ORK2iLBucnxiL6xRnfPl + D + wXURVS7qOk4WeUMM. This key is not known by any other names Are you sure you want to continue connecting (yes/no/[fingerprint])? yes Warning: Permanently added '[192.168.72.16]:2022' (ED25519) to the list of known hosts. ([email protected]) Password: Connected to 192.168.72.16. sftp>
Test the connection using winscp client
Enter the username and password created on SFTPGo, and use port 2022. An example configuration is as follows:
Use raidrive client to test the connection. This tool supports various connection methods such as sftp and webdav.
You can use sftp as a local disk in local windows This computer
SFTPGo is mounted as WebDav
Those who want to use a remote server to store their file system like any other local disk can mount it as WebDav with the help of SFTPGo.
Mount WebDav on Windows
First, make some changes in the system registry. Press the Win + R keys and enter regedit to open the registry. Switch to the following path
Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WebClient\Parameters
Now, double-click on “BasicAuthLevel” and change the value 1 to 2. Press the OK button.
Restart the WebDav service:
Run PowerShell as administrator and type the given commands one by one.
net stop webclient
net start webclient
Go to This PC or My Computer on Windows and select Map network drive from the menu.
Enter the address and port number of SFTPGo in the following format.
http://server-ip:8090
When it asks for your username and password, do so.
The drive will soon be mounted like any local drive on the system.
Mount WebDav on Linux
Install davfs2 on the linux client, taking ubuntu as an example
root@ubuntu:~# apt install -y davfs2 root@ubuntu:~# mount.davfs -V
Create mounting directory
$ sudo mkdir /mnt/dav
Use the mount command to mount the WebDAV shared directory, providing the username and password created on SFTPGo
mount -t davfs -o noexec http://192.168.72.40:8090 /mnt/dav/
View mount results
root@ubuntu:~# df -h|grep mnt http://192.168.72.40:8090 1.3T 763G 509G 61% /mnt/dav
sftpgo based on restic incremental backup
Use restic to perform incremental backup of the data in the /data path of a Linux server.
Install restic on the Linux server that needs to be backed up, taking the ubuntu operating system as an example
wget https://github.com/restic/restic/releases/download/v0.16.0/restic_0.16.0_linux_amd64.bz2 bzip2 -d restic_0.16.0_linux_amd64.bz2 mv restic_0.16.0_linux_amd64 /usr/local/bin/restic chmod +x /usr/local/bin/restic
Use the restic command to create a repository on the sftpgo server
root@ubuntu:~# export RESTIC_PASSWORD="123456" root@ubuntu:~# restic init -r sftp://admin1@[192.168.72.16]:2022//restic-repo The authenticity of host '[192.168.72.16]:2022 ([192.168.72.16]:2022)' can't be established. ED25519 key fingerprint is SHA256:Op + 5ORK2iLBucnxiL6xRnfPl + D + wXURVS7qOk4WeUMM. This key is not known by any other names Are you sure you want to continue connecting (yes/no/[fingerprint])? yes subprocess ssh: Warning: Permanently added '[192.168.72.16]:2022' (ED25519) to the list of known hosts. ([email protected]) Password: created restic repository 81e4c7ae2d at sftp://admin1@[192.168.72.16]:2022//restic-repo Please note that knowledge of your password is required to access the repository. Losing your password means that your data is irrecoverably lost.
Back up all data in the /data/ directory under linux to sftpgo through restic
root@ubuntu:~# export RESTIC_PASSWORD="123456" root@ubuntu:~# export RESTIC_REPOSITORY="sftp://admin1@[192.168.72.16]:2022//restic-repo" root@ubuntu:~# restic backup /data/ ([email protected]) Password: repository 81e4c7ae opened (version 2, compression level auto) created new cache in /root/.cache/restic no parent snapshot found, will read all files Files: 7197 new, 0 changed, 0 unmodified Dirs: 1886 new, 0 changed, 0 unmodified Added to the repository: 393.453 MiB (150.566 MiB stored) processed 7197 files, 395.592 MiB in 0:03 snapshot a5be14c4 saved
Log in to the sftpgo client to view backup data
When the /data/ directory data changes, execute the above command repeatedly to continuously create incremental snapshots and view historical backup snapshots:
root@ubuntu:~# restic snapshots ([email protected]) Password: repository 81e4c7ae opened (version 2, compression level auto) ID Time Host Tags Paths -------------------------------------------------- ---------- a5be14c4 2023-10-21 18:11:44 ubuntu /data dcda67da 2023-10-21 18:13:57 ubuntu /data 2eeff04f 2023-10-21 18:14:02 ubuntu /data -------------------------------------------------- ---------- 3 snapshots
Select a snapshot to restore data to local
root@ubuntu:~# restic restore a5be14c4 --target /tmp/restor-data ([email protected]) Password: repository 81e4c7ae opened (version 2, compression level auto) restoring <Snapshot a5be14c4 of [/data] at 2023-10-21 18:11:44.118135197 + 0800 CST by root@ubuntu> to /tmp/restor-data Summary: Restored 9084 Files (395.592 MiB) in 0:03 root@ubuntu:~# root@ubuntu:~# ls /tmp/restor-data/ data