I-ProHoster > Π‘Π»ΠΎΠ³ > izindaba ze-inthanethi > Ukukhishwa Kweseva ye-SFTP SFTPGo 2.2.0

Ukukhishwa Kweseva ye-SFTP SFTPGo 2.2.0

Ukukhishwa kweseva ye-SFTPGo 2.2 kushicilelwe, okukuvumela ukuthi uhlele ukufinyelela ukude kumafayela usebenzisa i-SFTP, SCP/SSH, Rsync, HTTP kanye ne-WebDav protocol. Phakathi kwezinye izinto, i-SFTPGo ingasetshenziswa ukunikeza ukufinyelela kumakhosombe e-Git kusetshenziswa iphrothokholi ye-SSH. Idatha ingadluliswa kokubili kusuka ohlelweni lwefayela lendawo kanye nasezigcinweni zangaphandle ezihambisana ne-Amazon S3, i-Google Cloud Storage kanye ne-Azure Blob Storage. Kungenzeka ukugcina idatha ngendlela ebethelwe. Ukugcina imininingo egciniwe yomsebenzisi kanye nemethadatha, ama-DBMS asekelwa i-SQL noma ifomethi yokhiye/inani asetshenziswa, njenge-PostgreSQL, MySQL, SQLite, CockroachDB noma i-bbolt, kodwa futhi kungenzeka ukugcina imethadatha ku-RAM, engadingi ukuxhuma i- database yangaphandle. Ikhodi yephrojekthi ibhalwe ku-Go futhi isatshalaliswa ngaphansi kwelayisensi ye-GPLv3.

Enguqulweni entsha:

  • Ukwesekwa okungeziwe kokuqinisekiswa kwezinto ezimbili kusetshenziswa amaphasiwedi esikhathi esisodwa anomkhawulo (TOTP, RFC 6238). Izinhlelo zokusebenza ezifana ne-Authy ne-Google Authenticator zingasetshenziswa njengeziqinisekisi.
  • Amandla okwandisa ukusebenza ngama-plugin asetshenzisiwe. Phakathi kwama-plugin asevele atholakalayo: ukusekelwa kwezinsizakalo ezengeziwe zokushintshanisa ukhiye, ukuhlanganiswa kohlelo lokushicilela/Bhalisa, ukugcinwa nokusesha ulwazi mayelana nemicimbi ku-DBMS.
  • I-REST API yengeze ukusekelwa kokuqinisekisa kusetshenziswa okhiye, ngaphezu kwamathokheni e-JWT, futhi inikeza ikhono lokusetha izinqubomgomo zokugcinwa kwedatha (okukhawulela impilo yonke yedatha) ngokuphathelene nezinkomba nabasebenzisi ngabanye. Ngokuzenzakalelayo, i-Swagger UI inikwe amandla ukuzulazula izinsiza ze-API ngaphandle kokusebenzisa izinsiza zangaphandle.
  • Ukusekelwa kwemisebenzi yokubhala kwengezwe esibonakalayo sewebhu (ukulayisha amafayela, ukudala izinkomba, ukuqamba kabusha nokususwa), ikhono lokusetha kabusha iphasiwedi ngokuqinisekisa nge-imeyili seliqalisiwe, umhleli wefayela lombhalo kanye nesibukeli sedokhumenti ye-PDF kuhlanganisiwe. Kwengezwe ikhono lokudala izixhumanisi ze-HTTP ukuze kunikeze abasebenzisi bangaphandle ukufinyelela kumafayela ngamanye kanye nezinkomba, ngekhono lokusetha iphasiwedi yokufinyelela ehlukile, ukhawule amakheli e-IP, usethe impilo yesixhumanisi futhi ukhawule inani lokulandwa.

Izici eziyinhloko ze-SFTPGo:

  • I-akhawunti ngayinye ihlutshiwe, ikhawulela ukufinyelela kuhla lwemibhalo lwasekhaya lomsebenzisi. Kungenzeka ukudala uhla lwemibhalo olubonakalayo olubhekisela kudatha engaphandle kohlu lwasekhaya lomsebenzisi.
  • Ama-akhawunti agcinwa kusizindalwazi somsebenzisi esingaphambanisi nesizindalwazi somsebenzisi wesistimu. I-SQLite, i-MySQL, i-PostgreSQL, i-bbolt ne-in-memory storage ingasetshenziswa ukugcina imininingo egciniwe yabasebenzisi. Izindlela zinikeziwe zokumepha ama-akhawunti abonakalayo nawesistimu - ukwenza imephu okuqondile noma okunganasizathu kuyenzeka (umsebenzisi wesistimu oyedwa angenziwa imephu komunye umsebenzisi obonakalayo).
  • Ukhiye osesidlangalaleni, ukhiye we-SSH, kanye nokuqinisekiswa kwephasiwedi kuyasekelwa (okuhlanganisa ukuqinisekiswa okusebenzisanayo nokufakwa kwephasiwedi yekhibhodi). Kungenzeka ukubopha okhiye abambalwa kumsebenzisi ngamunye, kanye nokusetha ukuqinisekiswa kwe-multi-factor kanye nezigaba eziningi (isibonelo, uma ukuqinisekiswa kokhiye kuphumelele, iphasiwedi ingase ifakwe ngaphezu kwalokho).
  • Kungenzeka ukulungisa izindlela zokuqinisekisa ezihlukene zomsebenzisi ngamunye, kanye nokuchaza izindlela zabo ezisetshenziswa ngokubiza izinhlelo zangaphandle zokufakazela ubuqiniso (isibonelo, zokuqinisekisa nge-LDAP) noma ukuthumela izicelo nge-HTTP API.
  • Kungenzeka ukuxhuma izibambi zangaphandle noma amakholi e-HTTP API ukuze uguqule ngokuguqukayo izilungiselelo zomsebenzisi ezibizwa ngaphambi kokuthi umsebenzisi angene. Ukudalwa okunamandla kwabasebenzisi ekuxhumekeni kuyasekelwa.
  • Ukusekelwa kwama-quota angawodwana ngosayizi wedatha nenani lamafayela.
  • Ukusekelwa kokukhawulwa komkhawulokudonsa ngezilungiselelo ezihlukene zemikhawulo yethrafikhi engenayo nephumayo, kanye nemikhawulo yenani lokuxhumana ngasikhathi sinye.
  • Amathuluzi okulawula ukufinyelela asebenza ngokuhlobene nomsebenzisi noma uhla lwemibhalo (ungakhawulela ukubuka uhlu lwamafayela, ukwenqabela ukulayisha, ukulanda, ukubhala ngaphezulu, ukususa, ukuqamba kabusha noma ukushintsha amalungelo okufinyelela, ukuvimbela ukudalwa kwezinkomba noma izixhumanisi ezingokomfanekiso, njll.).
  • Kumsebenzisi ngamunye, ungachaza imikhawulo yenethiwekhi ngayinye, isibonelo, ungavumela kuphela ukufinyelela kuma-IP athile noma ama-subnet.
  • Isekela ukuxhumeka kwezihlungi zokuqukethwe okulandekayo ngokuphathelene nabasebenzisi ngabanye kanye nezinkomba (isibonelo, ungavimbela ukulandwa kwamafayela ngesandiso esithile).
  • Ungabopha izibambi ezethulwa ngesikhathi sokusebenza okuhlukahlukene ngefayela (ukulayisha, ukususa, ukuqamba kabusha, njll.). Ngokungeziwe ekushayeleni izibambi, ukuthumela izaziso ngendlela yezicelo ze-HTTP kuyasekelwa.
  • Ukunqanyulwa okuzenzakalelayo koxhumano olungasebenzi.
  • Isibuyekezo sokucushwa kwe-athomu ngaphandle kokunqamula ukuxhumana.
  • Ihlinzeka ngamamethrikhi okuqapha e-Prometheus.
  • Iphrothokholi ye-HAProxy PROXY isekelwa ukuhlela ukulinganisa kokulayisha noma ukuxhumeka kommeleli kumasevisi e-SFTP/SCP ngaphandle kokulahlekelwa ulwazi lwekheli le-IP eliwumthombo womsebenzisi.
  • I-REST API yokuphatha abasebenzisi nezinkomba, ukudala izipele nokubika ngoxhumo olusebenzayo.
  • Isixhumi esibonakalayo sewebhu (http://127.0.0.1:8080/web) ukuze sicushwe futhi siqashwe (ukulungiselela ngamafayela okumisa avamile nakho kuyasekelwa).
  • Ikhono lokuchaza izilungiselelo ngefomethi ye-JSON, TOML, YAML, HCL kanye ne-envfile.
  • Ukusekelwa kokuxhuma nge-SSH ngokufinyelela okulinganiselwe kumiyalo yesistimu. Isibonelo, imiyalo edingekayo ku-Git (git-receive-pack, git-upload-pack, git-upload-archive) kanye ne-rsync ivunyelwe ukusebenza, kanye nemiyalo embalwa eyakhelwe ngaphakathi (scp, md5sum, sha*sum, cd, pwd, sftpgo-copy and sftpgo-remove).
  • Imodi ephathekayo yokwabelana ngohla lwemibhalo olulodwa olwabiwe nokukhiqiza okuzenzakalelayo kokuqinisekisa kokuxhumana okukhangiswa nge-multicast DNS.
  • Isistimu yokuphrofayili eyakhelwe ngaphakathi yokuhlaziya ukusebenza.
  • Inqubo yokuthutha yesistimu ye-Linux eyenziwe lula.
  • Igcina amalogi ngefomethi ye-JSON.
  • Ukusekelwa kwezinkomba ezibonakalayo (isibonelo, okuqukethwe kohlu oluthile lwemibhalo kunganikezwa hhayi ohlelweni lwefayela lendawo, kodwa kusitoreji samafu sangaphandle).
  • Ukusekelwa kwama-cryptfs ukuze kubethele ngokusobala idatha kumpukane lapho ulondoloza kusistimu yefayela futhi uguqule ukubethela lapho ulayisha.
  • Usekelo lokudlulisela phambili ukuxhumana kwamanye amaseva e-SFTP.
  • Ikhono lokusebenzisa i-SFTPGo njengesistimu engaphansi ye-SFTP ye-OpenSSH.
  • Amandla okugcina imininingwane nedatha eyimfihlo ngendlela ebethelwe kusetshenziswa amaseva e-KMS (Amasevisi Okulawula Okubalulekile), njenge-Vault, GCP KMS, AWS KMS.

Source: opennet.ru

Engeza amazwana