NAME

sftpgo-portable - Serve a single directory/account

SYNOPSIS

sftpgo portable [flags]

DESCRIPTION

To serve the current working directory with auto generated credentials simply use:

$ sftpgo portable

Please take a look at the usage below to customize the serving parameters

OPTIONS

--allowed-patterns=[] Allowed file patterns case insensitive. The format is: /dir::pattern1,pattern2. For example: "/somedir::*.jpg,a*b?.png"

--az-access-tier="" Leave empty to use the default container setting

--az-account-key=""

--az-account-name=""

--az-container=""

--az-download-concurrency=5 How many parts are downloaded in parallel

--az-download-part-size=5 The buffer size for multipart downloads (MB)

--az-endpoint="" Leave empty to use the default: "blob.core.windows.net"

--az-key-prefix="" Allows to restrict access to the virtual folder identified by this prefix and its contents

--az-sas-url="" Shared access signature URL

--az-upload-concurrency=5 How many parts are uploaded in parallel

--az-upload-part-size=5 The buffer size for multipart uploads (MB)

--az-use-emulator[=false]

-c, --config-dir="." Location of the config dir. This directory is used as the base for files with a relative path, e.g. the private keys for the SFTP server or the database file if you use a file-based data provider. The configuration file, if not explicitly set, is looked for in this dir. We support reading from JSON, TOML, YAML, HCL, envfile and Java properties config files. The default config file name is "sftpgo" and therefore "sftpgo.json", "sftpgo.yaml" and so on are searched. This flag can be set using SFTPGO_CONFIG_DIR env var too.

--config-file="" Path to SFTPGo configuration file. This flag explicitly defines the path, name and extension of the config file. If must be an absolute path or a path relative to the configuration directory. The specified file name must have a supported extension (JSON, YAML, TOML, HCL or Java properties). This flag can be set using SFTPGO_CONFIG_FILE env var too.

--crypto-passphrase="" Passphrase for encryption/decryption

--denied-patterns=[] Denied file patterns case insensitive. The format is: /dir::pattern1,pattern2. For example: "/somedir::*.jpg,a*b?.png"

-d, --directory="." Path to the directory to serve. This can be an absolute path or a path relative to the current directory

-f, --fs-provider="osfs" osfs => local filesystem (legacy value: 0) s3fs => AWS S3 compatible (legacy: 1) gcsfs => Google Cloud Storage (legacy: 2) azblobfs => Azure Blob Storage (legacy: 3) cryptfs => Encrypted local filesystem (legacy: 4) sftpfs => SFTP (legacy: 5)

--ftpd-cert="" Path to the certificate file for FTPS

--ftpd-key="" Path to the key file for FTPS

--ftpd-port=-1 0 means a random unprivileged port, < 0 disabled

--gcs-automatic-credentials=1 0 means explicit credentials using a JSON credentials file, 1 automatic

--gcs-bucket=""

--gcs-credentials-file="" Google Cloud Storage JSON credentials file

--gcs-key-prefix="" Allows to restrict access to the virtual folder identified by this prefix and its contents

--gcs-storage-class=""

--grace-time=0 This grace time defines the number of seconds allowed for existing transfers to get completed before shutting down. A graceful shutdown is triggered by an interrupt signal.

-h, --help[=false] help for portable

--httpd-cert="" Path to the certificate file for WebClient over HTTPS

--httpd-key="" Path to the key file for WebClient over HTTPS

--httpd-port=-1 0 means a random unprivileged port, < 0 disabled

-l, --log-file-path="" Leave empty to disable logging

--log-level="debug" Set the log level. Supported values:

debug, info, warn, error.

--log-utc-time[=false] Use UTC time for logging

-p, --password="" Leave empty to use an auto generated value

--password-file="" Read the password from the specified file path. Leave empty to use an auto generated value

-g, --permissions=[list,download] User's permissions. "*" means any permission

-k, --public-key=[]

--s3-access-key=""

--s3-access-secret=""

--s3-acl=""

--s3-bucket=""

--s3-endpoint=""

--s3-force-path-style[=false] Force path style bucket URL

--s3-key-prefix="" Allows to restrict access to the virtual folder identified by this prefix and its contents

--s3-region=""

--s3-role-arn=""

--s3-skip-tls-verify[=false] If enabled the S3 client accepts any TLS certificate presented by the server and any host name in that certificate. In this mode, TLS is susceptible to man-in-the-middle attacks. This should be used only for testing.

--s3-storage-class=""

--s3-upload-concurrency=2 How many parts are uploaded in parallel

--s3-upload-part-size=5 The buffer size for multipart uploads (MB)

--sftp-buffer-size=0 The size of the buffer (in MB) to use for transfers. By enabling buffering, the reads and writes, from/to the remote SFTP server, are split in multiple concurrent requests and this allows data to be transferred at a faster rate, over high latency networks, by overlapping round-trip times

--sftp-disable-concurrent-reads[=false] Concurrent reads are safe to use and disabling them will degrade performance. Disable for read once servers

--sftp-endpoint="" SFTP endpoint as host:port for SFTP provider

--sftp-fingerprints=[] SFTP fingerprints to verify remote host key for SFTP provider

--sftp-key-path="" SFTP private key path for SFTP provider

--sftp-password="" SFTP password for SFTP provider

--sftp-prefix="" SFTP prefix allows restrict all operations to a given path within the remote SFTP server

--sftp-username="" SFTP user for SFTP provider

-s, --sftpd-port=0 0 means a random unprivileged port, < 0 disabled

--ssh-commands=[md5sum,sha1sum,sha256sum,cd,pwd,scp] SSH commands to enable. "*" means any supported SSH command including scp

--start-directory="/" Alternate start directory. This is a virtual path not a filesystem path

-u, --username="" Leave empty to use an auto generated value

--webdav-cert="" Path to the certificate file for WebDAV over HTTPS

--webdav-key="" Path to the key file for WebDAV over HTTPS

--webdav-port=-1 0 means a random unprivileged port, < 0 disabled

SEE ALSO

sftpgo(1)