colin/nix-files
1
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity

servo: sftpgo: disable external access

Browse Source
This commit is contained in:
Colin
2024-04-17 19:41:57 +00:00
parent 831b4ad72a
commit b7e5bc5972
1 changed files with 7 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
hosts/by-name/servo/services/export/sftpgo_external_auth_hook
View File

@@ -124,12 +124,13 @@ def getAuthResponse(ip: str, username: str, password: str) -> dict:
return a sftpgo auth response either denying the user or approving them return a sftpgo auth response either denying the user or approving them
with a set of permissions. with a set of permissions.
""" """
if isTrustedCred(password) and username != "colin": # TODO: allow external access only after i enable FTPS/ssl
# allow r/w access from those with a special token # if isTrustedCred(password) and username != "colin":
return mkAuthOk(username, permissions = { # # allow r/w access from those with a special token
"/": PERM_RW, # return mkAuthOk(username, permissions = {
"/playground": PERM_RW, # "/": PERM_RW,
}) # "/playground": PERM_RW,
# })
if isWireguard(ip): if isWireguard(ip):
# allow any user from wireguard # allow any user from wireguard
return mkAuthOk(username, permissions = { return mkAuthOk(username, permissions = {