-
Notifications
You must be signed in to change notification settings - Fork 0
/
ssftp.yaml
69 lines (69 loc) · 3.6 KB
/
ssftp.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
sftpPort: 2002 # port of your choice
enableVirusScan: true #if disabled, files in Staging will remain and not moved
enableFileScavenging: true #if disabled, sSFTP will not scavenge files in staging directory for sending them for scanning and movement to clean directory
enableSftpClientDownloader: true #enable/disable Sftp downloaders from remote Sftp servers
enableSftpClientUploader: false #enable/disable Sftp uploaders to remote Sftp servers
webhooks:
- name: virusFound # remove name and url if webhook is not used. name is by convention, do not change
url: "https://httpbin.org/post" # Url of webhook called when ClamAV detects virus (HTTP POST)
logDests: # optional, default logging to StdOut.
- kind: file # conventional do not change
props:
path: "/mnt/ssftp/log"
sftpClientDownloaders: #Downloaders are Sftp clients runs concurrently to download files from remote Sftp servers
- name: "test.rebex.net-1" #mandatory unique name
host: "test.rebex.net"
port: 22
username: "demo"
password: "password"
privateKeyPath: "/mnt/ssftp/system/downloaders/rsa-putty-privatekey-authn.ppk"
privatekeyPassphrase: "password-for-privatekey" #empty if no privatekey path is empty
localStagingDirectory: "staging-rebex-1" #files downloaded to "staging" directory /mnt/ssftp/staging/{localStagingDirectory}
remoteDirectory: "" #optional
deleteRemoteFileAfterDownload: false
overrideExistingFile: true
- name: "test.rebex.net-2" #mandatory unique name
host: "test.rebex.net"
port: 22
username: "demo"
password: "password"
privateKeyPath: "" #example: /mnt/ssftp/system/sftpclient/downloader/privatekey.ppk
privatekeyPassphrase: ""
localStagingDirectory: "staging-rebex-2"
remoteDirectory: ""
deleteRemoteFileAfterDownload: false
overrideExistingFile: true
sftpClientUploaders: #Uploaders are Sftp clients runs concurrently to upload local files to remote Sftp servers
- name: "sftpclient-uploader-1" #mandatory unique name
host: "100.0.10.100"
port: 22
username: "sftpclient-uploader-1"
password: "password"
privatekeyPath: null #example: /mnt/ssftp/system/sftpclient/uploader/privatekey.ppk
privatekeyPassphrase: null
localDirectoryToUpload: "test.rebex.net-1" # files in this "clean" directory to be uploaded to remote Sftp
remoteDirectory: null #leave it empty if no remote sub dir
overrideRemoteExistingFile: true
users:
cleanDir: #access to clean directory only. Accounts typically for file upload or internal daemon/jobs to process clean files
- directory: "clean-dir-1" # * = root of /mnt/ssftp/clean or a directory name.
auth:
username: "username-of-clean-dir-1"
password: "verycomplexpassword" # either password or PuttyGen RSA key pair. Private key held by SFTP client(s) while Public Key paste in publicKey field
publicKey: "ssh-rsa AAAAB3NzaC...Akgdv/+1a45V1b...jfl5..BvQ== rsa-key-20210329"
- directory: "test.rebex.net-2"
auth:
username: "clean-dir-2"
password: "password"
publicKey: ""
stagingDir:
- directory: "stage-dir-1" # * not supporetd, sub directory name of Staging directory /mnt/ssftp/staging/{stage-dir-1}
auth:
username: "stage-dir-1"
password: "supersecure"
publicKey: ""
- directory: "stage-dir-2"
auth:
username: "stage-dir-2"
password: "supersecure"
publicKey: ""