added SFTPGo deployment

.gitignore

@@ -0,0 +1 @@
+data

docker-compose.yml

@@ -0,0 +1,59 @@
+---
+services:
+  sftpgo:
+    image: drakkan/sftpgo:${SG_VERSION}
+    restart: unless-stopped
+    environment:
+      - SFTPGO_COMMON__IDLE_TIMEOUT=${SG_COMMON__IDLE_TIMEOUT}
+      - SFTPGO_COMMON__UPLOAD_MODE=${SG_COMMON__UPLOAD_MODE}
+      - SFTPGO_SFTPD__BINDINGS__0__PORT=${SG_SFTPD__BINDINGS__PORT}
+      - SFTPGO_FTPD__BINDINGS__0__PORT=${SG_FTPD__BINDINGS__PORT}
+      - SFTPGO_FTPD__BINDINGS__0__TLS_MODE=${SG_FTPD__BINDINGS__TLS_MODE}
+      - SFTPGO_FTPD__DISABLE_ACTIVE_MODE=${SG_FTPD__DISABLE_ACTIVE_MODE}
+      - SFTPGO_FTPD__CERTIFICATE_FILE=${SG_FTPD__CERTIFICATE_FILE}
+      - SFTPGO_FTPD__CERTIFICATE_KEY_FILE=${SG_FTPD__CERTIFICATE_KEY_FILE}
+      - SFTPGO_DATA_PROVIDER__DRIVER=${SG_DATA_PROVIDER__DRIVER}
+      - SFTPGO_DATA_PROVIDER__NAME=${SG_DATA_PROVIDER__NAME}
+      - SFTPGO_TELEMETRY__BIND_PORT=${SG_TELEMETRY__BIND_PORT}
+      - SFTPGO_TELEMETRY__BIND_ADDRESS=${SG_TELEMETRY__BIND_ADDRESS}
+      - SFTPGO_MFA__TOTP__NAME=${SG_MFA__TOTP__NAME}
+      - SFTPGO_MFA__TOTP__ISSUER=${SG_MFA__TOTP__ISSUER}
+      - SFTPGO_SMTP__HOST=${SG_SMTP__HOST}
+      - SFTPGO_SMTP__PORT=${SG_SMTP__PORT}
+      - SFTPGO_SMTP__FROM=${SG_SMTP__FROM}
+      - SFTPGO_SMTP__USER=${SG_SMTP__USER}
+      - SFTPGO_SMTP__PASSWORD=${SG_SMTP__PASSWORD}
+      - SFTPGO_SMTP__ENCRYPTION=${SG_SMTP__ENCRYPTION}
+      - SFTPGO_SMTP__DOMAIN=${SG_SMTP__DOMAIN}
+    labels:
+      ### Section Træfik
+      - traefik.enable=${TRAEFIK_ENABLED}
+      - traefik.docker.network=${TRAEFIK_NETWORK}
+      ## HTTP
+      - traefik.http.routers.http-${TRAEFIK_ROUTER}.entrypoints=http
+      # redirect to HTTPS only
+      - traefik.http.routers.http-${TRAEFIK_ROUTER}.middlewares=${TRAEFIK_HTTP_MIDDLEWARES}
+      - traefik.http.routers.http-${TRAEFIK_ROUTER}.rule=${TRAEFIK_MATCHRULE}
+      ## HTTPS
+      - traefik.http.routers.https-${TRAEFIK_ROUTER}.entrypoints=https
+      # configure the exposed service
+      - traefik.http.routers.https-${TRAEFIK_ROUTER}.middlewares=${TRAEFIK_HTTPS_MIDDLEWARES}
+      - traefik.http.routers.https-${TRAEFIK_ROUTER}.rule=${TRAEFIK_MATCHRULE}
+      # enable TLS and its certificate provider
+      - traefik.http.routers.https-${TRAEFIK_ROUTER}.tls=${TRAEFIK_TLSENABLED}
+      - traefik.http.routers.https-${TRAEFIK_ROUTER}.tls.certresolver=${TRAEFIK_CERTRESOLVER}
+      # specify a service so a custom port can be used
+      - traefik.http.services.${TRAEFIK_SERVICE}.loadbalancer.server.port=${TRAEFIK_SERVICE_PORT}
+    ports:
+      - 21:2021
+      - 50000-50100:50000-50100
+    volumes:
+      - ${SG_CONFIG}:/var/lib/sftpgo
+      - ${SG_DATA}:/srv/sftpgo/data
+    networks:
+      - traefik
+
+networks:
+  traefik:
+    external: true
+    name: ${TRAEFIK_NETWORK}

env.example

@@ -0,0 +1,38 @@
+# Træfik
+TRAEFIK_ENABLED=true
+TRAEFIK_NETWORK=traefik
+TRAEFIK_ROUTER=ftp_example_com
+TRAEFIK_SERVICE=ftp_example_com
+TRAEFIK_SERVICE_PORT=8080
+TRAEFIK_MATCHRULE=Host(`ftp.example.com`)
+TRAEFIK_TLSENABLED=true
+TRAEFIK_CERTRESOLVER=letsencrypt
+TRAEFIK_HTTP_MIDDLEWARES=http-to-https
+TRAEFIK_HTTPS_MIDDLEWARES=hsts
+
+# SFTPGo
+SG_VERSION=latest
+SG_CONFIG=./data/config
+SG_DATA=./data/userdata
+SG_COMMON__IDLE_TIMEOUT=3
+SG_COMMON__UPLOAD_MODE=1
+SG_SFTPD__BINDINGS__PORT=0
+SG_FTPD__BINDINGS__PORT=2021
+# CHANGEME:
+SG_FTPD__BINDINGS__TLS_MODE=0
+SG_FTPD__DISABLE_ACTIVE_MODE=true
+SG_FTPD__CERTIFICATE_FILE=
+SG_FTPD__CERTIFICATE_KEY_FILE=
+SG_DATA_PROVIDER__DRIVER=sqlite
+SG_DATA_PROVIDER__NAME=config.db
+SG_TELEMETRY__BIND_PORT=8081
+SG_TELEMETRY__BIND_ADDRESS=
+SG_MFA__TOTP__NAME=ftp.example.com
+SG_MFA__TOTP__ISSUER=FTP Example Company
+SG_SMTP__HOST=smtp.example.com
+SG_SMTP__PORT=465
+SG_SMTP__FROM=FTP <noreply@example.com>
+SG_SMTP__USER=noreply@example.com
+SG_SMTP__PASSWORD=P4ssw0rd!
+SG_SMTP__ENCRYPTION=1
+SG_SMTP__DOMAIN=ftp.example.com