docker.recipes

SFTPGo

intermediate

Full-featured SFTP server with web admin.

Overview

SFTPGo is a modern, full-featured SFTP server implementation written in Go that provides secure file transfer capabilities with extensive administrative controls. Originally developed as a lightweight alternative to traditional FTP servers, SFTPGo offers multiple protocol support including SFTP, SCP, FTP/S, and WebDAV, making it a versatile solution for organizations requiring secure file exchange. The server includes a comprehensive web-based administration interface, REST API, and support for various storage backends including local filesystem, cloud storage providers, and encrypted storage. This Docker deployment combines SFTPGo's core server functionality with its built-in web administration panel, creating a complete file transfer solution that can be managed entirely through a browser interface. The configuration exposes three distinct services: the SFTP protocol on port 2022 for secure file transfers, the web admin interface on port 8080 for user management and server configuration, and WebDAV on port 8090 for HTTP-based file access. This multi-protocol approach allows clients to connect using their preferred method while administrators maintain centralized control over user permissions, quotas, and access policies. This stack is ideal for organizations transitioning from legacy FTP servers, development teams requiring secure file sharing, and system administrators who need granular control over file transfer operations. The combination of SFTPGo's enterprise-grade features with Docker's deployment simplicity makes it particularly valuable for companies wanting to implement secure file transfer without the complexity of traditional enterprise solutions, while still maintaining the scalability and security required for production environments.

Key Features

  • Multi-protocol file access supporting SFTP, SCP, FTP/S, and WebDAV from a single server instance
  • Web-based administration interface with real-time user management, quota monitoring, and connection tracking
  • Flexible storage backend support including local filesystem, AWS S3, Google Cloud Storage, Azure Blob, and SFTP
  • Per-user bandwidth throttling and connection limits with customizable rate limiting policies
  • Advanced authentication options including public key, password, keyboard-interactive, and external authentication providers
  • Built-in file encryption at rest with configurable encryption backends for sensitive data protection
  • Comprehensive audit logging with detailed file operation tracking and user activity monitoring
  • REST API for programmatic user management and server configuration automation

Common Use Cases

  • 1Replacing legacy FTP servers in enterprise environments with secure, auditable file transfer capabilities
  • 2Development team collaboration requiring secure file sharing with granular access controls and quota management
  • 3Automated backup solutions where applications need reliable SFTP endpoints with guaranteed uptime and monitoring
  • 4Client file exchange portals for businesses requiring secure document sharing with external partners
  • 5Media production workflows where large files need secure transfer with bandwidth controls and progress tracking
  • 6Compliance-driven organizations requiring detailed audit trails and encrypted file storage for regulatory requirements
  • 7Multi-tenant environments where different users need isolated file access with separate storage backends

Prerequisites

  • Minimum 512MB RAM for basic operations, 2GB+ recommended for multiple concurrent users and large file transfers
  • Available ports 2022 (SFTP), 8080 (web admin), and 8090 (WebDAV) not conflicting with existing services
  • Basic understanding of SFTP client configuration and public key authentication concepts
  • Network access planning for client connections and firewall configuration for exposed ports
  • Storage planning for user data volumes and consideration of backup strategies for persistent data

For development & testing. Review security settings, change default credentials, and test thoroughly before production use. See Terms

docker-compose.yml

docker-compose.yml
1services: 
2  sftpgo: 
3    image: drakkan/sftpgo:latest
4    container_name: sftpgo
5    restart: unless-stopped
6    environment: 
7      SFTPGO_HTTPD__BINDINGS__0__PORT: 8080
8      SFTPGO_HTTPD__BINDINGS__0__ADDRESS: ""
9    volumes: 
10      - sftpgo_data:/srv/sftpgo
11      - sftpgo_home:/var/lib/sftpgo
12    ports: 
13      - "8080:8080"
14      - "2022:2022"
15      - "8090:8090"
16
17volumes: 
18  sftpgo_data: 
19  sftpgo_home:

.env Template

.env
1# Create users in web admin

Usage Notes

  1. 1Docs: https://sftpgo.com/docs/
  2. 2Web admin at http://localhost:8080 - create users here
  3. 3SFTP on port 2022, WebDAV on 8090
  4. 4Storage backends: local, S3, GCS, Azure Blob, encrypted local
  5. 5Per-user quotas, bandwidth limits, IP filtering
  6. 6OIDC/OAuth2 authentication supported

Quick Start

terminal
1# 1. Create the compose file
2cat > docker-compose.yml << 'EOF'
3services:
4  sftpgo:
5    image: drakkan/sftpgo:latest
6    container_name: sftpgo
7    restart: unless-stopped
8    environment:
9      SFTPGO_HTTPD__BINDINGS__0__PORT: 8080
10      SFTPGO_HTTPD__BINDINGS__0__ADDRESS: ""
11    volumes:
12      - sftpgo_data:/srv/sftpgo
13      - sftpgo_home:/var/lib/sftpgo
14    ports:
15      - "8080:8080"
16      - "2022:2022"
17      - "8090:8090"
18
19volumes:
20  sftpgo_data:
21  sftpgo_home:
22EOF
23
24# 2. Create the .env file
25cat > .env << 'EOF'
26# Create users in web admin
27EOF
28
29# 3. Start the services
30docker compose up -d
31
32# 4. View logs
33docker compose logs -f

One-Liner

Run this command to download and set up the recipe in one step:

terminal
1curl -fsSL https://docker.recipes/api/recipes/sftpgo/run | bash

Troubleshooting

  • Connection refused on port 2022: Verify the SFTP service is running and check firewall rules allowing inbound connections on port 2022
  • Web admin interface shows 'Internal Server Error': Check container logs for database initialization issues and ensure sftpgo_home volume has proper write permissions
  • SFTP authentication fails with valid credentials: Verify user exists in SFTPGo web admin and check if public key authentication is properly configured in user settings
  • File uploads fail with permission denied: Check that the sftpgo_data volume mount has correct ownership and the user's home directory permissions allow write access
  • WebDAV clients cannot connect on port 8090: Ensure WebDAV is enabled in SFTPGo configuration and the user account has WebDAV protocol permissions enabled

Community Notes

Loading...
Loading notes...

Download Recipe Kit

Get all files in a ready-to-deploy package

Includes docker-compose.yml, .env template, README, and license

Components

sftpgo

Tags

#sftpgo#sftp#ftp#webdav

Category

Storage & Backup

Related Recipes

Ad Space