FileMage Gateway - Documentation Reference

# Checking for updates

To check if an update is available, go to the Settings page. There will be a notification at the bottom of the page indicating the currently installed version and if there is an update available.

# Updating the Application

The application can be updated by running the filemage update command. This will download the latest application package and install it.

# On Linux:

  1. Open a SSH session to your virtual machine.
  2. Enter the command sudo filemage update.
  3. Answer yes when prompted. Note that the application will restart.

# On Windows:

  1. Open a RDP session to your virtual machine.
  2. Open a administrator command prompt.
  3. Enter the command filemage update.
  4. Answer yes when prompted. Note that the application will restart.

# Change Log

# 1.14.1

  • Add a dialog prompt when downloading files in the workspace.

# 1.14.0

  • Setting ftp_port to -1 now disables the FTP listener.
  • Added the ability to configure email notifications when files are added to certain folders.

# 1.13.6

  • Add support for multiple file and folder downloads in the workspace portal.

# 1.13.5

  • Opening files in the workspace portal will now trigger a download for all file types.
  • The upload widget in the workspace portal now supports folder uploads.
  • The create SSH key function now generates ED25519 type keys instead of RSA keys.
  • On Windows ED25519 host keys are generated on startup in addition to RSA keys.

# 1.13.4

  • Add smtp_log setting.
  • Add s3_tags setting.

# 1.13.3

  • Add pg_conn_lifetime setting.

# 1.13.0

  • Add Read / Write permission level.
  • Add button_text_inactive_color workspace CSS setting.
  • Fix compatibility issue MLST response for FTP protocol.

# 1.12.0

  • Add support for 'strict key exchange' in SSH protocol to mitigate CVE-2023-48795 (Terrapin).

# 1.11.6

  • Add retries when receiving errors from Google Cloud Storage API.

# 1.11.5

  • Azure Blob Storage accounts using hierarchical namespaces now report the correct folder creation time.

# 1.11.4

  • Fix a bug that caused transfers to hang if a user had more than 1000 folder permissions.

# 1.11.3

  • Add support for using user assigned managed identities in Azure.

# 1.11.2

  • Add support for proxying workspace file transfer through the application server using workspace_proxy_transfers.
  • Add home_directory_required setting.

# 1.11.1

  • Fix a URL encoding bug when using Azure SAS URLs.
  • Add support for getting client IP address from HTTP headers using client_ip_strategy.
  • Made workspace logo larger.
  • Workspace login box text can now be customized in workspace_css.

# 1.11.0

  • Add option to disable FTP for specified users.
  • Create endpoint and group API calls now return the created object ID.
  • Add content_type_detection setting.
  • Add sftp_connections_log setting.

# 1.10.9

  • Fix directory transversal bug on Windows installations.

# 1.10.8

  • Add option to specify Content Security Policy header using http_csp_header.

# 1.10.7

  • Fix issue with incorrect recent files displayed.

# 1.10.6

  • Add sortable columns in workspace portal.
  • Add support for writing audit logs to a file on disk using audit_log.
  • Fix 0 byte download issue in AWS S3.

# 1.10.5

  • Add http_redirect_hostname setting.
  • Add sftp_proxy_protocol setting.
  • Add --yes/-y flag to update command.
  • Add support for AWS IMDSv2.

# 1.10.4

  • Add support for PostgreSQL client certificates.
  • Fix issue with FTP active mode TLS connections.

# 1.10.3

  • Add support for S3 renames larger than 5GB.
  • Add support for lower case parameters for FTP TYPE commands.

# 1.10.2

  • Add max_concurrent_transfers setting.
  • Add workspace_disable_share setting.
  • Send zero vaule gauge metrics.
  • Add smtp_insecure_tls setting
  • API now accepts capitalized permission values.
  • Require 'full' permission to rename.

# 1.10.1

  • Add share links functionality.

# 1.10.0

  • Visual redesign of workspace portal.

# 1.9.7

  • Add support for reading files from a offset in FTP using the REST command.
  • FTP protocol logger now logs responses.
  • Add setting for specifying KMS key ID in S3.

# 1.9.6

  • Add setting for server side encryption header in S3.

# 1.9.5

  • Allow 'Assume Role' to be used with AWS S3 endpoints.
  • Return more descriptive error messages when API calls fail.

# 1.9.4

  • Allow multiple ACME hostnames.

# 1.9.3

  • Fix error when FTP client does not open data connection before attempting to transfer.

# 1.9.2

  • Improve AWS buffer allocation and sizing.

# 1.9.1

  • Fix error message shown for expired OAuth tokens.

# 1.9.0

  • Add support for mounting folders from multiple endpoints.
  • Add diffie-hellman-group14-sha256 key exchange algorithm.
  • Audit log sort by newest entries.

# 1.8.7

  • Remove DSA host key from default host keys on Linux.

# 1.8.5

  • Improve performance when uploading to Azure Blob Storage from Google Cloud VMs.

# 1.8.4

  • Add acme_email setting for Let's Encrypt email notifications.
  • Set MIME type based on file extension when uploading to Amazon S3.
  • Add storage type selection in endpoints config allowing cross-cloud connections.
  • Fix race-condition in permission check logic.

# 1.8.3

  • Add support for IBM Cloud HMAC keys.

# 1.8.0

  • Add LDAP support.

# 1.7.0

  • Add password reset and welcome emails.
  • Add password expiration setting.
  • Add multi-factor authentication required setting.

# 1.6.1

  • Add support for multi-factor authentication using TOPT.

# 1.6.0

  • Add the user workspace portal.

# 1.5.27

  • Fix race condition in SFTP file handle cleanup logic.

# 1.5.26

  • Add support for diffie-hellman-group-exchange-sha256 SFTP key exchange algorithm.
  • Remove TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA from default TLS ciphers.

# 1.5.25

  • Add Google Identity Services as a federated authentication source.

# 1.5.24

  • Add pg_max_open_connections setting.
  • Add audit_disable setting.

# 1.5.23

  • Add support proxy protocol on data connections using ftp_proxy_protocol_data.

# 1.5.21

  • Add title and date added fields for SSH keys
  • MLSD response now includes current directory.
  • Add azure_put_md5 setting.
  • Add sftp_server_identity setting.

# 1.5.20

  • Add flags for username and password to init command.
  • Add flag to generate API token to init command.
  • Linux update script now waits for dpkg lock.

# 1.5.19

  • Add support for 0 byte files on GCP and AWS.

# 1.5.18

  • Set cache headers on static resources.

# 1.5.17

  • Add sftp_idle_timeout configuration option.

# 1.5.16

  • Add support for SFTP packets larger than 32k bytes.

# 1.5.15

  • Add option to allow overwrites on rename.

# 1.5.14

  • Support HTTP-01 Let's Encrypt challenge type.

# 1.5.13

  • Show toast message when Azure Active Directory login fails.
  • Add option to disable HTTPS.
  • Add default SFTP port notification on login.

# 1.5.12

  • Add support for IBM Cloud Object Storage.

# 1.5.11

  • Allow administrators to be deleted when using Azure Active Directory federation.

# 1.5.9

  • Auto-generated default certificate now properly sets key usage fields.
  • Fix bug when creating virtual folders based on permissions.
  • Improve handling of ftp_tls_required setting.

# 1.5.8

  • Hide folders that that the user cannot access.
  • Add support for Proxy Protocol on FTP listener.

# 1.5.6

  • Fix bug in Azure Service Identity token retrieval and caching.
  • Add feature to check for and install updates.
  • Set MIME type based on file extension when uploading to Google Cloud Storage.
  • Show virtual folders when a defining folder permissions.

# 1.5.5

  • Add setting to configure HTTP healthcheck endpoint.
  • Set MIME type based on file extension when uploading to Azure Blob Storage.
  • Add configurable password requirements.
  • Add configurable session age setting.
  • Add CORS whitelist setting.
  • Add setting to configure TLS ciphers and versions.

# 1.5.3

  • Add support Google Cloud metrics.

# 1.5.0

  • Add option to set expiration date for user accounts.
  • Allow FTP clients that don't support SNI to connect when using ACME certificates.

# 1.4.1

  • Add support for SSH certificate authentication.
  • Fixed a bug where downloading a file using FTP in Chrome did not work.

# 1.4.0

  • Add user IP whitelisting.
  • Fixed a bug where 0 byte files uploaded with SFTP where not created.

# 1.3.9

  • Improved download performance.
  • Fixed a bug where the disable password checkbox was not working.
  • Add option to disable all SFTP password logins.
  • Clearer error message when storage account is not reachable.
  • Retry calls to Azure metadata service.

# 1.3.7

  • Add Azure Active Directory integration.
  • Add authentication logger option.
  • Add reset password helper scripts.
  • Add support for using Azure Managed System Identity.

# 1.3.5

  • Add support for banning IPs with excessive failed logins.

# 1.3.3

  • Add Windows support.

# 1.3.0

  • Add audit log.

# 1.2.12

  • Prevent directory listing timeouts by using smaller page sizes.

Logging Configuration