Application Properties for application.properties
Overview
This document lists and explains all available configuration properties for SFTP Gateway's application.properties file, which is located at /opt/sftpgw/application.properties. After editing this file, you must restart the SFTP service using:
service sftpgw-admin-api restart
SFTP Server Configuration
| Property | Default | Description |
|---|---|---|
sftp.security-level | CUSTOM | Determines the security level of the SFTP server. Possible values: CUSTOM (allows custom security configurations) |
sftp.port | 2244 | The port on which the SFTP server listens for connections |
sftp.connection-idle-timeout-seconds | 1200 | Maximum time (in seconds) an idle connected SFTP session can remain open before being automatically closed |
sftp.auth-idle-timeout-seconds | 120 | Maximum time (in seconds) allowed for authentication before the connection is terminated |
features.sftp-subsystem.enable-default-ip-banning-policy | true | When enabled, automatically bans IP addresses after too many failed login attempts |
features.sftp-subsystem.scp-enabled | true | Enables or disables SCP (Secure Copy Protocol) functionality |
Security and Authentication Settings
| Property | Default | Description |
|---|---|---|
security.max-login-failed-attempts | 10 | Number of failed login attempts allowed before account lockout |
security.failed-login-timeout-seconds | 3600 | Duration (in seconds) an account remains locked after exceeding maximum failed login attempts |
password.encoder.pbkdf2.salt-length | 16 | Length of the salt used in PBKDF2 password hashing |
password.encoder.pbkdf2.iterations | 5000 | Number of iterations used in PBKDF2 password hashing algorithm |
username.minlength | 1 | Minimum allowed username length |
Password Policy Configuration
| Property | Default | Description |
|---|---|---|
password.policy.word-file | classpath:100k-most-used-passwords-NCSC.txt | Path to file containing common passwords that should be disallowed |
password.policy.required-upper-count | 1 | Minimum number of uppercase characters required in passwords |
password.policy.required-digit-count | 1 | Minimum number of digits required in passwords |
password.policy.required-lower-count | 1 | Minimum number of lowercase characters required in passwords |
password.policy.required-special-count | 1 | Minimum number of special characters required in passwords |
password.policy.require-digit | false | Boolean flag requiring at least one digit in passwords |
password.policy.require-lower | false | Boolean flag requiring at least one lowercase character in passwords |
password.policy.require-special | false | Boolean flag requiring at least one special character in passwords |
password.policy.require-upper | false | Boolean flag requiring at least one uppercase character in passwords |
password.policy.suggested-length | 20 | Suggested length for generated passwords |
password.policy.prevent-previously-used-password-count | 5 | Number of previous passwords that cannot be reused |
Database Connection Settings
| Property | Default | Description |
|---|---|---|
spring.datasource.hikari.maximum-pool-size | 10 | Maximum size of the database connection pool |
spring.datasource.hikari.minimum-idle | 5 | Minimum number of idle connections maintained in the pool |
spring.datasource.hikari.idle-timeout | 120000 | Maximum time (in milliseconds) a connection can remain idle before being closed |
spring.datasource.hikari.connection-timeout | 30000 | Maximum time (in milliseconds) to wait for a connection from the pool |
spring.datasource.hikari.max-lifetime | 1800000 | Maximum lifetime (in milliseconds) of a connection in the pool |
PostgreSQL Connection Parameters
| Property | Default | Description |
|---|---|---|
spring.datasource.hikari.data-source-properties.tcpKeepAlive | true | Enables TCP keep-alive packets for PostgreSQL connections |
spring.datasource.hikari.data-source-properties.keepaliveTime | 60 | Time (in seconds) between TCP keep-alive packets |
spring.datasource.hikari.data-source-properties.socketTimeout | 60 | Socket timeout (in seconds) for PostgreSQL connections |
File System Features and Storage Configuration
| Property | Default | Description |
|---|---|---|
features.file-system.azure.block-size-mb | 4 | Block size (in MB) for Azure Blob Storage uploads |
features.file-system.aws-s3.max-multipart-part-size-bytes | 123289600 | Maximum size (in bytes) for each part in S3 multipart uploads (approximately 117.6 MB) |
features.file-system.aws-s3.max-simple-upload-size-bytes | 123289600 | Maximum size (in bytes) for simple (non-multipart) S3 uploads (approximately 117.6 MB) |
features.file-system.ignore-folder-metadata | false | When enabled, metadata for folders will not be stored or retrieved |
features.file-system.connectivity-test-time-out-seconds | 30 | Timeout (in seconds) for storage connectivity tests |
Instance and Backup Settings
| Property | Default | Description |
|---|---|---|
features.instance.backup-import-max-file-size-megabytes | 100 | Maximum allowed size (in MB) for backup import files |
Logging Configuration
| Property | Default | Description |
|---|---|---|
logging.level.com.sftpgateway.backend.sftp.logging. MaverickLogService | INFO | Log level for the SFTP service. Possible values: ERROR, WARN, INFO, DEBUG, TRACE |
Notes
- Boolean values are case-sensitive and should be lowercase (
trueorfalse). - Time values are specified in their respective units as indicated in the descriptions.
- Path references should use forward slashes, even on Windows systems.
- Changes to these properties require a service restart to take effect.
- Some properties may depend on others to function correctly.
For more information about SFTP Gateway, please refer to our Release Notes and Environment Variables documentation.