Getting Started
This guide gets a local SFTPWarden project running and points you to the next documentation page for each common path.
Install
Install the CLI:
python -m pip install sftpwarden
For source checkouts and documentation work:
python -m pip install -e ".[dev,docs,mysql,postgres,mongodb]"
Docker is required for the default Compose runtime. Kubernetes projects also
need kubectl; Helm projects need helm.
Create a First Project
The quickest start uses YAML and user schema v1, which stores anonymous
public_keys directly on each user:
sftpwarden config default-provider yaml
mkdir -p ~/sftpwarden-dev
cd ~/sftpwarden-dev
sftpwarden init dev --user-schema 1 --yes
Schema v1 is fully supported and is the simplest format for small projects. New
projects default to schema v2 when --user-schema is omitted; schema v2 adds
named keys, per-key metadata, expiry, disable/enable, rotation, and imports.
To start directly with schema v2:
sftpwarden init dev --user-schema 2 --yes
Add a User
Password user:
sftpwarden user create alice --password "correct horse battery staple"
Public key user:
sftpwarden user create alice --public-key ./alice.pub
Schema v2 named key:
sftpwarden user key add alice prod-ci --public-key ./prod-ci.pub
Deploy and Refresh
Start or update the runtime:
sftpwarden deploy
Apply user/provider changes to an already running runtime:
sftpwarden refresh
Use deploy after changing config, Compose, Kubernetes, Helm, or remote
deployment settings. Use refresh for user changes already visible to the
runtime.
Check the Project
Validate configuration and provider access:
sftpwarden validate
Inspect runtime and project health:
sftpwarden health
Preview runtime user changes without applying them:
sftpwarden plan
Choose the Next Guide
Need |
Read |
|---|---|
Understand local, remote, Kubernetes, and Helm operations |
|
Edit |
|
Pick YAML, CSV, SQLite, SQL, or MongoDB |
|
Manage named SSH keys and migrations |
|
Automate or script exact commands |
|
Harden a deployment before exposure |