snapr

    SFTP

    type: sftp — upload to an SFTP server using either password or SSH key auth.

    Fields

    FieldTypeRequiredNotes
    typesftpyes
    namestringyesidentifier; unique within the job
    hoststringyes
    portintnodefault 22
    usernamestringno
    passwordstringnouse env:. Can be combined with privateKey (both auth methods are offered).
    privateKeystringnopath to a PEM private key file on the snapr host. ~ is expanded.
    passphrasestringnopassphrase for the private key. Use env:.
    knownHostsstringnopath to a known_hosts file. Defaults to ~/.ssh/known_hosts. ~ is expanded.
    strictHostKeyboolnohost-key verification. Defaults to true (strict). Set to false to disable — insecure, accepts any key.
    pathstringnoremote directory (created if missing). Defaults to .

    Example — password

    storages:
  - type: sftp
    name: offsite
    host: backup.example.com
    port: 22
    username: backup
    password: env:SFTP_PASSWORD
    path: /uploads
    strictHostKey: true
    knownHosts: /etc/snapr/known_hosts

    Example — SSH key

    storages:
  - type: sftp
    name: offsite-key
    host: backup.example.com
    username: backup
    privateKey: /etc/snapr/keys/sftp_id_ed25519
    passphrase: env:SFTP_PASSPHRASE
    path: /snapr
    strictHostKey: true
    knownHosts: /etc/snapr/known_hosts

    Prerequisites

    • No external binaries required (snapr uses the Go SSH library).
    • The private key file must be readable by the snapr process (mount it into the container if running in Docker).
    • For production: pre-populate knownHosts with the server's host key (ssh-keyscan -H <host> >> known_hosts) and leave strictHostKey at the default.

    Notes

    • username defaults to the OS user running snapr if omitted.
    • port defaults to 22.
    • When strictHostKey: false, snapr logs a warning but accepts any host key. Use only for ad-hoc testing.