{"id":50799735,"url":"https://github.com/alienid4/cl_ftp","last_synced_at":"2026-06-12T18:04:18.527Z","repository":{"id":358810738,"uuid":"1242993422","full_name":"alienid4/cl_ftp","owner":"alienid4","description":"SF Relay File Exchange Server - Reference impl for Windows Server (SFTP + ANY approval + SMB / Portal ZIP download + audit trail)","archived":false,"fork":false,"pushed_at":"2026-05-19T08:05:55.000Z","size":246,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-05-19T08:13:32.962Z","etag":null,"topics":["audit-log","enterprise","file-exchange","flask","mft","reference-implementation","sftp","windows-server"],"latest_commit_sha":null,"homepage":"","language":"PowerShell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/alienid4.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-05-19T00:37:21.000Z","updated_at":"2026-05-19T08:05:59.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/alienid4/cl_ftp","commit_stats":null,"previous_names":["alienid4/cl_ftp"],"tags_count":5,"template":false,"template_full_name":null,"purl":"pkg:github/alienid4/cl_ftp","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/alienid4%2Fcl_ftp","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/alienid4%2Fcl_ftp/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/alienid4%2Fcl_ftp/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/alienid4%2Fcl_ftp/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/alienid4","download_url":"https://codeload.github.com/alienid4/cl_ftp/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/alienid4%2Fcl_ftp/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":34256188,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-06-12T02:00:06.859Z","response_time":109,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["audit-log","enterprise","file-exchange","flask","mft","reference-implementation","sftp","windows-server"],"created_at":"2026-06-12T18:04:17.161Z","updated_at":"2026-06-12T18:04:18.518Z","avatar_url":"https://github.com/alienid4.png","language":"PowerShell","funding_links":[],"categories":[],"sub_categories":[],"readme":"# SF 中繼檔案交換主機\n\n\u003e **檔案中繼平台**: SFTP 上傳 + ANY 制簽核 + SMB / Portal ZIP 下載 + 全程稽核留痕\n\u003e 對齊主管圖 + Z 方案增值 (OA 端 USER 取檔 / 業務簽核 / Portal 集中視覺化)\n\n---\n\n## 雙平台支援 (v1.x = Windows, v2.x = RHEL)\n\n| 主版本 | 平台 | 部署目錄 | 狀態 |\n|---|---|---|---|\n| **v1.x.x** | Windows Server 2022 | `deploy/`, `scripts/*.ps1` | maintenance |\n| **v2.x.x** ⭐ | RHEL 8/9 | `deploy-rhel/`, `config/*linux*` | **主開發** |\n\n新環境**建議用 v2.x (RHEL)** — Linux 用戶速度快 10 倍, 同一份 Flask Portal 程式碼跨平台。\n\n詳見: [v1 → v2 升級決策](docs/runbook/eval_20260520_0900_rhel_alternative.md)\n\n---\n\n## 專案目標\n\n公司部門間 / 系統間 / 人員間的檔案交換, **單一窗口**、**最小權限**、**全程留痕**、**可重現查詢**。\n\n| 角色 | 動作 |\n|---|---|\n| PRD 端 AP 主機 | SFTP / FTPS 上傳到 SF 業務代號帳號 u0X |\n| 業務主管 (5 人) | Portal ANY 制簽核, 任 1 同意即放行 |\n| OA 端 USER | SMB 掛載 / Portal 批次 ZIP 下載 |\n| IT 管理員 | Portal 管理業務代號 / 全公司稽核查詢 / 系統健康 |\n\n---\n\n## 快速開始 (v2.x / RHEL 推薦) ⭐\n\n```bash\nsudo dnf install -y git\ncd /opt\nsudo git clone https://github.com/alienid4/cl_ftp sf\ncd sf\nsudo ./deploy-rhel/install_all.sh\n```\n\n完成後自動顯示訪問網址。詳見 [v2.0.0 部署 SOP](docs/runbook/v2.0.0_20260520_1100_first_deploy.md)。\n\n---\n\n## 快速開始 (v1.x / Windows, maintenance)\n\n### 1. 外網工作站 — 打包離線 bundle (~600 MB)\n```powershell\ncd C:\\ClaudeHome\\SFTP\\deploy\\offline\n.\\build_offline_bundle.ps1\n```\n\n### 2. SF 主機 — 一鍵安裝\n```powershell\n# 第一階段 (SQL Express 本機)\n.\\install_offline.ps1\n\n# 第二階段 (公司 DB)\n.\\install_offline.ps1 -DbMode CorpDB -CorpDBServer 'corp-sql01.internal,1433'\n```\n\n### 3. 驗證\n```powershell\n.\\scripts\\health_check.ps1\n.\\scripts\\tail_log.ps1\n```\n\n詳見 [docs/deployment_sop.md](docs/deployment_sop.md)\n\n---\n\n## 檔案結構\n\n```\nSFTP/\n├── README.md ← 本檔\n├── deploy/ ← 18 支部署腳本 (00~17)\n│ └── offline/ ← 離線打包與一鍵安裝\n├── scripts/ ← 維運腳本 (tail_log / health_check / debug_bundle / migrate_db)\n├── config/ ← sshd_config / web.config / banner.txt\n├── sql/ ← AuditLog Schema\n├── portal/ ← Flask Portal 程式碼\n└── docs/ ← 架構圖 / mockup / 文件\n ├── architecture-v2.html Z 方案完整版架構圖\n ├── mockup-user.html 一般使用者介面\n ├── mockup-admin.html 管理員介面\n ├── required_packages.md 套件清單\n └── deployment_sop.md 部署 SOP\n```\n\n---\n\n## 設計核心\n\n| 項目 | 決定 |\n|---|---|\n| 上傳通道 | SFTP (主) / FTPS (備案, 預設停用) |\n| 下載通道 | SFTP (給機器) / SMB (給人) / Portal ZIP (給不會 SMB 的人) |\n| 帳號模型 | u0X 業務代號 (PAM 納管) + AD 個人帳號 (Portal/SMB) |\n| 簽核制度 | 5 人 ANY 制, AD 群組自助維護 |\n| 批次聚合 | 滑動 30 秒 + 5 分鐘安全閥, 1 行 1 批可展開細選 |\n| 保留期 | u0X home 7 天 + samba 7 天 + AuditLog 線上 365 天 + 歸檔 5 年 |\n| DB | 第一階段 SQL Express, 第二階段可遷移公司 MS SQL Server |\n| Log | AuditLog 預留 CEF/syslog 欄位, 階段二接 SIEM |\n\n詳見 [plan 檔](../../Users/leea6/.claude/plans/windows-server-indexed-turing.md)\n\n---\n\n## 相關文件\n\n| 文件 | 用途 |\n|---|---|\n| [plans/windows-server-indexed-turing.md](../../Users/leea6/.claude/plans/windows-server-indexed-turing.md) | 完整設計 plan |\n| [docs/architecture-v2.html](docs/architecture-v2.html) | Z 方案架構圖 |\n| [docs/mockup-user.html](docs/mockup-user.html) | 使用者介面 mockup |\n| [docs/mockup-admin.html](docs/mockup-admin.html) | 管理員介面 mockup |\n| [docs/required_packages.md](docs/required_packages.md) | 套件清單 |\n| [docs/deployment_sop.md](docs/deployment_sop.md) | 部署 SOP (準備階段 + 套件安裝) |\n| [docs/startup_sop.md](docs/startup_sop.md) | **🚀 啟動 SOP** (install 跑完後 8 步, 從套件就緒到第一個檔案流過) |\n| [portal/README.md](portal/README.md) | Portal 開發者指引 |\n| [patches/README.md](patches/README.md) | **Patch 管理規範 + 版本歷史** |\n| [docs/known_issues.md](docs/known_issues.md) | 已知問題 + 解法 (8 個常見坑) |\n| [docs/dev-log/](docs/dev-log/) | **開發者紀錄** (規範 / 錯誤追蹤 / 工作日誌) |\n| [docs/dev-log/issues_log.md](docs/dev-log/issues_log.md) | 錯誤追蹤紀錄 (9 筆) |\n| [docs/dev-log/dev_journal.md](docs/dev-log/dev_journal.md) | 開發者工作日誌 |\n| [docs/dev-log/skill_sf_workflow.md](docs/dev-log/skill_sf_workflow.md) | **SKILL 工作流程紀律** (8 大鐵律) |\n\n---\n\n## 📢 免責聲明 / Disclaimer\n\n本專案為**公開的參考實作 (reference implementation)**, 用於展示 Windows Server 上建置中繼檔案交換主機的設計與部署方式。\n\n- 所有業務代號 (u01~u04)、部門名稱、人員姓名、IP 位址、AD 群組名稱**均為示範值**, 不對應任何真實組織。\n- 設計取材自業界常見的金融業 / 企業內網檔案交換場景, **非任何特定公司的實際系統**。\n- 部署到正式環境前, 請依貴公司資安政策 / 命名規範 / 認證方式 自行客製。\n- 開發者不保證本程式碼在所有環境下的安全性或可用性。\n\nThis is a public **reference implementation** demonstrating how to build a relay file exchange server on Windows Server. All business codes, department names, user names, IP addresses, and AD group names are **placeholder examples** and do not correspond to any real organization. Adapt to your own corporate policies before production deployment.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Falienid4%2Fcl_ftp","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Falienid4%2Fcl_ftp","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Falienid4%2Fcl_ftp/lists"}