@joseph Really helpful, thanks. That was the missing link for me. I now have a working user who can log into the SFTP server. Uploading a file worked. All is right with the world (or a least this small corner). Appreciate your efforts, @girish and especially @BrutalBirdie for making this available.
I think your suggestion of setting up a default mount point for user_files is excellent. Making sure it integrates with Cloudron backup (see question below) would be great. Lastly, a mistake I made (but quickly rectified) was the default SFTP port. Standard is 22, but SFTPGo chooses 2022 (good idea) but it is easy to miss. Perhaps adding a note to the app documentation that SFTPGo does not use standard service ports?
A couple of follow-up questions (still learning a lot about Cloudron):
Is Cloudron the correct owner for /app/data/user_files or is yellowtent or www-data more appropriate?
What is the difference between these 3 owners {Cloudron, yellowtent, www-data}?
To have /app/data/user_files (and all user folders underneath) backed up as part of the normal Cloudron backup process, what (if anything) in the way of extra configuration is necessary?
This app seemed to allow Cloudron users and groups to be assigned access but logging in using a user with access permission did not work. Is there a configuration change required? Or is the linkage only via LDAP or OIDC?