SafeBucket
Self-hosted file sharing platform with direct S3 uploads, SSO, and role-based access control.
SafeBucket is an open-source, self-hosted file sharing platform designed for teams that want full control over their data. Unlike traditional cloud storage solutions, SafeBucket ensures that files never touch your server — uploads and downloads go directly to your S3-compatible storage backend via presigned URLs, while the API handles only metadata, access control, and audit logging.
The platform is built with a security-first, SSO-first mindset. It integrates with any OIDC identity provider for authentication, supports multifactor authentication via TOTP, and enforces role-based access control at both the platform and bucket level. Every sharing action is scoped to buckets with explicit membership rules, and all activity is tracked in real-time audit logs.
SafeBucket's modular architecture allows you to swap out every infrastructure component. Use AWS S3 or self-hosted MinIO for storage, PostgreSQL or SQLite for the database, and NATS or SQS for event handling. It ships with Docker Compose templates for quick local deployment and is actively maintained with signed container images.