Lufi

From Mintarc Forge
Revision as of 04:33, 11 February 2025 by Tommy (talk | contribs) (Created page with "Lufi, short for "Let’s Upload that FIle," is an open-source, self-hosted file-sharing platform that prioritizes privacy and security through end-to-end encryption (E2E). Designed as a lightweight and user-friendly solution, Lufi allows users to securely upload, share, and manage files without relying on third-party cloud services. It is particularly well-suited for individuals or organizations seeking a private alternative to mainstream file-sharing platforms like WeTr...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Lufi, short for "Let’s Upload that FIle," is an open-source, self-hosted file-sharing platform that prioritizes privacy and security through end-to-end encryption (E2E). Designed as a lightweight and user-friendly solution, Lufi allows users to securely upload, share, and manage files without relying on third-party cloud services. It is particularly well-suited for individuals or organizations seeking a private alternative to mainstream file-sharing platforms like WeTransfer or Firefox Send.

End-to-End Encryption:

  • Files are encrypted in the browser before being uploaded to the server.
  • The encryption key is embedded in the URL as a fragment identifier (anchor), ensuring it never reaches the server.
  • This means that even the server administrator, network administrator, or ISP cannot view the content of the files.

Secure File Sharing:

  • Users receive two links per file: a download link for sharing and a deletion link for removing the file from the server.
  • Files can be password-protected for additional security.
  • Supports "burn after reading" mode, where files are deleted immediately after being downloaded once.

Customizable Expiration:

  • Files can be set to expire after a specific number of days or downloads.
  • Administrators can configure default expiration settings for their instance.

Cross-Platform Compatibility:

  • Works seamlessly on major browsers like Firefox, Chrome, Safari, Microsoft Edge, and even older ones like Internet Explorer 11.
  • Fully functional on mobile devices (iOS and Android).

User-Friendly Interface:

  • Drag-and-drop functionality for quick uploads.
  • Responsive design ensures usability across devices.
  • Supports automatic zipping of multiple files before upload.

Self-Hosting:

  • Lufi can be deployed on personal or organizational servers, giving users full control over their data.
  • Supports local storage or integration with S3-compatible object storage systems.

Lightweight and Flexible:

  • Written in Perl using the Mojolicious framework, making it efficient and easy to deploy.
  • Minimal hardware requirements make it suitable for smaller servers.

Multi-Language Support:

  • Available in multiple languages to cater to a global audience.

Open Source:

  • Licensed under AGPLv3, allowing users to inspect, modify, and contribute to the codebase.
  • Source code is available on GitHub: https://github.com/ldidry/lufi.

Lufi’s design ensures that all encryption and decryption processes occur client-side within the browser. This guarantees that files never leave the user's device unencrypted. While some metadata (e.g., file name, size, MIME type) is visible to the server administrator, the actual content of the files remains inaccessible.

Additional privacy features include:

  • Password protection for shared files.
  • IP address logging (optional) for legal compliance but can be disabled by administrators.
  • Configurable headers (e.g., X-Frame-Options) for enhanced security when running behind reverse proxies like Nginx.

Lufi is highly customizable and can be deployed using various methods:

  • Docker Image: Simplifies deployment with pre-configured containers (Docker repository).
  • Manual Installation: Detailed setup instructions are available in its official documentation (Framasoft Wiki).
  • Supports integration with reverse proxies like Nginx for HTTPS/TLS encryption.

Administrators can configure several options, such as:

  • Maximum file size limits.
  • Default expiration times for uploads.
  • Themes to customize the user interface.

While Lufi excels in privacy and simplicity, it has some limitations:

  • Metadata such as file names and sizes are not encrypted by default.
  • Requires technical expertise to set up and maintain a self-hosted instance.
  • No built-in user authentication system; access controls must rely on external configurations or reverse proxies.

Its open-source nature allows users to self-host their own instance, ensuring complete control over data while avoiding reliance on centralized services. With its focus on simplicity, security, and flexibility, Lufi is an excellent choice for individuals and organizations seeking a secure alternative to mainstream file-sharing platforms like WeTransfer or Firefox Send.

Retrieved from "https://matomo.mintarc.com/mediawiki/index.php?title=Lufi&oldid=542"