Skip to content

cloudcap10/filevanish-oss

BranchesTags

Repository files navigation

FileVanish

Send files that vanish. End-to-end encrypted file sharing on the edge.

License Cloud

FileVanish is an open-source, end-to-end encrypted file sharing service. Files are encrypted in the browser before they reach the server — even the server operator cannot read them. Self-host on your own Cloudflare account, or use the hosted version.

Features

  • End-to-end encryption — AES-256-GCM, encrypted client-side
  • Burn after reading — file destroys itself after one download
  • Auto-expiry — set a TTL (1h to 30d)
  • Download caps — limit views per link
  • Password-protected shares
  • File requests — let others upload to you
  • Cloud vault — store your sent files
  • Magic-link auth — passwordless sign in
  • Google OAuth + Passkeys support
  • Edge-native — Cloudflare Workers + R2 + D1 + KV
  • No telemetry, no analytics, no ads

Cloud vs Self-Hosted

Cloud (filevanish.com) Self-Hosted (this repo)
Setup time 30 sec ~15 min
Infrastructure Managed (we run it) Your Cloudflare account
Cost Free up to 100MB, $5/mo for Pro Free + Cloudflare usage fees
Updates Automatic git pull + redeploy
Pro features Tier-gated All unlocked
Stripe billing Included Not included
Admin dashboard Included Not included
Support Email GitHub issues (best-effort)

Quick Start (Self-Host)

Prerequisites

  • A Cloudflare account (free tier works)
  • Node.js 20+
  • A domain on Cloudflare (or use the free *.pages.dev subdomain)

1. Clone and install

git clone https://github.com/cloudcap10/filevanish-oss.git
cd filevanish-oss
npm install

2. Create Cloudflare resources

npx wrangler login

# R2 bucket for encrypted file storage
npx wrangler r2 bucket create filevanish-storage

# D1 database for metadata
npx wrangler d1 create filevanish-db
# Copy the printed `database_id` for the next step

# KV namespace for rate limiting
npx wrangler kv namespace create RATE_LIMITER
# Copy the printed `id` for the next step

3. Configure wrangler.toml

cp wrangler.toml.example wrangler.toml

Edit wrangler.toml:

  • Replace REPLACE_WITH_YOUR_D1_DATABASE_ID with your D1 ID
  • Replace REPLACE_WITH_YOUR_KV_NAMESPACE_ID with your KV ID
  • Replace bucket_name = "filevanish-storage" if you used a different name

4. Run database migrations

npx wrangler d1 migrations apply filevanish-db --remote

5. Configure secrets

Set these via Cloudflare Pages dashboard (Settings → Environment Variables → Production), or via CLI:

Required for magic-link sign-in:

# Resend API key for sending sign-in emails
npx wrangler pages secret put RESEND_API_KEY --project-name filevanish

Optional — Google OAuth:

npx wrangler pages secret put GOOGLE_CLIENT_ID --project-name filevanish
npx wrangler pages secret put GOOGLE_CLIENT_SECRET --project-name filevanish

Optional — custom from-address:

npx wrangler pages secret put RESEND_FROM --project-name filevanish
# e.g., "MyApp <noreply@example.com>"

6. Deploy

npm run build
npx wrangler pages deploy dist --project-name filevanish

Visit your *.pages.dev URL or your custom domain. Done.

Architecture

Browser → encrypts file (AES-256-GCM)
       ↓
Cloudflare Pages Functions (Workers)
       ├─→ R2 (encrypted blob)
       ├─→ D1 (metadata: filename, expiry, hash)
       └─→ KV (rate limits, magic-link tokens)

The server never sees:

  • File contents (encrypted in browser)
  • Encryption keys (kept by sender, shared via URL fragment)
  • Decrypted file hashes

Project Structure

filevanish-oss/
├── src/                  # React frontend (Vite + Tailwind)
│   ├── pages/           # Page components
│   ├── components/      # Shared components
│   ├── hooks/           # React hooks
│   └── lib/             # Crypto, utils
├── functions/           # Cloudflare Pages Functions
│   ├── api/             # API endpoints
│   │   ├── auth/        # Magic link, OAuth, sessions
│   │   ├── upload/      # Multipart upload (init, part, complete)
│   │   ├── meta/        # File metadata
│   │   ├── vault/       # User's stored files
│   │   └── requests/    # File requests (reverse share)
│   ├── d/[id].ts        # Download endpoint
│   ├── s/[id].ts        # Share page redirect
│   └── lib/             # Server utilities (auth, email, tiers)
├── migrations/          # D1 schema migrations
├── public/              # Static assets
└── wrangler.toml.example

Development

# Run locally with Wrangler
npm run dev

# Build for production
npm run build

# Run tests
npm test

Customization

  • Branding: edit src/pages/Landing.tsx, public/logo-mark.svg, index.html
  • Tier limits: edit functions/lib/tiers.ts
  • Email templates: edit functions/lib/email-templates.ts
  • Theme: edit src/styles.css and tailwind.config.js

Trademark

The "FileVanish" name and logo are trademarks. Forks distributed publicly must use a different brand.

Security

If you find a security issue, please email security@filevanish.com instead of opening a public issue.

License

Apache 2.0 — see also NOTICE.

Contributing

Issues and pull requests welcome. By contributing, you agree your contribution is licensed under Apache 2.0.

Built by @cloudcap10. Hosted version: filevanish.com.

About

Send files that vanish. End-to-end encrypted file sharing for Cloudflare Pages.

filevanish.com

Topics

react privacy typescript encryption serverless file-sharing self-hosted cloudflare file-transfer zero-knowledge end-to-end-encryption edge-computing vite cloudflare-workers burn-after-reading aes-256-gcm cloudflare-pages cloudflare-r2 cloudflare-d1 wetransfer-alternative

Resources

Readme

License

Apache-2.0 license

Contributing

Contributing

Security policy

Security policy
Activity

Stars

2 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages