Private, fully end-to-end encrypted (E2EE), self-hosted file storage solution
4.0K
Self-hosted, zero-knowledge end-to-end encrypted file storage. Files are encrypted in your browser before upload. The server stores only encrypted blobs it cannot decrypt.
True privacy: Even the server admin cannot access your files. Built for sharing storage with family and friends while maintaining cryptographic privacy.
Zero-Knowledge Encryption:
Authentication:
File Management:
Deployment:
Docker Compose (Recommended):
services:
postgres:
image: postgres:15-alpine
environment:
POSTGRES_PASSWORD: changeme
POSTGRES_DB: agam_space
volumes:
- ./postgres-data:/var/lib/postgresql/data
restart: unless-stopped
agam:
image: agamspace/agam-space:latest
# Run as your user for easier file management
# Find your UID/GID with: id -u && id -g
user: "1000:1000"
ports:
- "3331:3331"
environment:
DATABASE_HOST: postgres
DATABASE_PASSWORD: changeme
DATABASE_NAME: agam_space
ALLOW_NEW_SIGNUP: "true"
volumes:
- ./data:/data
depends_on:
- postgres
restart: unless-stopped
Save as docker-compose.yml and run:
docker compose up -d
Access at: http://localhost:3331
Important: The user: "1000:1000" field runs the container as your user for easier file management. Update it to match your UID/GID (find with id -u && id -g). Files in ./data will be owned by this user.
| Variable | Description |
|---|---|
DATABASE_HOST | PostgreSQL hostname |
DATABASE_PASSWORD | PostgreSQL password |
| Variable | Default | Description |
|---|---|---|
DATABASE_PORT | 5432 | PostgreSQL port |
DATABASE_NAME | agam_space | Database name |
HTTP_PORT | 3331 | Server port |
ALLOW_NEW_SIGNUP | false | Allow new registrations |
DOMAIN | http://localhost:3331 | Application domain |
SSO_ISSUER | - | SSO provider URL |
SSO_CLIENT_ID | - | SSO client ID |
SSO_CLIENT_SECRET | - | SSO client secret |
SSO_REDIRECT_URI | - | SSO callback URL |
SSO_AUTO_CREATE_USER | false | Auto-create users via SSO |
Full configuration reference: https://docs.agamspace.app/configuration/
| Tag | Description |
|---|---|
latest | Latest stable release (Alpine-based) |
latest-hardened | Latest stable release (Hardened variant) |
v0.2.x | Specific version (Alpine-based) |
v0.2.x-hardened | Specific version (Hardened variant) |
dev | Development builds from main branch |
dev-hardened | Development builds (Hardened variant) |
Multi-arch support: All images support both amd64 and arm64 architectures.
Hardened images use Docker Hub Images (DHI) with minimal attack surface and no shell access. Use -hardened tags for maximum security.
Key Differences:
| Aspect | Normal (latest) | Hardened (latest-hardened) |
|---|---|---|
| Base image | node:22-alpine | dhi.io/node:22-alpine3.23 |
| Shell access | ✅ Available | ❌ No shell (maximum security) |
| Debugging | ✅ Easy | ⚠️ Limited (no interactive access) |
| Security | ✅ Good | ✅✅ Maximum |
Which to choose?
Also available on GitHub Container Registry:
docker pull ghcr.io/agam-space/agam-space:latest
For production deployments with HTTPS, reverse proxy, and security best practices:
Installation Guide: https://docs.agamspace.app/installation/docker-compose
This is beta software (v0.2.x). Core features work, but expect bugs and changes.
Do not use as your only backup. Keep copies of important files elsewhere until the project reaches v1.0.
Full documentation: https://docs.agamspace.app
Quick links:
Agam (அகம்) comes from Tamil language and refers to the inner, personal world, distinct from what is public. It reflects our commitment to keeping your data private and encrypted.
Content type
Image
Digest
sha256:2a2d9c3db…
Size
61.2 MB
Last updated
10 days ago
docker pull agamspace/agam-space:dev-hardened