Gokapi

Gokapi is a lightweight, self‑hosted file transfer service written in Go that focuses on simplicity while exposing a rich set of developer‑friendly features. At its core, it provides a RESTful API for uploading and downloading files with automatic expiration policies, deduplication, and optional end‑to‑end encryption. The application is designed to run on bare metal or inside Docker, making it suitable for CI/CD pipelines, internal tooling, or personal file sharing.

• Language: Go 1.20+ – the compiled binary is single‑file, statically linked, and requires no runtime dependencies.
• Web Framework: net/http with minimal third‑party routers, keeping the runtime footprint low.
• Storage:
  • Local filesystem (default) with optional S3/S3‑compatible backends such as AWS, Backblaze B2, or MinIO.
  • Deduplication is achieved via SHA‑256 hashing; identical uploads share the same storage blob.
• Database: SQLite (file‑based) for user accounts, file metadata, and expiration rules. The schema is lightweight and migrations are auto‑applied on startup.
• Auth & Identity:
  • Built‑in user management with role‑based access control (admin, uploader, viewer).
  • OpenID Connect integration for enterprise SSO (e.g., Keycloak, Authelia).
• Encryption:
  • Server‑side AES‑256 encryption for stored files.
  • End‑to‑end encrypted uploads using a client‑side key derivation flow (optional).
• API:
  • CRUD endpoints for files, shares, and users.
  • Webhook support for download events (e.g., Slack, custom HTTP endpoints).
• UI:
  • Single‑page React/Vanilla JS interface that can be fully customized via CSS and optional JavaScript snippets.

• Automated Expiration: Set per‑file or global limits on download count and lifetime; the background worker cleans expired entries.
• Fine‑grained Permissions: Role definitions and per‑file ACLs allow integration into existing permission models.
• Webhook & Event Hooks: Trigger external processes on upload, download, or deletion events—ideal for audit logging or downstream workflows.
• Customizable UI Hooks: Inject branding assets and client‑side scripts without modifying the core codebase.
• Docker Image: Official f0rc3/gokapi on Docker Hub, with environment variables for configuration (e.g., GOKAPI_S3_ENDPOINT, GOKAPI_DB_PATH).

• Bare Metal: A single binary plus a SQLite file; no external services required.
• Docker: docker run -p 8080:80 f0rc3/gokapi with optional volume mounts for persistence and S3 credentials.
• Scalability: For high‑throughput scenarios, deploy behind a load balancer and use an external S3 bucket; the stateless API allows horizontal scaling. SQLite limits concurrent writes, so for multi‑node deployments a PostgreSQL backend can be enabled via the GOKAPI_DB_DSN variable (not yet documented but available in source).
• Monitoring: Exposes Prometheus metrics (/metrics) and a health endpoint.

• Plugins: Not yet formalized, but the code exposes hooks for authentication and storage adapters. Developers can fork and replace the storage.Storage interface with custom implementations.
• Webhooks: JSON payloads on events allow integration with CI tools, chat ops, or custom audit services.
• API SDKs: While no official client libraries exist, the REST API follows standard patterns (JSON payloads, bearer tokens), making it trivial to generate SDKs with tools like OpenAPI Generator.

1. Internal Tooling: Teams can host Gokapi to share build artifacts, logs, or documentation with controlled lifetimes.
2. Automated Pipelines: CI jobs upload test results to Gokapi, then notify stakeholders via webhooks.
3. Secure File Sharing: Organizations needing encrypted, expiring links for client deliveries without third‑party services.
4. Educational Labs: Instructors can provide temporary access to large datasets or code samples.

• Zero‑Dependency Runtime: A single binary reduces attack surface and deployment friction.
• Licensing: AGPLv3 ensures that any modifications remain open, encouraging community contributions.
• Performance: Go’s efficient I/O and concurrent goroutines provide low latency for uploads/downloads even on modest hardware.
• Flexibility: The combination of local storage, S3 support, and OpenID Connect makes it adaptable to diverse environments.
• Developer Experience: Comprehensive documentation on