Yann M. Vidamment · blog

Drop WeTransfer for Erugo

752 words 4 min read
Topics self-hosted privacy docker file-sharing Series Ditch X 1/1

WeTransfer was the lazy answer for years. Upload, copy the link, move on. The problem is what sits in between. The file, the filename, the recipient email, my IP, all of it on someone else’s machine. None of that has to be.

I run Erugo instead.

What I needed

  • OIDC so it plugs into my SSO
  • A working invitation system for teammates
  • Email pipeline (share notifications, password reset)
  • Folder uploads
  • Per-share expiry and download caps
  • One container behind my existing reverse proxy

Why Erugo

Same shape as WeTransfer: paste a file, get a link, set an expiry. On top of that: OIDC, real invitations, folder uploads, and reverse shares for when someone needs to send me a file. The branding panel takes a logo and one color, and the install stops looking like a default in about five minutes.

Setup

Always check the releases page for the current tag before copying any of this. v0.2.15 is the latest at time of writing. The image is multi-arch and Alpine-based, so arm64 pulls native on a Pi or on Apple silicon, no qemu.

Minimal compose

The smallest thing that works. Drop it in a folder, docker compose up -d, browse to http://localhost:8080.

services:
  app:
    image: wardy784/erugo:v0.2.15
    container_name: erugo
    restart: unless-stopped
    ports:
      - '8080:80'
    volumes:
      - './storage:/var/www/html/storage'

What I actually run

Hardened, no published ports. The container sits on a Docker network shared with Pangolin’s Traefik, which reaches it on port 80 directly.

networks:
  pangolin:
    external: true
services:
  app:
    image: wardy784/erugo:v0.2.15 # pin a tag, never ':latest'
    container_name: erugo
    restart: unless-stopped
    init: true
    security_opt:
      - no-new-privileges:true
    pids_limit: 200
    mem_limit: 512m
    volumes:
      - './storage:/var/www/html/storage'
    expose:
      - 80
    networks:
      - pangolin
    healthcheck:
      test: ['CMD', 'curl', '-fsS', 'http://localhost/']
      interval: 30s
      timeout: 5s
      retries: 3
      start_period: 60s
    logging:
      driver: json-file
      options:
        max-size: '10m'
        max-file: '3'

init: true runs tini above supervisord, which makes the container shut down cleanly on SIGTERM. pids_limit and mem_limit keep a misbehaving PHP-FPM worker from taking the host down with it, and the logging block stops Docker from filling the disk one log line at a time. The healthcheck hits the home page; once Laravel and the DB are reachable, it returns 200.

What is worse

The stack is PHP, Laravel and Vue. It works, but it eats more RAM than a single-binary alternative would. No AV scan in the box either, so if you accept uploads from people you do not fully trust, bolt one on.

When not to pick this

  • One-person setup with no SSO or invitations. A caddy file_server with basic auth or Picoshare gives you the same drop story for less.
  • A single-board ARM with under 1 GB of RAM. PHP plus Laravel plus Vue idles around 200 MB. Pick something lighter and you keep room to breathe.
  • Hard compliance requirement for server-side virus scanning. You can wire ClamAV next door, but it is not first-class here. A tool that ships scanning in the box fits the audit trail better.

Verdict

Several months in. The container restarts on its own when I bump the image, my colleagues open shares without asking what tool that is, and I have stopped thinking about retention windows. The first time a 5 GB client archive expired exactly when I had told it to, I felt the small relief that justifies the whole self-hosting habit. Keep.

Alternatives worth a look

The space has more than one good answer. If Erugo does not fit, these are the ones I would investigate next:

  • Picoshare: Go single binary with SQLite, almost nothing to configure. The minimal-fuss option when you only need a drop link for yourself.
  • Plik: Go server with a CLI and a web UI, multi-user out of the box, well-maintained.
  • PsiTransfer: Node.js, simple to host, clean enough UI for casual sharing.
  • Palmr: Node.js Fastify with a NextJS UI, ships OIDC, 2FA, password protection and custom links. Closest profile to Erugo in feature scope.
  • Papra: More an archiving platform than a drop-in. Full-text search, email-to-import, organizations. Pick it if you want a personal document base and not just a share link generator.

Comments

Quiet notes for this article.