Self-Host Dropshare

Host your own file sharing server for Dropshare with automatic HTTPS. This guide walks you through setting up your own server using Docker, giving you complete control over your uploads.

What You Get

• SFTP server for secure file uploads from Dropshare
• Web server (Caddy) for serving files with automatic HTTPS/TLS certificates
• SSH key authentication for security (no passwords)
• Simple setup with an interactive script

Fast Path

For experienced users — get up and running in 2 minutes:

# On your server (requires Docker)
git clone https://github.com/dropshareapp/dropshare-selfhosted.git
cd dropshare-selfhosted
./setup.sh              # Enter your domain, accept defaults
docker compose up -d    # Start the server

# Copy the private key to your Mac
scp user@server:~/dropshare-selfhosted/config/ssh/dropshare_key ~/.ssh/
chmod 600 ~/.ssh/dropshare_key

Then in Dropshare: Preferences → Connections → + → SFTP — use the settings shown by the setup script.

Requirements

Server

You need a server that is accessible from the internet. This can be:

• VPS (Virtual Private Server) from providers like DigitalOcean, Linode, Hetzner, Vultr, etc.
• Cloud instance from AWS, Google Cloud, Azure, etc.
• Home server with port forwarding configured on your router
• Dedicated server from any hosting provider

Minimum specifications:

• 512 MB RAM (1 GB recommended)
• 10 GB storage (depends on your upload needs)
• Linux operating system (Ubuntu, Debian, or similar)

Domain Name

You need a domain name pointing to your server's IP address:

• Example: files.yourdomain.com → 123.45.67.89
• For local testing, you can use 127.0.0.1 or a local IP address

Network Ports

The following ports need to be accessible (defaults, customizable during setup):

• Port 80 — HTTP (required for Let's Encrypt certificate generation)
• Port 443 — HTTPS (for serving files)
• Port 2222 — SFTP (for uploads from Dropshare)

Installing Docker

Docker is required to run the self-hosted server. Here's how to install it on popular Linux distributions:

Ubuntu / Debian

# Update package index
sudo apt update

# Install prerequisites
sudo apt install -y ca-certificates curl gnupg

# Add Docker's official GPG key
sudo install -m 0755 -d /etc/apt/keyrings
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg
sudo chmod a+r /etc/apt/keyrings/docker.gpg

# Add the Docker repository
echo \
  "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu \
  $(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \
  sudo tee /etc/apt/sources.list.d/docker.list > /dev/null

# Install Docker
sudo apt update
sudo apt install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin

# Add your user to the docker group (logout and back in after this)
sudo usermod -aG docker $USER

TIP

For Debian, replace ubuntu with debian in the repository URL.

Fedora

# Install Docker
sudo dnf -y install dnf-plugins-core
sudo dnf config-manager --add-repo https://download.docker.com/linux/fedora/docker-ce.repo
sudo dnf install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin

# Start and enable Docker
sudo systemctl start docker
sudo systemctl enable docker

# Add your user to the docker group
sudo usermod -aG docker $USER

CentOS / RHEL / Rocky Linux / AlmaLinux

# Install prerequisites
sudo yum install -y yum-utils

# Add Docker repository
sudo yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo

# Install Docker
sudo yum install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin

# Start and enable Docker
sudo systemctl start docker
sudo systemctl enable docker

# Add your user to the docker group
sudo usermod -aG docker $USER

Arch Linux

# Install Docker
sudo pacman -S docker docker-compose

# Start and enable Docker
sudo systemctl start docker
sudo systemctl enable docker

# Add your user to the docker group
sudo usermod -aG docker $USER

Verify Installation

After installation, log out and back in, then verify Docker is working:

docker --version
docker compose version

Setup

1. Clone and Run Setup

Connect to your server via SSH and run:

git clone https://github.com/dropshareapp/dropshare-selfhosted.git
cd dropshare-selfhosted
./setup.sh

The setup script will prompt you for:

• Domain name — your server's domain (e.g., files.example.com)
• SFTP username — username for uploads (default: dropshare)
• SFTP port — port for SFTP connections (default: 2222)
• Upload path — remote path in Dropshare (default: /uploads/)
• HTTP/HTTPS ports — web server ports (defaults: 80 and 443)

2. Start the Server

docker compose up -d

3. Get the SSH Private Key

The setup script generates an SSH keypair for authentication. You need to transfer the private key to your Mac to use with Dropshare.

Option A: Copy via SCP (from your Mac)

Open Terminal on your Mac and run:

scp user@your-server:~/dropshare-selfhosted/config/ssh/dropshare_key ~/.ssh/dropshare_key
chmod 600 ~/.ssh/dropshare_key

Replace user@your-server with your actual SSH login.

Option B: Copy via clipboard

On the server, display the key:

cat config/ssh/dropshare_key

Copy the entire output (including the -----BEGIN----- and -----END----- lines), then on your Mac, create a new file and paste the contents:

nano ~/.ssh/dropshare_key
# Paste the key, save with Ctrl+O, exit with Ctrl+X
chmod 600 ~/.ssh/dropshare_key

Option C: Use an SFTP client

Connect to your server with an SFTP client (like Transmit or Cyberduck) and download config/ssh/dropshare_key to your Mac.

Configure Dropshare

1. Open Dropshare preferences
2. Go to Connections
3. Click the + button to add a new connection
4. Select SFTP
5. Enter the connection details:

Setting	Value
Protocol	SFTP
Hostname	your-domain.com:2222 (use your custom port if changed)
Username	dropshare (or your custom username)
Authentication	Private Key
Private Key	Select the dropshare_key file
Upload Path	/uploads/ (or your custom path)
URL to Path	https://your-domain.com/ (include port if non-standard HTTPS)

TIP

The setup script displays the exact connection settings for your configuration. Use those values.

Architecture

┌─────────────────┐         ┌─────────────────┐
│   Dropshare     │  SFTP   │  SFTP Server    │
│   (your Mac)    │────────▶│ (default: 2222) │
└─────────────────┘         └────────┬────────┘
                                     │
                                     ▼
                            ┌─────────────────┐
                            │  Shared Volume  │
                            │   /uploads      │
                            └────────┬────────┘
                                     │
                                     ▼
┌─────────────────┐         ┌─────────────────┐
│   Browser /     │  HTTPS  │  Caddy Server   │
│   Recipients    │◀────────│ (default: 443)  │
└─────────────────┘         └─────────────────┘

Server Management

Commands

# Start the server
docker compose up -d

# Stop the server
docker compose down

# View logs
docker compose logs -f

# View specific service logs
docker compose logs -f sftp
docker compose logs -f caddy

# Restart after config changes
docker compose restart

Change Ports

Edit .env and change any of these, then restart:

• SFTP_PORT — SFTP port (default: 2222)
• HTTP_PORT — HTTP port (default: 80, needed for Let's Encrypt)
• HTTPS_PORT — HTTPS port (default: 443)

docker compose down
docker compose up -d

Note: If you use a non-standard HTTPS port, include it in your URLs (e.g., https://files.example.com:8443/).

Troubleshooting

Cannot connect via SFTP

1. Check the server is running: docker compose ps
2. Check firewall allows your SFTP port: sudo ufw allow 2222 (or your custom port)
3. Check logs: docker compose logs sftp
4. Verify the private key file permissions on your Mac: chmod 600 ~/.ssh/dropshare_key

HTTPS not working

1. Ensure your domain points to this server's IP
2. Check ports 80 and 443 (or your custom ports) are open
3. Check Caddy logs: docker compose logs caddy
4. For local/IP addresses, the browser will warn about the self-signed certificate — this is expected

Permission denied on upload

Check the uploads directory permissions on the server:

chmod 755 uploads

SSH key not accepted

1. Ensure you're using the correct private key file (dropshare_key, not dropshare_key.pub)
2. Check the key file has correct permissions: chmod 600 ~/.ssh/dropshare_key
3. Verify the public key is in config/authorized_keys on the server

Security

Fail2ban Protection (Linux only)

The server includes optional fail2ban protection against brute-force attacks. It automatically bans IP addresses after repeated failed login attempts.

WARNING

Fail2ban only works on Linux servers. It requires access to Docker container logs and iptables, which aren't available on macOS or Windows.

Enable fail2ban on Linux:

docker compose --profile linux up -d

Default settings:

• Max retries: 5 failed attempts
• Find time: 10 minutes
• Ban time: 1 hour

Manage banned IPs:

# View banned IPs
docker compose exec fail2ban fail2ban-client status dropshare-sftp

# Unban an IP
docker compose exec fail2ban fail2ban-client set dropshare-sftp unbanip <IP>

Security Notes

• SSH key authentication only (no passwords)
• SFTP runs on port 2222 by default to avoid conflicts with system SSH (customizable)
• Caddy automatically obtains and renews TLS certificates via Let's Encrypt
• Fail2ban protects against brute-force attacks
• Files are publicly accessible once uploaded (by design for sharing)

Source Code

The self-hosted server is open source and available on GitHub:

https://github.com/dropshareapp/dropshare-selfhosted