Plik

Temporary file sharing, honestly reviewed. No marketing fluff, just what you get when you self-host it.

TL;DR

• What it is: Open-source (MIT) temporary file upload system written in Go — think WeTransfer, but running on your own server with full control over retention, encryption, and access [README][1].
• Who it’s for: Developers, sysadmins, and technically-capable founders who regularly share files with external parties and want self-destruct links, password protection, and no third-party in the middle.
• Cost savings: WeTransfer Pro runs $12–$19/month. Plik self-hosted runs on a $5–6/month VPS with no per-transfer limits and no storage caps except your disk.
• Key strength: Unusually complete feature set for a “simple file share” tool — OneShot deletes, stream-mode (nothing stored server-side), Age end-to-end encryption, S3/GCS/Swift backends, and a proper CLI client that accepts piped input [README].
• Key weakness: No hosted SaaS tier, no polished onboarding, and almost no third-party review coverage — you are essentially trusting the GitHub README and a live demo. Project has 1,718 stars and appears actively maintained but it’s a small open-source project, not a funded company [1].

---

What is Plik

Plik is a self-hosted temporary file sharing server. The elevator pitch from its own README is precise: “scalable & friendly temporary file upload system — like WeTransfer, self-hosted” [README]. That is exactly what it is and nothing more ambitious.

You run a server, people upload files, those files expire after a configurable TTL, and you control every piece of infrastructure. The web UI is Vue 3 and works well enough. The CLI client is where the tool really shines — it accepts piped input, outputs direct download URLs, and can create archives, set passwords, or trigger OneShot mode all from the command line [README].

The project is written in Go by a group under the root-gg GitHub organization. It has 1,718 stars on GitHub, 186 forks, and 16 open issues as of this review [1]. The last commit was March 22, 2026. It’s listed in Awesome Go. It has Docker pulls in the tens of thousands judging by the badge on the README. It is not a YC company with a roadmap and a blog — it is an open-source tool that a small group of developers built because they wanted it to exist.

What makes it worth using over “just email the file” or “throw it in Google Drive” is the intentional temporariness. Every upload can have a TTL. Files auto-delete. OneShot mode destroys a file after the first download — useful for sending credentials or anything you don’t want cached on someone’s laptop indefinitely. Stream mode goes further: the file never touches the server’s disk at all, transferring directly from uploader to downloader in real time [README]. That is a meaningful privacy property.

---

Why people choose it

Third-party review coverage for Plik is thin. The search results for this article surfaced an AlternativeTo listing [1] and a handful of community forum posts that mentioned it in passing alongside Firefox Send, Jirafeau, and Nextcloud — but no dedicated long-form reviews exist in English as of this writing.

What the AlternativeTo listing [1] confirms, and what the GitHub traction backs up, is that Plik occupies a specific niche: people who want Firefox Send but self-hosted and still alive. Mozilla killed Firefox Send in 2020. The problem it solved — passworded, expiring, OneShot file transfers without creating an account anywhere — did not go away. Plik fills that gap and adds a proper CLI on top.

The forum discussion context [2], while not directly reviewing Plik, captures the demand well: users wanted something between “email attachment” and “full Nextcloud instance” — quick uploads, automatic expiry, optional password, no account required for the recipient. That is Plik’s core use case, and it delivers it cleanly.

The CLI is the differentiator for technical users. A single command uploads a file and returns a curl-ready download link. You can pipe output from any command directly into plik. You can set all options (TTL, password, OneShot, encryption) as flags. This is the tool that ends up in developer dotfiles and internal runbooks.

---

Features

From the README and AlternativeTo listing:

Core upload engine:

• Configurable TTL with automatic cleanup — set files to expire in hours, days, or never [README]
• OneShot mode: file is deleted immediately after the first download [README][1]
• Stream mode: uploader-to-downloader pipe with zero server-side storage [README][1]
• Password protection via HTTP Basic Auth [README][1]
• Removable uploads: the uploader can delete files at any time [1]
• Custom messages attached to uploads (Markdown format) [1]

Storage backends:

• Local filesystem
• Amazon S3 (and S3-compatible: MinIO, Wasabi, Backblaze B2)
• OpenStack Swift
• Google Cloud Storage [README][1]

Metadata backends:

• SQLite (default, zero setup)
• PostgreSQL
• MySQL [README][1]

Authentication:

• Local user accounts
• Google OAuth
• GitHub OAuth
• OVH OAuth
• OIDC (generic — works with Keycloak, Authentik, Zitadel) [README]
• Upload restriction by source IP or token [1]

Security:

• End-to-end encryption using Age — the CLI encrypts before upload, the web UI can decrypt, and the two are interoperable [README]
• Server-side encryption available with S3 backend [1]

CLI client:

• Accepts piped input: cat /etc/passwd | plik works
• Returns curl-ready download commands
• All options available as flags: --ttl, --password, --oneshot, --secure
• Archive mode: zip or tar directories before upload [README]

Integrations:

• ShareX uploader: directly integrated into the Windows screenshot/upload tool [README][1]
• Thunderbird addon (Filelink for Plik): attach large files via Plik instead of inline [README]
• .NET API client (plikSharp) [README]
• MCP server: Plik recently added an MCP server exposing upload/download as tools for AI assistants (Claude Desktop, Cursor) [README]

Operations:

• Prometheus metrics endpoint [README]
• Multi-architecture Docker images (amd64, arm64) [README]
• Helm chart for Kubernetes [README]
• APT repository for Debian/Ubuntu with systemd service [README]

---

Pricing: SaaS vs self-hosted math

Plik has no SaaS tier. There is a public demo at https://plik.root.gg that the maintainers run, but it is not a paid product — it is a demo. You self-host it or you don’t use it.

WeTransfer for comparison:

• Free: transfers up to 2GB, files deleted after 7 days, no password protection, WeTransfer branding on all links
• Pro ($12/month): 1TB storage, larger transfers, password protection, link tracking, custom expiry
• Premium ($19/month): adds email collection, custom branding removal

Self-hosted Plik:

• Software license: $0 (MIT) [README]
• VPS to run it on: $4–6/month (Hetzner CAX11, Contabo VPS S, Vultr Starter)
• Storage: your disk, or S3-compatible at ~$0.02/GB/month

Concrete savings math:

A small team sharing files externally — design deliverables, client reports, credential bundles — might run 50–100 transfers per month on WeTransfer Pro. That is $12/month guaranteed, regardless of volume, with a cap on file size and a third party seeing your traffic. Self-hosted Plik on a €4/month Hetzner VPS: $4/month, no caps, no third party, no expiry policy you didn’t set yourself.

Over a year: WeTransfer Pro ≈ $144. Plik self-hosted ≈ $48 + the afternoon you spent setting it up. The math is clear if you’re already running any self-hosted infrastructure. If you have zero Linux experience and no existing VPS, the savings evaporate in learning-curve time.

One legitimate cost comparison caveat: WeTransfer’s free tier covers many casual use cases entirely. If you send files fewer than 10 times a month and don’t need password protection, WeTransfer free is perfectly fine. Plik only makes sense if you either need its specific features (OneShot, stream, E2E encryption, SSO) or you’re sharing files frequently enough that WeTransfer Pro’s monthly fee annoys you.

---

Deployment reality check

Plik’s quick start is genuinely quick:

docker run -p 8080:8080 rootgg/plik

That gives you a working instance with SQLite and local file storage. For production you add a docker-compose file with a volume for persistence, a reverse proxy for HTTPS, and optionally swap SQLite for PostgreSQL. The README provides all of this. The Kubernetes Helm path is also documented.

For Debian/Ubuntu there is an official APT repository with a systemd service — less common for Go open-source projects and a nice touch [README].

What you actually need for a production install:

• Linux VPS, 1GB RAM minimum (512MB works for low traffic with SQLite)
• Docker + docker-compose, or a Debian/Ubuntu system for the APT install
• A domain and a reverse proxy (Caddy is one Caddyfile line for HTTPS)
• Optional: PostgreSQL for multi-instance or high-volume use
• Optional: S3 bucket if you want storage to outlive the VPS

What can go sideways:

• The default configuration stores files on disk with no automatic size limits per upload or per user. On a public-facing instance, you will want to configure MaxFileSize and storage quotas, otherwise someone will fill your disk.
• SSO via OIDC is listed as a feature, but the documentation does not walk through a full Keycloak or Authentik setup in detail. Plan for some trial and error if you need this.
• The MCP server is new (appeared in recent README updates) and has no third-party validation yet — it works in theory, but it is not a mature feature.
• Stream mode is elegant but requires both the uploader and downloader to be active simultaneously. If the downloader doesn’t show up, the upload hangs. This is the expected behavior but surprises people the first time.
• No official SLA, no support contract, no paid tier. If Plik stops being maintained, you are on your own — the MIT license means you can fork it, but it is still your problem.

Realistic setup time for a developer: 20–40 minutes to a working HTTPS instance. For a non-technical founder following a Docker guide: 2–3 hours including domain and Caddy setup. The APT path on a fresh Ubuntu VPS is probably the fastest route if you are comfortable with a terminal.

---

Pros and cons

Pros

• MIT license, no strings attached. Fork it, embed it in your product, run it for clients. No commercial licensing, no “fair code” restrictions [README].
• OneShot and Stream modes are genuinely useful. Deleting a file after first download is the right default for credential sharing. Stream mode is a niche but real feature — transferring multi-GB files without ever writing them to the server’s disk is meaningful for privacy and storage cost.
• Age encryption is the right choice. Age is modern (2019+), audited, and interoperable between CLI and web. This is better than the roll-your-own AES schemes you see in older tools.
• Multiple storage backends. SQLite to PostgreSQL to S3 is a real upgrade path. You can start with local disk and move to S3 without replacing the whole stack.
• CLI is excellent. Piped input, curl output, full flag surface — this is the kind of CLI that ends up in automation scripts.
• ShareX and Thunderbird integrations exist and work — rare for a small open-source project to have maintained third-party clients [README][1].
• OIDC support. If you are already running Authentik or Keycloak, Plik can authenticate against it, meaning one user directory for all your self-hosted tools.
• Prometheus metrics and Kubernetes support signal a project that takes production deployment seriously.

Cons

• No hosted option for non-technical users. There is a demo at plik.root.gg, but it is not a product. If you can’t spin up a Docker container, Plik is not for you.
• Thin community and review coverage. 1,718 GitHub stars is respectable for a utility tool, but there are almost no independent long-form reviews, no community forum with troubleshooting threads, and no Slack or Discord. The Telegram group listed in the README is the main community channel.
• No granular per-user storage quotas in the default setup. An admin can set global limits but managing storage per user requires configuration discipline.
• Stream mode is finicky. Both sides must be connected simultaneously. This is documented behavior but surprising in practice.
• MCP server is very new. The AI assistant integration is a recent addition with no user reports yet. Treat it as experimental.
• No desktop app or browser extension. ShareX integration exists for Windows screenshot workflows, but there is no general-purpose browser extension for one-click upload from any page.
• Small maintainer team. The project is maintained by the root-gg GitHub organization — appears to be a small group. Longevity is a real question for anything you build workflow dependencies on.

---

Who should use this / who shouldn’t

Use Plik if:

• You are a developer or sysadmin who regularly sends files to external parties and wants self-destructing, passworded links without relying on WeTransfer or Google Drive.
• You need to send credentials, API keys, or other sensitive short-lived information and want OneShot deletion guarantees.
• You want Age end-to-end encryption for file transfers without setting up a full secure messaging stack.
• You are already running a Linux VPS and the incremental cost and complexity of adding Plik is minimal.
• You want ShareX integration for screenshot/file sharing workflows.
• Your team uses OIDC for SSO and you want file sharing to authenticate against the same identity provider.

Skip it (use WeTransfer free) if:

• You send files fewer than 10 times a month and file sizes are under 2GB. The free tier handles this without any infrastructure burden.

Skip it (use Nextcloud) if:

• You want file sharing as part of a broader collaboration suite with calendars, contacts, and document editing. Plik does one thing; Nextcloud does everything.

Skip it (use OnionShare) if:

• You need anonymous file sharing over Tor. Plik requires a server you own; OnionShare requires nothing.

Skip it (consider Lufi or PsiTransfer) if:

• You want a simpler, lighter-weight option with less configuration surface. Plik is relatively feature-rich for its category — if you just want “upload and get a link,” simpler alternatives exist.

---

Alternatives worth considering

• WeTransfer — the incumbent. No setup, clean UI, 2GB free. Costs $12–$19/month for Pro. Third party sees your files. No OneShot, no E2E encryption.
• OnionShare — anonymous P2P file sharing over Tor. No server to maintain. Not suitable for “always-on” sharing links; requires the sender to be online.
• Nextcloud — the full-featured option. Shares files plus does calendars, contacts, document editing, and more. Much heavier to run; overkill if you only want file links.
• Jirafeau — simpler, PHP-based, minimal dependencies. Easier to deploy on shared hosting. Missing the CLI, multiple backends, and encryption features Plik has.
• Lufi — French open-source temporary file sharing with E2E encryption. Similar niche, smaller install base.
• PsiTransfer — Node.js, zero-config, minimal. Lighter than Plik but fewer features.
• Send (forks of Firefox Send) — the spiritual predecessor. Various community forks (e.g., timvisee/send) continue what Mozilla abandoned. Comparable feature set to Plik, web-only focus.
• Filen.io — commercial encrypted cloud storage with self-destruct links. Not self-hosted, but offers a generous free tier if you don’t want to run infrastructure.

For a technical founder or developer escaping WeTransfer Pro, the realistic shortlist is Plik vs a Firefox Send fork. Pick Plik if you want the CLI, multiple storage backends, and OIDC. Pick a Send fork if you want a simpler deployment and don’t need server-side features beyond basic sharing.

---

Bottom line

Plik earns its place as the default recommendation for developers who want self-hosted temporary file sharing with real features. OneShot deletion, Age encryption, stream mode, S3 backends, and a proper CLI are not found together anywhere else in the MIT-licensed self-hosted space. The tradeoff is that this is a small open-source project with thin community coverage and no commercial backing — you are betting on a GitHub repository staying maintained, not on a company with a support contract.

For a non-technical founder, the honest answer is: Plik is probably not your tool unless you have a developer to deploy and maintain it. WeTransfer’s free tier or a simple Send fork with a managed deployment is a better fit. But if you are technical, already running self-hosted infrastructure, and paying $12/month to WeTransfer for passworded links — running Plik on your existing VPS is a 30-minute job and eliminates that bill permanently.

If the deployment is the blocker, that is exactly the kind of one-time setup that upready.dev handles for clients.

---

Sources

1. AlternativeTo — Plik listing (1,718 stars, 186 forks, features summary). https://alternativeto.net/software/plik/about/

Primary sources:

• GitHub repository and README: https://github.com/root-gg/plik (1,718 stars, MIT license)
• Live demo: https://plik.root.gg
• CLI documentation: https://root-gg.github.io/plik/features/cli-client.html
• MCP server documentation: https://root-gg.github.io/plik/features/mcp-server.html