Self-Host Peergos: IPFS Google Drive Alternative 2026

Most self-hosted cloud storage options — Nextcloud, Seafile, ownCloud — share a fundamental assumption: you trust your server. The server admin can, in theory, access your files. Peergos breaks that assumption entirely.

Peergos is an end-to-end encrypted file storage platform built on IPFS, where cryptographic access control means even a malicious server operator cannot read your data. It is not just a Google Drive alternative. It is a rethinking of what cloud storage privacy can mean.

This guide walks through self-hosting Peergos: Docker deployment, storage backends, IPFS configuration, sharing with access controls, and an honest assessment of where it falls short.

What Is Peergos?

Peergos (pronounced "peer-goss," from the Greek for "tower") is a peer-to-peer secure file storage and social platform. Development began in 2013 and the project officially left beta in 2022. It is written primarily in Java, licensed under AGPL v3, and funded through a hosted cloud offering at peergos.net.

The core design principle is that no server should ever see plaintext data or meaningful metadata. Files are encrypted client-side before they leave your device. Even the structure of your directories — who you share with, what file sizes are — remains encrypted and hidden from the storage layer.

How IPFS Powers Peergos

Standard IPFS is a content-addressed distributed filesystem. Peergos builds on top of IPFS (via its own minimal IPFS implementation called Nabu) to provide:

• Content addressing: Every block of data is identified by its cryptographic hash, making tampering detectable
• Decentralized storage: Data can be spread across multiple nodes, eliminating single points of failure
• Peer-to-peer retrieval: Files can be fetched from any node that holds them, not just the origin server

Crucially, Peergos adds encryption and access control on top of IPFS. Raw IPFS has no privacy — anyone who knows a CID can retrieve the data. Peergos encrypts all content before it hits IPFS, so the underlying network sees only ciphertext.

Post-Quantum Encryption

Peergos uses TweetNaCl for symmetric encryption and Scrypt for key derivation (default parameters: N=17, r=8, p=1). The platform has also implemented post-quantum cryptographic protections, which means it is designed to remain secure even as quantum computing matures. This puts Peergos well ahead of alternatives when it comes to long-term data security.

Peergos vs Nextcloud vs Seafile

Before diving into installation, here is how Peergos compares to the two most popular self-hosted cloud storage alternatives:

Feature	Peergos	Nextcloud	Seafile
Encryption model	Client-side E2E, always	Optional E2E	Server-side only
Server sees your data	Never	If E2E disabled	Always
Metadata privacy	Yes (hidden)	No	No
Decentralized	Yes (IPFS)	No	No
Collaborative editing	No	Yes (OnlyOffice/Collabora)	No
Mobile sync apps	Limited	Excellent	Good
Plugin ecosystem	Minimal	Extensive	Moderate
RAM requirement	~1–2 GB	2–4 GB	1–2 GB
Tech stack	Java	PHP	Python/Go
Sync client	Web + daemon	Desktop + mobile	Desktop + mobile

Bottom line: If you need absolute privacy and cryptographic guarantees, Peergos is in a class of its own. If you need collaborative document editing, office suites, or a mature plugin ecosystem, Nextcloud remains the more practical choice. Seafile wins on raw sync performance but provides the weakest encryption story.

For a deeper look at Nextcloud, see our self-hosting guide for Nextcloud and our comparison of the best open source cloud storage options.

System Requirements

Peergos is a Java application. Here is what you need before installation:

Minimum:

• Java 21 or higher
• 1 GB RAM (2 GB recommended for production)
• 10 GB disk space (plus storage for your data)
• A publicly routable IP address for a production server
• Docker (if using the container path)

Recommended for production:

• 2–4 GB RAM
• Domain name with DNS configured
• Reverse proxy (Nginx or Caddy) for HTTPS termination
• S3-compatible object storage or a large local disk

The Java requirement is worth noting. Unlike Nextcloud (PHP) or Seafile (Python/Go), Peergos does not run on a minimal VPS with 512 MB RAM. Budget at least 1 GB heap for the JVM, which means a 2 GB VPS is the realistic minimum.

Installation Method 1: Docker

Docker is the simplest path. Peergos publishes images at ghcr.io/peergos/web-ui.

Basic Docker Run

# Set your data directory
export PEERGOS_PATH=/opt/peergos/data
mkdir -p $PEERGOS_PATH

# Pull and run Peergos
docker run -d \
  --name peergos \
  --restart unless-stopped \
  -p 8000:8000 \
  --volume $PEERGOS_PATH:/opt/peergos/data \
  ghcr.io/peergos/web-ui:master \
  daemon \
  -listen-host 0.0.0.0 \
  -public-domain yourdomain.com \
  -public-server true \
  -log-to-console

Replace yourdomain.com with your actual domain. On first run, Peergos generates a signup token — check the logs:

docker logs peergos | grep "token"

Visit https://yourdomain.com and use the token to create your first user account.

Docker Compose Setup

For a more manageable deployment with a reverse proxy, use Docker Compose:

version: "3.8"

services:
  peergos:
    image: ghcr.io/peergos/web-ui:master
    container_name: peergos
    restart: unless-stopped
    volumes:
      - peergos_data:/opt/peergos/data
    environment:
      - PEERGOS_PATH=/opt/peergos/data
    command: >
      daemon
      -listen-host 0.0.0.0
      -public-domain ${PEERGOS_DOMAIN}
      -public-server true
      -log-to-console
    ports:
      - "8000:8000"

volumes:
  peergos_data:

Create a .env file:

PEERGOS_DOMAIN=storage.yourdomain.com

Deploy:

docker compose up -d
docker compose logs -f peergos

Installation Method 2: JAR (Direct Java)

If you prefer running the JAR directly without Docker:

# Download the latest release
wget https://peergos.net/public/peergos/releases/v0.6.5/peergos.jar -O peergos.jar

# Generate a signup token and start the daemon
java -jar peergos.jar daemon \
  -generate-token true \
  -public-domain yourdomain.com \
  -public-server true

# Or with a custom data directory
PEERGOS_PATH=/opt/peergos/data java -jar peergos.jar daemon \
  -public-domain yourdomain.com \
  -public-server true

The JAR method gives you more direct control over JVM flags. If you have memory pressure, tune the heap:

java -Xmx1g -Xms512m -jar peergos.jar daemon -public-domain yourdomain.com

Connecting to an IPFS Node

By default, Peergos uses its own minimal IPFS implementation (Nabu). You do not need to install a full IPFS daemon — Peergos handles this internally.

However, if you want to participate more fully in the IPFS network or announce your storage node to the distributed network, you can configure announce addresses:

docker run ... ghcr.io/peergos/web-ui:master \
  daemon \
  -public-domain yourdomain.com \
  -announce-ipfs-addresses /ip4/$YOUR_IP/tcp/4001,/ip4/$YOUR_IP/udp/4001/quic-v1

This allows other IPFS nodes to discover and connect to your Peergos instance, enabling the decentralized retrieval properties of IPFS. For a private deployment where you do not want external IPFS connectivity, simply omit the announce flags.

Storage Backend Options

Peergos supports three storage backends:

1. SQLite (Default)

The default. Data is stored in an SQLite database in your PEERGOS_PATH directory. Good for small deployments and getting started.

# No extra configuration needed — SQLite is the default
java -jar peergos.jar daemon -public-domain yourdomain.com

Pros: Zero configuration, works everywhere. Cons: Not suitable for large files or high-concurrency access. Performance degrades with large datasets.

2. S3-Compatible Object Storage

For production, S3-compatible storage (AWS S3, Backblaze B2, MinIO, Wasabi) is strongly recommended. This decouples your data from your compute instance and enables near-unlimited storage.

java -jar peergos.jar daemon \
  -public-domain yourdomain.com \
  -use-s3 true \
  -authed-s3-reads true \
  -direct-s3-writes true \
  -s3.accessKey YOUR_ACCESS_KEY \
  -s3.secretKey YOUR_SECRET_KEY \
  -s3.bucket your-peergos-bucket \
  -s3.region us-east-1 \
  -s3.region.endpoint s3.amazonaws.com

For MinIO self-hosted:

  -s3.region.endpoint your-minio-host:9000

With S3 storage, you can pair Peergos with a low-cost VPS for compute and S3-compatible storage for data, keeping costs manageable.

3. PostgreSQL

For deployments requiring relational storage characteristics:

java -jar peergos.jar daemon \
  -public-domain yourdomain.com \
  -use-postgres true \
  -postgres.host localhost \
  -postgres.port 5432 \
  -postgres.database peergos \
  -postgres.username peergos_user \
  -postgres.password your_password

For most users, S3 is the better production choice due to lower operational overhead.

Configuring HTTPS with a Reverse Proxy

Peergos runs on port 8000 by default. Use Caddy or Nginx to terminate TLS.

Caddy (Recommended — automatic HTTPS)

storage.yourdomain.com {
    reverse_proxy peergos:8000
}

Nginx

server {
    listen 443 ssl;
    server_name storage.yourdomain.com;

    ssl_certificate /etc/letsencrypt/live/storage.yourdomain.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/storage.yourdomain.com/privkey.pem;

    location / {
        proxy_pass http://localhost:8000;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        client_max_body_size 10G;
    }
}

The client_max_body_size directive is critical — without it, Nginx will reject large file uploads.

Sharing Files and Folders with Access Controls

This is where Peergos genuinely differentiates itself from every other self-hosted storage option. Access control in Peergos is cryptographic, not administrative.

When you share a file with another Peergos user:

1. A capability (a cryptographic key) is generated that grants the recipient access to that specific file or folder
2. The capability is encrypted for the recipient and stored on the server
3. The server cannot use this capability itself — it is encrypted for the recipient's public key

This means there is no "admin override." Even if someone gains root access to your Peergos server, they cannot read another user's files without that user's private key.

Sharing via the Web UI

1. Navigate to the file or folder you want to share
2. Right-click and select "Share"
3. Enter the Peergos username of the recipient
4. Choose permission level: Read-only or Read/Write
5. The recipient will see the shared content in their "Shared with me" section

Sharing via Link

You can generate a shareable link for non-Peergos users. The link contains a capability that grants read-only access without requiring a Peergos account. This is useful for sharing files with clients or collaborators who are not on your server.

Performance Expectations vs Google Drive

Be honest with yourself about what you are getting. Peergos is not Google Drive in terms of performance.

Upload/download speeds are limited by your server's bandwidth, not Peergos itself. A well-configured VPS on a fast network can deliver competitive speeds for personal or small-team use.

Initial page loads are slower than you might expect. The Java backend takes a moment to warm up, and the IPFS layer adds some overhead. Budget 1–3 seconds for the web UI to load initially.

Bulk operations have improved significantly — a 2022 update made bulk upload and delete roughly 20x faster — but Peergos still does not match the raw throughput of Nextcloud or Seafile for bulk transfers.

Mobile experience is limited. There are no dedicated native mobile sync clients comparable to the Nextcloud or Seafile mobile apps. You access Peergos via a mobile web browser or a limited companion app. If seamless mobile photo backup is a priority, Peergos is not the right choice today.

Snap Installation (Linux Desktop)

For a quick local test on Linux:

sudo snap install peergos
peergos.daemon

This runs a local daemon you can connect to at localhost:8000. Good for testing before committing to a full server deployment.

Limitations to Know Before Deploying

Peergos is genuinely excellent at what it does, but what it does is narrower than Google Drive.

No collaborative editing. There is no Docs or Sheets equivalent. You can store and share files, but you cannot have two people editing a document simultaneously. If you need that, look at Nextcloud with Collabora Online or a dedicated solution.

No desktop sync client. Nextcloud and Seafile have polished desktop clients that sync a folder on your machine. Peergos has a daemon you can run locally, but the sync experience is not as seamless.

IPFS complexity. The IPFS layer adds operational complexity compared to a simple file server. While Peergos abstracts most of it via Nabu, you are still running a more complex system than Seafile.

Java memory footprint. The JVM baseline memory usage is non-trivial. On a minimal VPS, the JVM alone may use 400–600 MB before you store a single file.

Small community. Peergos has a dedicated developer team but a much smaller ecosystem than Nextcloud. Third-party integrations and community plugins are essentially nonexistent.

Who Should Self-Host Peergos?

Peergos is the right choice when the threat model demands it. If you are storing highly sensitive personal files, legal documents, medical records, or data where even the server operator must not have access, Peergos delivers a level of cryptographic privacy that no other mainstream self-hosted storage tool matches.

For journalists, privacy researchers, activists, or anyone operating in environments where server seizure is a realistic threat, Peergos's design means seized server storage yields nothing useful to an adversary.

For the average household looking to replace Google Photos or Dropbox, the complexity and performance trade-offs likely outweigh the benefits. For that use case, Immich for photos and Nextcloud for documents remain more practical choices.

Summary

Peergos is a technically impressive project solving a hard problem: how do you build cloud storage where the server is truly untrusted? The answer is end-to-end encryption built on IPFS with cryptographic capability-based access control.

Self-hosting it requires Java 21+, at least 2 GB RAM, and some patience with the IPFS layer. Docker installation is straightforward. S3-compatible storage makes production deployments practical at scale.

The trade-offs are real: no collaborative editing, limited mobile sync, and a smaller ecosystem than Nextcloud. But for use cases where privacy is non-negotiable, there is nothing else quite like it in the self-hosted ecosystem.