Package Details: xftp-server 6.4.5-1

Git Clone URL: https://aur.archlinux.org/xftp-server.git (read-only, click to copy)
Package Base: xftp-server
Description: XFTP relay server for SimpleX Chat - private file transfer without metadata
Upstream URL: https://simplex.chat/docs/xftp-server.html
Licenses: AGPL-3.0-only
Submitter: guglovich
Maintainer: guglovich
Last Packager: guglovich
Votes: 0
Popularity: 0.000000
First Submitted: 2026-03-11 17:05 (UTC)
Last Updated: 2026-03-11 17:26 (UTC)

Pinned Comments

guglovich commented on 2026-03-11 17:35 (UTC) (edited on 2026-03-11 17:38 (UTC) by guglovich)

xftp-server — setup guide
1. Initialization
# open server — anyone can upload files
sudo -u xftp xftp-server init -l \
    --fqdn=your.domain.com \
    -q 20gb -p /srv/xftp/

init will generate self-signed TLS certificates. SimpleX verifies authenticity via fingerprint, not a browser CA.

2. Configuration

Edit /etc/opt/simplex-xftp/file-server.ini: - [TRANSPORT] host: — your domain or IP - [TRANSPORT] port: — default 5244 - [FILES] storage_quota: — default 20gb - [FILES] path: — default /srv/xftp/

Upload password — uncomment create_password in [AUTH]:

[AUTH]
create_password: your-secure-password

Password is required only for uploaders, not for recipients. Address with password:

xftp://FINGERPRINT:PASSWORD@your.domain.com:5244

Port 5244 is chosen to avoid conflicts with smp-server (443, 8443) and Caddy.

3. Start
systemctl enable --now xftp-server
journalctl -u xftp-server | grep "Server address"
4. Server address
xftp://FINGERPRINT@your.domain.com:5244
xftp://FINGERPRINT@1.2.3.4:5244

Fingerprint:

cat /etc/opt/simplex-xftp/fingerprint
5. Re-issuing TLS certificate

When changing domain or IP — without losing fingerprint:

sudo systemctl stop xftp-server
sudo -u xftp xftp-server cert --cn your.domain.com
sudo systemctl start xftp-server

ca.key must be present in /etc/opt/simplex-xftp/ for this to work.

6. CA key
sudo cat /etc/opt/simplex-xftp/ca.key  # back it up
sudo rm /etc/opt/simplex-xftp/ca.key   # optional — server works without it

The key is only needed for xftp-server cert when rotating the certificate.

7. Free domain via DuckDNS
  1. Register at https://duckdns.org, create a subdomain
  2. Set your external IP
  3. Weekly keepalive to prevent domain deactivation:
# /etc/systemd/system/duckdns.service
[Unit]
Description=DuckDNS keepalive
After=network-online.target

[Service]
Type=oneshot
ExecStart=/bin/sh -c \
  'curl -fsSo /dev/null \
  "https://www.duckdns.org/update?domains=NAME&token=TOKEN&ip="'

# /etc/systemd/system/duckdns.timer
[Timer]
OnCalendar=weekly
Persistent=true

[Install]
WantedBy=timers.target

systemctl enable --now duckdns.timer

Latest Comments

guglovich commented on 2026-03-11 17:35 (UTC) (edited on 2026-03-11 17:38 (UTC) by guglovich)

xftp-server — setup guide
1. Initialization
# open server — anyone can upload files
sudo -u xftp xftp-server init -l \
    --fqdn=your.domain.com \
    -q 20gb -p /srv/xftp/

init will generate self-signed TLS certificates. SimpleX verifies authenticity via fingerprint, not a browser CA.

2. Configuration

Edit /etc/opt/simplex-xftp/file-server.ini: - [TRANSPORT] host: — your domain or IP - [TRANSPORT] port: — default 5244 - [FILES] storage_quota: — default 20gb - [FILES] path: — default /srv/xftp/

Upload password — uncomment create_password in [AUTH]:

[AUTH]
create_password: your-secure-password

Password is required only for uploaders, not for recipients. Address with password:

xftp://FINGERPRINT:PASSWORD@your.domain.com:5244

Port 5244 is chosen to avoid conflicts with smp-server (443, 8443) and Caddy.

3. Start
systemctl enable --now xftp-server
journalctl -u xftp-server | grep "Server address"
4. Server address
xftp://FINGERPRINT@your.domain.com:5244
xftp://FINGERPRINT@1.2.3.4:5244

Fingerprint:

cat /etc/opt/simplex-xftp/fingerprint
5. Re-issuing TLS certificate

When changing domain or IP — without losing fingerprint:

sudo systemctl stop xftp-server
sudo -u xftp xftp-server cert --cn your.domain.com
sudo systemctl start xftp-server

ca.key must be present in /etc/opt/simplex-xftp/ for this to work.

6. CA key
sudo cat /etc/opt/simplex-xftp/ca.key  # back it up
sudo rm /etc/opt/simplex-xftp/ca.key   # optional — server works without it

The key is only needed for xftp-server cert when rotating the certificate.

7. Free domain via DuckDNS
  1. Register at https://duckdns.org, create a subdomain
  2. Set your external IP
  3. Weekly keepalive to prevent domain deactivation:
# /etc/systemd/system/duckdns.service
[Unit]
Description=DuckDNS keepalive
After=network-online.target

[Service]
Type=oneshot
ExecStart=/bin/sh -c \
  'curl -fsSo /dev/null \
  "https://www.duckdns.org/update?domains=NAME&token=TOKEN&ip="'

# /etc/systemd/system/duckdns.timer
[Timer]
OnCalendar=weekly
Persistent=true

[Install]
WantedBy=timers.target

systemctl enable --now duckdns.timer