v0.1.0 — Apache 2.0 · Built in Rust

S3-Compatible Storage. Single Binary.

Lightweight object storage built in Rust. Works with Boto3, AWS CLI, rclone, and every S3 SDK — no code changes. Self-host in under 2 minutes.

Get started View on GitHub

~0 MB

binary

<0 MB

Docker image

dependencies

Everything you need. Nothing you don't.

Ferrox strips away the complexity that makes other S3-compatible object stores painful to self-host and run.

Single Binary

~12 MB. No runtime, no sidecar, no init containers. Deploy anywhere — bare metal, VM, Kubernetes.

Drop-In S3

Speaks the S3 wire protocol. AWS CLI, Boto3, rclone, SDK v3 — all verified. Zero provider-specific config.

FROM scratch Docker

Under 20 MB image built FROM scratch. Smallest footprint of any S3-compatible store.

AES-256-GCM Encryption

SSE-S3 and SSE-C built in. Per-object DEKs. Caller-supplied keys never logged or persisted.

No unsafe Code

#![forbid(unsafe_code)] everywhere. Constant-time HMAC comparison. rustls + ring TLS only.

Full SigV4

Every request authenticated. SigV4A scaffold included. Per-access-key rate limiting with 503 SlowDown.

Up in under 2 minutes

Deploy Ferrox's S3-compatible API in minutes — works with Docker, AWS CLI, Boto3, JavaScript SDK v3, and rclone. Zero config changes required.

docker run --rm -p 9000:9000 \
  -v ferrox-data:/data \
  ghcr.io/ferrox-rs/ferrox:latest \
  --data-dir /data --bind 0.0.0.0:9000 \
  --access-key minioadmin \
  --secret-key minioadmin

How Ferrox stacks up

Ferrox vs MinIO vs SeaweedFS — the lightest self-hosted S3-compatible object storage server, with no external dependencies and no AGPL licensing.

Feature comparison between Ferrox, MinIO, and SeaweedFS object storage solutions
Feature	Ferrox	MinIO	SeaweedFS
Language	Rust	Go	Go
Binary size	~12 MB	~80 MB	varies
FROM scratch Docker	yes	no	no
TLS	rustls + ring	Go stdlib	OpenSSL
unsafe in hot paths	none	n/a	n/a
License	Apache-2.0	AGPL	Apache-2.0
External dependencies	none	yes	yes

← swipe to see all columns →

Supported S3 Operations

ListBuckets
CreateBucket
HeadBucket
DeleteBucket
PutObject
GetObject
HeadObject
DeleteObject
CopyObject
DeleteObjects
Multipart Upload
Bucket Versioning
Pre-signed URLs
Object Tagging
CORS
SSE-S3
SSE-C
Default Encryption
SigV4
SigV4A
Prometheus Metrics
Health Endpoints
Rate Limiting
Bucket Notifications

Support Ferrox

Ferrox is open-source and free. If it saves you time or money, consider sponsoring development. Every contribution helps keep it maintained, fast, and secure.

Bronze

$5/mo

Name in README

Silver

$25/mo

Logo in README + priority issues

Gold

$100/mo

Logo on website + direct support

Sponsor on GitHub