Skip to main content
FileForge
The file forge

Convert anything.
On metal you can see.

FileForge is a self-hosted converter for images, audio, video, documents, and archives. Hammered out on dedicated metal. No tracking, no third-party SaaS in the conversion path. Your file, forged.

Read the docs
Sandboxed workers

Every conversion runs in a read-only Docker container with no network egress, dropped capabilities, and a tmpfs scratch disk.

Self-hosted on metal

Workers live on Proxmox hosts you can see and touch. No third-party SaaS in the conversion path — just sharp, ffmpeg, libreoffice, and 7z.

No tracking, no embeds

No analytics SDKs, no ad scripts, no third-party JS in the convert flow. Output metadata is stripped by default.

See it in action

Step into the workshop.

Three views from inside FileForge — the dashboard, the convert flow, and the history log. No staged demo data, this is the actual app.

Workshop overview

Daily quota, tier limits, and your last few jobs at a glance.

FileForge dashboard showing daily quota, tier limits, and recent conversions.

Three-step convert flow

Pick a file, choose a target and preset, watch it forge. Live progress, presigned download.

FileForge convert page mid-flow with a video file ready to forge into WebM at 1080p.

Live history

Polling refresh, filterable by status and format. Cancel running jobs, retry failed ones.

FileForge history page listing recent conversions with status and download buttons.

Why not CloudConvert?

The big online converters are convenient, but they upload your file to a fleet of shared workers run by someone else, log every byte, and bolt analytics on top. FileForge runs on hardware in a closet you could walk to.

  • Private MinIO behind a LAN-only firewall — no public bucket.
  • Workers can't reach the internet — they only talk to MinIO + the API.
  • EXIF, ID3, and document metadata stripped by default. Pro can opt in.

Stack you can audit

image-worker  →  sharp + libvips + ImageMagick + dcraw
audio-worker  →  ffmpeg + sox
video-worker  →  ffmpeg + NVENC
document      →  libreoffice + pandoc + qpdf
archive       →  7z, unrar, tar, zip

One container per format. Concurrency = 1. Scale by replica count.

Security questions, answered.

Where do my files actually go?

Uploads PUT directly to a private MinIO instance on the hub host. The API never sees the bytes — it only signs URLs. Files auto-delete after 24 hours (Free) or 7 days (Forge Pro).

How do you stop malware getting through?

Every upload is magic-byte checked, then streamed through ClamAV before the worker ever touches it. Failures are quarantined; the file is deleted and the conversion is marked as failed.

Can I use the API without the web app?

Yes — Forge Pro mints personal ff_live_… keys you manage in Settings → API Keys. Hit /v1/* directly with curl, Node, or Python; CORS is disabled on that surface so keys don't leak from front-end JS. Read the API docs

What about documents and archives?

Documents (PDF, DOCX, ODT, RTF, TXT, HTML, MD) round-trip via LibreOffice and pandoc; spreadsheets and presentations export to PDF. Archives (ZIP, 7z, TAR, TAR.GZ, RAR-read) get repackaged with a zip-bomb cap on extraction.

Your file, forged.

Five conversions a day, free, forever. Upgrade when you outgrow it.