Open Source & Enterprise Ready

The Guardian of
Your Object Storage

Enterprise-grade S3-compatible object storage written in Rust. Built for performance, security, and multi-cluster replication.

Quick Start View on GitHub

33K+

Lines of Rust

76+

S3 API Endpoints

Rust Crates

Node 1

Node 2

Node 3

Node 4

Node 5

Hafiz

Features

Built for Enterprise

Everything you need for modern object storage, with the security and reliability your organization demands.

High Performance

Built in Rust with async I/O for maximum throughput. Handle millions of objects with minimal latency.

Enterprise Security

AES-256-GCM encryption, Object Lock (WORM), LDAP integration, and comprehensive audit logging.

S3 Compatible

76+ S3 API endpoints. Works seamlessly with AWS CLI, SDKs, and existing S3 tools.

Multi-Cluster Sync

Real-time replication across data centers with bidirectional or unidirectional sync modes.

Air-Gap Support

Offline data transfer for classified networks. USB/tape export-import with checksum verification.

Versioning & Lifecycle

Object versioning with delete markers, lifecycle policies, and automatic expiration rules.

Observability

Prometheus metrics, Grafana dashboards, health endpoints, and comprehensive request tracing.

hafiz-s3-api

Axum-based HTTP layer with 76+ endpoints

hafiz-auth

AWS Signature V4 & LDAP authentication

hafiz-storage

Filesystem & S3 proxy backends

hafiz-metadata

SQLx with PostgreSQL & SQLite

hafiz-crypto

AES-256-GCM encryption engine

Modular Architecture

Built as a multi-crate Rust workspace for maintainability and performance. Each component is designed to be efficient, testable, and secure.

Memory safe by design

Zero-copy where possible

Async I/O throughout

Horizontal scaling

Plugin architecture

Comprehensive tests

Start in Seconds

Get Hafiz running with Docker in under a minute. Compatible with all S3 tools and SDKs out of the box.

View Quick Start Guide

                        
                        
                        
                        terminal
                    

# Clone and build
git clone https://github.com/shellnoq/hafiz.git
cd hafiz
docker build -t hafiz:local .

# Run Hafiz
docker run -d \
  --name hafiz \
  -p 9000:9000 \
  -v hafiz-data:/data \
  -e HAFIZ_ROOT_ACCESS_KEY=hafizadmin \
  -e HAFIZ_ROOT_SECRET_KEY=hafizadmin \
  hafiz:local

# Test with AWS CLI
aws --endpoint-url https://hafiz.local:9000 s3 mb s3://my-bucket
aws --endpoint-url https://hafiz.local:9000 s3 cp file.txt s3://my-bucket/
                    

Enterprise

Air-Gapped Replication

Secure offline data transfer for classified networks, disaster recovery sites, and environments without network connectivity.

Source Cluster

Read-Write

Physical Media

USB / Tape / Drive

SHA-256 ✓

Air-Gap Cluster

Isolated Network

🔒 No Network Connection

Secure Offline Sync

Transfer data to physically isolated networks without any network connectivity. Perfect for military, government, healthcare, and critical infrastructure.

Export to USB/tape media

SHA-256 checksum verification

Incremental sync support

Encrypted media support

Complete audit trail

Unidirectional replication

Learn About Air-Gap

The Guardian ofYour Object Storage