Custom Storage

Capgo supports custom storage Solutions for your Application Bundles, allowing you to host your Mises à jour on your own infrastructure or third-party storage services. This is particularly useful for organizations with specific Sécurité requirements, compliance needs, or existing storage infrastructure.

Aperçu

Custom storage in Capgo works by uploading your Bundle to an external location and providing Capgo with the URL to access it. The Capgo SDK will then Télécharger Mises à jour directly from your custom storage location instead of Capgo’s default cloud storage.

External URL Télécharger

The simplest way to use custom storage is by uploading your Bundle to any publicly accessible URL and providing that URL to Capgo.

Basic External URL Télécharger

npx @capgo/cli@latest bundle upload --external https://your-domain.com/bundles/v1.2.3.zip

This Commande tells Capgo to Référence the Bundle at the specified URL instead of uploading it to Capgo’s cloud storage.

With Chiffrement

For secure external storage, you can encrypt your Bundle and provide the decryption keys:

npx @capgo/cli@latest bundle upload --external https://your-domain.com/bundles/v1.2.3.zip --iv-session-key YOUR_IV_SESSION_KEY

S3 Integration

Capgo provides built-in Support for Amazon S3 and S3-compatible storage services. The CLI can automatically Télécharger your Bundle to S3 and configure Capgo to use the S3 URL.

S3 Télécharger Options

npx @capgo/cli@latest bundle upload \
  --s3-region us-east-1 \
  --s3-apikey YOUR_ACCESS_KEY \
  --s3-apisecret YOUR_SECRET_KEY \
  --s3-bucket-name your-bucket-name

Terminé S3 Configuration

For S3-compatible services or custom endpoints:

npx @capgo/cli@latest bundle upload \
  --s3-region us-east-1 \
  --s3-apikey YOUR_ACCESS_KEY \
  --s3-apisecret YOUR_SECRET_KEY \
  --s3-endpoint https://s3.your-provider.com \
  --s3-bucket-name your-bucket-name \
  --s3-port 443 \
  --no-s3-ssl  # Only if your endpoint doesn't support SSL

S3 Configuration Paramètres

Paramètre	Description	Required
`--s3-region`	AWS region for your S3 bucket	Yes
`--s3-apikey`	S3 access key ID	Yes
`--s3-apisecret`	S3 secret access key	Yes
`--s3-bucket-name`	Name of your S3 bucket	Yes
`--s3-endpoint`	Custom S3 endpoint URL	No
`--s3-port`	Port for S3 endpoint	No
`--no-s3-ssl`	Disable SSL for S3 upload	No

Bundle Preparation and Chiffrement

When using custom storage, especially with Chiffrement, you need to prepare your Bundles properly. This involves creating a zip file and optionally encrypting it.

Step 1: Créer a Zip Bundle

First, Créer a zip file of your Application Bundle:

npx @capgo/cli@latest bundle zip com.example.app --path ./dist

The zip command will return the checksum of the zip file. You can use this checksum to encrypt the zip file if needed. Use the --json option to get structured output including the checksum.

Zip Commande Options

npx @capgo/cli@latest bundle zip [appId] \
  --path ./dist \
  --bundle 1.2.3 \
  --name myapp-v1.2.3 \
  --json \
  --no-code-check \
  --key-v2 \
  --package-json ../../package.json,./package.json

Option	Description
`--path`	Path to the folder to zip (defaults to webDir from capacitor.config)
`--bundle`	Bundle version number to name the zip file
`--name`	Custom name for the zip file
`--json`	Output results in JSON format (includes checksum)
`--no-code-check`	Skip checking for notifyAppReady() call and index file
`--key-v2`	Use encryption v2
`--package-json`	Paths to package.json files for monorepos (comma separated)

Step 2: Encrypt the Bundle (Optional)

For enhanced Sécurité, encrypt your zip Bundle before uploading:

# Using default local key
npx @capgo/cli@latest bundle encrypt ./myapp.zip CHECKSUM

# Using custom key file
npx @capgo/cli@latest bundle encrypt ./myapp.zip CHECKSUM --key ./path/to/.capgo_key_v2

# Using key data directly
npx @capgo/cli@latest bundle encrypt ./myapp.zip CHECKSUM --key-data "PRIVATE_KEY_CONTENT"

The CHECKSUM parameter is required and should be the checksum of your zip file. You can get the checksum from the zip command output (use --json option for structured output).

By default, the encrypt command will use your local private signing key. You can specify a custom key using the --key or --key-data options.

The encrypt command will return the ivSessionKey needed for upload or decryption.

Chiffrement Commande Options

Option	Description
`zipPath`	Path to the zip file to encrypt (required)
`checksum`	Checksum of the zip file (required) - get it from zip command
`--key`	Custom path for private signing key (optional, uses local key by default)
`--key-data`	Private signing key data directly (optional)
`--json`	Output results in JSON format

Terminé Workflow Exemples

Exemple 1: External URL with Chiffrement

Construction your Application:
Terminal window
```
npm run build
```

Créer a zip Bundle:

npx @capgo/cli@latest bundle zip com.example.app --path ./dist --bundle 1.2.3

Remarque the checksum returned by this Commande.

Encrypt the Bundle:

npx @capgo/cli@latest bundle encrypt ./com.example.app-1.2.3.zip CHECKSUM_FROM_STEP_2

Note the ivSessionKey from the output.

Télécharger to your storage: Télécharger the Chiffré zip file to your hosting service.

Register with Capgo:

npx @capgo/cli@latest bundle upload \
  --external https://your-cdn.com/bundles/com.example.app-1.2.3.zip \
  --iv-session-key IV_SESSION_KEY_FROM_STEP_3

Exemple 2: Direct S3 Télécharger

Construction your Application:
Terminal window
```
npm run build
```

Télécharger directly to S3:

npx @capgo/cli@latest bundle upload \
  --s3-region us-west-2 \
  --s3-apikey YOUR_ACCESS_KEY \
  --s3-apisecret YOUR_SECRET_KEY \
  --s3-bucket-name your-app-bundles \
  --channel Production

Exemple 3: S3 with Chiffrement

Construction and zip:

npm run build
npx @capgo/cli@latest bundle zip com.example.app --path ./dist --key-v2

Encrypt the Bundle:

npx @capgo/cli@latest bundle encrypt ./com.example.app.zip CHECKSUM

Télécharger to S3 with Chiffrement:

npx @capgo/cli@latest bundle upload \
  --s3-region us-west-2 \
  --s3-apikey YOUR_ACCESS_KEY \
  --s3-apisecret YOUR_SECRET_KEY \
  --s3-bucket-name your-app-bundles \
  --iv-session-key IV_SESSION_KEY_FROM_STEP_2 \
  --channel Production

Sécurité Considerations

When using custom storage, consider these Sécurité best practices:

Access Control

Ensure your storage URLs are accessible to your Application Utilisateurs but not publicly discoverable
Use signed URLs or token-based authentication when possible
Implement proper CORS headers for web-based apps

Chiffrement

Always encrypt sensitive Bundles using the Capgo Chiffrement tools
Store Chiffrement keys securely and rotate them regularly
Use HTTPS for all Bundle URLs (required for iOS and Android)

Monitoring

Monitor access Journaux to detect unusual Télécharger patterns
Set up alerts for Échoué Bundle downloads
Regularly audit your storage permissions

Dépannage

Problèmes courants

Bundle not downloading:

Verify the URL is publicly accessible and uses HTTPS (required for iOS and Android)
Vérifier CORS headers for web apps
Ensure the Bundle format is correct

Encryption errors:

Verify the ivSessionKey matches the encrypted bundle
Vérifier that the Bundle was Chiffré with the correct key
Ensure Chiffrement v2 is used for Nouveau Bundles

S3 upload failures:

Verify your S3 credentials and permissions
Vérifier bucket policies and CORS Configuration
Ensure the specified region is correct

Débogage Commandes

Vérifier Bundle status:

npx @capgo/cli@latest app debug

Verify Bundle integrity:

npx @capgo/cli@latest bundle list

Suivant Steps

Learn À propos [Canaux](/docs/live-Mises à jour/Canaux/) to manage different Déploiement environments
Explore [Mise à jour Behavior](/docs/live-Mises à jour/Mise à jour-behavior/) to customize how Mises à jour are applied
Set up CI/CD Integration to automate your custom storage workflow