External storage without relaying all traffic #37693
Description
The problem: With the external storage app, we still relay all the traffic from cloud storage, through our instance and to the client. This means incurring significant bandwidth and processing power at our NextCloud server.
Since most cloud storage providers (Wasabi, Backblaze, Hetzner, etc) already offer a S3-compatible API to create a signed URL, or some form of auth token our client can include in the header to request the file directly from the cloud storage provider, this seems like a logical thing to do.
Our NextCloud installation would ideally be used as the frontend/authentication server that maintains assets for the UI (filenames, metadata, cached thumbnails, etc.) without serving large transfers.
*Note: instead of getting cloud storage with NextCloud preinstalled, managing authentication locally would be preferred and more secure.