☁️ Internal Cloud & Asset Storage
While our source code lives in GitLab, Apollyon generates gigabytes of non-code assets. We use Nextcloud as our centralized, self-hosted file synchronization and sharing platform.
This infrastructure provides secure, audited storage for PDF documentation, 3D printing binaries, ESP32 hardware schematics, and client deliverables.
1. Access & Synchronization
Our Nextcloud instance is accessible via the web interface or dedicated sync clients.
- URL: https://cloud.apollyon.lat
- Desktop Client: We strongly recommend installing the Nextcloud Desktop Client to keep specific project folders synchronized directly to your local file explorer.
- Authentication: Access is provisioned during your Day 1 Onboarding. If you are locked out, request a password reset via the Mattermost
#engineeringchannel.
2. Directory Taxonomy
To prevent data sprawl, do not drop files into your root directory and blindly share them. All company data must be organized within the Apollyon_Core group folder.
When saving files, place them in the appropriate domain:
- 📁
Apollyon_Core/Engineering/Architecture-Diagrams/(Draw.io, Visio, or high-res PNG exports)/API-Specs/(Exported Postman collections or static JSON schemas)
- 📁
Apollyon_Core/Hardware/ESP32-Binaries/(Compiled.binfiles for field flashing)/3D-Models/(STL files and 3D armor textures for the sandbox)
- 📁
Apollyon_Core/Field-Ops/Event-SOPs/(Exported PDF checklists for mass events)/Site-Maps/(Physical venue layouts and network topographies)
- 📁
Apollyon_Core/Client-Deliverables- Subfolders for specific clients (e.g.,
/GSalud/) containing signed contracts, brand assets, and finalized invoices.
- Subfolders for specific clients (e.g.,
3. Storage Architecture & Quotas
Nextcloud is physically hosted on the main Debian server, but its data directory is heavily isolated.
Physical Storage Boundary
All Nextcloud data is mapped to the /mnt/newhdd/ enterprise storage array. This ensures that uploading massive binary files will never fill up the host's 112GB NVMe root drive and crash the CI/CD pipeline.
- Default User Quota: 10 GB.
- If your specific project requires storing large AI models or video assets, open a ticket in GitLab to request a quota increase.
4. Sharing & Security Policies
Because Nextcloud is exposed to the internet via Caddy, strict sharing protocols are enforced.
Internal Sharing
Always use Group Shares or User Shares instead of generating links. If you need to share a schematic with the hardware team, share it with the Hardware group. This ensures that if an employee leaves and their account is deactivated, access is automatically revoked.
External Sharing (Public Links)
If you must send a file to an external client or vendor: 1. Generate a public link. 2. You MUST set an expiration date (maximum 30 days). 3. You MUST set a password and transmit that password to the client via a separate communication channel (never in the same email as the link).
Strict Secrets Prohibition
Nextcloud is NOT a Secret Manager. You are strictly forbidden from uploading .env files containing production database passwords, API keys, or raw SSH keys to Nextcloud.
* Allowed: .env.example or .env.template files with dummy values.
* Forbidden: prod.env or secrets.txt.