Storing Files on Google Cloud Storage (GCS)
If you use containers for deployment, you should not store files within the container's filesystem.
This integration allows you to delegate storing such files to Google Cloud Storage (GCS) service.
Environment variables​
| Variable Name | Description |
|---|---|
GOOGLE_APPLICATION_CREDENTIALS | Set an environment variable to a path of the json file. |
GS_CREDENTIALS | Optional. Use the OAuth 2 credentials for the connection. The default is to infer them from GOOGLE_APPLICATION_CREDENTIALS. |
GS_MEDIA_BUCKET_NAME | The GCS bucket name to use for the media files. |
GS_MEDIA_PRIVATE_BUCKET_NAME | The GCS bucket name to use for the private media files e.g. event delivery payloads. |
GS_BUCKET_NAME | The GCS bucket name to use for the static files. |
GS_MEDIA_CUSTOM_ENDPOINT | A custom endpoint to be used instead of https://storage.googleapis.com. |
GS_EXPIRATION | The number of seconds which a generated signed URL is valid for. Defaults to 86400 seconds (1 day). |
GS_QUERYSTRING_AUTH | Setting this to True enables query parameter authentication, i.e., signed URLs for the static bucket. Defaults to False. |
GS_DEFAULT_ACL | ACL used when creating a new blob from the list of predefined ACLs. - Defaults to Note: Using |
Serving media files from a GCS bucket​
"Media files" are the files uploaded through the dashboard. They include product images, category images, and non-image files.
If you want to use GCS to store and serve media files, you need to configure at least the media bucket name (GS_MEDIA_BUCKET_NAME).
Best Practices​
- Put a Content Delivery Network (CDN) such as AWS Cloudfront or Cloudflare in front of the storage bucket. This reduces hosting costs, and decreases latency (thus improving user experience).
- Return the HTTP header
Content-Disposition: attachmentfor all assets. - Do not make the buckets publicly accessible (such as allowing anyone to list the assets).
Serving static files from a GCS bucket​
"Static files" are assets required for Saleor to operate. They include assets used in default email templates.
If you also intend to use GCS for your static files, you need to configure at least the bucket name (GS_BUCKET_NAME).
Cross-Origin Resource Sharing​
You need to configure your GCS bucket to allow cross-origin requests for some files to be properly served (SVG files, Javascript files, etc.). To do this, set the following instructions in your GCS bucket’s permissions tab under the CORS section.
<?xml version="1.0" encoding="UTF-8"?>
<CorsConfig>
<Cors>
<Origins>
<Origin>http://origin1.example.com</Origin>
<Origin>http://origin2.example.com</Origin>
</Origins>
<Methods>
<Method>GET</Method>
<Method>HEAD</Method>
</Methods>
<ResponseHeaders>
<ResponseHeader>Content-Type</ResponseHeader>
</ResponseHeaders>
<MaxAgeSec>3600</MaxAgeSec>
</Cors>
</CorsConfig>
Storing private media files in a Google Cloud Storage bucket​
"Private media files" are files generated by Saleor backend e.g. webhook event delivery payloads. If you want to use GCS to store private media files, you need to configure the bucket name (see table above).
These files may contain sensitive information. Make sure public access is disabled for this bucket.