From 5971eb08d7cf555ce386c6f40c7f34a71eb2756c Mon Sep 17 00:00:00 2001
From: Dennis Kugelmann <dennis.kugelmann@simpleclub.com>
Date: Thu, 21 May 2026 18:28:02 +0200
Subject: [PATCH 1/2] docs: Document bring your own Cloud Storage bucket

---
 .../docs/s3-config/google-cloud-storage.mdx   | 95 +++++++++++++++++++
 1 file changed, 95 insertions(+)
 create mode 100644 apps/web/content/docs/s3-config/google-cloud-storage.mdx

diff --git a/apps/web/content/docs/s3-config/google-cloud-storage.mdx b/apps/web/content/docs/s3-config/google-cloud-storage.mdx
new file mode 100644
index 00000000000..fe30dc368a0
--- /dev/null
+++ b/apps/web/content/docs/s3-config/google-cloud-storage.mdx
@@ -0,0 +1,95 @@
+---
+title: "Cap Apps: S3 Config (Google Cloud)"
+summary: "Connect your own Cloud Storage bucket to Cap and maintain 100% ownership over your data."
+tags: "Cap Apps"
+image: "/docs/s3-config/google-cloud-s3.jpg"
+---
+
+# Connecting Your Google Cloud Bucket to Cap Desktop
+
+> **TL;DR**: Open Cap Desktop → Cap Apps → S3 Config → Configure → Select Other S3 compatible → Enter your Cloud Storage credentials → Configure bucket permissions → Save and test with a shareable link upload.
+
+## Step 1: Launch Cap Desktop and Access Cap Apps
+
+1. **Open the Cap Desktop App**: Click the Cap icon on your desktop or find it in your applications folder to launch the app.
+
+2. **Navigate to Cap Apps**: Once the app is open, locate the 'Cap Apps' tab in Settings.
+
+## Step 2: Click on S3 Config, and then Configure
+
+1. Click on S3 config
+
+2. Click on Configure
+
+3. Select Other S3-compatible from the list of available services.
+
+## Step 3: Configure Cloud Storage Resources
+
+1. **Create Service Account First**:
+
+   - Go to in IAM and Admin > Service Accounts, click "Create service account"
+   - Set a service account ID (e.g., "cap-app-user")
+   - Click "Create and continue"
+   - Skip the "Permissions" and "Principals with access" sections.
+   - Click "Done"
+   - Note down your service account email (e.g., "cap-app-user@example.iam.gserviceaccount.com")
+
+2. **Create Cloud Storage Bucket**:
+
+   - Log into the [Google Cloud Console](https://console.cloud.google.com)
+   - Navigate to Cloud Storage
+   - Click "Create bucket"
+   - Enter a unique bucket name (e.g., "my-cap-uploads")
+   - Choose your preferred Google Cloud Region
+   - Choose your default storage class or opt for Autoclass (for lower storage but higher networking costs on rarely used recordings)
+   - Under "Prevent public access", keep "Enforce public access prevention on this bucket" enabled (recommended)
+   - Under "Access control", select "Uniform"
+   - Under "Data protection", decided whether you want to keep "Soft-delete policy" enabled (this will allow you to recover accidentally deleted files)
+     Under "Data protection", keep "Object versioning" disabled
+   - Optional, under "Data encryption", choose your own "encryption key" (in most cases the default Google-managed encryption key is fine)
+   - Keep all other settings as default
+   - Click "Create bucket" at the bottom of the page
+
+3. **Add your service account to your bucket**:
+
+   - After creating your storage bucket, open it.
+   - Click "Permissions" → "Grant access"
+   - Put your service account email from before as "Principal"
+   - Assign the role "Storage Object Admin"
+   - Click "Save"
+
+5. **Configure CORS Settings**:
+   - Switch to the "Configuration" tab, scroll down to "Cross-origin resource sharing"
+   - Click "Edit" and "Allow cross-origin resource sharing"
+   - Add the following CORS configuration:
+     - Allowed origins: `https://cap.so,https://www.cap.so,https://cap.link,https://www.cap.link`
+     - Under "Specify methods", select "GET", "HEAD", and "PUT"
+     - For allowed response headers enter: `*`
+     - For cache expiry time enter: `3000`
+   - Click "Save"
+
+4. **Retrieve your S3 Interoperability credentials**:
+   - In Cloud Storage switch to "Settings" via the side panel.
+   - Go to "Interopability" tab
+   - Under "Access keys for service accounts" click "Create key for another service account"
+   - Select your service account
+   - Click "Create key" and note down your "Access Key ID" and "Secret Access Key".
+
+## Step 4: Configure Cap Desktop
+
+1. Open Cap Desktop and navigate to S3 Config
+2. Enter the following details:
+   - Access Key ID (from interoperability credentials creation)
+   - Secret Access Key (from interoperability credentials creation)
+   - Endpoint (enter "https://storage.googleapis.com")
+   - Bucket Name: Your bucket name
+   - Region: Your bucket's region (e.g., us-east-1)
+
+## Step 5: Test and Save the Connection
+
+1. Test the Connection: Click on the 'Test Connection' button to verify that Cap can successfully connect to your Cloud Storage bucket.
+2. Save the Configuration: If the test is successful, save the connection settings. Your Cloud Storage bucket is now integrated with Cap Desktop.
+
+## Accessing Your Cloud Storage Files in Cap
+
+Once the connection is established and you have saved your configuration, all new shareable links you create will serve images and videos directly from your configured S3 bucket, giving you full control over your content delivery and storage.

From 94349836f14ce1c6a58baa58b5dffb0ddd8aed24 Mon Sep 17 00:00:00 2001
From: Dennis Kugelmann <dennis.kugelmann@simpleclub.com>
Date: Fri, 22 May 2026 14:19:01 +0200
Subject: [PATCH 2/2] Apply suggestions from code review

Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
---
 .../docs/s3-config/google-cloud-storage.mdx        | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/apps/web/content/docs/s3-config/google-cloud-storage.mdx b/apps/web/content/docs/s3-config/google-cloud-storage.mdx
index fe30dc368a0..01a0d3ab869 100644
--- a/apps/web/content/docs/s3-config/google-cloud-storage.mdx
+++ b/apps/web/content/docs/s3-config/google-cloud-storage.mdx
@@ -27,7 +27,7 @@ image: "/docs/s3-config/google-cloud-s3.jpg"
 
 1. **Create Service Account First**:
 
-   - Go to in IAM and Admin > Service Accounts, click "Create service account"
+   - Go to IAM and Admin > Service Accounts, click "Create service account"
    - Set a service account ID (e.g., "cap-app-user")
    - Click "Create and continue"
    - Skip the "Permissions" and "Principals with access" sections.
@@ -44,8 +44,8 @@ image: "/docs/s3-config/google-cloud-s3.jpg"
    - Choose your default storage class or opt for Autoclass (for lower storage but higher networking costs on rarely used recordings)
    - Under "Prevent public access", keep "Enforce public access prevention on this bucket" enabled (recommended)
    - Under "Access control", select "Uniform"
-   - Under "Data protection", decided whether you want to keep "Soft-delete policy" enabled (this will allow you to recover accidentally deleted files)
-     Under "Data protection", keep "Object versioning" disabled
+   - Under "Data protection", decide whether you want to keep "Soft-delete policy" enabled (this will allow you to recover accidentally deleted files)
+   - Under "Data protection", keep "Object versioning" disabled
    - Optional, under "Data encryption", choose your own "encryption key" (in most cases the default Google-managed encryption key is fine)
    - Keep all other settings as default
    - Click "Create bucket" at the bottom of the page
@@ -58,7 +58,7 @@ image: "/docs/s3-config/google-cloud-s3.jpg"
    - Assign the role "Storage Object Admin"
    - Click "Save"
 
-5. **Configure CORS Settings**:
+4. **Configure CORS Settings**:
    - Switch to the "Configuration" tab, scroll down to "Cross-origin resource sharing"
    - Click "Edit" and "Allow cross-origin resource sharing"
    - Add the following CORS configuration:
@@ -68,9 +68,9 @@ image: "/docs/s3-config/google-cloud-s3.jpg"
      - For cache expiry time enter: `3000`
    - Click "Save"
 
-4. **Retrieve your S3 Interoperability credentials**:
+5. **Retrieve your S3 Interoperability credentials**:
    - In Cloud Storage switch to "Settings" via the side panel.
-   - Go to "Interopability" tab
+   - Go to "Interoperability" tab
    - Under "Access keys for service accounts" click "Create key for another service account"
    - Select your service account
    - Click "Create key" and note down your "Access Key ID" and "Secret Access Key".
@@ -83,7 +83,7 @@ image: "/docs/s3-config/google-cloud-s3.jpg"
    - Secret Access Key (from interoperability credentials creation)
    - Endpoint (enter "https://storage.googleapis.com")
    - Bucket Name: Your bucket name
-   - Region: Your bucket's region (e.g., us-east-1)
+   - Region: Your bucket's region (e.g., `us-central1` or `europe-west1`)
 
 ## Step 5: Test and Save the Connection