The File Browser
Browse, search, preview, and upload the objects in your bucket straight from
a web page. Your browser signs every request itself; Storm's servers never
see the traffic.
It runs in your browser
The Storm Buckets file browser is a client-side app: your browser holds
the key, signs each S3 request itself, and talks straight to the bucket.
Most web file managers for object storage take your access key, send it
to their server, and let it make the S3 calls on your behalf; this one
never does. Your secret stays on your machine, optionally encrypted at
rest behind a passphrase, and Storm's backend never receives it.
Storm Buckets are plain S3, so you can always reach them with rclone or the
AWS CLI. This is the same bucket, shown as a file manager.
Walk your bucket as a folder tree
Open the Files tab and the bucket renders as a tree. Folders expand, every
object shows its size, and you move with the arrow keys or the mouse. The path
bar tracks where you are, so a bucket reads like a directory instead of a flat
key listing.
Search across your files
Type in the search box and it matches across every folder you have loaded, so
a note buried three levels down surfaces without expanding each folder to find
it.
Preview images, text, and markdown in place
Click an image and it renders in place, with its size, type, last-modified
date, and full path beside it. Text and markdown open their contents in the
preview pane, so you can read a config or a note without pulling it down first.
Everything downloads with one button when you do want the file itself.
Upload by drag or button
Drop files onto the page or use Upload. They land in the folder you are
looking at and appear on the next refresh.
Unlock once per session
The first time you open the browser it asks for your bucket secret, then signs
every request with it locally. You decide where it lives:
-
encrypted in this browser behind a passphrase (recommended),
-
in this tab only, forgotten when you close it,
-
or in the browser profile for next time.
The recommended option keeps it encrypted at rest, and Storm never receives
the passphrase.
Does Storm see my access key?
No. Your browser holds it and signs requests directly, and the dashboard
backend is never in the path. Storm's operators do have root on the node, so
if you also need protection from them, encrypt your files on your own machine
before they upload. The honest claim is auditability, not zero-knowledge.
Works alongside your other tools
It is a normal S3 bucket and the browser is one view onto it. Point rclone,
the AWS CLI, terraform, or Obsidian at the same bucket and anything they write
shows up on the next refresh. See
Connecting an S3 Client for the values every
client needs.