Supporting external CDNs for storage

I’m building a video platform and am using CDN77 to host video files since Internet Computer canisters are not yet ready to do the job.

There’s a discussion here about BigMap being on the roadmap for Q3 2022 which would solve my immediate needs, though not quite soon enough for this project; I have a DFINITY grant deliverable next month that requires users to upload videos. While an officially supported BigMap implementation would allow me to host video files in canisters, that would likely be cost-prohibitive and overkill for my needs as is also mentioned in the discussion linked above. So that’s why I’m looking to go with an external CDN for now.

So my question is: is it possible to write a canister that would allow users to upload videos to a third-party CDN, or will I be back to setting up my own server or using a lambda somewhere?

CDN77 and many others allow me to upload files via FTP or rsync. I can’t do that from the frontend or my private keys would necessarily be exposed to the user. Staying entirely within the Internet Computer, I’m not sure how to allow the user to upload a file to the CDN. My only idea so far is to set up my own server to receive the uploads from the frontend and forward them to the CDN, but I’d rather not have to provision my own servers if I can do it all on the IC.

In his IC Avatar example, @kpeacock showed how to allow the user to upload image files to an asset canister, but of course that won’t work for the large files I will be hosting, especially without BigMap. Can anyone think of a way to securely send a file from an IC-hosted frontend to a CDN via FTP or rsync? :eyes:

100% IC

I’m confused. You mean that video is hosted on the IC, or it was uploaded through an IC frontend to an external CDN?

It runs 100% on the ic. It was uploaded to a canister and is served from a canister.

This is only part of the problem.
You can upload large files to the canister, but you won’t be able to:

  • get range of bytes
    video navigation won’t work smoothly and properly, need to download all bytes before caret. This is especially critical for native players.
  • certify file chunks
    video file certificate will not be checked on icx-proxy or frontend service-worker. You will have to use your own boundary node, or .raw.-uncertified domain

DSocial has already tried to bypass this with the help of a third-party blockchain

1 Like

Both excellent points, which provides yet another reason for me to want to host the files on an external CDN.

But I’d still like to be able to upload to that CDN without having to set up a server of my own to do the upload if it’s possible to do it from the IC.

The only thing I can advise is to upload data to CDN from the frontend and make notes in the backend-canister and CDN separately. Moreover, I do not recommend proxying a file through a canister, it can be expensive and pointless.

  1. This video returns ranges of bytes.(but only at 2MB at a time…players seem to do ok with that)
  2. Certification will be done by our boundary node. Working on it now. Should have it in soon, but most don’t care about content certification when consuming.
1 Like

But how do I do that without users being able to see my private keys for the CDN, which will have to be in the codebase and transferred over the wire (instead of in an environment variable on my server and privately transferred through a connection that can’t be snooped on by the user)?

I’m new to using CDNs. This must be a solved problem because I’m sure I’ve uploaded data directly to a CDN for other services before. Maybe the CDN I chose just lacks this support.