Stats
Actions
Tags
Help us improve
Share bugs, ideas, or general feedback.
From godmode
Guides file storage and CDN setup with object storage (S3, GCS, Azure Blob), presigned URLs, image/video processing pipelines, lifecycle policies, cost optimization, and backups.
npx claudepluginhub arbazkhan971/godmodeHow this skill is triggered — by the user, by Claude, or both
Slash command
/godmode:storageThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
- `/godmode:storage`, "file upload", "S3 bucket"
Handles secure file uploads to S3 and Cloudflare R2 with presigned URLs, multipart uploads, image optimization, and large file streaming. Addresses security pitfalls like magic byte validation and size limits.
Handles secure file uploads with presigned URLs, multipart/tus support, Sharp image optimization, FFmpeg video transcoding, ClamAV virus scanning, and post-upload processing for S3/GCS/Azure.
Implements secure file upload flows using presigned URLs for S3/GCS/R2, multipart/tus resumables, Sharp image processing, drag-and-drop UI with progress, MIME validation via magic bytes, virus scanning, and CDN serving. For profile pics, documents, media galleries.
Share bugs, ideas, or general feedback.
/godmode:storage, "file upload", "S3 bucket"File Types: images | docs | video | audio | archives
Max Upload Size: images <10MB, video <500MB
Storage Provider: S3 | GCS | Azure Blob | R2
CDN: CloudFront | Cloud CDN | Cloudflare
Scale: <uploads/day, total storage/year>
# Create S3 bucket with versioning
aws s3api create-bucket \
--bucket myapp-prod-uploads \
--region us-east-1
aws s3api put-bucket-versioning \
--bucket myapp-prod-uploads \
--versioning-configuration Status=Enabled
# Verify bucket policy
aws s3api get-bucket-policy --bucket myapp-prod-uploads
BUCKET STRUCTURE:
/<tenant-id>/originals/<uuid>.<ext>
/<tenant-id>/variants/<uuid>/<size>.<ext>
/<tenant-id>/thumbnails/<uuid>.webp
PROVIDER COMPARISON:
| Feature | S3 | GCS | Azure Blob |
|-------------|-------|-------|-----------|
| Max object | 5 TB | 5 TB | 190.7 TB |
| Multipart | 5 MB | 5 MB | N/A blocks|
| Consistency | Strong| Strong| Strong |
PRESIGNED URL FLOW:
Client -> API (request URL)
-> API validates type+size, generates presigned PUT
-> Client PUTs directly to S3
-> S3 event -> Worker validates/scans/resizes
-> Client gets confirmation
IF file < 10MB: single presigned PUT
IF file 10MB-5GB: multipart (5-100MB chunks,
3-5 concurrent, per-chunk retry)
IF file > 5GB or mobile: resumable (tus protocol)
WHEN server processing needed first: direct upload
PIPELINE:
Upload -> Validate (magic bytes) -> Virus Scan
-> Process (Sharp: resize, WebP/AVIF, strip EXIF)
-> Store variants -> CDN
VARIANTS:
thumbnail: 200x200 crop, 80% quality
small: 400w, 80% quality
medium: 800w, 85% quality
large: 1600w, 90% quality
placeholder: 20x20, 20% quality, base64 LQIP
LIFECYCLE POLICIES:
Incomplete multipart: abort after 24h
Transition to IA: after 90 days (40% savings)
Transition to Glacier: after 365 days (80%)
Delete old versions: after 30 days
OPTIMIZATION ACTIONS:
| Action | Savings | Effort |
|--------------------|---------|--------|
| Lifecycle to IA | 40% | Low |
| CDN (reduce egress)| 50% | Medium |
| WebP conversion | 30% | Medium |
| Deduplicate files | 15% | Medium |
Tier 1: Same-region (automatic, 11 nines S3)
Tier 2: Cross-region replication
Primary: us-east-1, Replica: eu-west-1
IF compliance requires geo-redundancy: enable
IF disaster recovery RTO < 1h: enable
Commit: "storage: <desc> -- <components>"
Files: bucket config, upload service, processing,
lifecycle policies
grep -r "aws-sdk\|@aws-sdk\|@google-cloud/storage" \
package.json 2>/dev/null
grep -r "S3Client\|getSignedUrl\|presignedUrl" \
src/ --include="*.ts" --include="*.js" -l \
2>/dev/null | head -5
Log to .godmode/storage-results.tsv:
step\tcomponent\tprovider\tstatus\tdetails
Print: Storage: {provider}. Upload: {presigned|direct}. CDN: {active|none}. Status: {DONE|PARTIAL}.
KEEP if: end-to-end upload works AND direct bucket
access blocked AND cost projection improved
DISCARD if: upload fails OR bucket exposed OR CORS
breaks. Revert on discard.
STOP when:
- End-to-end upload works (presigned -> CDN)
- Direct bucket access blocked
- Lifecycle rules active
- All credentials from env vars or IAM roles