| 1 |
# OTA Updates |
| 2 |
|
| 3 |
SyncKit OTA provides an auto-update server for desktop applications. It implements the Tauri updater protocol, so Tauri apps work out of the box. Non-Tauri apps can use the same HTTP endpoints directly. |
| 4 |
|
| 5 |
## Setup |
| 6 |
|
| 7 |
### 1. Register a Slug |
| 8 |
|
| 9 |
Each app needs a URL slug for the update endpoint. Set it on your SyncKit app: |
| 10 |
|
| 11 |
``` |
| 12 |
PUT /api/sync/ota/apps/{app_id}/slug |
| 13 |
Authorization: Bearer <token> |
| 14 |
Content-Type: application/json |
| 15 |
|
| 16 |
{ |
| 17 |
"slug": "my-app" |
| 18 |
} |
| 19 |
``` |
| 20 |
|
| 21 |
Slugs must be 3-40 characters, lowercase alphanumeric with hyphens. This slug appears in the public update check URL. |
| 22 |
|
| 23 |
### 2. Create a Release |
| 24 |
|
| 25 |
``` |
| 26 |
POST /api/sync/ota/apps/{app_id}/releases |
| 27 |
Authorization: Bearer <token> |
| 28 |
Content-Type: application/json |
| 29 |
|
| 30 |
{ |
| 31 |
"version": "1.2.0", |
| 32 |
"notes": "Bug fixes and performance improvements", |
| 33 |
"signature": "<base64-encoded-signature>" |
| 34 |
} |
| 35 |
``` |
| 36 |
|
| 37 |
Response: |
| 38 |
|
| 39 |
```json |
| 40 |
{ |
| 41 |
"id": "880b1700-...", |
| 42 |
"version": "1.2.0", |
| 43 |
"notes": "Bug fixes and performance improvements", |
| 44 |
"signature": "<base64-encoded-signature>", |
| 45 |
"pub_date": "2026-03-13T12:00:00Z", |
| 46 |
"created_at": "2026-03-13T12:00:00Z" |
| 47 |
} |
| 48 |
``` |
| 49 |
|
| 50 |
Version must be valid semver (`X.Y.Z`, optionally with pre-release or build metadata). |
| 51 |
|
| 52 |
### 3. Upload Artifacts |
| 53 |
|
| 54 |
For each platform/architecture combination, request a presigned upload URL and upload the binary: |
| 55 |
|
| 56 |
``` |
| 57 |
POST /api/sync/ota/apps/{app_id}/releases/{release_id}/artifacts |
| 58 |
Authorization: Bearer <token> |
| 59 |
Content-Type: application/json |
| 60 |
|
| 61 |
{ |
| 62 |
"target": "darwin", |
| 63 |
"arch": "aarch64", |
| 64 |
"file_size": 52428800 |
| 65 |
} |
| 66 |
``` |
| 67 |
|
| 68 |
Response: |
| 69 |
|
| 70 |
```json |
| 71 |
{ |
| 72 |
"upload_url": "https://s3.example.com/...", |
| 73 |
"s3_key": "ota/my-app/1.2.0/darwin-aarch64" |
| 74 |
} |
| 75 |
``` |
| 76 |
|
| 77 |
Upload the binary directly to the presigned URL with a PUT request. |
| 78 |
|
| 79 |
Target values: `linux`, `darwin`, `windows`. Arch values: `x86_64`, `aarch64`. |
| 80 |
|
| 81 |
## Update Check Endpoint |
| 82 |
|
| 83 |
Public, no authentication required. Compatible with Tauri's built-in updater. |
| 84 |
|
| 85 |
``` |
| 86 |
GET /api/sync/ota/{slug}/{target}/{arch}/{current_version} |
| 87 |
``` |
| 88 |
|
| 89 |
Example: |
| 90 |
|
| 91 |
``` |
| 92 |
GET /api/sync/ota/my-app/darwin/aarch64/1.1.0 |
| 93 |
``` |
| 94 |
|
| 95 |
### Update Available (200) |
| 96 |
|
| 97 |
```json |
| 98 |
{ |
| 99 |
"version": "1.2.0", |
| 100 |
"url": "https://makenot.work/api/sync/ota/my-app/download/880b1700-.../darwin/aarch64", |
| 101 |
"signature": "<base64-encoded-signature>", |
| 102 |
"notes": "Bug fixes and performance improvements", |
| 103 |
"pub_date": "2026-03-13T12:00:00Z" |
| 104 |
} |
| 105 |
``` |
| 106 |
|
| 107 |
### No Update (204) |
| 108 |
|
| 109 |
Empty response. The current version is already the latest. |
| 110 |
|
| 111 |
The endpoint returns an update only if the latest release version is strictly greater than `current_version` (semver comparison). |
| 112 |
|
| 113 |
## Download Endpoint |
| 114 |
|
| 115 |
``` |
| 116 |
GET /api/sync/ota/{slug}/download/{release_id}/{target}/{arch} |
| 117 |
``` |
| 118 |
|
| 119 |
Returns a 302 redirect to a presigned S3 download URL. |
| 120 |
|
| 121 |
## Managing Releases |
| 122 |
|
| 123 |
### List Releases |
| 124 |
|
| 125 |
``` |
| 126 |
GET /api/sync/ota/apps/{app_id}/releases |
| 127 |
Authorization: Bearer <token> |
| 128 |
``` |
| 129 |
|
| 130 |
### Delete a Release |
| 131 |
|
| 132 |
``` |
| 133 |
DELETE /api/sync/ota/apps/{app_id}/releases/{release_id} |
| 134 |
Authorization: Bearer <token> |
| 135 |
``` |
| 136 |
|
| 137 |
Deleting a release also removes all its artifacts from S3. |
| 138 |
|
| 139 |
## Tauri Integration |
| 140 |
|
| 141 |
For Tauri 2 apps, configure the updater plugin to point at your OTA endpoint: |
| 142 |
|
| 143 |
```json |
| 144 |
{ |
| 145 |
"plugins": { |
| 146 |
"updater": { |
| 147 |
"endpoints": [ |
| 148 |
"https://makenot.work/api/sync/ota/my-app/{{target}}/{{arch}}/{{current_version}}" |
| 149 |
] |
| 150 |
} |
| 151 |
} |
| 152 |
} |
| 153 |
``` |
| 154 |
|
| 155 |
Tauri handles the update check, download, signature verification, and restart automatically. |
| 156 |
|
| 157 |
## Signature Verification |
| 158 |
|
| 159 |
The `signature` field is passed through to the update check response. For Tauri apps, this is the Ed25519 signature from `tauri signer sign`, verified against the public key embedded at build time. For non-Tauri apps, use any signature scheme; the server stores and returns the signature without interpretation. |
| 160 |
|
| 161 |
## Publish Script |
| 162 |
|
| 163 |
The `deploy/ota-publish.sh` script automates the full publish flow. See the script for usage details. |
| 164 |
|
| 165 |
## See Also |
| 166 |
|
| 167 |
- [SyncKit Cloud Sync](./synckit.md): data sync for your app |
| 168 |
- [API Overview](./api-overview.md): authentication and rate limits |
| 169 |
|