Application Install

Post Reply
TheBrambleShark
Posts: 1
Joined: Sun Mar 15, 2026 5:47 pm

Application Install

Post by TheBrambleShark »

Based on reading the main website, the preferred way to install appears to be directly from the APK. This works well enough, but as noted, all updates are manual and it is the responsibility of the user to check periodically. This likely leads people to one of the two app stores, both of which have drawbacks.

Because Accrescent isn't accepting applications currently, the next best option is Obtanium. This is a FOSS Android app which can be used to automatically check for updates of apps you install directly from the source. I have not yet been able to make it work with Nextcloud as a source, but it can scrape an index page that points to the APKs or pull directly from GitHub Releases, among other sources.

Obtanium has another benefit in that it's set up to work directly with AppVerifier, which handles verifying the authenticity of the application and ensures it has not been tampered with since the APK was signed. Hashes of the signing certificate(s) will need to be shared. For AppVerifier to compare against, which people can copy to their clipboard and paste into AppVerifier.

Suggestion TL;DR:
  1. Add Obtanium support by providing an index of releases with direct links or publishing to GitHub Releases.
  2. Publish signing certificate hashes for use with AppVerifier.
Thanks!
Top
jens
Posts: 15
Joined: Sat Oct 18, 2025 10:15 pm

Re: Application Install

Post by jens »

I'm open to your ideas, but my time is limited.

1. If you manage to make a script that acts as a proxy and shows the files from the nextcloud share as a directory listing, I'm happy to host that proxy script on my server. I've tried a bit having an AI make one, but it never worked.

2. The APK version is signed by the debug key it once created. I have kept that file over the years, so all versions should be signed by the same one:

Code: Select all

Signer #1 certificate DN: CN=Android Debug, O=Android, C=US
Signer #1 certificate SHA-256 digest: ce79e20b7338fb2b035e89a3ec9a1f80bb232a4032f5a02bceef0d0ed525ddd3
Signer #1 certificate SHA-1 digest: d12b10492139e7c952421dfec6c3e119dc47a102
Signer #1 certificate MD5 digest: 13aae7dce9d28b25df625ee6f5a632eb
Signer #1 key algorithm: RSA
Signer #1 key size (bits): 2048
Signer #1 public key SHA-256 digest: 83921b88fccd4d137974e165c75b3556ec37f58a9cb28897b7880ffbbb48ca7a
Signer #1 public key SHA-1 digest: 08bc91c2882df4db6f0b01fa2d75f79dbcd62a74
Signer #1 public key MD5 digest: 083c3c116700d559fa5b711861b8ab3c
Top
Post Reply

Return to “Feature requests / suggestions”