forked from matteo/serves3
1
0
Fork 0
A simple proxy to browse files from private S3 buckets. Helpful to be put behind another authenticating web server, such as Apache or NGINX.
Go to file
Matteo Settenvini e3aca4fe72 Improve README and install some extra files via CMake 2024-06-22 16:49:50 +02:00
.vscode Improve README and install some extra files via CMake 2024-06-22 16:49:50 +02:00
LICENSES Connect and retrieve initial bucket index 2023-07-01 13:37:21 +02:00
src Fixed redirection to paths not ending with a slash 2024-06-12 11:55:30 +02:00
templates Reimplement config parsing, add integration tests 2024-06-02 16:47:49 +02:00
tests Reimplement config parsing, add integration tests 2024-06-02 16:47:49 +02:00
.gitignore Reimplement config parsing, add integration tests 2024-06-02 16:47:49 +02:00
.pre-commit-config.yaml Improve README and install some extra files via CMake 2024-06-22 16:49:50 +02:00
CMakeLists.txt Improve README and install some extra files via CMake 2024-06-22 16:49:50 +02:00
Cargo.lock cargo deny: modernize config, bump deps 2024-06-13 05:53:18 +02:00
Cargo.lock.license Connect and retrieve initial bucket index 2023-07-01 13:37:21 +02:00
Cargo.toml Reimplement config parsing, add integration tests 2024-06-02 16:47:49 +02:00
README.md Improve README and install some extra files via CMake 2024-06-22 16:49:50 +02:00
deny.toml cargo deny: modernize config, bump deps 2024-06-13 05:53:18 +02:00
serves3.toml.example Improve README and install some extra files via CMake 2024-06-22 16:49:50 +02:00
serves3@.service Improve README and install some extra files via CMake 2024-06-22 16:49:50 +02:00

README.md

serves3

A very simple proxy to browse files from private S3 buckets.

Helpful to be put behind another authenticating web server, such as Apache or NGINX.

Also helpful to do a different TLS termination.

Configuration

Copy serves3.toml.example to serves3.toml from this project's sources and adjust your settings. If the project was built and installed via CMake, a copy of the example settings file is in /usr/share/doc/serves3.

For instance:

# apply this configuration to Rocket's "default" profile
[default.s3_bucket]

# the bucket name
name = ""
 # the API endpoint address
endpoint = "https://eu-central-1.linodeobjects.com"
# the bucket region
region = "eu-central-1"
# the access key ID
access_key_id = ""
# the access key secret
secret_access_key = ""
# whether to use path_style S3 URLs, see
# https://docs.aws.amazon.com/AmazonS3/latest/userguide/VirtualHosting.html#path-style-access
path_style = false

# Here you can add any other rocket options, see
# https://rocket.rs/guide/v0.5/configuration/

[default]

[debug]

[release]

You can also use the same file to customize the server options. See the Rocket documentation for a list of understood values.

Then just configure Apache or NGINX to proxy to the given port. For example:

<VirtualHost *:443>
    ServerName example.com
    ServerAdmin support@example.com
    DocumentRoot /var/www

    ProxyPreserveHost On
    ProxyPass /s3/ http://127.0.0.1:8000/
    ProxyPassReverse /s3/ http://127.0.0.1:8000/

    # ... other options ...
</VirtualHost>

You probably also want a systemd unit file, for instance /etc/systemd/system/serves3@.service:

[Unit]
Description=ServeS3, a S3 proxy
StartLimitInterval=100
StartLimitBurst=10

[Service]
Type=simple
ExecStart=/usr/local/bin/serves3
WorkingDirectory=/etc/serves3/%i/
Environment=ROCKET_PORT=%i

Restart=always
RestartSec=5s

[Install]
WantedBy=multi-user.target

Then, e.g. for running on port 8000, you would put the corresponding configuration file in /etc/serves3/8000/ and install the unit with systemctl enable --now serves3@8000.service.

Build and install

If you want more granular control on installation options, use CMake:

cmake -DCMAKE_INSTALL_PREFIX=/usr -B build .
cmake --build build
sudo cmake --install build
cd run-folder # folder with serves3.toml
serves3

Else you can simply rely on cargo:

cargo install --root /usr/local --path . # for instance
cd run-folder # folder with serves3.toml
serves3

Changelog

1.1.0 Reworked configuration file logic

  • Breaking change: configuration file renamed to serves3.toml. Please note that the format changed slightly; have a look at the provided serves3.toml.example file for reference.
  • Fixes #2: URLs to directories not ending with a slash are not redirected properly

1.0.0

  • Initial release.