A simple proxy to browse files from private S3 buckets. Helpful to be put behind another authenticating web server, such as Apache or NGINX.
Go to file
Matteo Settenvini 373b141346 chore: update dependencies to latest versions 2024-09-28 03:08:08 +02:00
.vscode Improve README and install some extra files via CMake 2024-06-22 16:49:50 +02:00
LICENSES Connect and retrieve initial bucket index 2023-07-01 13:37:21 +02:00
src chore: update dependencies to latest versions 2024-09-28 03:08:08 +02:00
templates Reimplement config parsing, add integration tests 2024-06-02 16:47:49 +02:00
tests chore: update dependencies to latest versions 2024-09-28 03:08:08 +02:00
.gitignore Reimplement config parsing, add integration tests 2024-06-02 16:47:49 +02:00
.pre-commit-config.yaml chore: update dependencies to latest versions 2024-09-28 03:08:08 +02:00
CMakeLists.txt Improve README and install some extra files via CMake 2024-06-22 16:49:50 +02:00
Cargo.lock chore: update dependencies to latest versions 2024-09-28 03:08:08 +02:00
Cargo.lock.license Connect and retrieve initial bucket index 2023-07-01 13:37:21 +02:00
Cargo.toml chore: update dependencies to latest versions 2024-09-28 03:08:08 +02:00
README.md Improve README and install some extra files via CMake 2024-06-22 16:49:50 +02:00
deny.toml chore: update dependencies to latest versions 2024-09-28 03:08:08 +02:00
serves3.toml.example Improve README and install some extra files via CMake 2024-06-22 16:49:50 +02:00
serves3@.service Improve README and install some extra files via CMake 2024-06-22 16:49:50 +02:00

README.md

serves3

A very simple proxy to browse files from private S3 buckets.

Helpful to be put behind another authenticating web server, such as Apache or NGINX.

Also helpful to do a different TLS termination.

Configuration

Copy serves3.toml.example to serves3.toml from this project's sources and adjust your settings. If the project was built and installed via CMake, a copy of the example settings file is in /usr/share/doc/serves3.

For instance:

# apply this configuration to Rocket's "default" profile
[default.s3_bucket]

# the bucket name
name = ""
 # the API endpoint address
endpoint = "https://eu-central-1.linodeobjects.com"
# the bucket region
region = "eu-central-1"
# the access key ID
access_key_id = ""
# the access key secret
secret_access_key = ""
# whether to use path_style S3 URLs, see
# https://docs.aws.amazon.com/AmazonS3/latest/userguide/VirtualHosting.html#path-style-access
path_style = false

# Here you can add any other rocket options, see
# https://rocket.rs/guide/v0.5/configuration/

[default]

[debug]

[release]

You can also use the same file to customize the server options. See the Rocket documentation for a list of understood values.

Then just configure Apache or NGINX to proxy to the given port. For example:

<VirtualHost *:443>
    ServerName example.com
    ServerAdmin support@example.com
    DocumentRoot /var/www

    ProxyPreserveHost On
    ProxyPass /s3/ http://127.0.0.1:8000/
    ProxyPassReverse /s3/ http://127.0.0.1:8000/

    # ... other options ...
</VirtualHost>

You probably also want a systemd unit file, for instance /etc/systemd/system/serves3@.service:

[Unit]
Description=ServeS3, a S3 proxy
StartLimitInterval=100
StartLimitBurst=10

[Service]
Type=simple
ExecStart=/usr/local/bin/serves3
WorkingDirectory=/etc/serves3/%i/
Environment=ROCKET_PORT=%i

Restart=always
RestartSec=5s

[Install]
WantedBy=multi-user.target

Then, e.g. for running on port 8000, you would put the corresponding configuration file in /etc/serves3/8000/ and install the unit with systemctl enable --now serves3@8000.service.

Build and install

If you want more granular control on installation options, use CMake:

cmake -DCMAKE_INSTALL_PREFIX=/usr -B build .
cmake --build build
sudo cmake --install build
cd run-folder # folder with serves3.toml
serves3

Else you can simply rely on cargo:

cargo install --root /usr/local --path . # for instance
cd run-folder # folder with serves3.toml
serves3

Changelog

1.1.0 Reworked configuration file logic

  • Breaking change: configuration file renamed to serves3.toml. Please note that the format changed slightly; have a look at the provided serves3.toml.example file for reference.
  • Fixes #2: URLs to directories not ending with a slash are not redirected properly

1.0.0

  • Initial release.