github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2024-11-22 15:25:35 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

support for EC2 IAM roles with Amazon S3 file store/backup

Browse Source
This commit is contained in:
Gary Windham 2014-07-05 12:33:39 -07:00
parent b5c57fa947
commit 3f6bd0606a
5 changed files with 25 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
app/models/admin_dashboard_data.rb
View File

@ -135,8 +135,8 @@ class AdminDashboardData
end
def s3_config_check
return I18n.t('dashboard.s3_config_warning') if SiteSetting.enable_s3_uploads and (SiteSetting.s3_access_key_id.blank? or SiteSetting.s3_secret_access_key.blank? or SiteSetting.s3_upload_bucket.blank?)
return I18n.t('dashboard.s3_backup_config_warning') if SiteSetting.enable_s3_backups and (SiteSetting.s3_access_key_id.blank? or SiteSetting.s3_secret_access_key.blank? or SiteSetting.s3_backup_bucket.blank?)
return I18n.t('dashboard.s3_config_warning') if SiteSetting.enable_s3_uploads and ((!SiteSetting.s3_use_iam_profile and (SiteSetting.s3_access_key_id.blank? or SiteSetting.s3_secret_access_key.blank?)) or SiteSetting.s3_upload_bucket.blank?)
return I18n.t('dashboard.s3_backup_config_warning') if SiteSetting.enable_s3_backups and ((!SiteSetting.s3_use_iam_profile and (SiteSetting.s3_access_key_id.blank? or SiteSetting.s3_secret_access_key.blank?)) or SiteSetting.s3_backup_bucket.blank?)
nil
end

16
app/models/backup.rb
View File

@ -73,18 +73,24 @@ class Backup
private
def s3_options
{
options = {
provider: 'AWS',
aws_access_key_id: SiteSetting.s3_access_key_id,
aws_secret_access_key: SiteSetting.s3_secret_access_key,
region: SiteSetting.s3_region.blank? ? "us-east-1" : SiteSetting.s3_region,
}
if (SiteSetting.s3_use_iam_profile.present?)
options.merge!(:use_iam_profile => true)
else
options.merge!(:aws_access_key_id => SiteSetting.s3_access_key_id,
:aws_secret_access_key => SiteSetting.s3_secret_access_key)
end
options
end
def fog
return @fog if @fog
return unless SiteSetting.s3_access_key_id.present? &&
SiteSetting.s3_secret_access_key.present? &&
return unless ((SiteSetting.s3_access_key_id.present? &&
SiteSetting.s3_secret_access_key.present?) ||
SiteSetting.s3_use_iam_profile.present?) &&
SiteSetting.s3_backup_bucket.present?
require 'fog'
@fog = Fog::Storage.new(s3_options)

1
config/locales/server.en.yml
View File

@ -810,6 +810,7 @@ en:
clean_orphan_uploads_grace_period_hours: "Grace period (in hours) before an orphan upload is removed."
purge_deleted_uploads_grace_period_days: "Grace period (in days) before a deleted upload is erased."
enable_s3_uploads: "Place uploads on Amazon S3 storage."
s3_use_iam_profile: 'Use AWS EC2 IAM role to retrieve keys. NOTE: enabling will override "s3 access key id" and "s3 secret access key" settings.'
s3_upload_bucket: "The Amazon S3 bucket name that files will be uploaded into. WARNING: must be lowercase, no periods."
s3_access_key_id: "The Amazon S3 access key id that will be used to upload images."
s3_secret_access_key: "The Amazon S3 secret access key that will be used to upload images."

1
config/site_settings.yml
View File

@ -422,6 +422,7 @@ files:
clean_orphan_uploads_grace_period_hours: 1
purge_deleted_uploads_grace_period_days: 30
enable_s3_uploads: false
s3_use_iam_profile: false
s3_access_key_id: ''
s3_secret_access_key: ''
s3_region:

14
lib/file_store/s3_store.rb
View File

@ -98,20 +98,26 @@ module FileStore
def check_missing_site_settings
raise Discourse::SiteSettingMissing.new("s3_upload_bucket") if SiteSetting.s3_upload_bucket.blank?
raise Discourse::SiteSettingMissing.new("s3_access_key_id") if SiteSetting.s3_access_key_id.blank?
raise Discourse::SiteSettingMissing.new("s3_secret_access_key") if SiteSetting.s3_secret_access_key.blank?
unless SiteSetting.s3_use_iam_profile.present?
raise Discourse::SiteSettingMissing.new("s3_access_key_id") if SiteSetting.s3_access_key_id.blank?
raise Discourse::SiteSettingMissing.new("s3_secret_access_key") if SiteSetting.s3_secret_access_key.blank?
end
end
def s3_options
options = {
provider: 'AWS',
aws_access_key_id: SiteSetting.s3_access_key_id,
aws_secret_access_key: SiteSetting.s3_secret_access_key,
scheme: SiteSetting.scheme,
# cf. https://github.com/fog/fog/issues/2381
path_style: dns_compatible?(s3_bucket, SiteSetting.use_https?),
}
options[:region] = SiteSetting.s3_region unless SiteSetting.s3_region.empty?
if (SiteSetting.s3_use_iam_profile.present?)
options.merge!(:use_iam_profile => true)
else
options.merge!(:aws_access_key_id => SiteSetting.s3_access_key_id,
:aws_secret_access_key => SiteSetting.s3_secret_access_key)
end
options
end