From be872ed6724fd4b187eaa8b48a816cf86db59be8 Mon Sep 17 00:00:00 2001 From: Bart Schuurmans Date: Wed, 27 Mar 2024 22:58:43 +0100 Subject: [PATCH 1/3] Support AWS_S3_URL_PROTOCOL - Allow setting in .env - Default to PROTOCOL (same as before) - Propagate to django-storages so it generates the correct URLs in sass_src --- .env.example | 1 + bookwyrm/settings.py | 19 +++++++++++++++---- 2 files changed, 16 insertions(+), 4 deletions(-) diff --git a/.env.example b/.env.example index ee2ccd45a..c63d4fd4c 100644 --- a/.env.example +++ b/.env.example @@ -82,6 +82,7 @@ S3_SIGNED_URL_EXPIRY=900 # AWS_STORAGE_BUCKET_NAME= # "example-bucket-name" # AWS_S3_CUSTOM_DOMAIN=None # "example-bucket-name.s3.fr-par.scw.cloud" +# AWS_S3_URL_PROTOCOL=None # "http:" # AWS_S3_REGION_NAME=None # "fr-par" # AWS_S3_ENDPOINT_URL=None # "https://s3.fr-par.scw.cloud" diff --git a/bookwyrm/settings.py b/bookwyrm/settings.py index 415d0ac34..27c86a22a 100644 --- a/bookwyrm/settings.py +++ b/bookwyrm/settings.py @@ -386,21 +386,32 @@ if USE_S3: AWS_S3_ENDPOINT_URL = env("AWS_S3_ENDPOINT_URL", None) AWS_DEFAULT_ACL = "public-read" AWS_S3_OBJECT_PARAMETERS = {"CacheControl": "max-age=86400"} + AWS_S3_URL_PROTOCOL = env("AWS_S3_URL_PROTOCOL", f"{PROTOCOL}:") # S3 Static settings STATIC_LOCATION = "static" - STATIC_URL = f"{PROTOCOL}://{AWS_S3_CUSTOM_DOMAIN}/{STATIC_LOCATION}/" + STATIC_URL = f"{AWS_S3_URL_PROTOCOL}//{AWS_S3_CUSTOM_DOMAIN}/{STATIC_LOCATION}/" STATIC_FULL_URL = STATIC_URL STATICFILES_STORAGE = "bookwyrm.storage_backends.StaticStorage" # S3 Media settings MEDIA_LOCATION = "images" - MEDIA_URL = f"{PROTOCOL}://{AWS_S3_CUSTOM_DOMAIN}/{MEDIA_LOCATION}/" + MEDIA_URL = f"{AWS_S3_URL_PROTOCOL}//{AWS_S3_CUSTOM_DOMAIN}/{MEDIA_LOCATION}/" MEDIA_FULL_URL = MEDIA_URL DEFAULT_FILE_STORAGE = "bookwyrm.storage_backends.ImagesStorage" # S3 Exports settings EXPORTS_STORAGE = "bookwyrm.storage_backends.ExportsS3Storage" # Content Security Policy - CSP_DEFAULT_SRC = ["'self'", AWS_S3_CUSTOM_DOMAIN] + CSP_ADDITIONAL_HOSTS - CSP_SCRIPT_SRC = ["'self'", AWS_S3_CUSTOM_DOMAIN] + CSP_ADDITIONAL_HOSTS + CSP_DEFAULT_SRC = [ + "'self'", + f"{AWS_S3_URL_PROTOCOL}//{AWS_S3_CUSTOM_DOMAIN}" + if AWS_S3_CUSTOM_DOMAIN + else None, + ] + CSP_ADDITIONAL_HOSTS + CSP_SCRIPT_SRC = [ + "'self'", + f"{AWS_S3_URL_PROTOCOL}//{AWS_S3_CUSTOM_DOMAIN}" + if AWS_S3_CUSTOM_DOMAIN + else None, + ] + CSP_ADDITIONAL_HOSTS elif USE_AZURE: # Azure settings AZURE_ACCOUNT_NAME = env("AZURE_ACCOUNT_NAME") From bf5c08dbf38e510d2af174af9a171a37f192bd4c Mon Sep 17 00:00:00 2001 From: Bart Schuurmans Date: Wed, 27 Mar 2024 23:00:42 +0100 Subject: [PATCH 2/3] Add docker-compose.override.yml to .gitignore --- .gitignore | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.gitignore b/.gitignore index 2d3393d3b..fd6cc7547 100644 --- a/.gitignore +++ b/.gitignore @@ -38,3 +38,6 @@ nginx/default.conf #macOS **/.DS_Store + +# Docker +docker-compose.override.yml From 031223104f35fe5e79dc9b71cdacaf4fcee1df22 Mon Sep 17 00:00:00 2001 From: Bart Schuurmans Date: Wed, 24 Apr 2024 14:46:57 +0200 Subject: [PATCH 3/3] Clarify AWS_S3_URL_PROTOCOL in .env.example --- .env.example | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.env.example b/.env.example index c63d4fd4c..6a217df0c 100644 --- a/.env.example +++ b/.env.example @@ -78,7 +78,9 @@ S3_SIGNED_URL_EXPIRY=900 # Commented are example values if you use a non-AWS, S3-compatible service # AWS S3 should work with only AWS_STORAGE_BUCKET_NAME and AWS_S3_REGION_NAME # non-AWS S3-compatible services will need AWS_STORAGE_BUCKET_NAME, -# along with both AWS_S3_CUSTOM_DOMAIN and AWS_S3_ENDPOINT_URL +# along with both AWS_S3_CUSTOM_DOMAIN and AWS_S3_ENDPOINT_URL. +# AWS_S3_URL_PROTOCOL must end in ":" and defaults to the same protocol as +# the BookWyrm instance ("http:" or "https:", based on USE_SSL). # AWS_STORAGE_BUCKET_NAME= # "example-bucket-name" # AWS_S3_CUSTOM_DOMAIN=None # "example-bucket-name.s3.fr-par.scw.cloud"