gitbot/uguu
1
0
Fork 1
mirror of https://github.com/nokonoko/Uguu.git synced 2024-01-06 13:35:15 +00:00
Code Issues Projects Releases Wiki Activity

Added very minimalist support for an S3 backend that make use of a publicly readable S3 bucket.

Browse Source 
Terraform project included at src/static/terraform to describe the S3 bucket and attached policies.
This commit is contained in:
Josh Tomar 2023-05-09 14:22:49 -07:00
parent 56648f562f
commit fe6146a7f2
5 changed files with 101 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

55
src/Classes/Upload.php
View File

@ -17,8 +17,10 @@
* You should have received a copy of the GNU General Public License * You should have received a copy of the GNU General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>. * along with this program. If not, see <https://www.gnu.org/licenses/>.
*/ */
namespace Pomf\Uguu\Classes; namespace Pomf\Uguu\Classes;
require '../vendor/autoload.php';
use Aws\S3\S3Client;
use Aws\Exception\AwsException;
class Upload extends Response class Upload extends Response
{ {
@ -152,28 +154,47 @@
// If its not a dupe then skip checking if file can be written and // If its not a dupe then skip checking if file can be written and
// skip inserting it into the DB. // skip inserting it into the DB.
if (!$this->FILE_INFO['DUPE']) { if (!$this->FILE_INFO['DUPE']) {
if (!is_dir($this->Connector->CONFIG['FILES_ROOT'])) { if (!$this->Connector->CONFIG['FILES_OBJ']) {
$this->Connector->response->error(500, 'File storage path not accessible.'); if (!is_dir($this->Connector->CONFIG['FILES_ROOT'])) {
$this->Connector->response->error(500, 'File storage path not accessible.');
}
if (
!move_uploaded_file(
$this->FILE_INFO['TEMP_NAME'],
$this->Connector->CONFIG['FILES_ROOT'] .
$this->FILE_INFO['FILENAME'],
)
) {
$this->Connector->response->error(500, 'Failed to move file to destination.');
}
if (!chmod($this->Connector->CONFIG['FILES_ROOT'] . $this->FILE_INFO['FILENAME'], 0644)) {
$this->Connector->response->error(500, 'Failed to change file permissions.');
}
$this->Connector->newIntoDB($this->FILE_INFO, $this->fingerPrintInfo);
$url = 'https://' . $this->Connector->CONFIG['FILE_DOMAIN'] . '/' . $this->FILE_INFO['FILENAME'];
}
// S3/Object Store upload
else {
$s3Client = new S3Client([
'profile' => $this->Connector->CONFIG['FILES_OBJ_PROFILE'],
'region' => $this->Connector->CONFIG['FILES_OBJ_REGION'],
'version' => "2006-03-01"
]);
$result = $s3Client->putObject([
'Bucket' => $this->Connector->CONFIG['FILES_OBJ_BUCKET'],
'Key' => $this->FILE_INFO['FILENAME'],
'SourceFile' => $this->FILE_INFO['TEMP_NAME'],
'ContentType' => $this->FILE_INFO['MIME'],
'ContentDisposition' => 'inline; filename=' . $this->FILE_INFO['FILENAME']
]);
$url = $s3Client->getObjectUrl($this->Connector->CONFIG['FILES_OBJ_BUCKET'], $this->FILE_INFO['FILENAME']);
} }
if (
!move_uploaded_file(
$this->FILE_INFO['TEMP_NAME'],
$this->Connector->CONFIG['FILES_ROOT'] .
$this->FILE_INFO['FILENAME'],
)
) {
$this->Connector->response->error(500, 'Failed to move file to destination.');
}
if (!chmod($this->Connector->CONFIG['FILES_ROOT'] . $this->FILE_INFO['FILENAME'], 0644)) {
$this->Connector->response->error(500, 'Failed to change file permissions.');
}
$this->Connector->newIntoDB($this->FILE_INFO, $this->fingerPrintInfo);
} }
return [ return [
'hash' => $this->FILE_INFO['SHA1'], 'hash' => $this->FILE_INFO['SHA1'],
'name' => $this->FILE_INFO['NAME'], 'name' => $this->FILE_INFO['NAME'],
'filename' => $this->FILE_INFO['FILENAME'], 'filename' => $this->FILE_INFO['FILENAME'],
'url' => 'https://' . $this->Connector->CONFIG['FILE_DOMAIN'] . '/' . $this->FILE_INFO['FILENAME'], 'url' => $url,
'size' => $this->FILE_INFO['SIZE'], 'size' => $this->FILE_INFO['SIZE'],
'dupe' => $this->FILE_INFO['DUPE'], 'dupe' => $this->FILE_INFO['DUPE'],
]; ];

5
src/composer.json
View File

@ -18,10 +18,11 @@
"minimum-stability": "stable", "minimum-stability": "stable",
"require": { "require": {
"ext-fileinfo": "*", "ext-fileinfo": "*",
"ext-pdo": "*" "ext-pdo": "*",
"aws/aws-sdk-php": "^3.269"
}, },
"config": { "config": {
"optimize-autoloader": true, "optimize-autoloader": true,
"classmap-authoritative": true "classmap-authoritative": true
} }
} }

5
src/config.json
View File

@ -38,6 +38,10 @@
"RATE_LIMIT": false, "RATE_LIMIT": false,
"RATE_LIMIT_TIMEOUT": 60, "RATE_LIMIT_TIMEOUT": 60,
"RATE_LIMIT_FILES": 100, "RATE_LIMIT_FILES": 100,
"FILES_OBJ": false,
"FILES_OBJ_BUCKET": "my_bucket",
"FILES_OBJ_REGION": "my_aws_region",
"FILES_OBJ_PROFILE": "default",
"FILES_ROOT": "/var/www/files/", "FILES_ROOT": "/var/www/files/",
"FILES_RETRIES": 15, "FILES_RETRIES": 15,
"NAME_LENGTH": 8, "NAME_LENGTH": 8,
@ -75,3 +79,4 @@
"image/svg+xml" "image/svg+xml"
] ]
} }

53
src/static/terraform/main.tf Normal file
View File

@ -0,0 +1,53 @@
provider "aws" {}
variable "uguu_bucket_name" {
type = string
description = "Bucket Name to be used for Uguu Storage Backend"
}
variable "retention_days" {
type = number
description = "Number of hours for lifecycle policy to retain files before deleting them"
default = 2
}
resource "aws_s3_bucket" "uguu_bucket" {
bucket = var.uguu_bucket_name
}
resource "aws_s3_bucket_lifecycle_configuration" "uguu_lc_policy" {
bucket = aws_s3_bucket.uguu_bucket.id
rule {
id = "delete-after-x-days"
status = "Enabled"
expiration {
days = var.retention_days
}
}
}
resource "aws_s3_bucket_public_access_block" "uguu_public_block_policy" {
bucket = aws_s3_bucket.uguu_bucket.id
}
resource "aws_s3_bucket_policy" "uguu_bucket_policy" {
bucket = aws_s3_bucket.uguu_bucket.id
policy = data.aws_iam_policy_document.allow_public_access.json
}
data "aws_iam_policy_document" "allow_public_access" {
statement {
principals {
type = "*"
identifiers = ["*"]
}
actions = [
"s3:GetObject"
]
resources = [
"${aws_s3_bucket.uguu_bucket.arn}/*"
]
}
}

2
src/static/terraform/terraform.tfvars Normal file
View File

@ -0,0 +1,2 @@
uguu_bucket_name = "YOUR_BUCKET_NAME"
retention_days = 2