Fix ACL incompatibility with some s3 providers
We'll move to another method in the future See https://github.com/Chocobozzz/PeerTube/issues/5497
This commit is contained in:
parent
2cb9f8b9c7
commit
8180f60477
|
@ -154,9 +154,11 @@ object_storage:
|
|||
|
||||
upload_acl:
|
||||
# Set this ACL on each uploaded object of public/unlisted videos
|
||||
# Use null if your S3 provider does not support object ACL
|
||||
public: 'public-read'
|
||||
# Set this ACL on each uploaded object of private/internal videos
|
||||
# PeerTube can proxify requests to private objects so your users can access them
|
||||
# Use null if your S3 provider does not support object ACL
|
||||
private: 'private'
|
||||
|
||||
proxy:
|
||||
|
|
|
@ -152,9 +152,11 @@ object_storage:
|
|||
|
||||
upload_acl:
|
||||
# Set this ACL on each uploaded object of public/unlisted videos
|
||||
# Use null if your S3 provider does not support object ACL
|
||||
public: 'public-read'
|
||||
# Set this ACL on each uploaded object of private/internal videos
|
||||
# PeerTube can proxify requests to private objects so your users can access them
|
||||
# Use null if your S3 provider does not support object ACL
|
||||
private: 'private'
|
||||
|
||||
proxy:
|
||||
|
|
|
@ -278,14 +278,6 @@ function checkObjectStorageConfig () {
|
|||
'Object storage bucket prefixes should be set to different values when the same bucket is used for both types of video.'
|
||||
)
|
||||
}
|
||||
|
||||
if (!CONFIG.OBJECT_STORAGE.UPLOAD_ACL.PUBLIC) {
|
||||
throw new Error('object_storage.upload_acl.public must be set')
|
||||
}
|
||||
|
||||
if (!CONFIG.OBJECT_STORAGE.UPLOAD_ACL.PRIVATE) {
|
||||
throw new Error('object_storage.upload_acl.private must be set')
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -61,13 +61,16 @@ async function storeObject (options: {
|
|||
|
||||
// ---------------------------------------------------------------------------
|
||||
|
||||
function updateObjectACL (options: {
|
||||
async function updateObjectACL (options: {
|
||||
objectStorageKey: string
|
||||
bucketInfo: BucketInfo
|
||||
isPrivate: boolean
|
||||
}) {
|
||||
const { objectStorageKey, bucketInfo, isPrivate } = options
|
||||
|
||||
const acl = getACL(isPrivate)
|
||||
if (!acl) return
|
||||
|
||||
const key = buildKey(objectStorageKey, bucketInfo)
|
||||
|
||||
logger.debug('Updating ACL file %s in bucket %s', key, bucketInfo.BUCKET_NAME, lTags())
|
||||
|
@ -75,10 +78,10 @@ function updateObjectACL (options: {
|
|||
const command = new PutObjectAclCommand({
|
||||
Bucket: bucketInfo.BUCKET_NAME,
|
||||
Key: key,
|
||||
ACL: getACL(isPrivate)
|
||||
ACL: acl
|
||||
})
|
||||
|
||||
return getClient().send(command)
|
||||
await getClient().send(command)
|
||||
}
|
||||
|
||||
function updatePrefixACL (options: {
|
||||
|
@ -88,6 +91,9 @@ function updatePrefixACL (options: {
|
|||
}) {
|
||||
const { prefix, bucketInfo, isPrivate } = options
|
||||
|
||||
const acl = getACL(isPrivate)
|
||||
if (!acl) return
|
||||
|
||||
logger.debug('Updating ACL of files in prefix %s in bucket %s', prefix, bucketInfo.BUCKET_NAME, lTags())
|
||||
|
||||
return applyOnPrefix({
|
||||
|
@ -99,7 +105,7 @@ function updatePrefixACL (options: {
|
|||
return new PutObjectAclCommand({
|
||||
Bucket: bucketInfo.BUCKET_NAME,
|
||||
Key: obj.Key,
|
||||
ACL: getACL(isPrivate)
|
||||
ACL: acl
|
||||
})
|
||||
}
|
||||
})
|
||||
|
@ -227,10 +233,12 @@ async function uploadToStorage (options: {
|
|||
const input: PutObjectCommandInput = {
|
||||
Body: content,
|
||||
Bucket: bucketInfo.BUCKET_NAME,
|
||||
Key: buildKey(objectStorageKey, bucketInfo),
|
||||
ACL: getACL(isPrivate)
|
||||
Key: buildKey(objectStorageKey, bucketInfo)
|
||||
}
|
||||
|
||||
const acl = getACL(isPrivate)
|
||||
if (acl) input.ACL = acl
|
||||
|
||||
const parallelUploads3 = new Upload({
|
||||
client: getClient(),
|
||||
queueSize: 4,
|
||||
|
|
|
@ -55,16 +55,16 @@ function storeWebTorrentFile (video: MVideo, file: MVideoFile) {
|
|||
|
||||
// ---------------------------------------------------------------------------
|
||||
|
||||
function updateWebTorrentFileACL (video: MVideo, file: MVideoFile) {
|
||||
return updateObjectACL({
|
||||
async function updateWebTorrentFileACL (video: MVideo, file: MVideoFile) {
|
||||
await updateObjectACL({
|
||||
objectStorageKey: generateWebTorrentObjectStorageKey(file.filename),
|
||||
bucketInfo: CONFIG.OBJECT_STORAGE.VIDEOS,
|
||||
isPrivate: video.hasPrivateStaticPath()
|
||||
})
|
||||
}
|
||||
|
||||
function updateHLSFilesACL (playlist: MStreamingPlaylistVideo) {
|
||||
return updatePrefixACL({
|
||||
async function updateHLSFilesACL (playlist: MStreamingPlaylistVideo) {
|
||||
await updatePrefixACL({
|
||||
prefix: generateHLSObjectBaseStorageKey(playlist),
|
||||
bucketInfo: CONFIG.OBJECT_STORAGE.STREAMING_PLAYLISTS,
|
||||
isPrivate: playlist.Video.hasPrivateStaticPath()
|
||||
|
|
Loading…
Reference in New Issue