Update after testing, it is now possible to make a deployment to a self hosted environment. Some work still required, better authentication around MINIO deployment, currently the bucket is set to public read and there is no signing/verification to the upload process, also right now four different URLs are needed for the builder to connect correctly, ideally this shouldn't be the case.
This commit is contained in:
parent
7845118fb3
commit
8655d73248
|
@ -8,14 +8,14 @@ services:
|
||||||
ports:
|
ports:
|
||||||
- "${APP_PORT}:${APP_PORT}"
|
- "${APP_PORT}:${APP_PORT}"
|
||||||
environment:
|
environment:
|
||||||
MINIO_ACCESS_KEY: ${MINIO_ACCESS_KEY}
|
|
||||||
MINIO_SECRET_KEY: ${MINIO_SECRET_KEY}
|
|
||||||
MINIO_URL: http://nginx-service:${MINIO_PORT}
|
|
||||||
SELF_HOSTED: 1
|
SELF_HOSTED: 1
|
||||||
COUCH_DB_URL: http://${COUCH_DB_USER}:${COUCH_DB_PASSWORD}@couchdb-service:5984
|
COUCH_DB_URL: http://${COUCH_DB_USER}:${COUCH_DB_PASSWORD}@couchdb-service:5984
|
||||||
BUDIBASE_ENVIRONMENT: ${BUDIBASE_ENVIRONMENT}
|
BUDIBASE_ENVIRONMENT: ${BUDIBASE_ENVIRONMENT}
|
||||||
LOGO_URL: ${LOGO_URL}
|
LOGO_URL: ${LOGO_URL}
|
||||||
PORT: ${APP_PORT}
|
PORT: ${APP_PORT}
|
||||||
|
HOSTING_URL: ${HOSTING_URL}
|
||||||
|
MINIO_PORT: ${MINIO_PORT}
|
||||||
|
JWT_SECRET: ${JWT_SECRET}
|
||||||
depends_on:
|
depends_on:
|
||||||
- worker-service
|
- worker-service
|
||||||
|
|
||||||
|
@ -29,7 +29,7 @@ services:
|
||||||
PORT: ${WORKER_PORT}
|
PORT: ${WORKER_PORT}
|
||||||
MINIO_ACCESS_KEY: ${MINIO_ACCESS_KEY}
|
MINIO_ACCESS_KEY: ${MINIO_ACCESS_KEY}
|
||||||
MINIO_SECRET_KEY: ${MINIO_SECRET_KEY}
|
MINIO_SECRET_KEY: ${MINIO_SECRET_KEY}
|
||||||
RAW_MINIO_URL: http://nginx-service:${MINIO_PORT}
|
RAW_MINIO_URL: http://nginx-service:5001
|
||||||
COUCH_DB_USERNAME: ${COUCH_DB_USER}
|
COUCH_DB_USERNAME: ${COUCH_DB_USER}
|
||||||
COUCH_DB_PASSWORD: ${COUCH_DB_PASSWORD}
|
COUCH_DB_PASSWORD: ${COUCH_DB_PASSWORD}
|
||||||
RAW_COUCH_DB_URL: http://couchdb-service:5984
|
RAW_COUCH_DB_URL: http://couchdb-service:5984
|
||||||
|
|
|
@ -4,9 +4,10 @@ COUCH_DB_PASSWORD=budibase
|
||||||
COUCH_DB_USER=budibase
|
COUCH_DB_USER=budibase
|
||||||
WORKER_API_KEY=budibase
|
WORKER_API_KEY=budibase
|
||||||
BUDIBASE_ENVIRONMENT=PRODUCTION
|
BUDIBASE_ENVIRONMENT=PRODUCTION
|
||||||
HOSTING_URL="http://localhost:4001"
|
HOSTING_URL="http://localhost"
|
||||||
LOGO_URL=https://logoipsum.com/logo/logo-15.svg
|
LOGO_URL=https://logoipsum.com/logo/logo-15.svg
|
||||||
APP_PORT=4002
|
APP_PORT=4002
|
||||||
MINIO_PORT=4003
|
WORKER_PORT=4003
|
||||||
COUCH_DB_PORT=4004
|
MINIO_PORT=4004
|
||||||
WORKER_PORT=4006
|
COUCH_DB_PORT=4005
|
||||||
|
JWT_SECRET=testsecret
|
||||||
|
|
|
@ -17,7 +17,7 @@ export const getHostingStore = () => {
|
||||||
const [info, urls] = await Promise.all(responses.map(resp => resp.json()))
|
const [info, urls] = await Promise.all(responses.map(resp => resp.json()))
|
||||||
store.update(state => {
|
store.update(state => {
|
||||||
state.hostingInfo = info
|
state.hostingInfo = info
|
||||||
state.appUrl = urls.appServer
|
state.appUrl = urls.app
|
||||||
return state
|
return state
|
||||||
})
|
})
|
||||||
return info
|
return info
|
||||||
|
|
|
@ -39,8 +39,10 @@
|
||||||
</p>
|
</p>
|
||||||
<Toggle thin text="Self hosted" bind:checked={selfhosted} />
|
<Toggle thin text="Self hosted" bind:checked={selfhosted} />
|
||||||
{#if selfhosted}
|
{#if selfhosted}
|
||||||
<Input bind:value={hostingInfo.appServerUrl} label="Apps URL" />
|
<Input bind:value={hostingInfo.appUrl} label="Apps URL" />
|
||||||
<Input bind:value={hostingInfo.deploymentServerUrl} label="Deployments URL" />
|
<Input bind:value={hostingInfo.workerUrl} label="Workers URL" />
|
||||||
|
<Input bind:value={hostingInfo.minioUrl} label="MINIO URL" />
|
||||||
|
<Input bind:value={hostingInfo.couchUrl} label="CouchDB URL" />
|
||||||
<Toggle thin text="HTTPS" bind:checked={hostingInfo.useHttps} />
|
<Toggle thin text="HTTPS" bind:checked={hostingInfo.useHttps} />
|
||||||
{/if}
|
{/if}
|
||||||
</ModalContent>
|
</ModalContent>
|
||||||
|
|
|
@ -35,8 +35,8 @@ exports.authenticate = async ctx => {
|
||||||
roleId: dbUser.roleId,
|
roleId: dbUser.roleId,
|
||||||
version: app.version,
|
version: app.version,
|
||||||
}
|
}
|
||||||
// if in cloud add the user api key
|
// if in cloud add the user api key, unless self hosted
|
||||||
if (env.CLOUD) {
|
if (env.CLOUD && !env.SELF_HOSTED) {
|
||||||
const { apiKey } = await getAPIKey(ctx.user.appId)
|
const { apiKey } = await getAPIKey(ctx.user.appId)
|
||||||
payload.apiKey = apiKey
|
payload.apiKey = apiKey
|
||||||
}
|
}
|
||||||
|
|
|
@ -37,10 +37,10 @@ class Deployment {
|
||||||
if (!verification) {
|
if (!verification) {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
this.verification = verification
|
||||||
if (this.verification.quota) {
|
if (this.verification.quota) {
|
||||||
this.quota = this.verification.quota
|
this.quota = this.verification.quota
|
||||||
}
|
}
|
||||||
this.verification = verification
|
|
||||||
}
|
}
|
||||||
|
|
||||||
getVerification() {
|
getVerification() {
|
||||||
|
|
|
@ -24,7 +24,7 @@ async function checkAllDeployments(deployments) {
|
||||||
deployment.status === DeploymentStatus.PENDING &&
|
deployment.status === DeploymentStatus.PENDING &&
|
||||||
Date.now() - deployment.updatedAt > MAX_PENDING_TIME_MS
|
Date.now() - deployment.updatedAt > MAX_PENDING_TIME_MS
|
||||||
) {
|
) {
|
||||||
deployment.status = status
|
deployment.status = DeploymentStatus.FAILURE
|
||||||
deployment.err = "Timed out"
|
deployment.err = "Timed out"
|
||||||
updated = true
|
updated = true
|
||||||
}
|
}
|
||||||
|
|
|
@ -5,23 +5,26 @@ const {
|
||||||
performReplication,
|
performReplication,
|
||||||
fetchCredentials,
|
fetchCredentials,
|
||||||
} = require("./utils")
|
} = require("./utils")
|
||||||
const { getDeploymentUrl } = require("../../../utilities/builder/hosting")
|
const {
|
||||||
const { join } = require("path")
|
getWorkerUrl,
|
||||||
|
getCouchUrl,
|
||||||
|
getMinioUrl,
|
||||||
|
} = require("../../../utilities/builder/hosting")
|
||||||
|
|
||||||
exports.preDeployment = async function() {
|
exports.preDeployment = async function() {
|
||||||
const url = join(await getDeploymentUrl(), "api", "deploy")
|
const url = `${await getWorkerUrl()}/api/deploy`
|
||||||
const json = await fetchCredentials(url, {
|
const json = await fetchCredentials(url, {
|
||||||
apiKey: env.BUDIBASE_API_KEY,
|
apiKey: env.BUDIBASE_API_KEY,
|
||||||
})
|
})
|
||||||
|
|
||||||
// response contains:
|
// response contains:
|
||||||
// couchDbSession, bucket, objectStoreSession, couchDbUrl, objectStoreUrl
|
// couchDbSession, bucket, objectStoreSession
|
||||||
|
|
||||||
// set credentials here, means any time we're verified we're ready to go
|
// set credentials here, means any time we're verified we're ready to go
|
||||||
if (json.objectStoreSession) {
|
if (json.objectStoreSession) {
|
||||||
AWS.config.update({
|
AWS.config.update({
|
||||||
accessKeyId: json.objectStoreSession.AccessKeyId,
|
accessKeyId: json.objectStoreSession.accessKeyId,
|
||||||
secretAccessKey: json.objectStoreSession.SecretAccessKey,
|
secretAccessKey: json.objectStoreSession.secretAccessKey,
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -36,7 +39,7 @@ exports.deploy = async function(deployment) {
|
||||||
const appId = deployment.getAppId()
|
const appId = deployment.getAppId()
|
||||||
const verification = deployment.getVerification()
|
const verification = deployment.getVerification()
|
||||||
const objClient = new AWS.S3({
|
const objClient = new AWS.S3({
|
||||||
endpoint: verification.objectStoreUrl,
|
endpoint: await getMinioUrl(),
|
||||||
s3ForcePathStyle: true, // needed with minio?
|
s3ForcePathStyle: true, // needed with minio?
|
||||||
signatureVersion: "v4",
|
signatureVersion: "v4",
|
||||||
params: {
|
params: {
|
||||||
|
@ -54,6 +57,6 @@ exports.replicateDb = async function(deployment) {
|
||||||
return performReplication(
|
return performReplication(
|
||||||
appId,
|
appId,
|
||||||
verification.couchDbSession,
|
verification.couchDbSession,
|
||||||
verification.couchDbUrl
|
await getCouchUrl()
|
||||||
)
|
)
|
||||||
}
|
}
|
||||||
|
|
|
@ -3,6 +3,7 @@ const sanitize = require("sanitize-s3-objectkey")
|
||||||
const { walkDir } = require("../../../utilities")
|
const { walkDir } = require("../../../utilities")
|
||||||
const { join } = require("../../../utilities/centralPath")
|
const { join } = require("../../../utilities/centralPath")
|
||||||
const { budibaseAppsDir } = require("../../../utilities/budibaseDir")
|
const { budibaseAppsDir } = require("../../../utilities/budibaseDir")
|
||||||
|
const fetch = require("node-fetch")
|
||||||
const PouchDB = require("../../../db")
|
const PouchDB = require("../../../db")
|
||||||
const CouchDB = require("pouchdb")
|
const CouchDB = require("pouchdb")
|
||||||
|
|
||||||
|
|
|
@ -3,7 +3,7 @@ const { BUILDER_CONFIG_DB, HOSTING_DOC } = require("../../constants")
|
||||||
const {
|
const {
|
||||||
getHostingInfo,
|
getHostingInfo,
|
||||||
HostingTypes,
|
HostingTypes,
|
||||||
getAppServerUrl,
|
getAppUrl,
|
||||||
} = require("../../utilities/builder/hosting")
|
} = require("../../utilities/builder/hosting")
|
||||||
|
|
||||||
exports.fetchInfo = async ctx => {
|
exports.fetchInfo = async ctx => {
|
||||||
|
@ -30,6 +30,6 @@ exports.fetch = async ctx => {
|
||||||
|
|
||||||
exports.fetchUrls = async ctx => {
|
exports.fetchUrls = async ctx => {
|
||||||
ctx.body = {
|
ctx.body = {
|
||||||
appServer: await getAppServerUrl(ctx.appId),
|
app: await getAppUrl(ctx.appId),
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -17,17 +17,10 @@ const setBuilderToken = require("../../../utilities/builder/setBuilderToken")
|
||||||
const fileProcessor = require("../../../utilities/fileProcessor")
|
const fileProcessor = require("../../../utilities/fileProcessor")
|
||||||
const env = require("../../../environment")
|
const env = require("../../../environment")
|
||||||
|
|
||||||
function appServerUrl(appId) {
|
|
||||||
if (env.SELF_HOSTED) {
|
|
||||||
return env.HOSTING_URL
|
|
||||||
} else {
|
|
||||||
return `https://${appId}.app.budi.live`
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
function objectStoreUrl() {
|
function objectStoreUrl() {
|
||||||
if (env.SELF_HOSTED) {
|
if (env.SELF_HOSTED) {
|
||||||
return env.MINIO_URL
|
// TODO: need a better way to handle this, probably reverse proxy
|
||||||
|
return `${env.HOSTING_URL}:${env.MINIO_PORT}/app-assets/assets`
|
||||||
} else {
|
} else {
|
||||||
return "https://cdn.app.budi.live/assets"
|
return "https://cdn.app.budi.live/assets"
|
||||||
}
|
}
|
||||||
|
@ -164,7 +157,7 @@ exports.serveApp = async function(ctx) {
|
||||||
title: appInfo.name,
|
title: appInfo.name,
|
||||||
production: env.CLOUD,
|
production: env.CLOUD,
|
||||||
appId: ctx.params.appId,
|
appId: ctx.params.appId,
|
||||||
appServerUrl: appServerUrl(ctx.params.appId),
|
objectStoreUrl: objectStoreUrl(ctx.params.appId),
|
||||||
})
|
})
|
||||||
|
|
||||||
const template = handlebars.compile(
|
const template = handlebars.compile(
|
||||||
|
@ -232,8 +225,7 @@ exports.serveComponentLibrary = async function(ctx) {
|
||||||
}
|
}
|
||||||
const S3_URL = encodeURI(
|
const S3_URL = encodeURI(
|
||||||
join(
|
join(
|
||||||
appServerUrl(appId),
|
objectStoreUrl(appId),
|
||||||
"assets",
|
|
||||||
componentLib,
|
componentLib,
|
||||||
ctx.query.library,
|
ctx.query.library,
|
||||||
"dist",
|
"dist",
|
||||||
|
|
|
@ -4,11 +4,11 @@
|
||||||
|
|
||||||
export let appId
|
export let appId
|
||||||
export let production
|
export let production
|
||||||
export let appServerUrl
|
export let objectStoreUrl
|
||||||
|
|
||||||
function publicPath(path) {
|
function publicPath(path) {
|
||||||
if (production) {
|
if (production) {
|
||||||
return `${appServerUrl}/assets/${appId}/${path}`
|
return `${objectStoreUrl}/${appId}/${path}`
|
||||||
}
|
}
|
||||||
|
|
||||||
return `/assets/${path}`
|
return `/assets/${path}`
|
||||||
|
|
|
@ -37,10 +37,8 @@ module.exports = {
|
||||||
DEPLOYMENT_DB_URL: process.env.DEPLOYMENT_DB_URL,
|
DEPLOYMENT_DB_URL: process.env.DEPLOYMENT_DB_URL,
|
||||||
LOCAL_TEMPLATES: process.env.LOCAL_TEMPLATES,
|
LOCAL_TEMPLATES: process.env.LOCAL_TEMPLATES,
|
||||||
// self hosting features
|
// self hosting features
|
||||||
MINIO_ACCESS_KEY: process.env.MINIO_ACCESS_KEY,
|
HOSTING_URL: process.env.HOSTING_URL,
|
||||||
MINIO_SECRET_KEY: process.env.MINIO_SECRET_KEY,
|
MINIO_PORT: process.env.MINIO_PORT,
|
||||||
MINIO_URL: process.MINIO_URL,
|
|
||||||
HOSTING_URL: process.HOSTING_URL,
|
|
||||||
LOGO_URL: process.env.LOGO_URL,
|
LOGO_URL: process.env.LOGO_URL,
|
||||||
_set(key, value) {
|
_set(key, value) {
|
||||||
process.env[key] = value
|
process.env[key] = value
|
||||||
|
|
|
@ -1,6 +1,5 @@
|
||||||
const CouchDB = require("../../db")
|
const CouchDB = require("../../db")
|
||||||
const { BUILDER_CONFIG_DB, HOSTING_DOC } = require("../../constants")
|
const { BUILDER_CONFIG_DB, HOSTING_DOC } = require("../../constants")
|
||||||
const { join } = require("path")
|
|
||||||
|
|
||||||
function getProtocol(hostingInfo) {
|
function getProtocol(hostingInfo) {
|
||||||
return hostingInfo.useHttps ? "https://" : "http://"
|
return hostingInfo.useHttps ? "https://" : "http://"
|
||||||
|
@ -23,8 +22,10 @@ exports.getHostingInfo = async () => {
|
||||||
doc = {
|
doc = {
|
||||||
_id: HOSTING_DOC,
|
_id: HOSTING_DOC,
|
||||||
type: exports.HostingTypes.CLOUD,
|
type: exports.HostingTypes.CLOUD,
|
||||||
appServerUrl: "app.budi.live",
|
appUrl: "app.budi.live",
|
||||||
deploymentServerUrl: "",
|
workerUrl: "",
|
||||||
|
minioUrl: "",
|
||||||
|
couchUrl: "",
|
||||||
templatesUrl: "prod-budi-templates.s3-eu-west-1.amazonaws.com",
|
templatesUrl: "prod-budi-templates.s3-eu-west-1.amazonaws.com",
|
||||||
useHttps: true,
|
useHttps: true,
|
||||||
}
|
}
|
||||||
|
@ -32,22 +33,34 @@ exports.getHostingInfo = async () => {
|
||||||
return doc
|
return doc
|
||||||
}
|
}
|
||||||
|
|
||||||
exports.getAppServerUrl = async appId => {
|
exports.getAppUrl = async appId => {
|
||||||
const hostingInfo = await exports.getHostingInfo()
|
const hostingInfo = await exports.getHostingInfo()
|
||||||
const protocol = getProtocol(hostingInfo)
|
const protocol = getProtocol(hostingInfo)
|
||||||
let url
|
let url
|
||||||
if (hostingInfo.type === "cloud") {
|
if (hostingInfo.type === "cloud") {
|
||||||
url = `${protocol}${appId}.${hostingInfo.appServerUrl}`
|
url = `${protocol}${appId}.${hostingInfo.appUrl}`
|
||||||
} else {
|
} else {
|
||||||
url = `${protocol}${hostingInfo.appServerUrl}`
|
url = `${protocol}${hostingInfo.appUrl}`
|
||||||
}
|
}
|
||||||
return url
|
return url
|
||||||
}
|
}
|
||||||
|
|
||||||
exports.getDeploymentUrl = async () => {
|
exports.getWorkerUrl = async () => {
|
||||||
const hostingInfo = await exports.getHostingInfo()
|
const hostingInfo = await exports.getHostingInfo()
|
||||||
const protocol = getProtocol(hostingInfo)
|
const protocol = getProtocol(hostingInfo)
|
||||||
return `${protocol}${hostingInfo.deploymentServerUrl}`
|
return `${protocol}${hostingInfo.workerUrl}`
|
||||||
|
}
|
||||||
|
|
||||||
|
exports.getMinioUrl = async () => {
|
||||||
|
const hostingInfo = await exports.getHostingInfo()
|
||||||
|
const protocol = getProtocol(hostingInfo)
|
||||||
|
return `${protocol}${hostingInfo.minioUrl}`
|
||||||
|
}
|
||||||
|
|
||||||
|
exports.getCouchUrl = async () => {
|
||||||
|
const hostingInfo = await exports.getHostingInfo()
|
||||||
|
const protocol = getProtocol(hostingInfo)
|
||||||
|
return `${protocol}${hostingInfo.couchUrl}`
|
||||||
}
|
}
|
||||||
|
|
||||||
exports.getTemplatesUrl = async (appId, type, name) => {
|
exports.getTemplatesUrl = async (appId, type, name) => {
|
||||||
|
@ -55,9 +68,9 @@ exports.getTemplatesUrl = async (appId, type, name) => {
|
||||||
const protocol = getProtocol(hostingInfo)
|
const protocol = getProtocol(hostingInfo)
|
||||||
let path
|
let path
|
||||||
if (type && name) {
|
if (type && name) {
|
||||||
path = join("templates", type, `${name}.tar.gz`)
|
path = `templates/type/${name}.tar.gz`
|
||||||
} else {
|
} else {
|
||||||
path = "manifest.json"
|
path = "manifest.json"
|
||||||
}
|
}
|
||||||
return join(`${protocol}${hostingInfo.templatesUrl}`, path)
|
return `${protocol}${hostingInfo.templatesUrl}/${path}`
|
||||||
}
|
}
|
||||||
|
|
|
@ -5,11 +5,23 @@ const AWS = require("aws-sdk")
|
||||||
const APP_BUCKET = "app-assets"
|
const APP_BUCKET = "app-assets"
|
||||||
// this doesn't matter in self host
|
// this doesn't matter in self host
|
||||||
const REGION = "eu-west-1"
|
const REGION = "eu-west-1"
|
||||||
|
const PUBLIC_READ_POLICY = {
|
||||||
|
Version: "2012-10-17",
|
||||||
|
Statement: [
|
||||||
|
{
|
||||||
|
Effect: "Allow",
|
||||||
|
Principal: "*",
|
||||||
|
Action: "s3:GetObject",
|
||||||
|
Resource: `arn:aws:s3:::${APP_BUCKET}/*`,
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
|
||||||
async function getCouchSession() {
|
async function getCouchSession() {
|
||||||
// fetch session token for the api user
|
// fetch session token for the api user
|
||||||
const session = await got.post(`${env.RAW_COUCH_DB_URL}/_session`, {
|
const session = await got.post(`${env.RAW_COUCH_DB_URL}/_session`, {
|
||||||
responseType: "json",
|
responseType: "json",
|
||||||
|
credentials: "include",
|
||||||
json: {
|
json: {
|
||||||
username: env.COUCH_DB_USERNAME,
|
username: env.COUCH_DB_USERNAME,
|
||||||
password: env.COUCH_DB_PASSWORD,
|
password: env.COUCH_DB_PASSWORD,
|
||||||
|
@ -38,37 +50,25 @@ async function getMinioSession() {
|
||||||
})
|
})
|
||||||
// make sure the bucket exists
|
// make sure the bucket exists
|
||||||
try {
|
try {
|
||||||
await objClient.headBucket({ Bucket: APP_BUCKET }).promise()
|
await objClient.headBucket({
|
||||||
|
Bucket: APP_BUCKET
|
||||||
|
}).promise()
|
||||||
|
await objClient.putBucketPolicy({
|
||||||
|
Bucket: APP_BUCKET,
|
||||||
|
Policy: JSON.stringify(PUBLIC_READ_POLICY),
|
||||||
|
}).promise()
|
||||||
} catch (err) {
|
} catch (err) {
|
||||||
// bucket doesn't exist create it
|
// bucket doesn't exist create it
|
||||||
if (err.statusCode === 404) {
|
if (err.statusCode === 404) {
|
||||||
await objClient.createBucket({ Bucket: APP_BUCKET }).promise()
|
await objClient.createBucket({
|
||||||
|
Bucket: APP_BUCKET,
|
||||||
|
}).promise()
|
||||||
} else {
|
} else {
|
||||||
throw err
|
throw err
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
// TODO: this doesn't seem to work get an error
|
|
||||||
// TODO: Generating temporary credentials not allowed for this request.
|
|
||||||
// TODO: this should work based on minio documentation
|
|
||||||
// const sts = new AWS.STS({
|
|
||||||
// endpoint: env.RAW_MINIO_URL,
|
|
||||||
// region: REGION,
|
|
||||||
// s3ForcePathStyle: true,
|
|
||||||
// })
|
|
||||||
// // NOTE: In the following commands RoleArn and RoleSessionName are not meaningful for MinIO
|
|
||||||
// const params = {
|
|
||||||
// DurationSeconds: 3600,
|
|
||||||
// ExternalId: "123ABC",
|
|
||||||
// Policy: '{"Version":"2012-10-17","Statement":[{"Sid":"Stmt1","Effect":"Allow","Action":"s3:*","Resource":"arn:aws:s3:::*"}]}',
|
|
||||||
// RoleArn: 'arn:xxx:xxx:xxx:xxxx',
|
|
||||||
// RoleSessionName: 'anything',
|
|
||||||
// };
|
|
||||||
// const assumedRole = await sts.assumeRole(params).promise();
|
|
||||||
// if (!assumedRole) {
|
|
||||||
// throw "Unable to get access to object store."
|
|
||||||
// }
|
|
||||||
// return assumedRole.Credentials
|
|
||||||
// TODO: need to do something better than this
|
// TODO: need to do something better than this
|
||||||
|
// Ideally want to send back some pre-signed URLs for files that are to be uploaded
|
||||||
return {
|
return {
|
||||||
accessKeyId: env.MINIO_ACCESS_KEY,
|
accessKeyId: env.MINIO_ACCESS_KEY,
|
||||||
secretAccessKey: env.MINIO_SECRET_KEY,
|
secretAccessKey: env.MINIO_SECRET_KEY,
|
||||||
|
@ -80,7 +80,5 @@ exports.deploy = async ctx => {
|
||||||
couchDbSession: await getCouchSession(),
|
couchDbSession: await getCouchSession(),
|
||||||
bucket: APP_BUCKET,
|
bucket: APP_BUCKET,
|
||||||
objectStoreSession: await getMinioSession(),
|
objectStoreSession: await getMinioSession(),
|
||||||
couchDbUrl: env.RAW_COUCH_DB_URL,
|
|
||||||
objectStoreUrl: env.RAW_MINIO_URL,
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -4,10 +4,12 @@ module.exports = {
|
||||||
PORT: process.env.PORT,
|
PORT: process.env.PORT,
|
||||||
MINIO_ACCESS_KEY: process.env.MINIO_ACCESS_KEY,
|
MINIO_ACCESS_KEY: process.env.MINIO_ACCESS_KEY,
|
||||||
MINIO_SECRET_KEY: process.env.MINIO_SECRET_KEY,
|
MINIO_SECRET_KEY: process.env.MINIO_SECRET_KEY,
|
||||||
RAW_MINIO_URL: process.env.RAW_MINIO_URL,
|
|
||||||
COUCH_DB_USERNAME: process.env.COUCH_DB_USERNAME,
|
COUCH_DB_USERNAME: process.env.COUCH_DB_USERNAME,
|
||||||
COUCH_DB_PASSWORD: process.env.COUCH_DB_PASSWORD,
|
COUCH_DB_PASSWORD: process.env.COUCH_DB_PASSWORD,
|
||||||
RAW_COUCH_DB_URL: process.env.RAW_COUCH_DB_URL,
|
RAW_COUCH_DB_URL: process.env.RAW_COUCH_DB_URL,
|
||||||
|
RAW_MINIO_URL: process.env.RAW_MINIO_URL,
|
||||||
|
COUCH_DB_PORT: process.env.COUCH_DB_PORT,
|
||||||
|
MINIO_PORT: process.env.MINIO_PORT,
|
||||||
_set(key, value) {
|
_set(key, value) {
|
||||||
process.env[key] = value
|
process.env[key] = value
|
||||||
module.exports[key] = value
|
module.exports[key] = value
|
||||||
|
|
Loading…
Reference in New Issue