CODEWITHSUNDEEP
node.jsamazon-web-servicesdockernginxamazon-s3
Jon Sud
Jon Sud

Reputation: 11661

How to use nginx as proxy to s3 aws?

I try to build nginx in docker as proxy to aws s3.

The problem is there is a variables that I don't understand where they come from?

First, this is how my bucket look like:

enter image description here

Inside this bucket I have pic.png file.

When I using nginx I start from docker using docker-compose:

web:
  image: nginx
  volumes:
    - ./example.com.conf:/etc/nginx/conf.d/default.conf
  ports:
    - '8080:80'

And I start the docker using docker-compose up.

I have my aws_access_key and aws_secret_key from IAM key.

enter image description here

This is how I defined my example.com.conf file:

server {                                                                                                
    listen       80;                                                                                    
    server_name  localhost;                                                                             

    location ~ '^/([^/]+)/(.*)$' {
            set $bucket 'my-bucket';
            set $key '';

            # Setup AWS Authorization header
            set $aws_signature '';

            # the only reason we need lua is to get the current date
            set_by_lua $now "return ngx.cookie_time(ngx.time())";

            #the  access key
            set $aws_access_key 'AKIA6*******';
            set $aws_secret_key '1wLXpiNN0***********';

            # the actual string to be signed
            # see: http://docs.amazonwebservices.com/AmazonS3/latest/dev/RESTAuthentication.html
            set $string_to_sign "$request_method\n\n\n\nx-amz-date:$now\n/$bucket/$key";

            # create the hmac signature
            set_hmac_sha1 $aws_signature $aws_secret_key $string_to_sign;
            # encode the signature with base64
            set_encode_base64 $aws_signature $aws_signature;
            proxy_set_header x-amz-date $now;
            proxy_set_header Authorization "AWS $aws_access_key:$aws_signature";

            rewrite .* /$key break;

            # we need to set the host header here in order to find the bucket
            proxy_set_header Host $bucket.s3.amazonaws.com;
            rewrite .* /$key break;

            # another solution would be to use the bucket in the url
            # rewrite .* /$bucket/$key break;

            proxy_pass http://s3.amazonaws.com;
        }

}

But I getting error when I run docker with nginx:

 nginx: [emerg] unknown directive "set_by_lua" in /etc/nginx/conf.d/default.conf:13

So I'm not sure I doing this right. I need an explanation and an example of how to do it right please. for example what is $key? what the the request should look like? http://localhost:8080/pic.png?

Upvotes: 2

Views: 3453

Answers (2)

Elijah
Elijah

Reputation: 13604

An alternative to using lua for proxying S3 is to use njs to do the proxying. This project shows an example with nginx proxying S3 and running in Docker.

Upvotes: 0

LinPy
LinPy

Reputation: 18598

try to use nginx with lua installed:

web:
  image: firesh/nginx-lua
  volumes:
    - ./example.com.conf:/etc/nginx/conf.d/default.conf
  ports:
    - '8080:80'

the problem is set_by_lua need nginx to be compiled with ngx_devel_kit

UPDATE

it seems that you miss many modules , I suggest you to use this Dockerfile

example:

docker run -v /path/to/example.com.conf:/etc/nginx/conf.d/default.conf openresty/openresty:centos

Upvotes: 1

Related Questions