github
/
nocodb
mirror of https://github.com/nocodb/nocodb
1
0
Fork 0
Code Issues Releases Wiki Activity
Browse Source

feat: IAM role access

pull/9642/head
Kacper 1 month ago
parent
83ae008741
commit
f27e9d92a1
5 changed files with 32 additions and 30 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 4
      packages/noco-docs/docs/020.getting-started/050.self-hosted/020.environment-variables.md
  2. 27
      packages/nocodb/src/helpers/NcPluginMgrv2.ts
  3. 12
      packages/nocodb/src/plugins/GenericS3/GenericS3.ts
  4. 15
      packages/nocodb/src/plugins/s3/S3.ts
  5. 4
      packages/nocodb/src/plugins/s3/index.ts

4
packages/noco-docs/docs/020.getting-started/050.self-hosted/020.environment-variables.md
Unescape View File

@ -34,8 +34,8 @@ For production use cases, it is crucial to set all environment variables marked
| `NC_S3_BUCKET_NAME` | No | The name of the AWS S3 bucket used for the S3 storage plugin. | |
| `NC_S3_REGION` | No | The AWS S3 region where the S3 storage plugin bucket is located. | |
| `NC_S3_ENDPOINT` | No | S3 endpoint for S3 storage plugin. | Defaults to `s3.<region>.amazonaws.com` |
| `NC_S3_ACCESS_KEY` | No | The AWS access key ID required for the S3 storage plugin. | |
| `NC_S3_ACCESS_SECRET` | No | The AWS access secret associated with the S3 storage plugin. | |
| `NC_S3_ACCESS_KEY` | No | The AWS access key ID for the S3 storage plugin. Required if no role access in use. | |
| `NC_S3_ACCESS_SECRET` | No | The AWS access secret associated with the S3 storage plugin. Required if no role access in use. | |
| `NC_S3_FORCE_PATH_STYLE` | No | Whether to force [path-style requests](https://docs.aws.amazon.com/AmazonS3/latest/userguide/VirtualHosting.html#path-style-access) for the S3 storage plugin. | |
| `NC_S3_ACL` | No | The [ACL](https://docs.aws.amazon.com/AmazonS3/latest/userguide/acl-overview.html) for the objects in S3 | | |
| `NC_ATTACHMENT_FIELD_SIZE` | No | Maximum file size allowed for [attachments](/fields/field-types/custom-types/attachment/) in bytes. | Defaults to `20971520` (20 MiB). |

27
packages/nocodb/src/helpers/NcPluginMgrv2.ts
Unescape View File

@ -118,28 +118,27 @@ class NcPluginMgrv2 {
/*
* NC_S3_BUCKET_NAME
* NC_S3_REGION
* NC_S3_ACCESS_KEY
* NC_S3_ACCESS_SECRET
* */
if (
process.env.NC_S3_BUCKET_NAME &&
process.env.NC_S3_REGION &&
process.env.NC_S3_ACCESS_KEY &&
process.env.NC_S3_ACCESS_SECRET
process.env.NC_S3_REGION
) {
const s3Plugin = await Plugin.getPluginByTitle(S3PluginConfig.title);
const s3CfgData: Record<string, any> = {
bucket: process.env.NC_S3_BUCKET_NAME,
region: process.env.NC_S3_REGION,
endpoint: process.env.NC_S3_ENDPOINT,
force_path_style: process.env.NC_S3_FORCE_PATH_STYLE === 'true',
acl: process.env.NC_S3_ACL,
}
if (process.env.NC_S3_ACCESS_KEY && process.env.NC_S3_ACCESS_SECRET) {
s3CfgData.access_key = process.env.NC_S3_ACCESS_KEY
s3CfgData.access_secret = process.env.NC_S3_ACCESS_SECRET
}
await Plugin.update(s3Plugin.id, {
active: true,
input: JSON.stringify({
bucket: process.env.NC_S3_BUCKET_NAME,
region: process.env.NC_S3_REGION,
endpoint: process.env.NC_S3_ENDPOINT,
access_key: process.env.NC_S3_ACCESS_KEY,
access_secret: process.env.NC_S3_ACCESS_SECRET,
force_path_style: process.env.NC_S3_FORCE_PATH_STYLE === 'true',
acl: process.env.NC_S3_ACL,
}),
input: JSON.stringify(s3CfgData),
});
}

12
packages/nocodb/src/plugins/GenericS3/GenericS3.ts
Unescape View File

@ -14,21 +14,21 @@ import type { PutObjectRequest, S3 as S3Client } from '@aws-sdk/client-s3';
import type { IStorageAdapterV2, XcFile } from '~/types/nc-plugin';
import { generateTempFilePath, waitForStreamClose } from '~/utils/pluginUtils';
interface GenerocObjectStorageInput {
interface GenericObjectStorageInput {
bucket: string;
region?: string;
access_key: string;
access_secret: string;
access_key?: string;
access_secret?: string;
}
export default class GenericS3 implements IStorageAdapterV2 {
public name;
protected s3Client: S3Client;
protected input: GenerocObjectStorageInput;
protected input: GenericObjectStorageInput;
constructor(input: unknown) {
this.input = input as GenerocObjectStorageInput;
constructor(input: GenericObjectStorageInput) {
this.input = input;
}
protected get defaultParams() {

15
packages/nocodb/src/plugins/s3/S3.ts
Unescape View File

@ -7,8 +7,8 @@ import GenericS3 from '~/plugins/GenericS3/GenericS3';
interface S3Input {
bucket: string;
region: string;
access_key: string;
access_secret: string;
access_key?: string;
access_secret?: string;
endpoint?: string;
acl?: string;
force_path_style?: boolean;
@ -48,13 +48,16 @@ export default class S3 extends GenericS3 implements IStorageAdapterV2 {
public async init(): Promise<any> {
const s3Options: S3ClientConfig = {
region: this.input.region,
credentials: {
accessKeyId: this.input.access_key,
secretAccessKey: this.input.access_secret,
},
forcePathStyle: this.input.force_path_style ?? false,
};
if (this.input.access_key && this.input.access_secret) {
s3Options.credentials = {
accessKeyId: this.input.access_key,
secretAccessKey: this.input.access_secret,
}
}
if (this.input.endpoint) {
s3Options.endpoint = this.input.endpoint;
}

4
packages/nocodb/src/plugins/s3/index.ts
Unescape View File

@ -38,14 +38,14 @@ const config: XcPluginConfig = {
label: 'Access Key',
placeholder: 'Access Key',
type: XcType.SingleLineText,
required: true,
required: false,
},
{
key: 'access_secret',
label: 'Access Secret',
placeholder: 'Access Secret',
type: XcType.Password,
required: true,
required: false,
},
{
key: 'acl',

Write Preview
Loading…
Cancel
Save