diff --git a/.env b/.env index a5eb496..07cf96b 100644 --- a/.env +++ b/.env @@ -33,3 +33,6 @@ DATABASE_URL="mysql://vultradmin:AVNS_jn444_0nHCHAvnZkTFN@vultr-prod-a6de266e-e9 # Console login credentials CONSOLE_USER=admin CONSOLE_PASS=changeMe + +# Default region for S3 service +APP_REGION=us-east-1 diff --git a/config/services.yaml b/config/services.yaml index ee1d2b0..e05ea91 100644 --- a/config/services.yaml +++ b/config/services.yaml @@ -5,6 +5,7 @@ # https://symfony.com/doc/current/best_practices.html#use-parameters-for-application-configuration parameters: s3.storage_path: '%kernel.project_dir%/var/s3storage' + app.region: '%env(APP_REGION)%' services: # default configuration for services in *this* file @@ -24,4 +25,5 @@ services: # please note that last definitions always *replace* previous ones App\Service\S3Service: arguments: - $storageBasePath: '%s3.storage_path%' \ No newline at end of file + $storageBasePath: '%s3.storage_path%' + $region: '%app.region%' diff --git a/src/Controller/ConsoleApiController.php b/src/Controller/ConsoleApiController.php index 8890554..0bc7b2c 100644 --- a/src/Controller/ConsoleApiController.php +++ b/src/Controller/ConsoleApiController.php @@ -164,7 +164,7 @@ class ConsoleApiController extends AbstractController $bucketName = $data['name'] ?? null; $ownerId = $data['owner_id'] ?? null; - $region = $data['region'] ?? 'us-east-1'; + $region = $data['region'] ?? ($_ENV['APP_REGION'] ?? 'us-east-1'); if (!$bucketName || !$ownerId) { return new JsonResponse(['error' => 'Missing bucket name or owner'], 400); diff --git a/src/Service/S3Service.php b/src/Service/S3Service.php index 2c55dc8..ee9ba57 100644 --- a/src/Service/S3Service.php +++ b/src/Service/S3Service.php @@ -17,9 +17,15 @@ class S3Service { public function __construct( private EntityManagerInterface $entityManager, - private string $storageBasePath = '/var/s3storage' + private string $storageBasePath = '/var/s3storage', + private string $region = 'us-east-1' ) {} + public function getRegion(): string + { + return $this->region; + } + // Credential Management public function findCredentialByAccessKey(string $accessKey): ?S3Credential { @@ -47,12 +53,13 @@ class S3Service ->findOneBy(['name' => $name]); } - public function createBucket(string $name, S3Credential $owner, string $region = 'us-east-1'): S3Bucket + public function createBucket(string $name, S3Credential $owner, ?string $region = null): S3Bucket { $bucket = new S3Bucket(); + $bucketRegion = $region ?? $this->region; $bucket->setName($name) ->setOwner($owner) - ->setRegion($region); + ->setRegion($bucketRegion); $this->entityManager->persist($bucket); $this->entityManager->flush(); @@ -412,7 +419,7 @@ class S3Service $amzDate = $presignedUrl->getCreatedAt()->format('Ymd\THis\Z'); $shortDate = $presignedUrl->getCreatedAt()->format('Ymd'); - $scope = $shortDate . '/us-east-1/s3/aws4_request'; + $scope = $shortDate . '/' . $this->region . '/s3/aws4_request'; $params = [ 'X-Amz-Algorithm' => 'AWS4-HMAC-SHA256', @@ -426,7 +433,7 @@ class S3Service $canonicalRequest = sprintf("%s\n/%s/%s\n%s\nhost:%s\n\nhost\nUNSIGNED-PAYLOAD", $method, $bucketName, $objectKey, $canonicalQuery, 'localhost'); $stringToSign = "AWS4-HMAC-SHA256\n" . $amzDate . "\n" . $scope . "\n" . hash('sha256', $canonicalRequest); - $signingKey = $this->deriveSigningKey($credential->getSecretKey(), $shortDate, 'us-east-1', 's3'); + $signingKey = $this->deriveSigningKey($credential->getSecretKey(), $shortDate, $this->region, 's3'); $signature = hash_hmac('sha256', $stringToSign, $signingKey); $params['X-Amz-Signature'] = $signature; @@ -489,4 +496,4 @@ class S3Service rmdir($dir); } -} \ No newline at end of file +}