biondizzle/vstash
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #5 from biondizzle/codex/set-region-via-environment-variable

Browse Source 
Configure region via environment variable
This commit is contained in:
biondizzle
2025-06-05 10:15:01 -04:00
committed by GitHub
parent b7c8699ae6 bf98b52571
commit 8d950cf042
4 changed files with 20 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
.env
View File

@@ -33,3 +33,6 @@ DATABASE_URL="mysql://vultradmin:AVNS_jn444_0nHCHAvnZkTFN@vultr-prod-a6de266e-e9
# Console login credentials # Console login credentials
CONSOLE_USER=admin CONSOLE_USER=admin
CONSOLE_PASS=changeMe CONSOLE_PASS=changeMe
# Default region for S3 service
APP_REGION=us-east-1

4
config/services.yaml
View File

@@ -5,6 +5,7 @@
# https://symfony.com/doc/current/best_practices.html#use-parameters-for-application-configuration # https://symfony.com/doc/current/best_practices.html#use-parameters-for-application-configuration
parameters: parameters:
s3.storage_path: '%kernel.project_dir%/var/s3storage' s3.storage_path: '%kernel.project_dir%/var/s3storage'
app.region: '%env(APP_REGION)%'
services: services:
# default configuration for services in *this* file # default configuration for services in *this* file
@@ -24,4 +25,5 @@ services:
# please note that last definitions always *replace* previous ones # please note that last definitions always *replace* previous ones
App\Service\S3Service: App\Service\S3Service:
arguments: arguments:
$storageBasePath: '%s3.storage_path%' $storageBasePath: '%s3.storage_path%'
$region: '%app.region%'

2
src/Controller/ConsoleApiController.php
View File

@@ -164,7 +164,7 @@ class ConsoleApiController extends AbstractController
$bucketName = $data['name'] ?? null; $bucketName = $data['name'] ?? null;
$ownerId = $data['owner_id'] ?? null; $ownerId = $data['owner_id'] ?? null;
$region = $data['region'] ?? 'us-east-1'; $region = $data['region'] ?? ($_ENV['APP_REGION'] ?? 'us-east-1');
if (!$bucketName || !$ownerId) { if (!$bucketName || !$ownerId) {
return new JsonResponse(['error' => 'Missing bucket name or owner'], 400); return new JsonResponse(['error' => 'Missing bucket name or owner'], 400);

19
src/Service/S3Service.php
View File

@@ -17,9 +17,15 @@ class S3Service
{ {
public function __construct( public function __construct(
private EntityManagerInterface $entityManager, private EntityManagerInterface $entityManager,
private string $storageBasePath = '/var/s3storage' private string $storageBasePath = '/var/s3storage',
private string $region = 'us-east-1'
) {} ) {}
public function getRegion(): string
{
return $this->region;
}
// Credential Management // Credential Management
public function findCredentialByAccessKey(string $accessKey): ?S3Credential public function findCredentialByAccessKey(string $accessKey): ?S3Credential
{ {
@@ -47,12 +53,13 @@ class S3Service
->findOneBy(['name' => $name]); ->findOneBy(['name' => $name]);
} }
public function createBucket(string $name, S3Credential $owner, string $region = 'us-east-1'): S3Bucket public function createBucket(string $name, S3Credential $owner, ?string $region = null): S3Bucket
{ {
$bucket = new S3Bucket(); $bucket = new S3Bucket();
$bucketRegion = $region ?? $this->region;
$bucket->setName($name) $bucket->setName($name)
->setOwner($owner) ->setOwner($owner)
->setRegion($region); ->setRegion($bucketRegion);
$this->entityManager->persist($bucket); $this->entityManager->persist($bucket);
$this->entityManager->flush(); $this->entityManager->flush();
@@ -412,7 +419,7 @@ class S3Service
$amzDate = $presignedUrl->getCreatedAt()->format('Ymd\THis\Z'); $amzDate = $presignedUrl->getCreatedAt()->format('Ymd\THis\Z');
$shortDate = $presignedUrl->getCreatedAt()->format('Ymd'); $shortDate = $presignedUrl->getCreatedAt()->format('Ymd');
$scope = $shortDate . '/us-east-1/s3/aws4_request'; $scope = $shortDate . '/' . $this->region . '/s3/aws4_request';
$params = [ $params = [
'X-Amz-Algorithm' => 'AWS4-HMAC-SHA256', 'X-Amz-Algorithm' => 'AWS4-HMAC-SHA256',
@@ -426,7 +433,7 @@ class S3Service
$canonicalRequest = sprintf("%s\n/%s/%s\n%s\nhost:%s\n\nhost\nUNSIGNED-PAYLOAD", $method, $bucketName, $objectKey, $canonicalQuery, 'localhost'); $canonicalRequest = sprintf("%s\n/%s/%s\n%s\nhost:%s\n\nhost\nUNSIGNED-PAYLOAD", $method, $bucketName, $objectKey, $canonicalQuery, 'localhost');
$stringToSign = "AWS4-HMAC-SHA256\n" . $amzDate . "\n" . $scope . "\n" . hash('sha256', $canonicalRequest); $stringToSign = "AWS4-HMAC-SHA256\n" . $amzDate . "\n" . $scope . "\n" . hash('sha256', $canonicalRequest);
$signingKey = $this->deriveSigningKey($credential->getSecretKey(), $shortDate, 'us-east-1', 's3'); $signingKey = $this->deriveSigningKey($credential->getSecretKey(), $shortDate, $this->region, 's3');
$signature = hash_hmac('sha256', $stringToSign, $signingKey); $signature = hash_hmac('sha256', $stringToSign, $signingKey);
$params['X-Amz-Signature'] = $signature; $params['X-Amz-Signature'] = $signature;
@@ -489,4 +496,4 @@ class S3Service
rmdir($dir); rmdir($dir);
} }
} }