paulmataruso/zulip
1
0
Fork 0
mirror of https://github.com/zulip/zulip.git synced 2025-10-24 00:23:49 +00:00
Code Issues Packages Projects Releases Wiki Activity

s3: Support non-AWS S3 providers which do not support request checksums.

Browse Source
This commit is contained in:
Alex Vandiver
2025-04-09 16:40:37 +00:00
committed by Tim Abbott
parent 33339f89c3
commit aeed907c50
5 changed files with 12 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
docs/production/upload-backends.md
View File

@@ -52,6 +52,10 @@ backend. To enable this backend, you need to do the following:
For certain AWS regions, you may need to set the `S3_REGION` For certain AWS regions, you may need to set the `S3_REGION`
setting to your default AWS region's code (e.g., `"eu-central-1"`). setting to your default AWS region's code (e.g., `"eu-central-1"`).
1. Non-AWS block storage providers may need `S3_SKIP_CHECKSUM = True`; you
should try without this at first, but enable it if you see exceptions
involving `XAmzContentSHA256Mismatch`.
1. Finally, restart the Zulip server so that your settings changes 1. Finally, restart the Zulip server so that your settings changes
take effect take effect
(`/home/zulip/deployments/current/scripts/restart-server`). (`/home/zulip/deployments/current/scripts/restart-server`).

4
zerver/lib/upload/s3.py
View File

@@ -56,6 +56,9 @@ if settings.S3_SKIP_PROXY is True: # nocoverage
def get_bucket(bucket_name: str, authed: bool = True) -> "Bucket": def get_bucket(bucket_name: str, authed: bool = True) -> "Bucket":
import boto3 import boto3
checksum: Literal["when_required", "when_supported"] = (
"when_required" if settings.S3_SKIP_CHECKSUM else "when_supported"
)
return boto3.resource( return boto3.resource(
"s3", "s3",
aws_access_key_id=settings.S3_KEY if authed else None, aws_access_key_id=settings.S3_KEY if authed else None,
@@ -65,6 +68,7 @@ def get_bucket(bucket_name: str, authed: bool = True) -> "Bucket":
config=Config( config=Config(
signature_version=None if authed else botocore.UNSIGNED, signature_version=None if authed else botocore.UNSIGNED,
s3={"addressing_style": settings.S3_ADDRESSING_STYLE}, s3={"addressing_style": settings.S3_ADDRESSING_STYLE},
request_checksum_calculation=checksum,
), ),
).Bucket(bucket_name) ).Bucket(bucket_name)

2
zerver/management/commands/runtusd.py
View File

@@ -73,4 +73,6 @@ class Command(BaseCommand):
env_vars["AWS_SECRET_ACCESS_KEY"] = settings.S3_SECRET_KEY env_vars["AWS_SECRET_ACCESS_KEY"] = settings.S3_SECRET_KEY
if settings.S3_REGION is not None: if settings.S3_REGION is not None:
env_vars["AWS_REGION"] = settings.S3_REGION env_vars["AWS_REGION"] = settings.S3_REGION
if settings.S3_SKIP_CHECKSUM:
env_vars["AWS_REQUEST_CHECKSUM_CALCULATION"] = "when_required"
os.execvpe("tusd", tusd_args, env_vars) os.execvpe("tusd", tusd_args, env_vars)

1
zproject/default_settings.py
View File

@@ -166,6 +166,7 @@ S3_UPLOADS_STORAGE_CLASS: Literal[
"STANDARD_IA", "STANDARD_IA",
] = "STANDARD" ] = "STANDARD"
S3_AVATAR_PUBLIC_URL_PREFIX: str | None = None S3_AVATAR_PUBLIC_URL_PREFIX: str | None = None
S3_SKIP_CHECKSUM: bool = False
LOCAL_UPLOADS_DIR: str | None = None LOCAL_UPLOADS_DIR: str | None = None
LOCAL_AVATARS_DIR: str | None = None LOCAL_AVATARS_DIR: str | None = None
LOCAL_FILES_DIR: str | None = None LOCAL_FILES_DIR: str | None = None

1
zproject/prod_settings_template.py
View File

@@ -818,6 +818,7 @@ LOCAL_UPLOADS_DIR = "/home/zulip/uploads"
# S3_ADDRESSING_STYLE = "auto" # S3_ADDRESSING_STYLE = "auto"
# S3_SKIP_PROXY = True # S3_SKIP_PROXY = True
# S3_UPLOADS_STORAGE_CLASS = "STANDARD" # S3_UPLOADS_STORAGE_CLASS = "STANDARD"
# S3_SKIP_CHECKSUM = False
## Maximum allowed size of uploaded files, in megabytes. Set ## Maximum allowed size of uploaded files, in megabytes. Set
## MAX_FILE_UPLOAD_SIZE to 0 to disable file uploads completely ## MAX_FILE_UPLOAD_SIZE to 0 to disable file uploads completely