add proper s3 secret support with a new compose file

2025-02-06 14:28:19 -05:00 · 2025-02-06 14:28:19 -05:00 · cbb749d980
commit cbb749d980
parent 7aaa66d941
3 changed files with 48 additions and 6 deletions
--- a/.env.sample
+++ b/.env.sample
@ -65,25 +65,25 @@ GTS_MEDIA_CLEANUP_FROM="00:00"
 GTS_MEDIA_CLEANUP_EVERY="24h"

 ##########################
-##### STORAGE CONFIG #####
+######## S3 CONFIG #######
 ##########################

-#GTS_STORAGE_BACKEND=local
+#COMPOSE_FILE="$COMPOSE_FILE:compose.s3.yml"
 #GTS_STORAGE_S3_ENDPOINT=""
 #GTS_STORAGE_S3_PROXY=false
 #GTS_STORAGE_S3_REDIRECT_URL=""
 #GTS_STORAGE_S3_USE_SSL=true
 #GTS_STORAGE_S3_ACCESS_KEY=""
-#GTS_STORAGE_S3_SECRET_KEY=""
 #GTS_STORAGE_S3_BUCKET=""
+SECRET_S3_SECRET_KEY_VERSION=v1

 #######################
 ##### SMTP CONFIG #####
 #######################

 #COMPOSE_FILE="$COMPOSE_FILE:compose.smtp.yml"
-#GTS_SMTP_HOST=
-#GTS_SMTP_PORT=
+#GTS_SMTP_HOST=smtp.example.com
+#GTS_SMTP_PORT=587
 #GTS_SMTP_USERNAME=
 #GTS_SMTP_FROM=
 #GTS_SMTP_DISCLOSE_RECIPIENTS=false
--- a/README.md
+++ b/README.md
@ -62,7 +62,7 @@ Add your SMTP password
 >Note: Only STARTTLS is supported currently, if you don't know what this means then please consult your mail service provider.

 ```
-abra app secret insert <app-domain> smtp_password v1 <oidc-secret>
+abra app secret insert <app-domain> smtp_password v1 <smtp-password>
 ```

 Uncomment and populate these environment variables
@ -102,6 +102,27 @@ Optionally also uncomment these environment variables to automate setting up all
 #GTS_OIDC_ADMIN_GROUPS=[]
 ```

+## S3 Storage backend
+
+Add your S3 bucket secret key
+
+```
+abra app secret insert <app-domain> s3_secret v1 <s3-secret-key>
+```
+
+Uncomment and populate these environment variables
+
+```
+#COMPOSE_FILE="$COMPOSE_FILE:compose.s3.yml"
+#GTS_STORAGE_BACKEND=s3
+#GTS_STORAGE_S3_ENDPOINT=""
+#GTS_STORAGE_S3_PROXY=false
+#GTS_STORAGE_S3_REDIRECT_URL=""
+#GTS_STORAGE_S3_USE_SSL=true
+#GTS_STORAGE_S3_ACCESS_KEY=""
+#GTS_STORAGE_S3_BUCKET=""
+```
+
 ## Further reading & commands

 Please refer to https://docs.gotosocial.org some of the commands run will require redeploying the app.
--- a/compose.s3.yml
+++ b/compose.s3.yml
@ -0,0 +1,21 @@
+version: "3.8"
+
+services:
+  app:
+    environment:
+      - GTS_STORAGE_BACKEND=s3
+      - GTS_STORAGE_S3_ENDPOINT
+      - GTS_STORAGE_S3_PROXY
+      - GTS_STORAGE_S3_REDIRECT_URL
+      - GTS_STORAGE_S3_USE_SSL
+      - GTS_STORAGE_S3_ACCESS_KEY
+      - GTS_STORAGE_S3_BUCKET
+    networks:
+      - internal
+    secrets:
+      - s3_secret
+
+secrets:
+  s3_secret:
+    name: ${STACK_NAME}_s3_secret_${SECRET_S3_SECRET_KEY_VERSION}
+    external: true