From 0e0a017cb368044347cef05b99020b42475344a5 Mon Sep 17 00:00:00 2001 From: cruizba Date: Mon, 4 Nov 2024 18:03:23 +0100 Subject: [PATCH] Allow S3 empty config values to allow IAM Roles --- backend/src/config.ts | 8 ++++---- backend/src/server.ts | 22 ++++++++++++++++++---- backend/src/services/s3.service.ts | 23 ++++++++++++++++------- 3 files changed, 38 insertions(+), 15 deletions(-) diff --git a/backend/src/config.ts b/backend/src/config.ts index a57c570a..f9e17bc3 100644 --- a/backend/src/config.ts +++ b/backend/src/config.ts @@ -31,8 +31,8 @@ export const LIVEKIT_API_SECRET = process.env.LIVEKIT_API_SECRET || 'secret'; // S3 configuration export const CALL_S3_BUCKET = process.env.CALL_S3_BUCKET || 'openvidu'; -export const CALL_S3_SERVICE_ENDPOINT = process.env.CALL_S3_SERVICE_ENDPOINT || 'http://localhost:9000'; -export const CALL_S3_ACCESS_KEY = process.env.CALL_S3_ACCESS_KEY || 'minioadmin'; -export const CALL_S3_SECRET_KEY = process.env.CALL_S3_SECRET_KEY || 'minioadmin'; -export const CALL_AWS_REGION = process.env.CALL_AWS_REGION || 'us-east-1'; +export const CALL_S3_SERVICE_ENDPOINT = process.env.CALL_S3_SERVICE_ENDPOINT || undefined; +export const CALL_S3_ACCESS_KEY = process.env.CALL_S3_ACCESS_KEY || undefined; +export const CALL_S3_SECRET_KEY = process.env.CALL_S3_SECRET_KEY || undefined; +export const CALL_AWS_REGION = process.env.CALL_AWS_REGION || undefined; export const CALL_S3_WITH_PATH_STYLE_ACCESS = process.env.CALL_S3_WITH_PATH_STYLE_ACCESS || 'true'; diff --git a/backend/src/server.ts b/backend/src/server.ts index df0221a5..d41e6904 100644 --- a/backend/src/server.ts +++ b/backend/src/server.ts @@ -85,10 +85,24 @@ const logEnvVars = () => { console.log('S3 Configuration'); console.log('---------------------------------------------------------'); console.log('CALL S3 BUCKET:', text(CALL_S3_BUCKET)); - console.log('CALL S3 SERVICE ENDPOINT:', text(CALL_S3_SERVICE_ENDPOINT)); - console.log('CALL S3 ACCESS KEY:', credential('****' + CALL_S3_ACCESS_KEY.slice(-3))); - console.log('CALL S3 SECRET KEY:', credential('****' + CALL_S3_SECRET_KEY.slice(-3))); - console.log('CALL AWS REGION:', text(CALL_AWS_REGION)); + + // S3 configuration + if (CALL_S3_SERVICE_ENDPOINT) { + console.log('CALL S3 SERVICE ENDPOINT:', text(CALL_S3_SERVICE_ENDPOINT)); + } + + if (CALL_S3_ACCESS_KEY) { + console.log('CALL S3 ACCESS KEY:', credential('****' + CALL_S3_ACCESS_KEY.slice(-3))); + } + + if (CALL_S3_SECRET_KEY) { + console.log('CALL S3 SECRET KEY:', credential('****' + CALL_S3_SECRET_KEY.slice(-3))); + } + + if (CALL_AWS_REGION) { + console.log('CALL AWS REGION:', text(CALL_AWS_REGION)); + } + console.log('---------------------------------------------------------'); }; diff --git a/backend/src/services/s3.service.ts b/backend/src/services/s3.service.ts index 1a7ba896..7f544c56 100644 --- a/backend/src/services/s3.service.ts +++ b/backend/src/services/s3.service.ts @@ -32,15 +32,24 @@ export class S3Service { protected static instance: S3Service; constructor() { - const config: S3ClientConfig = { - region: CALL_AWS_REGION, - credentials: { + const config: S3ClientConfig = {}; + + if (CALL_AWS_REGION) { + config.endpoint = CALL_S3_SERVICE_ENDPOINT; + } + + if (CALL_S3_ACCESS_KEY && CALL_S3_SECRET_KEY) { + config.credentials = { accessKeyId: CALL_S3_ACCESS_KEY, secretAccessKey: CALL_S3_SECRET_KEY - }, - endpoint: CALL_S3_SERVICE_ENDPOINT, - forcePathStyle: CALL_S3_WITH_PATH_STYLE_ACCESS === 'true' - }; + }; + } + + if (CALL_S3_SERVICE_ENDPOINT) { + config.endpoint = CALL_S3_SERVICE_ENDPOINT; + } + + config.forcePathStyle = CALL_S3_WITH_PATH_STYLE_ACCESS === 'true'; this.s3 = new S3Client(config); }