SilverStripe module to store assets in Google Cloud Storage rather than on the local filesystem.
Note: This is a pre-release, and does not implement any kind of bucket policy for protected assets. There is an example ACL for public/protected assets here
This was initially based off of https://github.com/silverstripe/silverstripe-s3
The module requires a few environment variables to be set. These are mandatory.
GC_KEY_FILE
: JSON of your google service account json fileGC_BUCKET_NAME
: The name of the cloud storage bucket bucket to store assets in.
For the GC_KEY_FILE environment variable, simply copy all contents into one line and place in your .env file like -
GOOGLE_KEY_FILE={"type": "service_account","project_id": ...
- Define the environment variables listed above.
- Install Composer from https://getcomposer.org
- Run
composer require obj63mc/silverstripe-google-cloud-storage
This will install the most recent applicable version of the module given your other Composer requirements.
Note: This currently immediately replaces the built-in local asset store that comes with
SilverStripe with one based on Google Cloud Storage. Any files that had previously been uploaded to an existing
asset store will be unavailable (though they won't be lost - just run composer remove obj63mc/silverstripe-google-cloud-storage
to remove the module and restore access).
Assets are classed as either 'public' or 'protected' by SilverStripe. Public assets can be freely downloaded, whereas protected assets (e.g. assets not yet published) shouldn't be directly accessed.
'public' assets are stored by default in a directory called 'public' in the root of your bucket. If you would like to change this prefix/path simply update the environment variable of GC_PUBLIC_BUCKET_PREFIX
. You will want to configure this folder and any assets under it to have an ACL that anyone can read.
'protected' assets are stored by default in a directory called 'protected' in the root of your bucket. If you would like to change this prefix/path simply update the environment variable of GC_PROTECTED_BUCKET_PREFIX
. You will want to configure this folder to be private and only your google project admins and the account service key have admin access.
This is an example for setting up your Google Cloud Storage Bucket. This assumes you have Google Cloud SDK and command line tools installed. https://cloud.google.com/storage/docs/quickstart-gsutil
-
Create the Bucket -
gsutil mb gs://[BUCKET_NAME]/
-
Get the default ACL, you will need the project id from the ACL
gsutil acl get gs://[BUCKET_NAME]/
-
Set the bucket so your service account key can access the bucket (note only needed if not running on google app engine or cloud compute). Replace [YOUR_ACCOUNT_NAME]/the email address with your service account key email address.
gsutil defacl ch -u gcloud-[YOUR_ACCOUNT_NAME]@appspot.gserviceaccount.com:OWNER gs://[BUCKET_NAME] gsutil acl ch -u gcloud-[YOUR_ACCOUNT_NAME]@appspot.gserviceaccount.com:OWNER gs://[BUCKET_NAME]
-
Lets create the 'public' folder and set it so anyone can read it.
touch test.txt gsutil cp test.txt gs://[BUCKET_NAME]/public gsutil acl ch -r -u AllUsers:R gs://[BUCKET_NAME]/public
Your bucket should now be configured and have proper protected/public folders for your assets.
Currently anytime you run a flush on your site and access the CMS, new versions of tinymce code and other JS may be outputted to your assets directory. Instead of referencing these from your cloud storage, this module now includes an adapter to make sure this stays on the local filesystem as intended.
ErrorPages - currently error pages static files will be uploaded to GCS. Due to this you would need to update the path that these are generated to by editing your main sites config .yml file, default set from this project is:
SilverStripe\ErrorPage\ErrorPage:
store_filepath: 'error-pages'
You can also turn off the static file generation via -
SilverStripe\ErrorPage\ErrorPage:
enable_static_file: false