diff --git a/README.md b/README.md index fe9651e..c65ed86 100644 --- a/README.md +++ b/README.md @@ -155,6 +155,12 @@ Yes, it is absolutely possible to do so. Firstly, you should execute the tusd bi - *Forward hostname and scheme.* If the proxy rewrites the request URL, the tusd server does not know the original URL which was used to reach the proxy. This behavior can lead to situations, where tusd returns a redirect to a URL which can not be reached by the client. To avoid this confusion, you can explicitly tell tusd which hostname and scheme to use by supplying the `X-Forwarded-Host` and `X-Forwarded-Proto` headers. Explicit examples for the above points can be found in the [Nginx configuration](https://github.com/tus/tusd/blob/master/.infra/files/nginx.conf) which is used to power the [master.tus.io](https://master.tus.io) instace. + +### Can I run custom verification/authentication checks before an upload begins? + +Yes, this is made possible by the [hook system](/docs/hooks.md) inside the tusd binary. It enables custom routines to be executed when certain events occurs, such as a new upload being created which can be handled by the `pre-create` hook. Inside the corresponding hook file, you can run your own validations against the provided upload metadata to determine whether the action is actually allowed or should be rejected by tusd. Please have a look at the [corresponding documentation](docs/hooks.md#pre-create) for a more detailed explanation. + + ## License This project is licensed under the MIT license, see `LICENSE.txt`. diff --git a/cmd/tusd/cli/composer.go b/cmd/tusd/cli/composer.go index b68d090..3590ef7 100644 --- a/cmd/tusd/cli/composer.go +++ b/cmd/tusd/cli/composer.go @@ -32,12 +32,20 @@ func CreateComposer() { store := filestore.New(dir) store.UseIn(Composer) } else { - stdout.Printf("Using 's3://%s' as S3 bucket for storage.\n", Flags.S3Bucket) + s3Config := aws.NewConfig() + + if Flags.S3Endpoint == "" { + stdout.Printf("Using 's3://%s' as S3 bucket for storage.\n", Flags.S3Bucket) + } else { + stdout.Printf("Using '%s/%s' as S3 endpoint and bucket for storage.\n", Flags.S3Endpoint, Flags.S3Bucket) + + s3Config = s3Config.WithEndpoint(Flags.S3Endpoint).WithS3ForcePathStyle(true) + } // Derive credentials from AWS_SECRET_ACCESS_KEY, AWS_ACCESS_KEY_ID and // AWS_REGION environment variables. - credentials := aws.NewConfig().WithCredentials(credentials.NewEnvCredentials()) - store := s3store.New(Flags.S3Bucket, s3.New(session.New(), credentials)) + s3Config = s3Config.WithCredentials(credentials.NewEnvCredentials()) + store := s3store.New(Flags.S3Bucket, s3.New(session.New(), s3Config)) store.UseIn(Composer) locker := memorylocker.New() diff --git a/cmd/tusd/cli/flags.go b/cmd/tusd/cli/flags.go index f8f4dcf..b61f4e7 100644 --- a/cmd/tusd/cli/flags.go +++ b/cmd/tusd/cli/flags.go @@ -14,6 +14,7 @@ var Flags struct { Basepath string Timeout int64 S3Bucket string + S3Endpoint string HooksDir string ShowVersion bool ExposeMetrics bool @@ -32,6 +33,7 @@ func ParseFlags() { flag.StringVar(&Flags.Basepath, "base-path", "/files/", "Basepath of the HTTP server") flag.Int64Var(&Flags.Timeout, "timeout", 30*1000, "Read timeout for connections in milliseconds. A zero value means that reads will not timeout") flag.StringVar(&Flags.S3Bucket, "s3-bucket", "", "Use AWS S3 with this bucket as storage backend (requires the AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY and AWS_REGION environment variables to be set)") + flag.StringVar(&Flags.S3Endpoint, "s3-endpoint", "", "Endpoint to use S3 compatible implementations like minio (requires s3-bucket to be pass)") flag.StringVar(&Flags.HooksDir, "hooks-dir", "", "Directory to search for available hooks scripts") flag.BoolVar(&Flags.ShowVersion, "version", false, "Print tusd version information") flag.BoolVar(&Flags.ExposeMetrics, "expose-metrics", true, "Expose metrics about tusd usage")