Created
July 24, 2021 19:20
-
-
Save petebytes/d0571d7f8fef33bbdfba950a4fb86866 to your computer and use it in GitHub Desktop.
Attempt to have both Public and Private Shrine Storages
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# frozen_string_literal: true | |
require "shrine" | |
require "shrine/storage/s3" | |
s3_options = { | |
access_key_id: ENV["AWS_ACCESS_KEY"], | |
secret_access_key: ENV["AWS_SECRET_KEY"], | |
endpoint: ENV["AWS_ENDPOINT"], | |
region: ENV["AWS_REGION"], | |
bucket: ENV["AWS_BUCKET"], | |
force_path_style: ENV.fetch("AWS_FORCE_PATH_STYLE", true) | |
} | |
# makes determination of which storage to use | |
Shrine.plugin :default_storage, store: lambda { | |
if record.is_a?(Image) && record.imageable_type == "SiteLandingPage" | |
:public | |
else | |
:store | |
end | |
} | |
# By default, uploaded S3 objects will have private visibility, meaning they can only be accessed via signed expiring URLs generated using your private S3 credentials. | |
Shrine.storages = { | |
cache: Shrine::Storage::S3.new(prefix: "#{ENV["CREDENTIALS_ENV"]}/#{ENV["DOMAIN"]}/cache", **s3_options), | |
store: Shrine::Storage::S3.new(prefix: "#{ENV["CREDENTIALS_ENV"]}/#{ENV["DOMAIN"]}/store", **s3_options), | |
public: Shrine::Storage::S3.new(public: true, prefix: "#{ENV["CREDENTIALS_ENV"]}/#{ENV["DOMAIN"]}/public", **s3_options) | |
} | |
Shrine.plugin :presign_endpoint, presign_options: lambda { |request| | |
# Uppy will send the "filename" and "type" query parameters | |
filename = request.params["filename"] | |
type = request.params["type"] | |
{ | |
content_disposition: ContentDisposition.inline(filename), # set download filename | |
content_type: type, # set content type (defaults to "application/octet-stream") | |
content_length_range: 0..(5000 * 1024 * 1024) # limit upload size to 5GB | |
} | |
} | |
Shrine.plugin :activerecord | |
Shrine.plugin :instrumentation | |
Shrine.plugin :cached_attachment_data # for retaining the cached file across form redisplays | |
Shrine.plugin :restore_cached_data # re-extract metadata when attaching a cached file | |
Shrine.plugin :validation | |
Shrine.plugin :validation_helpers | |
Shrine.plugin :uppy_s3_multipart | |
Shrine.plugin :determine_mime_type, analyzer: :marcel, log_subscriber: nil | |
Shrine.plugin :derivatives # eager or up front processing | |
Shrine.plugin :derivation_endpoint, # on-the-fly processing | |
secret_key: ENV["SECRET_KEY_BASE"] | |
Shrine.plugin :remove_attachment | |
Shrine.plugin :pretty_location | |
Shrine.plugin :store_dimensions, log_subscriber: nil, on_error: :ignore # ignores exceptions on files that do not have dimensions | |
Shrine.plugin :default_storage | |
Shrine.plugin :remove_invalid # remove and delete files that failed validation | |
Shrine.plugin :infer_extension | |
# Shrine.plugin :upload_options, cache_control: "max-age=#{1.year}, s-maxage=#{1.year}" | |
# Shrine.plugin :upload_options, public: {acl: "public-read"} | |
# Shrine.plugin :url_options, public: {public: true} | |
# delay promoting and deleting files to a background job (`backgrounding` plugin) | |
Shrine.plugin :backgrounding |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
And here is the CORS for S3
[
{
"AllowedHeaders": [
"Authorization",
"x-amz-date",
"x-amz-content-sha256",
"content-type",
"content-disposition"
],
"AllowedMethods": [
"GET",
"POST",
"PUT"
],
"AllowedOrigins": [
"https://mysite.com"
],
"ExposeHeaders": [
"ETag"
]
},
{
"AllowedHeaders": [],
"AllowedMethods": [
"GET"
],
"AllowedOrigins": [
"*"
],
"ExposeHeaders": []
}
]