pullopen / pullopen.github.io

技术小白建站指南
https://pullopen.github.io/
8 stars 1 forks source link

如何将Mastodon媒体上传至Scaleway云储存 - 技术小白搭建Mastodon站点指南 #9

Open pullopen opened 3 years ago

pullopen commented 3 years ago

https://pullopen.github.io/%E7%AB%99%E7%82%B9%E7%BB%B4%E6%8A%A4/2020/07/22/Move-mastodon-media-to-Scaleway.html

tech-fever commented 2 years ago

大佬您好。
创建Bucket的时候,系统提示:
Bucket Visibility specifies whether the list of objects in the bucket is publicly visible or not. It does not affect the visibility of objects themselves. A file (object) uploaded to a public bucket is private by default. A private file in a public bucket cannot be accessed publicly.
所以bucket的可见性似乎不影响文件本身的可读性是private还是public,重点还是要加--acl public-read吧。 O3O搭站指南说bucket如果是public,别人就可以看见文件目录列表了。(我自己试了下确实,public的话能看到,private就是Access Denied)

pullopen commented 2 years ago

大佬您好。 创建Bucket的时候,系统提示: Bucket Visibility specifies_ whether _the list of objects in the bucket is publicly visible or not. It does not affect the visibility of objects themselves. A file (object) uploaded to a public bucket is private by default. A private file in a public bucket cannot be accessed publicly. 所以bucket的可见性似乎不影响文件本身的可读性是private还是public,重点还是要加--acl public-read吧。 O3O搭站指南说bucket如果是public,别人就可以看见文件目录列表了。(我自己试了下确实,public的话能看到,private就是Access Denied)

确实,当时我还不确定,现在可以肯定Scaleway设置成private没关系了……

tech-fever commented 2 years ago

您好,似乎现在需要nginx的配置文件改两处地方才可以,一个是proxy_pass(跟Scaleway的改变有关,另一个是改成location / ,改动后模板如下:

proxy_cache_path /tmp/nginx_mstdn_media levels=1:2 keys_zone=mastodon_media:100m max_size=1g inactive=24h;

server {
    listen 80;
    listen [::]:80;
    server_name files.example.com;
    return 301 https://files.example.com$request_uri;

    access_log /dev/null;
    error_log /dev/null;
}

server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name files.example.com;

    ssl_certificate /etc/letsencrypt/live/files.example.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/files.example.com/privkey.pem;

    access_log /var/log/nginx/mstdn-media-access.log;
    error_log /var/log/nginx/mstdn-media-error.log;

    location / {
            proxy_cache mastodon_media;
            proxy_cache_revalidate on;
            proxy_buffering on;
            proxy_cache_use_stale error timeout updating http_500 http_502 http_503 http_504;
            proxy_cache_background_update on;
            proxy_cache_lock on;
            proxy_cache_valid 1d;
            proxy_cache_valid 404 1h;
            proxy_ignore_headers Cache-Control;
            add_header X-Cached $upstream_cache_status;
            add_header 'Access-Control-Allow-Origin' '*';
            proxy_pass https://files.example.com.s3.nl-ams.scw.cloud/;
    }

}