diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 0000000..16c30d0 --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,31 @@ +name: goreleaser + +on: + push: + tags: + - "*" + +jobs: + goreleaser: + runs-on: ubuntu-latest + steps: + - + name: Checkout + uses: actions/checkout@v2 + with: + fetch-depth: 0 + - + name: Set up Go + uses: actions/setup-go@v2 + with: + go-version: 1.15 + - + name: Run GoReleaser + uses: goreleaser/goreleaser-action@v2 + with: + # either 'goreleaser' (default) or 'goreleaser-pro' + distribution: goreleaser + version: latest + args: release --rm-dist + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..4ea44e7 --- /dev/null +++ b/.gitignore @@ -0,0 +1,2 @@ +proxy +dist/ diff --git a/.goreleaser.yml b/.goreleaser.yml new file mode 100644 index 0000000..ccbb8a4 --- /dev/null +++ b/.goreleaser.yml @@ -0,0 +1,20 @@ +before: + hooks: + - go mod download + +builds: + - env: + - CGO_ENABLED=0 + goos: + - linux + +archives: + - replacements: + linux: Linux + amd64: x86_64 + +checksum: + name_template: 'checksums.txt' + +changelog: + sort: asc diff --git a/README.md b/README.md new file mode 100644 index 0000000..75e4c45 --- /dev/null +++ b/README.md @@ -0,0 +1,11 @@ +# s3-http-proxy + +Little proxy to access an private S3 bucket via HTTP. + +## Usage +``` +export S3PROXY_BUCKET="nameofmybucket" +export S3PROXY_REGION="us-east-1" +export S3PROXY_PORT="3000" +./proxy +``` diff --git a/go.mod b/go.mod new file mode 100644 index 0000000..80dc3c6 --- /dev/null +++ b/go.mod @@ -0,0 +1,5 @@ +module github.com/codemonauts/s3-http-proxy + +go 1.16 + +require github.com/aws/aws-sdk-go v1.38.61 diff --git a/go.sum b/go.sum new file mode 100644 index 0000000..0a9058c --- /dev/null +++ b/go.sum @@ -0,0 +1,27 @@ +github.com/aws/aws-sdk-go v1.38.61 h1:wizuqQZe0K4iYJ+Slrs0aSQ4P94FAwqBUHwk46Iz5UA= +github.com/aws/aws-sdk-go v1.38.61/go.mod h1:hcU610XS61/+aQV88ixoOzUoG7v3b31pl2zKMmprdro= +github.com/davecgh/go-spew v1.1.0 h1:ZDRjVQ15GmhC3fiQ8ni8+OwkZQO4DARzQgrnXU1Liz8= +github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/jmespath/go-jmespath v0.4.0 h1:BEgLn5cpjn8UN1mAw4NjwDrS35OdebyEtFe+9YPoQUg= +github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo= +github.com/jmespath/go-jmespath/internal/testify v1.5.1 h1:shLQSRRSCCPj3f2gpwzGwWFoC7ycTf1rcQZHOlsJ6N8= +github.com/jmespath/go-jmespath/internal/testify v1.5.1/go.mod h1:L3OGu8Wl2/fWfCI6z80xFu9LTZmf1ZRjMHUOPmWr69U= +github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= +github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= +github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= +golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= +golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20201110031124-69a78807bb2b h1:uwuIcX0g4Yl1NC5XAz37xsr2lTtcqevgzYNVt49waME= +golang.org/x/net v0.0.0-20201110031124-69a78807bb2b/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= +golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= +golang.org/x/text v0.3.3 h1:cokOdA+Jmi5PJGXLlLllQSgYigAEfHXJAERHVMaCc2k= +golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= +gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= diff --git a/proxy.go b/proxy.go new file mode 100644 index 0000000..8209374 --- /dev/null +++ b/proxy.go @@ -0,0 +1,69 @@ +package main + +import ( + "bytes" + "fmt" + "log" + "net/http" + "os" + + "github.com/aws/aws-sdk-go/aws" + "github.com/aws/aws-sdk-go/aws/session" + "github.com/aws/aws-sdk-go/service/s3" +) + +func handler(w http.ResponseWriter, r *http.Request, svc *s3.S3, bucket string) { + key := r.URL.Path + if key == "/" { + w.WriteHeader(http.StatusForbidden) + w.Write([]byte("Forbidden")) + return + } + + input := &s3.GetObjectInput{ + Bucket: aws.String(bucket), + Key: aws.String(key), + } + obj, err := svc.GetObject(input) + + if err != nil { + w.WriteHeader(http.StatusForbidden) + w.Write([]byte("Forbidden")) + return + } + w.Header().Set("Content-Type", *obj.ContentType) + buf := new(bytes.Buffer) + buf.ReadFrom(obj.Body) + w.Write(buf.Bytes()) + +} + +func envOrDefault(name string, defaultValue string) string { + if os.Getenv(name) != "" { + return os.Getenv(name) + } else { + return defaultValue + } +} + +func main() { + region := envOrDefault("S3PROXY_REGION", "eu-central-1") + port := envOrDefault("S3PROXY_PORT", "3000") + bucket := envOrDefault("S3PROXY_BUCKET", "") + + if bucket == "" { + log.Panic("You need to provide S3PROXY_BUCKET") + } + + sess := session.Must(session.NewSession(&aws.Config{ + Region: aws.String(region), + })) + svc := s3.New(sess) + + http.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) { + handler(w, r, svc, bucket) + }) + + fmt.Printf("Listening on :%s \n", port) + log.Fatal(http.ListenAndServe(fmt.Sprintf(":%s", port), nil)) +}