config for be-s3

scientist-softserv · Jul 13, 2023 · bf73c5d · bf73c5d
1 parent 0c9299d
commit bf73c5d
Show file tree

Hide file tree

Showing 2 changed files with 18 additions and 10 deletions.
diff --git a/config/browse_everything_providers.yml b/config/browse_everything_providers.yml
@@ -2,8 +2,8 @@
 # To make browse-everything aware of a provider, uncomment the info for that provider and add your API key information.
 # The file_system provider can be a path to any directory on the server where your application is running.
 #
-file_system:
- home: /app/samvera/hyrax-webapp/data
+#file_system:
+# home: /app/samvera/hyrax-webapp/data
 # dropbox:
 # client_id: YOUR_DROPBOX_APP_KEY
 # client_secret: YOUR_DROPBOX_APP_SECRET
@@ -14,11 +14,11 @@ file_system:
 # google_drive:
 # client_id: YOUR_GOOGLE_API_CLIENT_ID
 # client_secret: YOUR_GOOGLE_API_CLIENT_SECRET
-# s3:
-# bucket: YOUR_AWS_S3_BUCKET
-#  response_type: signed_url # set to :public_url for public urls or :s3_uri for an s3://BUCKET/KEY uri
-#  expires_in: 14400 # for signed_url response_type, number of seconds url will be valid for.
-# app_key: YOUR_AWS_S3_KEY  # :app_key, :app_secret, and :region can be specified
-# app_secret: YOUR_AWS_S3_SECRET # explicitly here, or left out to use system-configured
-# region: YOUR_AWS_S3_REGION # defaults.
-#  See https://aws.amazon.com/blogs/security/a-new-and-standardized-way-to-manage-credentials-in-the-aws-sdks/
+s3:
+ bucket: <%= ENV['AWS_S3_BUCKET'] %> # .s3.amazonaws.com #arn:aws:s3:::temp-bl-bucket-for-browse-everything
+ response_type: signed_url # set to :public_url for public urls or :s3_uri for an s3://BUCKET/KEY uri
+ expires_in: 14400 # for signed_url response_type, number of seconds url will be valid for.
+ app_key: <%= ENV['AWS_ACCESS_KEY_ID'] %> # :app_key, :app_secret, and :region can be specified
+ app_secret: <%= ENV['AWS_SECRET_ACCESS_KEY'] %> # explicitly here, or left out to use system-configured
+ region: <%= ENV['AWS_S3_REGION'] %> # defaults.
+ # See https://aws.amazon.com/blogs/security/a-new-and-standardized-way-to-manage-credentials-in-the-aws-sdks/
diff --git a/ops/staging-deploy.tmpl.yaml b/ops/staging-deploy.tmpl.yaml
@@ -167,6 +167,14 @@ extraEnvVars: &envVars
  value: "1"
  - name: EXTERNAL_IIIF_URL
  value: https://d2ltm8fy0v0agc.cloudfront.net/iiif/2
+ - name: AWS_S3_BUCKET
+ value: $AWS_S3_BUCKET
+ - name: AWS_ACCESS_KEY_ID
+ value: $AWS_ACCESS_KEY_ID
+ - name: AWS_SECRET_ACCESS_KEY
+ value: $AWS_SECRET_ACCESS_KEY
+ - name: AWS_S3_REGION
+ value: $AWS_S3_REGION
 
 worker:
  replicaCount: 1