Skip to content

Instantly share code, notes, and snippets.

@TomTasche
Last active January 27, 2023 21:22
Show Gist options
  • Save TomTasche/ceade7ac25d75ab162400ac23a3e74a6 to your computer and use it in GitHub Desktop.
Save TomTasche/ceade7ac25d75ab162400ac23a3e74a6 to your computer and use it in GitHub Desktop.
config for nginx to proxy a specific path to an S3 bucket
# copied from default config
user nginx;
worker_processes 1;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
server {
listen 80;
# this is where the magic starts:
location /static {
proxy_set_header Host 'YOURBUCKET.s3-website.eu-central-1.amazonaws.com';
proxy_hide_header x-amz-id-2;
proxy_hide_header x-amz-request-id;
proxy_hide_header Set-Cookie;
proxy_ignore_headers "Set-Cookie";
proxy_intercept_errors on;
proxy_pass http://YOURBUCKET.s3-website.eu-central-1.amazonaws.com;
log_not_found off;
}
location /static/images {
proxy_set_header Host 'YOURBUCKET.s3-website.eu-central-1.amazonaws.com';
proxy_hide_header x-amz-id-2;
proxy_hide_header x-amz-request-id;
proxy_hide_header Set-Cookie;
proxy_ignore_headers "Set-Cookie";
proxy_intercept_errors on;
proxy_pass http://YOURBUCKET.s3-website.eu-central-1.amazonaws.com/images;
}
}
}
@acrolink
Copy link

Thank you. Is there a way to make it possible to provide an index of the files stored in a given path in a s3 bucket? using Nginx?

One possibility is to mount the bucket as s3fs and indexing the folders using Nginx, but is is possible to do that without s3fs?

@cibinmathew
Copy link

Does this impact CORS. Is there any additional config required in S3/nginx if in S3, AllowedOrgin is set to '*' .

@TomTasche
Copy link
Author

Does this impact CORS. Is there any additional config required in S3/nginx if in S3, AllowedOrgin is set to '*' .

No, I don't think so. nginx would forward the necessary headers if they're set by S3.

@chinchalinchin
Copy link

I'm assuming this is running on an instance with a S3 bucket policy role, correct? Or the bucket is set to public?

@TomTasche
Copy link
Author

I'm assuming this is running on an instance with a S3 bucket policy role, correct? Or the bucket is set to public?

In this case the bucket needs to be public. I'm sure there's a way to authenticate your request to S3 and make it private. I haven't done that myself so far though.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment