diff options
author | Andrew Godwin | 2022-12-01 09:43:36 -0700 |
---|---|---|
committer | Andrew Godwin | 2022-12-01 09:43:36 -0700 |
commit | 4344fdad9a16e1b8febf03479615a0f2d0fae07e (patch) | |
tree | ac298809afeb472478c163d48ada413aa9defc5a | |
parent | 676dda0cb666d4953de9a6e62dbb53ec93c759f3 (diff) | |
download | takahe-4344fdad9a16e1b8febf03479615a0f2d0fae07e.tar.gz takahe-4344fdad9a16e1b8febf03479615a0f2d0fae07e.tar.bz2 takahe-4344fdad9a16e1b8febf03479615a0f2d0fae07e.zip |
Update S3 to use world-readable files
-rw-r--r-- | docs/installation.rst | 7 | ||||
-rw-r--r-- | takahe/settings.py | 2 |
2 files changed, 7 insertions, 2 deletions
diff --git a/docs/installation.rst b/docs/installation.rst index 662a980..e4c0878 100644 --- a/docs/installation.rst +++ b/docs/installation.rst @@ -84,9 +84,12 @@ be provided from the first boot. fully-qualified URL prefix that serves that directory. * If it is set to ``gcs://``, it must be in the form ``gcs://bucket-name`` - (note the two slashes if you just want a bucket name) + (note the two slashes if you just want a bucket name). Your bucket must + be set to world-readable and have individual object permissions disabled. - * If it is set to ``s3://``, it must be in the form ``s3://access-key:secret-key@endpoint-url/bucket-name`` + * If it is set to ``s3://``, it must be in the form + ``s3://access-key:secret-key@endpoint-url/bucket-name``. Your bucket must + permit publically-readable files to be uploaded. * ``TAKAHE_MAIN_DOMAIN`` should be the domain name (without ``https://``) that will be used for default links (such as in emails). It does *not* need to be diff --git a/takahe/settings.py b/takahe/settings.py index 2dc4ffa..288ecca 100644 --- a/takahe/settings.py +++ b/takahe/settings.py @@ -304,6 +304,8 @@ if SETUP.MEDIA_BACKEND: elif parsed.scheme == "s3": DEFAULT_FILE_STORAGE = "storages.backends.s3boto3.S3Boto3Storage" AWS_STORAGE_BUCKET_NAME = parsed.path.lstrip("/") + AWS_QUERYSTRING_AUTH = False + AWS_DEFAULT_ACL = "public-read" if parsed.username is not None: AWS_ACCESS_KEY_ID = parsed.username AWS_SECRET_ACCESS_KEY = urllib.parse.unquote(parsed.password) |