s3_website 3.0.0 → 3.1.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 3e5dc3e5f8d46a22ed296aa8bd4a13a6dacd3b8a
4
- data.tar.gz: 41f5bc55b289e55bad653dad55481d7e5116b253
3
+ metadata.gz: 46287f622fae5f7d6dd707ce8fbdd617060b46ae
4
+ data.tar.gz: 5f3d2f1c19f9c16695ce896ac52e5c9e6ae35d34
5
5
  SHA512:
6
- metadata.gz: 42f2c57cfc5c19ddb65f4045a4691e4868b17033de2eb38bcc79180b37d82acedfb659b7df83b8cfea253bfd07ec9d4549c91a4279e48469f17e70189141a0bd
7
- data.tar.gz: 75afbbd52b508bcd3bebfb1b138e1dd040af5baf5ae67eeec7a652b29428f5f878869a53111aa9c956f7df120097c6ab7d27e505c504f0d370a64e09d5654c0a
6
+ metadata.gz: 06835789338deb7cb5b93f173d9c840fb8a0d52683a059a5e56c9d13c596668155956cc21d11995010939e15ecaf1cdeb52b41ecbc8b85b8cf02d5519a455d37
7
+ data.tar.gz: 7212c008b7d0b6e90d89c04b0d736ef427f09e97312f5a7e1514bcfd17effd7f2fe5911b5fa53935f144d752de01232c641678e21278ddad4d2daf8708b567a5
data/README.md CHANGED
@@ -66,7 +66,7 @@ s3_bucket: blog.example.com
66
66
  roles](http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UsingIAM.html#UsingIAMrolesWithAmazonEC2Instances),
67
67
  you can omit the `s3_id` and `s3_secret` keys in the config file.)
68
68
 
69
- S3_website implements supports for reading environment variables from a file using
69
+ S3_website implements support for reading environment variables from a file using
70
70
  the [dotenv](https://github.com/bkeepers/dotenv) gem. You can create a `.env` file
71
71
  in the project's root directory to take advantage of this feature. Please have
72
72
  a look at [dotenv's usage guide](https://github.com/bkeepers/dotenv#usage) for
@@ -74,8 +74,8 @@ syntax information.
74
74
 
75
75
  Your `.env` file should containing the following variables:
76
76
 
77
- AWS_ACCESS_KEY_ID=FOO
78
- AWS_SECRET_ACCESS_KEY=BAR
77
+ S3_ID=FOO
78
+ S3_SECRET=BAR
79
79
 
80
80
  ## Project goals
81
81
 
@@ -285,11 +285,11 @@ For example, like this you can define a your own TTL and CNAME:
285
285
  ```yaml
286
286
  cloudfront_distribution_config:
287
287
  default_cache_behavior:
288
- min_TTL: <%= 60 * 60 * 24 %>
288
+ min_ttl: <%= 60 * 60 * 24 %>
289
289
  aliases:
290
290
  quantity: 1
291
291
  items:
292
- CNAME: your.website.com
292
+ - your.website.com
293
293
  ```
294
294
 
295
295
  Once you've saved the configuration into `s3_website.yml`, you can apply them by
@@ -446,6 +446,16 @@ Define the subdirectory like so:
446
446
  s3_key_prefix: your-subdirectory
447
447
  ```
448
448
 
449
+ ### Temporary security credentials with Session Token
450
+
451
+ [AWS temporary security credentials](http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp.html) (eg: when [assuming IAM roles](http://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html))
452
+
453
+ Usage:
454
+
455
+ ```yaml
456
+ session_token: your-token
457
+ ```
458
+
449
459
  ## Migrating from v1 to v2
450
460
 
451
461
  Please read the [release note](/changelog.md#200) on version 2. It contains
@@ -526,7 +536,7 @@ See the [Contributors](https://github.com/laurilehmijoki/s3_website/graphs/contr
526
536
 
527
537
  * [Deploying websites to FTP or Amazon S3 with BitBucket Pipelines](https://www.savjee.be/2016/06/Deploying-website-to-ftp-or-amazon-s3-with-BitBucket-Pipelines/)
528
538
  * [How To: Hosting on Amazon S3 with CloudFront](https://paulstamatiou.com/hosting-on-amazon-s3-with-cloudfront/)
529
- * [PageSpeed 100 with Jekyll, S3 and CloudFront](https://habd.as/pagespeed-100-with-jekyll-s3-and-cloudfront/)
539
+ * [Zero to HTTP/2 with AWS and Hugo](https://habd.as/zero-to-http-2-aws-hugo/)
530
540
 
531
541
  ## Donations
532
542
 
@@ -19,6 +19,15 @@ s3_bucket: your.domain.net
19
19
  If you run `s3_website` on an EC2 instance with IAM roles, it is possible to omit
20
20
  the `s3_id` and `s3_secret`.
21
21
 
22
+ ## Minimal for temporary security credentials
23
+
24
+ ````yaml
25
+ s3_id: abcd
26
+ s3_secret: 2s+x92
27
+ session_token: hex!xeh
28
+ s3_bucket: your.domain.net
29
+ ````
30
+
22
31
  ## Optimised for speed
23
32
 
24
33
  Use CloudFront, gzip, cache headers and greater concurrency:
@@ -30,11 +39,11 @@ s3_bucket: your.domain.net
30
39
  cloudfront_distribution_id: <%= ENV['your_domain_net_cloudfront_distribution_id'] %>
31
40
  cloudfront_distribution_config:
32
41
  default_cache_behavior:
33
- min_TTL: <%= 60 * 60 * 24 %>
42
+ min_ttl: <%= 60 * 60 * 24 %>
34
43
  aliases:
35
44
  quantity: 1
36
45
  items:
37
- CNAME: your.domain.net
46
+ - your.domain.net
38
47
  max_age: 120
39
48
  gzip: true
40
49
  ````
@@ -44,6 +53,30 @@ environment variables. It's convenient, since you can keep the `s3_website.yml`
44
53
  in a public Git repo, and thus have your deployment configurations
45
54
  version-controlled.
46
55
 
56
+ ## Setup for HTTP2 and Custom SNI SSL Certificate
57
+
58
+ To fully utilize HTTP2 you'll need to setup SSL for your distribution. While HTTP/2 does
59
+ not mandate the use of encryption, it turns out that [all of the common web browsers
60
+ require the use of HTTPS connections in conjunction with HTTP/2](http://caniuse.com/#feat=http2).
61
+ Therefore, you may need to make some changes to your site or application in order
62
+ to take full advantage of HTTP/2. While you can test the site by using the Default
63
+ CloudFront Certificate you will likely want to use a custom SSL Certificate.
64
+ This isn't yet automated by s3_website, [but is a few manual steps](https://medium.com/@richardkall/setup-lets-encrypt-ssl-certificate-on-amazon-cloudfront-b217669987b2#.7jyust8os),
65
+ which is now free thanks to Let's Encrypt.
66
+
67
+ ````yaml
68
+ s3_id: <%= ENV['your_domain_net_aws_key'] %>
69
+ s3_secret: <%= ENV['your_domain_net_aws_secret'] %>
70
+ s3_bucket: your.domain.net
71
+ cloudfront_distribution_id: <%= ENV['your_domain_net_cloudfront_distribution_id'] %>
72
+ cloudfront_distribution_config:
73
+ default_cache_behavior:
74
+ min_ttl: <%= 60 * 60 * 24 %>
75
+ http_version: http2
76
+ max_age: 120
77
+ gzip: true
78
+ ````
79
+
47
80
  ## Multiple CNAMEs
48
81
 
49
82
  Sometimes you want to use multiple CNAMEs aliases in your CloudFront distribution:
@@ -55,13 +88,13 @@ s3_bucket: your.domain.net
55
88
  cloudfront_distribution_id: <%= ENV['your_domain_net_cloudfront_distribution_id'] %>
56
89
  cloudfront_distribution_config:
57
90
  default_cache_behavior:
58
- min_TTL: <%= 60 * 60 * 24 %>
91
+ min_ttl: <%= 60 * 60 * 24 %>
59
92
  aliases:
60
93
  quantity: 3
61
94
  items:
62
- CNAME0: your1.domain.net
63
- CNAME1: your2.domain.net
64
- CNAME2: your3.domain.net
95
+ - your1.domain.net
96
+ - your2.domain.net
97
+ - your3.domain.net
65
98
  max_age: 120
66
99
  gzip: true
67
100
  ````
@@ -2,6 +2,10 @@
2
2
 
3
3
  This project uses [Semantic Versioning](http://semver.org).
4
4
 
5
+ ## 3.1.0
6
+
7
+ Support for [session tokens](http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp.html)
8
+
5
9
  ## 3.0.0
6
10
 
7
11
  The CloudFront client now uses the official AWS SDK. If your `s3_website.yml`
@@ -1,3 +1,3 @@
1
1
  module S3Website
2
- VERSION = '3.0.0'
2
+ VERSION = '3.1.0'
3
3
  end
@@ -2,6 +2,9 @@ s3_id: YOUR_AWS_S3_ACCESS_KEY_ID
2
2
  s3_secret: YOUR_AWS_S3_SECRET_ACCESS_KEY
3
3
  s3_bucket: your.blog.bucket.com
4
4
 
5
+ # set s3_token if using temporary credentials with a session token (eg: when assuming a role)
6
+ # s3_token: YOUR_AWS_S3_SESSION_TOKEN
7
+
5
8
  # Below are examples of all the available configurations.
6
9
  # See README for more detailed info on each of them.
7
10
 
@@ -35,11 +38,11 @@ s3_bucket: your.blog.bucket.com
35
38
 
36
39
  # cloudfront_distribution_config:
37
40
  # default_cache_behavior:
38
- # min_TTL: <%= 60 * 60 * 24 %>
41
+ # min_ttl: <%= 60 * 60 * 24 %>
39
42
  # aliases:
40
43
  # quantity: 1
41
44
  # items:
42
- # CNAME: your.website.com
45
+ # - your.website.com
43
46
 
44
47
  # cloudfront_invalidate_root: true
45
48
 
@@ -24,6 +24,7 @@ Gem::Specification.new do |s|
24
24
 
25
25
  s.add_development_dependency 'rake', '10.1.1'
26
26
  s.add_development_dependency 'octokit', '3.1.0'
27
+ s.add_development_dependency 'mime-types'
27
28
 
28
29
  s.files = `git ls-files`
29
30
  .split("\n")
@@ -8,11 +8,12 @@ import scala.util.{Failure, Try}
8
8
  import scala.collection.JavaConversions._
9
9
  import s3.website.Ruby.rubyRuntime
10
10
  import s3.website._
11
- import com.amazonaws.auth.{AWSCredentialsProvider, BasicAWSCredentials, DefaultAWSCredentialsProviderChain}
11
+ import com.amazonaws.auth.{AWSCredentialsProvider, BasicAWSCredentials, BasicSessionCredentials, DefaultAWSCredentialsProviderChain}
12
12
 
13
13
  case class Config(
14
14
  s3_id: Option[String], // If undefined, use IAM Roles (http://docs.aws.amazon.com/AWSSdkDocsJava/latest/DeveloperGuide/java-dg-roles.html)
15
15
  s3_secret: Option[String], // If undefined, use IAM Roles (http://docs.aws.amazon.com/AWSSdkDocsJava/latest/DeveloperGuide/java-dg-roles.html)
16
+ session_token: Option[String], // If defined, the AWS Security Token Service session token (http://docs.aws.amazon.com/STS/latest/APIReference/Welcome.html)
16
17
  s3_bucket: String,
17
18
  s3_endpoint: S3Endpoint,
18
19
  site: Option[String],
@@ -36,10 +37,19 @@ case class Config(
36
37
  object Config {
37
38
 
38
39
  def awsCredentials(config: Config): AWSCredentialsProvider = {
39
- val credentialsFromConfigFile = for {
40
- s3_id <- config.s3_id
41
- s3_secret <- config.s3_secret
42
- } yield new BasicAWSCredentials(s3_id, s3_secret)
40
+ val credentialsFromConfigFile =
41
+ if (config.session_token.isEmpty) {
42
+ for {
43
+ s3_id <- config.s3_id
44
+ s3_secret <- config.s3_secret
45
+ } yield new BasicAWSCredentials(s3_id, s3_secret)
46
+ } else {
47
+ for {
48
+ s3_id <- config.s3_id
49
+ s3_secret <- config.s3_secret
50
+ session_token <- config.session_token
51
+ } yield new BasicSessionCredentials(s3_id, s3_secret, session_token)
52
+ }
43
53
  credentialsFromConfigFile.fold(new DefaultAWSCredentialsProviderChain: AWSCredentialsProvider)(credentials =>
44
54
  new AWSCredentialsProvider {
45
55
  def getCredentials = credentials
@@ -35,6 +35,7 @@ object Site {
35
35
  for {
36
36
  s3_id <- loadOptionalString("s3_id").right
37
37
  s3_secret <- loadOptionalString("s3_secret").right
38
+ session_token <- loadOptionalString("session_token").right
38
39
  s3_bucket <- loadRequiredString("s3_bucket").right
39
40
  s3_endpoint <- loadEndpoint.right
40
41
  site <- loadOptionalString("site").right
@@ -65,6 +66,7 @@ object Site {
65
66
  Config(
66
67
  s3_id,
67
68
  s3_secret,
69
+ session_token,
68
70
  s3_bucket,
69
71
  s3_endpoint getOrElse S3Endpoint.defaultEndpoint,
70
72
  site,
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: s3_website
3
3
  version: !ruby/object:Gem::Version
4
- version: 3.0.0
4
+ version: 3.1.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Lauri Lehmijoki
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2016-12-22 00:00:00.000000000 Z
11
+ date: 2017-03-08 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: thor
@@ -94,6 +94,20 @@ dependencies:
94
94
  - - '='
95
95
  - !ruby/object:Gem::Version
96
96
  version: 3.1.0
97
+ - !ruby/object:Gem::Dependency
98
+ name: mime-types
99
+ requirement: !ruby/object:Gem::Requirement
100
+ requirements:
101
+ - - ">="
102
+ - !ruby/object:Gem::Version
103
+ version: '0'
104
+ type: :development
105
+ prerelease: false
106
+ version_requirements: !ruby/object:Gem::Requirement
107
+ requirements:
108
+ - - ">="
109
+ - !ruby/object:Gem::Version
110
+ version: '0'
97
111
  description: "\n Sync website files, set redirects, use HTTP performance optimisations,
98
112
  deliver via\n CloudFront.\n "
99
113
  email:
@@ -166,7 +180,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
166
180
  version: '0'
167
181
  requirements: []
168
182
  rubyforge_project:
169
- rubygems_version: 2.6.8
183
+ rubygems_version: 2.5.1
170
184
  signing_key:
171
185
  specification_version: 4
172
186
  summary: Manage your S3 website