2022-04-12 22:29:51 +00:00
|
|
|
# Wallet address, path to the wallet must be set as cli parameter or environment variable
|
|
|
|
|
wallet:
|
2022-07-28 13:26:42 +00:00
|
|
|
path: /path/to/wallet.json # Path to wallet
|
|
|
|
|
passphrase: "" # Passphrase to decrypt wallet. If you're using a wallet without a password, place '' here.
|
|
|
|
|
address: NfgHwwTi3wHAS8aFAN243C5vGbkYDpqLHP # Account address. If omitted default one will be used.
|
2022-04-12 22:29:51 +00:00
|
|
|
|
|
|
|
|
# Nodes configuration
|
|
|
|
|
# This configuration makes the gateway use the first node (grpc://s01.neofs.devenv:8080)
|
|
|
|
|
# while it's healthy. Otherwise, gateway uses the second node (grpc://s01.neofs.devenv:8080)
|
|
|
|
|
# for 10% of requests and the third node (grpc://s03.neofs.devenv:8080) for 90% of requests.
|
|
|
|
|
# Until nodes with the same priority level are healthy
|
|
|
|
|
# nodes with other priority are not used.
|
|
|
|
|
# The lower the value, the higher the priority.
|
|
|
|
|
peers:
|
|
|
|
|
0:
|
|
|
|
|
address: node1.neofs:8080
|
|
|
|
|
priority: 1
|
|
|
|
|
weight: 1
|
|
|
|
|
1:
|
|
|
|
|
address: node2.neofs:8080
|
|
|
|
|
priority: 2
|
|
|
|
|
weight: 0.1
|
|
|
|
|
2:
|
|
|
|
|
address: node3.neofs:8080
|
|
|
|
|
priority: 2
|
|
|
|
|
weight: 0.9
|
|
|
|
|
|
2022-11-09 10:07:18 +00:00
|
|
|
server:
|
|
|
|
|
- address: 0.0.0.0:8080
|
|
|
|
|
tls:
|
|
|
|
|
enabled: false
|
|
|
|
|
cert_file: /path/to/cert
|
|
|
|
|
key_file: /path/to/key
|
|
|
|
|
- address: 0.0.0.0:8081
|
|
|
|
|
tls:
|
|
|
|
|
enabled: true
|
|
|
|
|
cert_file: /path/to/cert
|
|
|
|
|
key_file: /path/to/key
|
2022-04-12 22:29:51 +00:00
|
|
|
|
2022-08-30 10:52:37 +00:00
|
|
|
# Domains to be able to use virtual-hosted-style access to bucket.
|
|
|
|
|
listen_domains:
|
|
|
|
|
- s3dev.neofs.devenv
|
|
|
|
|
|
2022-04-12 22:29:51 +00:00
|
|
|
logger:
|
|
|
|
|
level: debug
|
|
|
|
|
|
2022-07-22 13:24:35 +00:00
|
|
|
# Endpoint of the tree service. Must be provided. Can be one of the node address (from the `peers` section).
|
|
|
|
|
tree:
|
|
|
|
|
service: node1.neofs:8080
|
|
|
|
|
|
2022-04-12 22:29:51 +00:00
|
|
|
# RPC endpoint and order of resolving of bucket names
|
2022-07-21 06:20:30 +00:00
|
|
|
rpc_endpoint: http://morph-chain.neofs.devenv:30333
|
2022-04-14 18:10:57 +00:00
|
|
|
resolve_order:
|
2022-04-12 22:29:51 +00:00
|
|
|
- nns
|
|
|
|
|
|
|
|
|
|
# Metrics
|
2022-07-26 13:29:07 +00:00
|
|
|
pprof:
|
|
|
|
|
enabled: true
|
|
|
|
|
address: localhost:8085
|
|
|
|
|
|
|
|
|
|
prometheus:
|
|
|
|
|
enabled: true
|
|
|
|
|
address: localhost:8086
|
2022-04-12 22:29:51 +00:00
|
|
|
|
|
|
|
|
# Timeout to connect to a node
|
2022-07-18 13:11:25 +00:00
|
|
|
connect_timeout: 10s
|
2022-11-15 14:19:21 +00:00
|
|
|
# Timeout for individual operations in streaming RPC.
|
|
|
|
|
stream_timeout: 10s
|
2022-04-14 15:09:57 +00:00
|
|
|
# Timeout to check node health during rebalance
|
|
|
|
|
healthcheck_timeout: 15s
|
2022-04-12 22:29:51 +00:00
|
|
|
# Interval to check node health
|
2022-07-18 13:11:25 +00:00
|
|
|
rebalance_interval: 60s
|
2022-07-29 06:26:11 +00:00
|
|
|
# The number of errors on connection after which node is considered as unhealthy
|
|
|
|
|
pool_error_threshold: 100
|
|
|
|
|
|
2022-04-12 22:29:51 +00:00
|
|
|
|
|
|
|
|
# Limits for processing of clients' requests
|
|
|
|
|
max_clients_count: 100
|
|
|
|
|
# Deadline after which the gate sends error `RequestTimeout` to a client
|
|
|
|
|
max_clients_deadline: 30s
|
|
|
|
|
|
|
|
|
|
# Caching
|
|
|
|
|
cache:
|
|
|
|
|
# Cache for objects
|
|
|
|
|
objects:
|
|
|
|
|
lifetime: 300s
|
|
|
|
|
size: 150
|
|
|
|
|
# Cache which keeps lists of objects in buckets
|
|
|
|
|
list:
|
|
|
|
|
lifetime: 1m
|
|
|
|
|
size: 100
|
|
|
|
|
# Cache which contains mapping of nice name to object addresses
|
|
|
|
|
names:
|
|
|
|
|
lifetime: 1m
|
|
|
|
|
size: 1000
|
|
|
|
|
# Cache which contains mapping of bucket name to bucket info
|
|
|
|
|
buckets:
|
|
|
|
|
lifetime: 1m
|
|
|
|
|
size: 500
|
2022-10-03 14:36:09 +00:00
|
|
|
# Cache for system objects in a bucket: bucket settings, notification configuration etc
|
2022-04-12 22:29:51 +00:00
|
|
|
system:
|
|
|
|
|
lifetime: 2m
|
|
|
|
|
size: 1000
|
2022-10-03 14:36:09 +00:00
|
|
|
# Cache which stores access box with tokens by its address
|
2022-04-12 22:29:51 +00:00
|
|
|
accessbox:
|
|
|
|
|
lifetime: 5m
|
|
|
|
|
size: 10
|
2022-10-03 14:36:09 +00:00
|
|
|
# Cache which stores owner to cache operation mapping
|
|
|
|
|
accesscontrol:
|
|
|
|
|
lifetime: 1m
|
|
|
|
|
size: 100000
|
2022-04-12 22:29:51 +00:00
|
|
|
|
|
|
|
|
nats:
|
|
|
|
|
enabled: true
|
2022-07-13 10:40:44 +00:00
|
|
|
endpoint: nats://localhost:4222
|
2022-04-12 22:29:51 +00:00
|
|
|
timeout: 30s
|
|
|
|
|
cert_file: /path/to/cert
|
|
|
|
|
key_file: /path/to/key
|
|
|
|
|
root_ca: /path/to/ca
|
|
|
|
|
|
2022-11-03 06:49:06 +00:00
|
|
|
# Parameters of NeoFS container placement policy
|
|
|
|
|
placement_policy:
|
|
|
|
|
# Default policy of placing containers in NeoFS
|
|
|
|
|
# If a user sends a request `CreateBucket` and doesn't define policy for placing of a container in NeoFS, the S3 Gateway
|
|
|
|
|
# will put the container with default policy.
|
|
|
|
|
default: REP 3
|
|
|
|
|
# Region to placement policy mapping json file.
|
|
|
|
|
# Path to container policy mapping. The same as '--container-policy' flag for authmate
|
|
|
|
|
region_mapping: /path/to/container/policy.json
|
2022-04-12 22:29:51 +00:00
|
|
|
|
|
|
|
|
# CORS
|
|
|
|
|
# value of Access-Control-Max-Age header if this value is not set in a rule. Has an int type.
|
|
|
|
|
cors:
|
|
|
|
|
default_max_age: 600
|
2022-08-11 23:13:02 +00:00
|
|
|
|
|
|
|
|
# Parameters of requests to NeoFS
|
|
|
|
|
neofs:
|
2022-10-03 14:36:09 +00:00
|
|
|
# Number of the object copies to consider PUT to NeoFS successful.
|
|
|
|
|
# `0` means that object will be processed according to the container's placement policy
|
2022-08-11 23:13:02 +00:00
|
|
|
set_copies_number: 0
|
2022-08-31 23:12:02 +00:00
|
|
|
|
|
|
|
|
# List of allowed AccessKeyID prefixes
|
|
|
|
|
# If the parameter is omitted, S3 GW will accept all AccessKeyIDs
|
|
|
|
|
allowed_access_key_id_prefixes:
|
|
|
|
|
- Ck9BHsgKcnwfCTUSFm6pxhoNS4cBqgN2NQ8zVgPjqZDX
|
|
|
|
|
- 3stjWenX15YwYzczMr88gy3CQr4NYFBQ8P7keGzH5QFn
|
