forked from TrueCloudLab/distribution
Merge pull request #2837 from vishesh92/fix-cloudfront-middleware
Fix cloudfront middleware
This commit is contained in:
commit
6d62eb1d4a
2 changed files with 34 additions and 23 deletions
|
@ -706,14 +706,19 @@ interpretation of the options.
|
||||||
| `privatekey` | yes | The private key for Cloudfront, provided by AWS. |
|
| `privatekey` | yes | The private key for Cloudfront, provided by AWS. |
|
||||||
| `keypairid` | yes | The key pair ID provided by AWS. |
|
| `keypairid` | yes | The key pair ID provided by AWS. |
|
||||||
| `duration` | no | An integer and unit for the duration of the Cloudfront session. Valid time units are `ns`, `us` (or `µs`), `ms`, `s`, `m`, or `h`. For example, `3000s` is valid, but `3000 s` is not. If you do not specify a `duration` or you specify an integer without a time unit, the duration defaults to `20m` (20 minutes).|
|
| `duration` | no | An integer and unit for the duration of the Cloudfront session. Valid time units are `ns`, `us` (or `µs`), `ms`, `s`, `m`, or `h`. For example, `3000s` is valid, but `3000 s` is not. If you do not specify a `duration` or you specify an integer without a time unit, the duration defaults to `20m` (20 minutes).|
|
||||||
|`ipfilteredby`|no | A string with the following value `none|aws|awsregion`. |
|
|`ipfilteredby`|no | A string with the following value `none`, `aws` or `awsregion`. |
|
||||||
|`awsregion`|no | A comma separated string of AWS regions, only available when `ipfilteredby` is `awsregion`. For example, `us-east-1, us-west-2`|
|
|`awsregion`|no | A comma separated string of AWS regions, only available when `ipfilteredby` is `awsregion`. For example, `us-east-1, us-west-2`|
|
||||||
|`updatefrenquency`|no | The frequency to update AWS IP regions, default: `12h`|
|
|`updatefrenquency`|no | The frequency to update AWS IP regions, default: `12h`|
|
||||||
|`iprangesurl`|no | The URL contains the AWS IP ranges information, default: `https://ip-ranges.amazonaws.com/ip-ranges.json`|
|
|`iprangesurl`|no | The URL contains the AWS IP ranges information, default: `https://ip-ranges.amazonaws.com/ip-ranges.json`|
|
||||||
Then value of ipfilteredby:
|
|
||||||
`none`: default, do not filter by IP
|
|
||||||
`aws`: IP from AWS goes to S3 directly
|
Value of `ipfilteredby` can be:
|
||||||
`awsregion`: IP from certain AWS regions goes to S3 directly, use together with `awsregion`
|
|
||||||
|
| Value | Description |
|
||||||
|
|-------------|------------------------------------|
|
||||||
|
| `none` | default, do not filter by IP |
|
||||||
|
| `aws` | IP from AWS goes to S3 directly |
|
||||||
|
| `awsregion` | IP from certain AWS regions goes to S3 directly, use together with `awsregion`. |
|
||||||
|
|
||||||
### `redirect`
|
### `redirect`
|
||||||
|
|
||||||
|
|
|
@ -138,15 +138,17 @@ func newCloudFrontStorageMiddleware(storageDriver storagedriver.StorageDriver, o
|
||||||
|
|
||||||
// parse ipfilteredby
|
// parse ipfilteredby
|
||||||
var awsIPs *awsIPs
|
var awsIPs *awsIPs
|
||||||
if ipFilteredBy := options["ipfilteredby"].(string); ok {
|
if i, ok := options["ipfilteredby"]; ok {
|
||||||
|
if ipFilteredBy, ok := i.(string); ok {
|
||||||
switch strings.ToLower(strings.TrimSpace(ipFilteredBy)) {
|
switch strings.ToLower(strings.TrimSpace(ipFilteredBy)) {
|
||||||
case "", "none":
|
case "", "none":
|
||||||
awsIPs = nil
|
awsIPs = nil
|
||||||
case "aws":
|
case "aws":
|
||||||
newAWSIPs(ipRangesURL, updateFrequency, nil)
|
awsIPs = newAWSIPs(ipRangesURL, updateFrequency, nil)
|
||||||
case "awsregion":
|
case "awsregion":
|
||||||
var awsRegion []string
|
var awsRegion []string
|
||||||
if regions, ok := options["awsregion"].(string); ok {
|
if i, ok := options["awsregion"]; ok {
|
||||||
|
if regions, ok := i.(string); ok {
|
||||||
for _, awsRegions := range strings.Split(regions, ",") {
|
for _, awsRegions := range strings.Split(regions, ",") {
|
||||||
awsRegion = append(awsRegion, strings.ToLower(strings.TrimSpace(awsRegions)))
|
awsRegion = append(awsRegion, strings.ToLower(strings.TrimSpace(awsRegions)))
|
||||||
}
|
}
|
||||||
|
@ -154,12 +156,16 @@ func newCloudFrontStorageMiddleware(storageDriver storagedriver.StorageDriver, o
|
||||||
} else {
|
} else {
|
||||||
return nil, fmt.Errorf("awsRegion must be a comma separated string of valid aws regions")
|
return nil, fmt.Errorf("awsRegion must be a comma separated string of valid aws regions")
|
||||||
}
|
}
|
||||||
|
} else {
|
||||||
|
return nil, fmt.Errorf("awsRegion is not defined")
|
||||||
|
}
|
||||||
default:
|
default:
|
||||||
return nil, fmt.Errorf("ipfilteredby only allows a string the following value: none|aws|awsregion")
|
return nil, fmt.Errorf("ipfilteredby only allows a string the following value: none|aws|awsregion")
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
return nil, fmt.Errorf("ipfilteredby only allows a string with the following value: none|aws|awsregion")
|
return nil, fmt.Errorf("ipfilteredby only allows a string with the following value: none|aws|awsregion")
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
return &cloudFrontStorageMiddleware{
|
return &cloudFrontStorageMiddleware{
|
||||||
StorageDriver: storageDriver,
|
StorageDriver: storageDriver,
|
||||||
|
|
Loading…
Reference in a new issue