You are here

Home » API reference » S3 File System 8.3

README.txt in S3 File System 8.3

Same filename and directory in other branches
  1. 8.2 README.txt
  2. 7.3 README.txt
  3. 7 README.txt
  4. 7.2 README.txt
  5. 4.0.x README.txt
INTRODUCTION
------------

  * S3 File System (s3fs) provides an additional file system to your drupal
    site, alongside the public and private file systems, which stores files in
    Amazon's Simple Storage Service (S3) or any S3-compatible storage service.
    You can set your site to use S3 File System as the default, or use it only
    for individual fields. This functionality is designed for sites which are
    load-balanced across multiple servers, as the mechanism used by Drupal's
    default file systems is not viable under such a configuration.

TABLE OF CONTENTS
-----------------

* REQUIREMENTS
* S3FS INITIAL CONFIGURATION
* CONFIGURE DRUPAL TO STORE FILES IN S3
* COPY LOCAL FILES TO S3
* AGGREGATED CSS AND JS IN S3
* IMAGE STYLES
* CACHE AWS CREDENTIALS
* UPGRADING FROM S3 FILE SYSTEM 7.x-2.x or 7.x-3.x
* TROUBLESHOOTING
* KNOWN ISSUES
* DEVELOPER TESTING
* ACKNOWLEDGEMENT
* MAINTAINERS

REQUIREMENTS
------------

  * AWS SDK version-3. If module is installed via Composer it gets
    automatically installed.

  * Your PHP must be configured with "allow_url_fopen = On" in your php.ini
    file.
    Otherwise, PHP will be unable to open files that are in your S3 bucket.

  * Ensure the account used to connect to the S3 bucket has sufficient
    privileges.

    * Minimum required actions for read-write are:

      "Action": [
          "s3:ListBucket",
          "s3:ListBucketVersions",
          "s3:PutObject",
          "s3:GetObject",
          "s3:DeleteObjectVersion",
          "s3:DeleteObject",
          "s3:GetObjectVersion"
          "s3:GetObjectAcl",
          "s3:PutObjectAcl",
      ]

    * For read-only buckets you must NOT grant the following actions:

      s3:PutObject
      s3:DeleteObjectVersion
      s3:DeleteObject
      s3:PutObjectAcl

  * Optional: doctrine/cache library for caching S3 Credentials.

S3FS INITIAL CONFIGURATION
--------------------------

  * S3 Credentials configuration:

    * Option 1: Use AWS defaultProvider.

      No configuration of credentials is required. S3fs will utilize the SDK
      default method of checking for environment variables, shared
      credentials/profile files, or assuming IAM roles.

      It is recommended to review the CACHE AWS CREDENTIALS section of this
      guide.

      Continue with configuration below.

    * Option 2: Provide an AWS compatible credentials INI.

      Create an AWS SDK compatible INI file with your configuration in the
      [default] profile. It is recommend that this file be located outside
      the docroot of your server for security.

      Example:
        [default]
        aws_access_key_id = YOUR_ACCESS_KEY
        aws_secret_access_key = YOUR_SECRET_KEY

      Visit /admin/config/media/s3fs and set the path to your INI in
      'Custom Credentials File Location'

      Note: If your INI causes lookups to AWS for tokens please review the
      CACHE AWS CREDENTIALS section of this guide.

      See https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-files.html
      for more information on file format.

    * Option 3: Use the key module:

        Install the Key module from https://www.drupal.org/project/key and select
        your Amazon Web Services credentials from the dropdowns in the "Keys"
        panel at (/admin/config/media/s3fs).

    * Option 4: Set Access Key and Secret Key in settings.php:

      Example:
        $settings['s3fs.access_key'] = 'YOUR ACCESS KEY';
        $settings['s3fs.secret_key'] = 'YOUR SECRET KEY';

      * Reminder: For security reasons you should ensure that all secrets are
        stored outside the document root.

  * Configure your settings for S3 File System (including your S3 bucket name)
    at /admin/config/media/s3fs.

  * Savings the settings page will trigger the bucket region to be detected.

  * If your S3 bucket is configured with BlockPublicAcls then enable the
    'upload_as_private' setting.

    Example:
      $settings['s3fs.upload_as_private'] = TRUE;

    * If s3fs will provide storage for s3:// or public:// files the generated
      links will return 403 errors unless access is granted either with
      presigned urls or through other external means.

  * With the settings saved, go to /admin/config/media/s3fs/actions.

    * First validate your configuration to verify access to your S3 bucket.

    * Next refresh the file metadata cache. This will copy the filenames and
      attributes for every existing file in your S3 bucket into Drupal's
      database. This can take a significant amount of time for very large
      buckets (thousands of files). If this operation times out, you can also
      perform it using "drush s3fs-refresh-cache".

  * Please keep in mind that any time the contents of your S3 bucket change
    without Drupal knowing about it (like if you copy some files into it
    manually using another tool), you'll need to refresh the metadata cache
    again. S3FS assumes that its cache is a canonical listing of every file in
    the bucket. Thus, Drupal will not be able to access any files you copied
    into your bucket manually until S3FS's cache learns of them. This is true
    of folders as well; s3fs will not be able to copy files into folders that
    it doesn't know about.

  * After refreshing the s3fs metadata it is recommended to clear the Drupal
    Cache.

CONFIGURE DRUPAL TO STORE FILES IN S3
-------------------------------------

  * Optional: To enable S3 to be the default for new storage fields visit
    /admin/config/media/file-system and set the "Default download method" to
    "Amazon Simple Storage Service"

  * To begin using S3 for storage either edit an existing field or add a new
    field of type File, Image, etc. and set the "Upload destination" to
    "S3 File System" in the "Field Settings" tab. Files uploaded to a field
    configured to use S3 will be stored in the S3 bucket.

    * Drupal will by default continue to store files it creates automatically
      (such as aggregated CSS) on the local filesystem as they are hard coded
      to use the public:// file handler. To prevent this enable takeover of
      the public:// file handler.

  * To enable takeover of the public and/or private file handler(s you can
    enable s3fs.use_s3_for_public and/or s3fs.use_s3_for_private in
    settings.php. This will cause your site to store newly uploaded/generated
    files from the public/private file system in S3 instead of in local
    storage.

    Example:
      $settings['s3fs.use_s3_for_public'] = TRUE;
      $settings['s3fs.use_s3_for_private'] = TRUE;

    * These settings will cause the existing file systems to become invisible
      to Drupal. To remedy this, you will need to copy the existing files into
      the S3 bucket.

    * Refer to the 'COPY LOCAL FILES TO S3' section of the manual.

  * If you use s3fs for public:// files:

    * You should change your php twig storage folder to a local directory.
      Php twig files stored in S3 pose a security concern (these files would
      be public) in addition to a performance concern(latency).
      Change the php_storage settings in your setting.php. It is recomend that
      this directory be outside out of the docroot.

      Example:
        $settings['php_storage']['twig']['directory'] = '../storage/php';

      If you have a multiple backends you may use a NAS to store it or other
      shared storage system with your others backends.

    * Refer to 'AGGREGATED CSS AND JS IN S3' for important information
      related to bucket configuration to support aggregated CSS/JS files.

    * Clear the Drupal Cache:

      * Whenever making changes to enable/disable public:// or private://
        StreamWrappers it is necessary to clear the Drupal Container Cache

      * The Container Cache can be cleared either with 'drush cr' or by
        visiting admin/config/development/performance and clicking the
        'clearing all caches' button.

COPY LOCAL FILES TO S3
----------------------

  * The migration process is only useful if you have enabled or plan to enable
    public:// or private:// filesystem handling by s3fs.

  * It is possible to copy local files to s3 without activating the
    use_s3_for_public or use_s3_for_private handlers in settings.php
    If activated before the migration existing files will be unavailable during
    the migration process.

  * You are strongly encouraged to use the drush command "drush
    s3fs-copy-local" to do this, as it will copy all the files into the correct
    subfolders in your bucket, according to your s3fs configuration, and will
    write them to the metadata cache.

    See "drush help s3fs:copy-local" for command syntax.

  * If you don't have drush, you can use the
    buttons provided on the S3FS Actions page (admin/config/media/s3fs/actions),
    though the copy operation may fail if you have a lot of files, or very
    large files. The drush command will cleanly handle any combination of
    files.

  * You should not allow new files to be uploaded during the migration process.

  * Once the migration is complete you can, if you have not already, enable
    public:// and/or private:// takeover. The files will be served from S3
    instead of the local filesystem. You may delete the local files when
    you are sure you no longer require them locally.

  * You can perform a custom migrating process by implementing
    S3fsServiceInterface or extending S3fsService and use your custom service
    class in a ServiceProvider (see S3fsServiceProvider).

AGGREGATED CSS AND JS IN S3
---------------------------

  * In previous versions S3FS required that the server be configured as a
    reverse proxy in order to use the public:// StreamWrapper.
    This requirement has been removed. Please read below for new requirements.

  * CSS and Javascript files will be stored in your S3 bucket with all other
    public:// files.

  * Because of the way browsers restrict reqeusts made to domains that differ
    from the original requested domain you will need to ensure you have setup
    a CORS policy on your S3 Bucket or CDN.

  * Sample CORS policy that will allow any site to load files:

    <CORSConfiguration>
      <CORSRule>
        <AllowedOrigin>*</AllowedOrigin>
        <AllowedMethod>GET</AllowedMethod>
      </CORSRule>
    </CORSConfiguration>

  * Please see https://docs.aws.amazon.com/AmazonS3/latest/userguide/cors.html
    for more information.

  * Links inside CSS/JS files will be rewritten to use either the base_url of
    the webserver or optionally a custom hostname.

    Links will generate with https:// if use_https is enabled otherwise links
    will generate //servername/path notation to allow for protocol agnostic
    loading of content. If your server supports HTTPS it is recommended to
    enable use_https.

IMAGE STYLES
------------

  * S3FS display image style from Amazon trough dynamic routes /s3/files/styles/
    to fix the issues around style generated images being stored in S3.
    (read more at https://www.drupal.org/node/2861975)

  * If you are using Nginx as webserver, it is neccessary to add additional
    block to your Nginx site configuration:

    location ~ ^/s3/files/styles/ {
            try_files $uri @rewrite;
    }

CACHE AWS CREDENTIALS
---------------------

  * Some authentication methods inside of the AWS ecosystem make calls to
    AWS servers in order to obtain credentials. Using an IAM role assigned
    to an instance is an example of such a method.

  * AWS does not charge for these API calls but may rate limit the requests
    leading to random errors when a request is rejected.

  * In order to avoid rate limits and increase performance it is recommended
    to enable the caching of S3 Credentials that rely on receiving tokens
    from AWS.

  * WARNING: Enabling caching will store a copy of the credentials in plain
    text on the filesystem.

    * Depending upon configuration the credentials may be short lived STS
      credentials or may be long-lived access_keys.

  * Enable Credential Caching:

    * Install doctrine/cache
      composer require "doctrine/cache:~1.4"

    * Configure a directory to store the cached credentials.

      * The directory can be entered into the 'Cached Credentials Folder'
      setting on /admin/config/media/s3fs.

      * This directory should be stored outside the docroot of the server.
        and should not be included in backups or replication.

      * The directory will be created if it does not exist.

      * Directories and files will be crated with a umask of 0012 (rwxrw----).


UPGRADING FROM S3 FILE SYSTEM 7.x-2.x or 7.x-3.x
------------------------------------------------

  * Please read the 'S3FS INITIAL CONFIGURATION'
    and 'CONFIGURE DRUPAL TO STORE FILES IN S3' sections. for how to
    configure settings that can not be migrated.

  * The $conf settings have been changed and are no longer recommend.
    When not using the settings page it is recommend to use Drupal
    configuration management to import configuration overrides.

  * d7_s3fs_config can be used to import the majority of configurations from
    the previous versions. Please verify all settings after importing.

    The following settings can not be migrated into configuration:
    - awssdk_access_key
    - awssdk_secret_key
    - s3fs_use_s3_for_public
    - s3fs_use_s3_for_private
    - s3fs_domain_s3_private

  * After configuring s3fs in D8/D9 perform a config validation and a metadata
    cache refresh to import the current list of files stored in the S3 bucket.

  * d7_s3fs_s3_migrate, d7_s3fs_public_migrate, and d7_s3fs_private_migrate
    can be used to import file entries from s3://, public://, and private://
    schemes when s3fs was used to manage files in D7.  d7_s3fs_s3_migrate
    should be ran in almost all migrations while the public:// and private://
    migrations should only be executed if s3fs takeover was enabled for them
    in D7.

    These scripts copy the managed file entries from D7 into D8 without
    copying the actual files because they are already stored in the s3
    bucket.

    When public:// or private:// files are stored in s3fs the D8/9 core
    d7_file(public://) and/or d7_file_private(private://) migrations should
    not be executed as the s3fs migration tasks will perform all required
    actions.

  * If you use some functions or methods from .module or other files in your
    custom code you must find the equivalent function or method.

TROUBLESHOOTING
---------------

  * In the unlikely circumstance that the version of the SDK you downloaded
    causes errors with S3 File System, you can download this version instead,
    which is known to work:
    https://github.com/aws/aws-sdk-php/releases/download/3.22.7/aws.zip

  * IN CASE OF TROUBLE DETECTING THE AWS SDK LIBRARY:
    Ensure that the aws folder itself, and all the files within it, can be read
    by your webserver. Usually this means that the user "apache" (or "_www" on
    OSX) must have read permissions for the files, and read+execute permissions
    for all the folders in the path leading to the aws files.

KNOWN ISSUES
------------

  * Moving/renaming 'directories' is not supported. Objects must be moved
    individually.
    @see https://www.drupal.org/project/s3fs/issues/3200867

  * The max file size supported for writing is currently 5GB.
    @see https://www.drupal.org/project/s3fs/issues/3204634

  * These problems are from Drupal 7, now we don't know if they happen in 8.
    If you tried that options or know new issues, please create a new issue
    in https://www.drupal.org/project/issues/s3fs?version=8.x

      * Some curl libraries, such as the one bundled with MAMP, do not come
        with authoritative certificate files. See the following page for
        details:
        http://dev.soup.io/post/56438473/If-youre-using-MAMP-and-doing-something

      * Because of a limitation regarding MySQL's maximum index length for
        InnoDB tables, the maximum uri length that S3FS supports is 255
        characters. The limit is on the full path including the s3://,
        public:// or private:// prefix as they are part of the uri.

        This limit is the same limit as imposed by Drupal for max managed file
        lengths, however some unmanaged files (image derivatives) could be
        impacted by this limit.

      * eAccelerator, a deprecated opcode cache plugin for PHP, is incompatible
        with AWS SDK for PHP. eAccelerator will corrupt the configuration
        settings for the SDK's s3 client object, causing a variety of different
        exceptions to be thrown. If your server uses eAccelerator, it is highly
        recommended that you replace it with a different opcode cache plugin,
        as its development was abandoned several years ago.


DEVELOPER TESTING
-----------------

PHPUnit tests exist for this project.  Some tests may require configuration
before they can be executed.

  * S3 Configuration

    Default configuration for S3 is to attempt to reach a localstack
    server started with EXTERNAL_HOSTNAME of 's3fslocalstack' using hostnames
    's3.s3fslocalstack' and 's3fs-test-bucket.s3.s3fslocalstack'. This can be
    overridden by editing the prepareConfig() section of
    src/Tests/S3fsTestBase.php or by setting the following environment
    variables prior to execution:

      * S3FS_AWS_NO_CUSTOM_HOST=true - Use default AWS servers.
      * S3FS_AWS_CUSTOM_HOST = Custom S3 host to connect to.
      * S3FS_AWS_KEY - AWS IAM user key
      * S3FS_AWS_SECRET - AWS IAM secret
      * S3FS_AWS_BUCKET - Name of S3 bucket
      * S3FS_AWS_REGION - Region of bucket.


ACKNOWLEDGEMENT
---------------

  * Special recognition goes to justafish, author of the AmazonS3 module:
    http://drupal.org/project/amazons3

  * S3 File System started as a fork of her great module, but has evolved
    dramatically since then, becoming a very different beast. The main benefit
    of using S3 File System over AmazonS3 is performance, especially for image-
    related operations, due to the metadata cache that is central to S3 File
    System's operation.


MAINTAINERS
-----------

Current maintainers:

  * webankit (https://www.drupal.org/u/webankit)

  * coredumperror (https://www.drupal.org/u/coredumperror)

  * zach.bimson (https://www.drupal.org/u/zachbimson)

  * neerajskydiver (https://www.drupal.org/u/neerajskydiver)

  * Abhishek Anand (https://www.drupal.org/u/abhishek-anand)

  * jansete (https://www.drupal.org/u/jansete)

  * cmlara (https://www.drupal.org/u/cmlara)

File

README.txt
View source 
  1. INTRODUCTION

  2. ------------

  3. 

  4.   * S3 File System (s3fs) provides an additional file system to your drupal

  5.     site, alongside the public and private file systems, which stores files in

  6.     Amazon's Simple Storage Service (S3) or any S3-compatible storage service.

  7.     You can set your site to use S3 File System as the default, or use it only

  8.     for individual fields. This functionality is designed for sites which are

  9.     load-balanced across multiple servers, as the mechanism used by Drupal's

  10.     default file systems is not viable under such a configuration.

  11. 

  12. TABLE OF CONTENTS

  13. -----------------

  14. 

  15. * REQUIREMENTS

  16. * S3FS INITIAL CONFIGURATION

  17. * CONFIGURE DRUPAL TO STORE FILES IN S3

  18. * COPY LOCAL FILES TO S3

  19. * AGGREGATED CSS AND JS IN S3

  20. * IMAGE STYLES

  21. * CACHE AWS CREDENTIALS

  22. * UPGRADING FROM S3 FILE SYSTEM 7.x-2.x or 7.x-3.x

  23. * TROUBLESHOOTING

  24. * KNOWN ISSUES

  25. * DEVELOPER TESTING

  26. * ACKNOWLEDGEMENT

  27. * MAINTAINERS

  28. 

  29. REQUIREMENTS

  30. ------------

  31. 

  32.   * AWS SDK version-3. If module is installed via Composer it gets

  33.     automatically installed.

  34. 

  35.   * Your PHP must be configured with "allow_url_fopen = On" in your php.ini

  36.     file.

  37.     Otherwise, PHP will be unable to open files that are in your S3 bucket.

  38. 

  39.   * Ensure the account used to connect to the S3 bucket has sufficient

  40.     privileges.

  41. 

  42.     * Minimum required actions for read-write are:

  43. 

  44.       "Action": [

  45.           "s3:ListBucket",

  46.           "s3:ListBucketVersions",

  47.           "s3:PutObject",

  48.           "s3:GetObject",

  49.           "s3:DeleteObjectVersion",

  50.           "s3:DeleteObject",

  51.           "s3:GetObjectVersion"

  52.           "s3:GetObjectAcl",

  53.           "s3:PutObjectAcl",

  54.       ]

  55. 

  56.     * For read-only buckets you must NOT grant the following actions:

  57. 

  58.       s3:PutObject

  59.       s3:DeleteObjectVersion

  60.       s3:DeleteObject

  61.       s3:PutObjectAcl

  62. 

  63.   * Optional: doctrine/cache library for caching S3 Credentials.

  64. 

  65. S3FS INITIAL CONFIGURATION

  66. --------------------------

  67. 

  68.   * S3 Credentials configuration:

  69. 

  70.     * Option 1: Use AWS defaultProvider.

  71. 

  72.       No configuration of credentials is required. S3fs will utilize the SDK

  73.       default method of checking for environment variables, shared

  74.       credentials/profile files, or assuming IAM roles.

  75. 

  76.       It is recommended to review the CACHE AWS CREDENTIALS section of this

  77.       guide.

  78. 

  79.       Continue with configuration below.

  80. 

  81.     * Option 2: Provide an AWS compatible credentials INI.

  82. 

  83.       Create an AWS SDK compatible INI file with your configuration in the

  84.       [default] profile. It is recommend that this file be located outside

  85.       the docroot of your server for security.

  86. 

  87.       Example:

  88.         [default]

  89.         aws_access_key_id = YOUR_ACCESS_KEY

  90.         aws_secret_access_key = YOUR_SECRET_KEY

  91. 

  92.       Visit /admin/config/media/s3fs and set the path to your INI in

  93.       'Custom Credentials File Location'

  94. 

  95.       Note: If your INI causes lookups to AWS for tokens please review the

  96.       CACHE AWS CREDENTIALS section of this guide.

  97. 

  98.       See https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-files.html

  99.       for more information on file format.

  100. 

  101.     * Option 3: Use the key module:

  102. 

  103.         Install the Key module from https://www.drupal.org/project/key and select

  104.         your Amazon Web Services credentials from the dropdowns in the "Keys"

  105.         panel at (/admin/config/media/s3fs).

  106. 

  107.     * Option 4: Set Access Key and Secret Key in settings.php:

  108. 

  109.       Example:

  110.         $settings['s3fs.access_key'] = 'YOUR ACCESS KEY';

  111.         $settings['s3fs.secret_key'] = 'YOUR SECRET KEY';

  112. 

  113.       * Reminder: For security reasons you should ensure that all secrets are

  114.         stored outside the document root.

  115. 

  116.   * Configure your settings for S3 File System (including your S3 bucket name)

  117.     at /admin/config/media/s3fs.

  118. 

  119.   * Savings the settings page will trigger the bucket region to be detected.

  120. 

  121.   * If your S3 bucket is configured with BlockPublicAcls then enable the

  122.     'upload_as_private' setting.

  123. 

  124.     Example:

  125.       $settings['s3fs.upload_as_private'] = TRUE;

  126. 

  127.     * If s3fs will provide storage for s3:// or public:// files the generated

  128.       links will return 403 errors unless access is granted either with

  129.       presigned urls or through other external means.

  130. 

  131.   * With the settings saved, go to /admin/config/media/s3fs/actions.

  132. 

  133.     * First validate your configuration to verify access to your S3 bucket.

  134. 

  135.     * Next refresh the file metadata cache. This will copy the filenames and

  136.       attributes for every existing file in your S3 bucket into Drupal's

  137.       database. This can take a significant amount of time for very large

  138.       buckets (thousands of files). If this operation times out, you can also

  139.       perform it using "drush s3fs-refresh-cache".

  140. 

  141.   * Please keep in mind that any time the contents of your S3 bucket change

  142.     without Drupal knowing about it (like if you copy some files into it

  143.     manually using another tool), you'll need to refresh the metadata cache

  144.     again. S3FS assumes that its cache is a canonical listing of every file in

  145.     the bucket. Thus, Drupal will not be able to access any files you copied

  146.     into your bucket manually until S3FS's cache learns of them. This is true

  147.     of folders as well; s3fs will not be able to copy files into folders that

  148.     it doesn't know about.

  149. 

  150.   * After refreshing the s3fs metadata it is recommended to clear the Drupal

  151.     Cache.

  152. 

  153. CONFIGURE DRUPAL TO STORE FILES IN S3

  154. -------------------------------------

  155. 

  156.   * Optional: To enable S3 to be the default for new storage fields visit

  157.     /admin/config/media/file-system and set the "Default download method" to

  158.     "Amazon Simple Storage Service"

  159. 

  160.   * To begin using S3 for storage either edit an existing field or add a new

  161.     field of type File, Image, etc. and set the "Upload destination" to

  162.     "S3 File System" in the "Field Settings" tab. Files uploaded to a field

  163.     configured to use S3 will be stored in the S3 bucket.

  164. 

  165.     * Drupal will by default continue to store files it creates automatically

  166.       (such as aggregated CSS) on the local filesystem as they are hard coded

  167.       to use the public:// file handler. To prevent this enable takeover of

  168.       the public:// file handler.

  169. 

  170.   * To enable takeover of the public and/or private file handler(s you can

  171.     enable s3fs.use_s3_for_public and/or s3fs.use_s3_for_private in

  172.     settings.php. This will cause your site to store newly uploaded/generated

  173.     files from the public/private file system in S3 instead of in local

  174.     storage.

  175. 

  176.     Example:

  177.       $settings['s3fs.use_s3_for_public'] = TRUE;

  178.       $settings['s3fs.use_s3_for_private'] = TRUE;

  179. 

  180.     * These settings will cause the existing file systems to become invisible

  181.       to Drupal. To remedy this, you will need to copy the existing files into

  182.       the S3 bucket.

  183. 

  184.     * Refer to the 'COPY LOCAL FILES TO S3' section of the manual.

  185. 

  186.   * If you use s3fs for public:// files:

  187. 

  188.     * You should change your php twig storage folder to a local directory.

  189.       Php twig files stored in S3 pose a security concern (these files would

  190.       be public) in addition to a performance concern(latency).

  191.       Change the php_storage settings in your setting.php. It is recomend that

  192.       this directory be outside out of the docroot.

  193. 

  194.       Example:

  195.         $settings['php_storage']['twig']['directory'] = '../storage/php';

  196. 

  197.       If you have a multiple backends you may use a NAS to store it or other

  198.       shared storage system with your others backends.

  199. 

  200.     * Refer to 'AGGREGATED CSS AND JS IN S3' for important information

  201.       related to bucket configuration to support aggregated CSS/JS files.

  202. 

  203.     * Clear the Drupal Cache:

  204. 

  205.       * Whenever making changes to enable/disable public:// or private://

  206.         StreamWrappers it is necessary to clear the Drupal Container Cache

  207. 

  208.       * The Container Cache can be cleared either with 'drush cr' or by

  209.         visiting admin/config/development/performance and clicking the

  210.         'clearing all caches' button.

  211. 

  212. COPY LOCAL FILES TO S3

  213. ----------------------

  214. 

  215.   * The migration process is only useful if you have enabled or plan to enable

  216.     public:// or private:// filesystem handling by s3fs.

  217. 

  218.   * It is possible to copy local files to s3 without activating the

  219.     use_s3_for_public or use_s3_for_private handlers in settings.php

  220.     If activated before the migration existing files will be unavailable during

  221.     the migration process.

  222. 

  223.   * You are strongly encouraged to use the drush command "drush

  224.     s3fs-copy-local" to do this, as it will copy all the files into the correct

  225.     subfolders in your bucket, according to your s3fs configuration, and will

  226.     write them to the metadata cache.

  227. 

  228.     See "drush help s3fs:copy-local" for command syntax.

  229. 

  230.   * If you don't have drush, you can use the

  231.     buttons provided on the S3FS Actions page (admin/config/media/s3fs/actions),

  232.     though the copy operation may fail if you have a lot of files, or very

  233.     large files. The drush command will cleanly handle any combination of

  234.     files.

  235. 

  236.   * You should not allow new files to be uploaded during the migration process.

  237. 

  238.   * Once the migration is complete you can, if you have not already, enable

  239.     public:// and/or private:// takeover. The files will be served from S3

  240.     instead of the local filesystem. You may delete the local files when

  241.     you are sure you no longer require them locally.

  242. 

  243.   * You can perform a custom migrating process by implementing

  244.     S3fsServiceInterface or extending S3fsService and use your custom service

  245.     class in a ServiceProvider (see S3fsServiceProvider).

  246. 

  247. AGGREGATED CSS AND JS IN S3

  248. ---------------------------

  249. 

  250.   * In previous versions S3FS required that the server be configured as a

  251.     reverse proxy in order to use the public:// StreamWrapper.

  252.     This requirement has been removed. Please read below for new requirements.

  253. 

  254.   * CSS and Javascript files will be stored in your S3 bucket with all other

  255.     public:// files.

  256. 

  257.   * Because of the way browsers restrict reqeusts made to domains that differ

  258.     from the original requested domain you will need to ensure you have setup

  259.     a CORS policy on your S3 Bucket or CDN.

  260. 

  261.   * Sample CORS policy that will allow any site to load files:

  262. 

  263.     

  264.       

  265.         *

  266.         GET

  267.       

  268.     

  269. 

  270.   * Please see https://docs.aws.amazon.com/AmazonS3/latest/userguide/cors.html

  271.     for more information.

  272. 

  273.   * Links inside CSS/JS files will be rewritten to use either the base_url of

  274.     the webserver or optionally a custom hostname.

  275. 

  276.     Links will generate with https:// if use_https is enabled otherwise links

  277.     will generate //servername/path notation to allow for protocol agnostic

  278.     loading of content. If your server supports HTTPS it is recommended to

  279.     enable use_https.

  280. 

  281. IMAGE STYLES

  282. ------------

  283. 

  284.   * S3FS display image style from Amazon trough dynamic routes /s3/files/styles/

  285.     to fix the issues around style generated images being stored in S3.

  286.     (read more at https://www.drupal.org/node/2861975)

  287. 

  288.   * If you are using Nginx as webserver, it is neccessary to add additional

  289.     block to your Nginx site configuration:

  290. 

  291.     location ~ ^/s3/files/styles/ {

  292.             try_files $uri @rewrite;

  293.     }

  294. 

  295. CACHE AWS CREDENTIALS

  296. ---------------------

  297. 

  298.   * Some authentication methods inside of the AWS ecosystem make calls to

  299.     AWS servers in order to obtain credentials. Using an IAM role assigned

  300.     to an instance is an example of such a method.

  301. 

  302.   * AWS does not charge for these API calls but may rate limit the requests

  303.     leading to random errors when a request is rejected.

  304. 

  305.   * In order to avoid rate limits and increase performance it is recommended

  306.     to enable the caching of S3 Credentials that rely on receiving tokens

  307.     from AWS.

  308. 

  309.   * WARNING: Enabling caching will store a copy of the credentials in plain

  310.     text on the filesystem.

  311. 

  312.     * Depending upon configuration the credentials may be short lived STS

  313.       credentials or may be long-lived access_keys.

  314. 

  315.   * Enable Credential Caching:

  316. 

  317.     * Install doctrine/cache

  318.       composer require "doctrine/cache:~1.4"

  319. 

  320.     * Configure a directory to store the cached credentials.

  321. 

  322.       * The directory can be entered into the 'Cached Credentials Folder'

  323.       setting on /admin/config/media/s3fs.

  324. 

  325.       * This directory should be stored outside the docroot of the server.

  326.         and should not be included in backups or replication.

  327. 

  328.       * The directory will be created if it does not exist.

  329. 

  330.       * Directories and files will be crated with a umask of 0012 (rwxrw----).

  331. 

  332. 

  333. UPGRADING FROM S3 FILE SYSTEM 7.x-2.x or 7.x-3.x

  334. ------------------------------------------------

  335. 

  336.   * Please read the 'S3FS INITIAL CONFIGURATION'

  337.     and 'CONFIGURE DRUPAL TO STORE FILES IN S3' sections. for how to

  338.     configure settings that can not be migrated.

  339. 

  340.   * The $conf settings have been changed and are no longer recommend.

  341.     When not using the settings page it is recommend to use Drupal

  342.     configuration management to import configuration overrides.

  343. 

  344.   * d7_s3fs_config can be used to import the majority of configurations from

  345.     the previous versions. Please verify all settings after importing.

  346. 

  347.     The following settings can not be migrated into configuration:

  348.     - awssdk_access_key

  349.     - awssdk_secret_key

  350.     - s3fs_use_s3_for_public

  351.     - s3fs_use_s3_for_private

  352.     - s3fs_domain_s3_private

  353. 

  354.   * After configuring s3fs in D8/D9 perform a config validation and a metadata

  355.     cache refresh to import the current list of files stored in the S3 bucket.

  356. 

  357.   * d7_s3fs_s3_migrate, d7_s3fs_public_migrate, and d7_s3fs_private_migrate

  358.     can be used to import file entries from s3://, public://, and private://

  359.     schemes when s3fs was used to manage files in D7.  d7_s3fs_s3_migrate

  360.     should be ran in almost all migrations while the public:// and private://

  361.     migrations should only be executed if s3fs takeover was enabled for them

  362.     in D7.

  363. 

  364.     These scripts copy the managed file entries from D7 into D8 without

  365.     copying the actual files because they are already stored in the s3

  366.     bucket.

  367. 

  368.     When public:// or private:// files are stored in s3fs the D8/9 core

  369.     d7_file(public://) and/or d7_file_private(private://) migrations should

  370.     not be executed as the s3fs migration tasks will perform all required

  371.     actions.

  372. 

  373.   * If you use some functions or methods from .module or other files in your

  374.     custom code you must find the equivalent function or method.

  375. 

  376. TROUBLESHOOTING

  377. ---------------

  378. 

  379.   * In the unlikely circumstance that the version of the SDK you downloaded

  380.     causes errors with S3 File System, you can download this version instead,

  381.     which is known to work:

  382.     https://github.com/aws/aws-sdk-php/releases/download/3.22.7/aws.zip

  383. 

  384.   * IN CASE OF TROUBLE DETECTING THE AWS SDK LIBRARY:

  385.     Ensure that the aws folder itself, and all the files within it, can be read

  386.     by your webserver. Usually this means that the user "apache" (or "_www" on

  387.     OSX) must have read permissions for the files, and read+execute permissions

  388.     for all the folders in the path leading to the aws files.

  389. 

  390. KNOWN ISSUES

  391. ------------

  392. 

  393.   * Moving/renaming 'directories' is not supported. Objects must be moved

  394.     individually.

  395.     @see https://www.drupal.org/project/s3fs/issues/3200867

  396. 

  397.   * The max file size supported for writing is currently 5GB.

  398.     @see https://www.drupal.org/project/s3fs/issues/3204634

  399. 

  400.   * These problems are from Drupal 7, now we don't know if they happen in 8.

  401.     If you tried that options or know new issues, please create a new issue

  402.     in https://www.drupal.org/project/issues/s3fs?version=8.x

  403. 

  404.       * Some curl libraries, such as the one bundled with MAMP, do not come

  405.         with authoritative certificate files. See the following page for

  406.         details:

  407.         http://dev.soup.io/post/56438473/If-youre-using-MAMP-and-doing-something

  408. 

  409.       * Because of a limitation regarding MySQL's maximum index length for

  410.         InnoDB tables, the maximum uri length that S3FS supports is 255

  411.         characters. The limit is on the full path including the s3://,

  412.         public:// or private:// prefix as they are part of the uri.

  413. 

  414.         This limit is the same limit as imposed by Drupal for max managed file

  415.         lengths, however some unmanaged files (image derivatives) could be

  416.         impacted by this limit.

  417. 

  418.       * eAccelerator, a deprecated opcode cache plugin for PHP, is incompatible

  419.         with AWS SDK for PHP. eAccelerator will corrupt the configuration

  420.         settings for the SDK's s3 client object, causing a variety of different

  421.         exceptions to be thrown. If your server uses eAccelerator, it is highly

  422.         recommended that you replace it with a different opcode cache plugin,

  423.         as its development was abandoned several years ago.

  424. 

  425. 

  426. DEVELOPER TESTING

  427. -----------------

  428. 

  429. PHPUnit tests exist for this project.  Some tests may require configuration

  430. before they can be executed.

  431. 

  432.   * S3 Configuration

  433. 

  434.     Default configuration for S3 is to attempt to reach a localstack

  435.     server started with EXTERNAL_HOSTNAME of 's3fslocalstack' using hostnames

  436.     's3.s3fslocalstack' and 's3fs-test-bucket.s3.s3fslocalstack'. This can be

  437.     overridden by editing the prepareConfig() section of

  438.     src/Tests/S3fsTestBase.php or by setting the following environment

  439.     variables prior to execution:

  440. 

  441.       * S3FS_AWS_NO_CUSTOM_HOST=true - Use default AWS servers.

  442.       * S3FS_AWS_CUSTOM_HOST = Custom S3 host to connect to.

  443.       * S3FS_AWS_KEY - AWS IAM user key

  444.       * S3FS_AWS_SECRET - AWS IAM secret

  445.       * S3FS_AWS_BUCKET - Name of S3 bucket

  446.       * S3FS_AWS_REGION - Region of bucket.

  447. 

  448. 

  449. ACKNOWLEDGEMENT

  450. ---------------

  451. 

  452.   * Special recognition goes to justafish, author of the AmazonS3 module:

  453.     http://drupal.org/project/amazons3

  454. 

  455.   * S3 File System started as a fork of her great module, but has evolved

  456.     dramatically since then, becoming a very different beast. The main benefit

  457.     of using S3 File System over AmazonS3 is performance, especially for image-

  458.     related operations, due to the metadata cache that is central to S3 File

  459.     System's operation.

  460. 

  461. 

  462. MAINTAINERS

  463. -----------

  464. 

  465. Current maintainers:

  466. 

  467.   * webankit (https://www.drupal.org/u/webankit)

  468. 

  469.   * coredumperror (https://www.drupal.org/u/coredumperror)

  470. 

  471.   * zach.bimson (https://www.drupal.org/u/zachbimson)

  472. 

  473.   * neerajskydiver (https://www.drupal.org/u/neerajskydiver)

  474. 

  475.   * Abhishek Anand (https://www.drupal.org/u/abhishek-anand)

  476. 

  477.   * jansete (https://www.drupal.org/u/jansete)

  478. 

  479.   * cmlara (https://www.drupal.org/u/cmlara)