diff --git a/README.md b/README.md index fc50e49..219b300 100644 --- a/README.md +++ b/README.md @@ -40,6 +40,7 @@ Create a virtualenv and install the dependencies: Create a `config.yaml` file that contains all of the buckets you want to proxy: ```yaml +base_url: https://your.domain.org targets: - name: scicompsoft-public endpoint: https://s3.us-east-1.lyvecloud.seagate.com/ @@ -61,6 +62,8 @@ targets: For each bucket, you can either provide credentials, or it will fallback on anonymous access. Credentials are read from files on disk. You can specify a `prefix` to constrain browsing of a bucket to a given subpath. Set `hidden` to hide the bucket from the main listing -- you may also want to obfuscate the bucket name. +The `base_url` is how your server will be addressed externally. If you are using https then you will need to provide the `ssl-keyfile` and `ssl-certfile` when running Uvicorn (or equivalently `KEY_FILE` and `CERT_FILE` when running in Docker.) + ## Run server The service is written using FastAPI and runs inside of Uvicorn: @@ -75,21 +78,27 @@ You can specify TLS certificates and increase the number of workers in order to uvicorn jproxy.serve:app --host 0.0.0.0 --port 8000 --workers 8 --access-log --ssl-keyfile /opt/tls/cert.key --ssl-certfile /opt/tls/cert.crt ``` -# Production +# Production Deployment ## Running inside a Docker container First you'll need a `config.yaml` as described above. -Create a `./docker/.env` file that looks like this: +Next, create a `./docker/.env` file that looks like this: ```bash CONFIG_FILE=/path/to/config.yaml -VAR_DIR=/path/to/var +VAR_DIR=/path/to/var/dir CERT_FILE=/path/to/cert.crt KEY_FILE=/path/to/cert.key ``` +These properties configure the service as follows: +* `CONFIG_FILE`: path to the `config.yaml` settings file +* `VAR_DIR`: optional path to the var directory containing access keys referenced by `config.yaml` +* `CERT_FILE`: optional path to the SSL cert file +* `KEY_FILE`: optional path to the SSL key file + Now you can bring up the container: ```bash