• Stars
    star
    182
  • Rank 211,154 (Top 5 %)
  • Language
    JavaScript
  • License
    Other
  • Created about 8 years ago
  • Updated almost 2 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

An AWS S3 storage adapter for Ghost

Ghost storage adapter S3

An AWS S3 storage adapter for Ghost 1.x

For Ghost 0.10.x and 0.11.x support check out Ghost storage adapter s3 v1.3.0.

Installation

npm install ghost-storage-adapter-s3
mkdir -p ./content/adapters/storage
cp -r ./node_modules/ghost-storage-adapter-s3 ./content/adapters/storage/s3

Configuration

"storage": {
  "active": "s3",
  "s3": {
    "accessKeyId": "YOUR_ACCESS_KEY_ID",
    "secretAccessKey": "YOUR_SECRET_ACCESS_KEY",
    "region": "YOUR_REGION_SLUG",
    "bucket": "YOUR_BUCKET_NAME",
    "assetHost": "YOUR_OPTIONAL_CDN_URL (See note 1 below)",
    "signatureVersion": "REGION_SIGNATURE_VERSION (See note 5 below)",
    "pathPrefix": "YOUR_OPTIONAL_BUCKET_SUBDIRECTORY",
    "endpoint": "YOUR_OPTIONAL_ENDPOINT_URL (only needed for 3rd party S3 providers)",
    "serverSideEncryption": "YOUR_OPTIONAL_SSE (See note 2 below)",
    "forcePathStyle": true,
    "acl": "YOUR_OPTIONAL_ACL (See note 4 below)",
  }
}

Note 1: Be sure to include "//" or the appropriate protocol within your assetHost string/variable to ensure that your site's domain is not prepended to the CDN URL.

Note 2: if your s3 bucket enforces SSE use serverSideEncryption with the appropriate supported value.

Note 3: if your s3 providers requires path style you can enable it with forcePathStyle

Note 4: if you use CloudFront the object ACL does not need to be set to "public-read"

Note 5: Support for AWS4-HMAC-SHA256

Via environment variables

AWS_ACCESS_KEY_ID
AWS_SECRET_ACCESS_KEY
AWS_DEFAULT_REGION
GHOST_STORAGE_ADAPTER_S3_PATH_BUCKET
GHOST_STORAGE_ADAPTER_S3_ASSET_HOST  // optional
GHOST_STORAGE_ADAPTER_S3_PATH_PREFIX // optional
GHOST_STORAGE_ADAPTER_S3_ENDPOINT // optional
GHOST_STORAGE_ADAPTER_S3_SSE // optional
GHOST_STORAGE_ADAPTER_S3_FORCE_PATH_STYLE // optional
GHOST_STORAGE_ADAPTER_S3_ACL // optional

AWS Configuration

You'll likely want to configure a separate S3 bucket for your blog, a specific IAM role, and, optionally, CloudFront, to serve from a CDN.

S3

Create a new bucket. If you're using a CDN, the region isn't important. Once the bucket is created, select Static website hosting from the properties, and configure it to host a website.

In the permissions, select Bucket Policy and use the policy generator with the folowing settings:

  • Select Type of Policy: S3 Bucket Policy
  • Effect: Allow
  • Principal: *
  • AWS Service: Amazon S3
  • Actions: GetBucket
  • Amazon Resource Name (ARN): your bucket's ARN, which you can get on its Bucket Policy page

Generate the policy, copy it, then paste it in the Bucket policy editor and save.

IAM

You'll want to create a custom user role in IAM that just gives your Ghost installation the necessary permissions to manipulate objects in its S3 bucket.

Go to IAM in your AWS console and add a new user. Give it a username specific to your blog, and select Programmatic access as the Access type.

Next, on the permissions page, select Attach existing policies directly and click to Create policy. For the policy click on the JSON editor and add the following policy. You'll want to replace where it says ghost-bucket with the name of your blog's S3 bucket.

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "VisualEditor0",
            "Effect": "Allow",
            "Action": "s3:ListBucket",
            "Resource": "arn:aws:s3:::ghost-bucket"
        },
        {
            "Sid": "VisualEditor1",
            "Effect": "Allow",
            "Action": [
                "s3:PutObject",
                "s3:GetObject",
                "s3:PutObjectVersionAcl",
                "s3:DeleteObject",
                "s3:PutObjectAcl"
            ],
            "Resource": "arn:aws:s3:::ghost-bucket/*"
        }
    ]
}

What this policy does is allow the user access to see the contents of the bucket (the first statement), and then manipulate the objects stored in the bucket (the second statement).

Finally, create the user and copy the Access key and Secret access key, these are what you'll use in your configuration.

At this point you could be done, but, optionally, you could put Amazon's CloudFront CDN in front of the bucket to speed things up.

CloudFront

CloudFront is a CDN that replicates objects in servers around the world so your blog's visitors will get your assets faster by using the server closest to them. It uses your S3 bucket as the "source of truth" that it populates its servers with.

Got to CloudFront in AWS and choose to Create a Distribution. On the next screen you'll want to leave everything the same, except change the following:

  • Origin Domain Name: Set this to the Endpoint url listed in the Static website hosting panel in the S3 bucket configuration
  • Viewer Protocol Policy: Redirect HTTP to HTTPS
  • Compress Objects Automatically: Yes

Then create the distribution.

Next you'll want to configure your domain name to point a subdomain at CloudFront so you can serve static content through the CDN. Click on the distribution you just created and go the General tab. In Alternate Domain Names, add a subdomain from your url to be the CDN. For instance, if your domain is yourdomain.com, do something like cdn.yourdomain.com.

Next, you'll want to enable SSL. If you're already using Amazon's Route53 DNS service, you may already have an SSL certificate for your domain with a wildcard, if not, choose to create one for your subdomain. If you're using Route53 you can have them automatically add the proper entries to your DNS records for validation and have the certificate generated. If not, go through the alternate route.

Next, configure the DNS entry for the subdomain for CloudFront. Go to your DNS configuration and add an A record for cdn (or whatever subdomain your chose), and then set it up as an alias that points at your CloudFront distribution URL. If you're using Route53 it will actually provide you with distribution as an option.

Finally, in your configuration, use the subdomain for the CloudFront distribution as your setting for assetHost.

License

ISC

More Repositories

1

wilderness

An SVG animation API
JavaScript
154
star
2

react-svg-chart

Animated SVG charts for React
JavaScript
110
star
3

svg-points

A specification for storing SVG shape data in Javascript, and some handy conversion functions
JavaScript
98
star
4

svg-tween

Animate between SVG shapes
JavaScript
79
star
5

svg-arc-to-cubic-bezier

A function that takes an SVG arc curve as input, and maps it to one or more cubic bezier curves
JavaScript
75
star
6

universal-js

A universal Javascript starter kit inc. React, Redux, Redux Dev Tools, Universal Redux Router, CSS Modules, hot module reloading, Babel for ES2015+ and ESLint
JavaScript
66
star
7

points

A specification for storing shape data in Javascript, and some handy manipulation functions
JavaScript
44
star
8

universal-redux-router

A router that turns URL params into first-class Redux state and runs action creators on navigation
JavaScript
22
star
9

wilderness-dom-node

A set of functions to convert between SVG DOM nodes, Plain Shape Objects and Frame Shapes
JavaScript
14
star
10

css-modules-universal-example

An example of how to set up CSS modules with Webpack
JavaScript
13
star
11

svg-shapes

Get point data from SVG shapes. Convert point data to an SVG path
JavaScript
10
star
12

tweening

A little tweening library
JavaScript
4
star
13

wilderness-core

The SVG animation engine behind Wilderness
JavaScript
4
star
14

package

A quick start JS package template
JavaScript
4
star
15

wilderness-react

A React API for building and animating SVG
3
star
16

wilderness-docs

Wilderness documentation
JavaScript
2
star
17

consent.js

A simple Javascript API to ask for and store consent
JavaScript
2
star
18

tweening-color-middleware

Color middleware for tweening
JavaScript
2
star
19

wordz

JavaScript
1
star
20

oaxaca-syntax-theme

A minimal syntax theme for Atom
CSS
1
star
21

yasmineawwad

JavaScript
1
star
22

docs

Front-end development documentation
1
star
23

hello-github-actions

1
star
24

goodidea

List and rank your ideas
Vue
1
star
25

meinke

Graham's website
HTML
1
star
26

colinmeinke

Personal website / playground
HTML
1
star
27

holmbank

Dad's website
JavaScript
1
star
28

tienda-docs

Documentation site for Tienda – an ecommerce plugin for Craft CMS
HTML
1
star
29

theyvoteforyou

They want you to vote for them. But do they vote for you?
HTML
1
star
30

postcss-calc-function

A PostCSS plugin to resolve the CSS calc function
JavaScript
1
star
31

taxyear

Svelte
1
star
32

stupid-add-function

A stupid add function to test package
JavaScript
1
star
33

craft-react

Craft for content. React for UI.
PHP
1
star
34

www-https-redirect

A simple express server for www > https redirects
JavaScript
1
star