├── Dockerfile
└── README.md


/Dockerfile:
--------------------------------------------------------------------------------
 1 | FROM debian:jessie
 2 | 
 3 | WORKDIR /tmp
 4 | 
 5 | RUN apt-get -y update
 6 | RUN apt-get -y install curl build-essential libpcre3 libpcre3-dev zlib1g-dev libssl-dev git && \
 7 |     curl -LO http://nginx.org/download/nginx-1.9.3.tar.gz && \
 8 |     tar zxf nginx-1.9.3.tar.gz && \
 9 |     cd nginx-1.9.3 && \
10 |     git clone -b AuthV2 https://github.com/anomalizer/ngx_aws_auth.git && \
11 |     ./configure --with-http_ssl_module --add-module=ngx_aws_auth && \
12 |     make install && \
13 |     cd /tmp && \
14 |     rm -f nginx-1.9.3.tar.gz && \
15 |     rm -rf nginx-1.9.3 && \
16 |     apt-get purge -y curl git && \
17 |     apt-get autoremove -y
18 | 
19 | RUN mkdir -p /data/cache
20 | 
21 | CMD [ "/usr/local/nginx/sbin/nginx", "-c", "/nginx.conf" ]
22 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | 
 2 | ## Motivation
 3 | 
 4 | This image was created for use with dogestry. We wanted a caching HTTP proxy between our
 5 | servers and S3 so that images were only downloaded once from S3.
 6 | 
 7 | ## Usage
 8 | 
 9 | The image assumes a config file in the container at: `/nginx.conf` so use the `-v` option to
10 | mount one from your host.
11 | 
12 | 
13 | ```
14 | docker run -p 8000:8000 -v /path/to/nginx.conf:/nginx.conf coopernurse/nginx-s3-proxy 
15 | ```
16 | 
17 | If you want to store the cache on the host, bind a path to `/data/cache`:
18 | 
19 | ```
20 | docker run -p 8000:8000 -v /path/to/nginx.conf:/nginx.conf -v /my/path:/data/cache coopernurse/nginx-s3-proxy 
21 | ```
22 | 
23 | Feel free to alter the `-p` param if you wish to bind the port differently onto the host.
24 | 
25 | 
26 | Example nginx.conf file:
27 | 
28 | ```
29 | worker_processes 2;
30 | pid /run/nginx.pid;
31 | daemon off;
32 | 
33 | events {
34 | 	worker_connections 768;
35 | }
36 | 
37 | http {
38 | 	sendfile on;
39 | 	tcp_nopush on;
40 | 	tcp_nodelay on;
41 | 	keepalive_timeout 65;
42 | 	types_hash_max_size 2048;
43 | 	server_names_hash_bucket_size 64;
44 | 
45 | 	include /usr/local/nginx/conf/mime.types;
46 | 	default_type application/octet-stream;
47 | 
48 | 	access_log /usr/local/nginx/logs/access.log;
49 | 	error_log  /usr/local/nginx/logs/error.log;
50 | 
51 | 	gzip on;
52 | 	gzip_disable "msie6";
53 | 	gzip_http_version 1.1;
54 | 	gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
55 | 
56 |     proxy_cache_lock on;
57 |     proxy_cache_lock_timeout 60s;
58 |     proxy_cache_path /data/cache levels=1:2 keys_zone=s3cache:10m max_size=30g;
59 | 
60 |     server {
61 |         listen     8000;
62 | 
63 |         location / {
64 |             proxy_pass https://your-bucket.s3.amazonaws.com;
65 | 
66 |             aws_access_key your-access-key;
67 |             aws_secret_key your-secret-key;
68 |             s3_bucket your-bucket;
69 | 
70 |             proxy_set_header Authorization $s3_auth_token;
71 |             proxy_set_header x-amz-date $aws_date;
72 | 
73 |             proxy_cache        s3cache;
74 |             proxy_cache_valid  200 302  24h;
75 |         }
76 |     }
77 | }
78 | ```
79 | 
80 | Things you want to tweak include:
81 | 
82 | * proxy_cache_path
83 |   * alter max_size as desired
84 |   * if you want the cache stored external to the container, alter the path
85 | * proxy_pass
86 | * aws_access_key
87 | * aws_secret_key
88 | * s3_bucket
89 | * proxy_cache_valid - change 24h to your cache duration as desired.
90 | 
91 | 
92 | 


--------------------------------------------------------------------------------