Using Nginx to proxy private Amazon S3 web services
in 2.275 minutes read
I thought I’d share how I set up Nginx to proxy a private S3 bucket.
I wanted to be able to password protect the contents of a bucket and without allowing any owner information of the bucket from leaking to the web user.
A simple configuration can be used if you want to serve objects that are public:
To setup nginx to use a private bucket is a little more work.
First we need to add in a few extra modules to the standard Nginx. Most of these modules have already been included in the nginx-extras package, however I’ll need to grab a copy of the latest source Ubuntu package, modify the rules file and repackage it so I can deploy it using my own apt repository.
We need the following modules:
set-misc-nginx-module
ngx_devel_kit
ngx_devel_kit is a dependency for set-misc-nginx-module.
We should now have a copy of the latest Nginx source package unpacked into /usr/src. Lets grab the module we want to install.
The debian package already includes the nginx-development-kit. Lets modify the debian/rules file.
Under the ‘extras_configure_flags’ lets ensure ‘–add-module=$(MODULESDIR)/nginx-development-kit’ already exists and add ‘–add-module=$(MODULESDIR)/set-misc-nginx-module’.
Now lets save this and update the changelog making a local package.
Edit the changelog in vi and include what has been changed and by whom.
Now lets repackage.
We now have .deb packages we can place on our apt repo for our webservers to use.
Once you’ve copied the packages to your repo and installed the ‘nginx-extras’ package on the webservers you can use the following configuration code snippet in nginx: