website/docs: s3: fix environment variables (#8722)
This commit is contained in:
Marc 'risson' Schmitt
committed by
GitHub
GitHub
parent
17f9a48252
commit
05fb11b1f0
@ -134,17 +134,17 @@ To check if your config has been applied correctly, you can run the following co
|
||||
|
||||
These settings affect where media files are stored. Those files include applications and sources icons. By default, they are stored on disk in the `/media` directory of the authentik container. S3 storage is also supported.
|
||||
|
||||
- `AUTHENTIK_STORAGE_MEDIA_BACKEND`: Where to store files. Valid values are `file` and `s3`. For `file` storage, files are stored in a `/media` directory in the container. For `s3`, see below.
|
||||
- `AUTHENTIK_STORAGE_MEDIA_S3_REGION`: S3 region where the bucket has been created. May be omitted depending on which S3 provider you use. No default.
|
||||
- `AUTHENTIK_STORAGE_MEDIA_S3_USE__SSL`: Whether to use HTTPS when talking to the S3 storage providers. Defaults to `true`.
|
||||
- `AUTHENTIK_STORAGE_MEDIA_S3_ENDPOINT`: Endpoint to use to talk to the S3 storage provider. Override the previous region and use_ssl settings. Must be a valid URL in the form of `https://s3.provider`. No default.
|
||||
- `AUTHENTIK_STORAGE_MEDIA_S3_SESSION__PROFILE`: Profile to use when using AWS SDK authentication. No default. Supports hot-reloading.
|
||||
- `AUTHENTIK_STORAGE_MEDIA_S3_ACCESS__KEY`: Access key to authenticate to S3. May be omitted if using AWS SDK authentication. Supports hot-reloading.
|
||||
- `AUTHENTIK_STORAGE_MEDIA_S3_SECRET__KEY`: Secret key to authenticate to S3. May be omitted if using AWS SDK authentication. Supports hot-reloading.
|
||||
- `AUTHENTIK_STORAGE_MEDIA_S3_SECURITY__TOKEN`: Security token to authenticate to S3. May be omitted. Supports hot-reloading.
|
||||
- `AUTHENTIK_STORAGE_MEDIA_S3_BUCKET__NAME`: Name of the bucket to use to store files.
|
||||
- `AUTHENTIK_STORAGE_MEDIA_S3_CUSTOM__DOMAIN`: Domain to use to create URLs for users. Mainly useful for non-AWS providers. May include a port. Must include the bucket. Example: `s3.company:8080/authentik-media`.
|
||||
- `AUTHENTIK_STORAGE_MEDIA_S3_SECURE__URLS`: Whether URLS created for users use `http` or `https`. Defaults to `true`.
|
||||
- `AUTHENTIK_STORAGE__MEDIA__BACKEND`: Where to store files. Valid values are `file` and `s3`. For `file` storage, files are stored in a `/media` directory in the container. For `s3`, see below.
|
||||
- `AUTHENTIK_STORAGE__MEDIA__S3__REGION`: S3 region where the bucket has been created. May be omitted depending on which S3 provider you use. No default.
|
||||
- `AUTHENTIK_STORAGE__MEDIA__S3__USE_SSL`: Whether to use HTTPS when talking to the S3 storage providers. Defaults to `true`.
|
||||
- `AUTHENTIK_STORAGE__MEDIA__S3__ENDPOINT`: Endpoint to use to talk to the S3 storage provider. Override the previous region and use_ssl settings. Must be a valid URL in the form of `https://s3.provider`. No default.
|
||||
- `AUTHENTIK_STORAGE__MEDIA__S3__SESSION_PROFILE`: Profile to use when using AWS SDK authentication. No default. Supports hot-reloading.
|
||||
- `AUTHENTIK_STORAGE__MEDIA__S3__ACCESS_KEY`: Access key to authenticate to S3. May be omitted if using AWS SDK authentication. Supports hot-reloading.
|
||||
- `AUTHENTIK_STORAGE__MEDIA__S3__SECRET_KEY`: Secret key to authenticate to S3. May be omitted if using AWS SDK authentication. Supports hot-reloading.
|
||||
- `AUTHENTIK_STORAGE__MEDIA__S3__SECURITY_TOKEN`: Security token to authenticate to S3. May be omitted. Supports hot-reloading.
|
||||
- `AUTHENTIK_STORAGE__MEDIA__S3__BUCKET_NAME`: Name of the bucket to use to store files.
|
||||
- `AUTHENTIK_STORAGE__MEDIA__S3__CUSTOM_DOMAIN`: Domain to use to create URLs for users. Mainly useful for non-AWS providers. May include a port. Must include the bucket. Example: `s3.company:8080/authentik-media`.
|
||||
- `AUTHENTIK_STORAGE__MEDIA__S3__SECURE_URLS`: Whether URLS created for users use `http` or `https`. Defaults to `true`.
|
||||
|
||||
## authentik Settings
|
||||
|
||||
|
||||
@ -60,28 +60,28 @@ AWS_ACCESS_KEY_ID=access_key AWS_SECRET_ACCESS_KEY=secret_key aws s3api --endpoi
|
||||
Add the following to your `.env` file:
|
||||
|
||||
```env
|
||||
AUTHENTIK_STORAGE_MEDIA_BACKEND=s3
|
||||
AUTHENTIK_STORAGE_MEDIA_S3_ACCESS__KEY=access_key
|
||||
AUTHENTIK_STORAGE_MEDIA_S3_SECRET__KEY=secret_key
|
||||
AUTHENTIK_STORAGE_MEDIA_S3_BUCKET__NAME=authentik-media
|
||||
AUTHENTIK_STORAGE__MEDIA__BACKEND=s3
|
||||
AUTHENTIK_STORAGE__MEDIA__S3__ACCESS_KEY=access_key
|
||||
AUTHENTIK_STORAGE__MEDIA__S3__SECRET_KEY=secret_key
|
||||
AUTHENTIK_STORAGE__MEDIA__S3__BUCKET_NAME=authentik-media
|
||||
```
|
||||
|
||||
If you're using AWS S3 as your S3 provider, add the following:
|
||||
|
||||
```env
|
||||
AUTHENTIK_STORAGE_MEDIA_S3_REGION=us-east-1 # Use the region of the bucket
|
||||
AUTHENTIK_STORAGE__MEDIA__S3__REGION=us-east-1 # Use the region of the bucket
|
||||
```
|
||||
|
||||
If you're not using AWS S3 as your S3 provider, add the following:
|
||||
|
||||
```env
|
||||
AUTHENTIK_STORAGE_MEDIA_S3_ENDPOINT=https://s3.provider
|
||||
AUTHENTIK_STORAGE_MEDIA_S3_CUSTOM__DOMAIN=s3.provider/authentik-media
|
||||
AUTHENTIK_STORAGE__MEDIA__S3__ENDPOINT=https://s3.provider
|
||||
AUTHENTIK_STORAGE__MEDIA__S3__CUSTOM_DOMAIN=s3.provider/authentik-media
|
||||
```
|
||||
|
||||
The `ENDPOINT` setting specifies how authentik talks to the S3 provider.
|
||||
|
||||
The `CUSTOM__DOMAIN` setting specifies how URLs are constructed to be shown on the web interface. For example, an object stored at `application-icons/application.png` with a `CUSTOM__DOMAIN` setting of `s3.provider/authentik-media` will result in a URL of `https://s3.provider/authentik-media/application-icons/application.png`. You can also use subdomains for your buckets depending on what your S3 provider offers: `authentik-media.s3.provider`. Whether HTTPS is used is controlled by the `AUTHENTIK_STORAGE_MEDIA_S3_SECURE__URLS` which defaults to true.
|
||||
The `CUSTOM_DOMAIN` setting specifies how URLs are constructed to be shown on the web interface. For example, an object stored at `application-icons/application.png` with a `CUSTOM__DOMAIN` setting of `s3.provider/authentik-media` will result in a URL of `https://s3.provider/authentik-media/application-icons/application.png`. You can also use subdomains for your buckets depending on what your S3 provider offers: `authentik-media.s3.provider`. Whether HTTPS is used is controlled by the `AUTHENTIK_STORAGE__MEDIA__S3__SECURE_URLS` which defaults to true.
|
||||
|
||||
For more control over settings, refer to the [configuration reference](./configuration.mdx#media-storage-settings)
|
||||
|
||||
|
||||
Reference in New Issue
Block a user