sssp: HTTP proxy for S3.

[ bsd3, library, text ] [ Propose Tags ] [ Report a vulnerability ]

An HTTP proxy for S3 that generates signed URLs for GETs and PUTs and proxies DELETEs. A very limited form of range queries, using semantic version sort and ASCII set, are supported.

[Skip to Readme]

Modules

[Index]

Aws
- Aws.SSSP

Flags

Automatic Flags

Name	Description	Default
no-cli	Disable command line tool.	Disabled

Use -f <flag> to enable a flag, or -f -<flag> to disable that flag. More info

Downloads

sssp-1.1.1.tar.gz [browse] (Cabal source package)
Package description (as included in the package)

Maintainer's Corner

Package maintainers

JasonDusek

For package maintainers and hackage trustees

edit package information

Candidates

No Candidates

Versions [RSS]	1.0.0, 1.1.0, 1.1.1
Dependencies	attempt (>=0.4), attoparsec (>=0.10), aws (>=0.7 && <0.8), base (>=2 && <=5), base64-bytestring (>=1.0), blaze-builder (>=0.3), bytestring (>=0.9), case-insensitive (>=0.4), cereal (>=0.3.5), conduit (>=0.5), containers, cryptohash (>=0.7.5), data-default (>=0.4), http-conduit (>=1.5), http-types (>=0.6), mtl (>=2), network-conduit (>=0.5), text (>=0.11), wai (>=1.3), wai-extra (>=1.3), warp (>=1.3) [details]
License	BSD-3-Clause
Author	Jason Dusek
Maintainer	oss@solidsnack.be
Category	Text
Home page	http://github.com/erudify/sssp/
Source repo	head: git clone http://github.com/erudify/sssp.git
Uploaded	by JasonDusek at 2012-11-14T21:46:50Z
Distributions
Reverse Dependencies	1 direct, 0 indirect [details]
Executables	sssp
Downloads	2229 total (7 in the last 30 days)
Rating	(no votes yet) [estimated by Bayesian average]
Your Rating	λ λ λ
Status	Docs uploaded by user Build status unknown [no reports yet]

Readme for sssp-1.1.1

[back to package description]

SYNOPSIS
       sssp

DESCRIPTION
       SSSP is an HTTP proxy for S3 that can generate short-lived, signed URLs
       for stored objects. By providing a server separate from S3 that can  be
       placed  behind an authenticating proxy or firewall, SSSP allows a vari-
       ety of common security mechanisms to be used  to  limit  access  to  S3
       objects over HTTP while taking advantage of S3's considerable bandwidth
       and parallelism.

       Use-cases for SSSP include:

          o sharing of large files within an organization,

          o media service for public facing web applications,

          o distribution of internal software.

       SSSP supports configuration via environment variables or STDIN.

CONFIGURATION
       These settings can be passed as environment variables  or  fed  to  the
       server  on  STDIN in colon separated format. Both the new and old forms
       of the AWS credential environment variables are supported.

       # AWS Settings
       AWS_ACCESS_KEY              = account access key
       AWS_ACCESS_KEY_ID           = account access key
       AWS_SECRET_KEY              = secret
       AWS_SECRET_ACCESS_KEY       = secret
       AWS_REGION                  = eu-west-1, classic, us-east-1, ...

       # Storage settings
       SSSP_BUCKET                 = DNS friendly bucket name

       # Server settings
       SSSP_CONN                   = <ip>:<port> pair
       PORT                        = port to connect to, on localhost

       SSSP is fairly liberal when parsing STDIN. In fact,  Bourne  shell  .rc
       files, like the follow example, are parsed without error:

       export SSSP_BUCKET=dist
       export SSSP_CONN=*:6000

       However,  SSSP skips over lines that contain quotes ("') or that appear
       to require shell interpolation for their correct  interpolation  (lines
       containing $`{}).

REST INTERFACE
       URLs  in  SSSP point to one of two objects: an item or a listing. Items
       correspond to S3 objects; a GET retrieves  a  signed  redirect  to  the
       object.   Listings  are  a  sequence of URLs, in ascending order; a GET
       retrieves the listing as a plaintext document, one URL per line.

       GET http://sssp.io/p/a/t/h         # Signed for the default time (10s).
       GET http://sssp.io/p/a/t/h?t=n     # Signed for n seconds.

       A PUT to an item sets the item's content. DELETEs can  be  singular  or
       plural.  A  plural DELETE removes only the objects generated by a list-
       ing.

       URLs are divided syntactically in to listings and items. A  URL  ending
       with a slash is always a listing.

       GET http://sssp.io/dist   # Signed redirect to an object called dist.
       GET http://sssp.io/dist/  # Listing of items below the key `dist'.

       To  make  it  easier to work with versioned or timestamped assets, SSSP
       supports the @hi and @lo meta-paths. These correspond to the names that
       sort  highest  and  lowest  according  to  semantic version sort, where
       non-digit chars serve to delimit arrays of numbers. For common forms of
       dates, these have the same effect as ASCII sort. (ASCII sort may speci-
       fied, as well; please the section WILDCARDS, below.)

       GET http://sssp.io/dist/x/x-0.1.1.tgz
       GET http://sssp.io/dist/x/x-0.1.4.tgz
       GET http://sssp.io/dist/x/x-0.2.11.tgz
       GET http://sssp.io/dist/x/x-0.2.9.tgz

       # Retrieval with @hi and @lo.
       GET http://sssp.io/dist/x/@hi  -307->  http://sssp.io/dist/x/x-0.2.11.tgz
       GET http://sssp.io/dist/x/@lo  -307->  http://sssp.io/dist/x/x-0.1.1.tgz

       Wildcards @hi and @lo used together with a count specify  a  set  wild-
       card; the result is a listing:

       GET http://sssp.io/dist/x/@lo2  -200->  dist/x/x-0.1.1.tgz
                                               dist/x/x-0.1.4.tgz

       Counts are the natural numbers starting at 0. The wildcard @* refers to
       "all the items".

       A counted wildcard, like @hi2, can be suffixed with a tilde to form its
       complement  --  so  @hi2~ is everything but the highest two items. This
       can be useful for bulk deletion of old/new things.

WILDCARDS
          @hi.semver, @lo.semver
                 Key with highest or lowest version, according to  a  liberal-
                 ized  form of "semantic versioning", where version components
                 are delimited by any non-digit characters.

          @hi.ascii, @lo.ascii
                 Keys sorted ASCIIbetically, in the C locale (sorted purely by
                 byte value).

          @hi, @lo
                 The default sort, which is semantic version sort.

          @*, @*.semver, @*.ascii
                 All  the items, in the default order (semantic version) or in
                 a specified order.

       ASCII sort can be substantially more performant than  semantic  version
       sort,  because  S3 returns data in ASCII order and thus no real sorting
       is necessary.

EXAMPLES
       # Start web application.
       sssp < conf

       # Start web application with configuration provided by the environment.
       export AWS_ACCESS_KEY_ID=...
       export AWS_SECRET_ACCESS_KEY=...
       sssp <<CONF
       SSSP_BUCKET: dist
       CONF

BUGS
       Listing results should really be URLs. The time to sign  should  really
       be configurable; or at least settable with a query parameter.