2011-03-28 02:00:44 +00:00
|
|
|
{- Amazon S3 remotes.
|
|
|
|
-
|
|
|
|
- Copyright 2011 Joey Hess <joey@kitenet.net>
|
|
|
|
-
|
|
|
|
- Licensed under the GNU GPL version 3 or higher.
|
|
|
|
-}
|
|
|
|
|
2012-11-17 19:30:11 +00:00
|
|
|
module Remote.S3 (remote, setCredsEnv) where
|
2011-03-28 02:00:44 +00:00
|
|
|
|
2011-03-28 05:32:47 +00:00
|
|
|
import Network.AWS.AWSConnection
|
|
|
|
import Network.AWS.S3Object
|
2011-04-21 14:31:54 +00:00
|
|
|
import Network.AWS.S3Bucket hiding (size)
|
2011-03-28 05:32:47 +00:00
|
|
|
import Network.AWS.AWSResult
|
|
|
|
import qualified Data.ByteString.Lazy.Char8 as L
|
2011-03-29 17:49:54 +00:00
|
|
|
import qualified Data.Map as M
|
2011-05-16 15:20:30 +00:00
|
|
|
import Data.Char
|
2011-03-28 02:00:44 +00:00
|
|
|
|
2011-10-05 20:02:51 +00:00
|
|
|
import Common.Annex
|
2011-06-02 01:56:04 +00:00
|
|
|
import Types.Remote
|
|
|
|
import Types.Key
|
2011-06-30 17:16:57 +00:00
|
|
|
import qualified Git
|
2011-03-30 19:15:46 +00:00
|
|
|
import Config
|
2011-08-17 00:49:54 +00:00
|
|
|
import Remote.Helper.Special
|
|
|
|
import Remote.Helper.Encryptable
|
2011-04-17 15:01:34 +00:00
|
|
|
import Crypto
|
2012-11-14 23:32:27 +00:00
|
|
|
import Creds
|
2012-11-19 02:20:43 +00:00
|
|
|
import Meters
|
2011-10-04 04:40:47 +00:00
|
|
|
import Annex.Content
|
2011-03-28 02:00:44 +00:00
|
|
|
|
2012-01-06 03:14:10 +00:00
|
|
|
remote :: RemoteType
|
|
|
|
remote = RemoteType {
|
2011-03-29 18:55:59 +00:00
|
|
|
typename = "S3",
|
2011-03-30 18:00:54 +00:00
|
|
|
enumerate = findSpecialRemotes "s3",
|
|
|
|
generate = gen,
|
2011-03-29 18:55:59 +00:00
|
|
|
setup = s3Setup
|
|
|
|
}
|
2011-03-29 03:51:07 +00:00
|
|
|
|
2011-12-31 08:11:39 +00:00
|
|
|
gen :: Git.Repo -> UUID -> Maybe RemoteConfig -> Annex Remote
|
2011-03-30 19:15:46 +00:00
|
|
|
gen r u c = do
|
|
|
|
cst <- remoteCost r expensiveRemoteCost
|
2011-05-01 19:13:54 +00:00
|
|
|
return $ gen' r u c cst
|
2011-12-31 08:11:39 +00:00
|
|
|
gen' :: Git.Repo -> UUID -> Maybe RemoteConfig -> Int -> Remote
|
2011-07-15 16:47:14 +00:00
|
|
|
gen' r u c cst =
|
2011-04-17 15:01:34 +00:00
|
|
|
encryptableRemote c
|
|
|
|
(storeEncrypted this)
|
|
|
|
(retrieveEncrypted this)
|
|
|
|
this
|
2012-11-11 04:51:07 +00:00
|
|
|
where
|
|
|
|
this = Remote {
|
|
|
|
uuid = u,
|
|
|
|
cost = cst,
|
|
|
|
name = Git.repoDescribe r,
|
|
|
|
storeKey = store this,
|
|
|
|
retrieveKeyFile = retrieve this,
|
|
|
|
retrieveKeyFileCheap = retrieveCheap this,
|
|
|
|
removeKey = remove this,
|
|
|
|
hasKey = checkPresent this,
|
|
|
|
hasKeyCheap = False,
|
|
|
|
whereisKey = Nothing,
|
|
|
|
config = c,
|
|
|
|
repo = r,
|
|
|
|
localpath = Nothing,
|
|
|
|
readonly = False,
|
|
|
|
remotetype = remote
|
|
|
|
}
|
2011-03-28 05:32:47 +00:00
|
|
|
|
2011-04-15 19:09:36 +00:00
|
|
|
s3Setup :: UUID -> RemoteConfig -> Annex RemoteConfig
|
2011-05-16 15:20:30 +00:00
|
|
|
s3Setup u c = handlehost $ M.lookup "host" c
|
2012-11-11 04:51:07 +00:00
|
|
|
where
|
|
|
|
remotename = fromJust (M.lookup "name" c)
|
|
|
|
defbucket = remotename ++ "-" ++ fromUUID u
|
|
|
|
defaults = M.fromList
|
|
|
|
[ ("datacenter", "US")
|
|
|
|
, ("storageclass", "STANDARD")
|
|
|
|
, ("host", defaultAmazonS3Host)
|
|
|
|
, ("port", show defaultAmazonS3Port)
|
|
|
|
, ("bucket", defbucket)
|
|
|
|
]
|
2011-05-16 15:20:30 +00:00
|
|
|
|
2012-11-11 04:51:07 +00:00
|
|
|
handlehost Nothing = defaulthost
|
|
|
|
handlehost (Just h)
|
|
|
|
| ".archive.org" `isSuffixOf` map toLower h = archiveorg
|
|
|
|
| otherwise = defaulthost
|
2011-05-16 15:20:30 +00:00
|
|
|
|
2012-11-11 04:51:07 +00:00
|
|
|
use fullconfig = do
|
|
|
|
gitConfigSpecialRemote u fullconfig "s3" "true"
|
2012-11-14 23:32:27 +00:00
|
|
|
setRemoteCredPair fullconfig (s3Creds u)
|
2011-05-16 15:20:30 +00:00
|
|
|
|
2012-11-11 04:51:07 +00:00
|
|
|
defaulthost = do
|
|
|
|
c' <- encryptionSetup c
|
|
|
|
let fullconfig = c' `M.union` defaults
|
|
|
|
genBucket fullconfig u
|
|
|
|
use fullconfig
|
2011-05-16 15:20:30 +00:00
|
|
|
|
2012-11-11 04:51:07 +00:00
|
|
|
archiveorg = do
|
|
|
|
showNote "Internet Archive mode"
|
|
|
|
maybe (error "specify bucket=") (const noop) $
|
|
|
|
M.lookup "bucket" archiveconfig
|
|
|
|
use archiveconfig
|
|
|
|
where
|
|
|
|
archiveconfig =
|
|
|
|
-- hS3 does not pass through x-archive-* headers
|
|
|
|
M.mapKeys (replace "x-archive-" "x-amz-") $
|
|
|
|
-- encryption does not make sense here
|
|
|
|
M.insert "encryption" "none" $
|
|
|
|
M.union c $
|
|
|
|
-- special constraints on key names
|
|
|
|
M.insert "mungekeys" "ia" $
|
|
|
|
-- bucket created only when files are uploaded
|
|
|
|
M.insert "x-amz-auto-make-bucket" "1" $
|
|
|
|
-- no default bucket name; should be human-readable
|
|
|
|
M.delete "bucket" defaults
|
2011-03-29 20:21:21 +00:00
|
|
|
|
2012-09-21 18:50:14 +00:00
|
|
|
store :: Remote -> Key -> AssociatedFile -> MeterUpdate -> Annex Bool
|
2012-11-19 02:20:43 +00:00
|
|
|
store r k _f p = s3Action r False $ \(conn, bucket) -> do
|
2012-11-15 17:46:16 +00:00
|
|
|
src <- inRepo $ gitAnnexLocation k
|
2012-11-19 02:20:43 +00:00
|
|
|
res <- storeHelper (conn, bucket) r k p src
|
2011-04-19 18:45:19 +00:00
|
|
|
s3Bool res
|
2011-04-17 15:01:34 +00:00
|
|
|
|
2012-09-21 18:50:14 +00:00
|
|
|
storeEncrypted :: Remote -> (Cipher, Key) -> Key -> MeterUpdate -> Annex Bool
|
2012-11-19 02:20:43 +00:00
|
|
|
storeEncrypted r (cipher, enck) k p = s3Action r False $ \(conn, bucket) ->
|
2011-04-21 14:31:54 +00:00
|
|
|
-- To get file size of the encrypted content, have to use a temp file.
|
|
|
|
-- (An alternative would be chunking to to a constant size.)
|
2011-04-28 00:06:07 +00:00
|
|
|
withTmp enck $ \tmp -> do
|
2011-11-29 02:43:51 +00:00
|
|
|
f <- inRepo $ gitAnnexLocation k
|
2012-11-18 19:27:44 +00:00
|
|
|
liftIO $ encrypt cipher (feedFile f) $
|
|
|
|
readBytes $ L.writeFile tmp
|
2012-11-19 02:20:43 +00:00
|
|
|
res <- storeHelper (conn, bucket) r enck p tmp
|
2011-04-28 00:06:07 +00:00
|
|
|
s3Bool res
|
2011-04-17 15:01:34 +00:00
|
|
|
|
2012-11-19 02:20:43 +00:00
|
|
|
storeHelper :: (AWSConnection, String) -> Remote -> Key -> MeterUpdate -> FilePath -> Annex (AWSResult ())
|
|
|
|
storeHelper (conn, bucket) r k p file = do
|
2011-05-15 06:49:43 +00:00
|
|
|
size <- maybe getsize (return . fromIntegral) $ keySize k
|
2012-11-19 02:20:43 +00:00
|
|
|
meteredBytes (Just p) size $ \meterupdate ->
|
|
|
|
liftIO $ withMeteredFile file meterupdate $ \content -> do
|
|
|
|
-- size is provided to S3 so the whole content
|
|
|
|
-- does not need to be buffered to calculate it
|
|
|
|
let object = setStorageClass storageclass $ S3Object
|
|
|
|
bucket (bucketFile r k) ""
|
|
|
|
(("Content-Length", show size) : xheaders)
|
|
|
|
content
|
|
|
|
sendObject conn object
|
2012-11-11 04:51:07 +00:00
|
|
|
where
|
|
|
|
storageclass =
|
|
|
|
case fromJust $ M.lookup "storageclass" $ fromJust $ config r of
|
|
|
|
"REDUCED_REDUNDANCY" -> REDUCED_REDUNDANCY
|
|
|
|
_ -> STANDARD
|
2012-11-19 02:20:43 +00:00
|
|
|
|
|
|
|
getsize = liftIO $ fromIntegral . fileSize <$> getFileStatus file
|
2012-11-11 04:51:07 +00:00
|
|
|
|
|
|
|
xheaders = filter isxheader $ M.assocs $ fromJust $ config r
|
|
|
|
isxheader (h, _) = "x-amz-" `isPrefixOf` h
|
2011-03-29 22:09:22 +00:00
|
|
|
|
2012-07-01 20:59:54 +00:00
|
|
|
retrieve :: Remote -> Key -> AssociatedFile -> FilePath -> Annex Bool
|
2012-11-19 02:49:07 +00:00
|
|
|
retrieve r k _f d = s3Action r False $ \(conn, bucket) ->
|
|
|
|
metered Nothing k $ \meterupdate -> do
|
|
|
|
res <- liftIO $ getObject conn $ bucketKey r bucket k
|
|
|
|
case res of
|
|
|
|
Right o -> do
|
|
|
|
liftIO $ meteredWriteFile meterupdate d $
|
|
|
|
obj_data o
|
|
|
|
return True
|
|
|
|
Left e -> s3Warning e
|
2011-04-19 18:45:19 +00:00
|
|
|
|
2012-01-20 17:23:11 +00:00
|
|
|
retrieveCheap :: Remote -> Key -> FilePath -> Annex Bool
|
|
|
|
retrieveCheap _ _ _ = return False
|
|
|
|
|
2012-03-04 07:36:39 +00:00
|
|
|
retrieveEncrypted :: Remote -> (Cipher, Key) -> Key -> FilePath -> Annex Bool
|
2012-11-19 02:49:07 +00:00
|
|
|
retrieveEncrypted r (cipher, enck) k d = s3Action r False $ \(conn, bucket) ->
|
|
|
|
metered Nothing k $ \meterupdate -> do
|
|
|
|
res <- liftIO $ getObject conn $ bucketKey r bucket enck
|
|
|
|
case res of
|
|
|
|
Right o -> liftIO $ decrypt cipher (\h -> meteredWrite meterupdate h $ obj_data o) $
|
|
|
|
readBytes $ \content -> do
|
|
|
|
L.writeFile d content
|
|
|
|
return True
|
|
|
|
Left e -> s3Warning e
|
2011-04-19 18:45:19 +00:00
|
|
|
|
2011-12-31 08:11:39 +00:00
|
|
|
remove :: Remote -> Key -> Annex Bool
|
2011-03-30 19:25:59 +00:00
|
|
|
remove r k = s3Action r False $ \(conn, bucket) -> do
|
2011-05-16 15:20:30 +00:00
|
|
|
res <- liftIO $ deleteObject conn $ bucketKey r bucket k
|
2011-04-19 18:50:09 +00:00
|
|
|
s3Bool res
|
|
|
|
|
2011-12-31 08:11:39 +00:00
|
|
|
checkPresent :: Remote -> Key -> Annex (Either String Bool)
|
2011-04-19 18:50:09 +00:00
|
|
|
checkPresent r k = s3Action r noconn $ \(conn, bucket) -> do
|
2011-07-19 18:07:23 +00:00
|
|
|
showAction $ "checking " ++ name r
|
2011-05-16 15:20:30 +00:00
|
|
|
res <- liftIO $ getObjectInfo conn $ bucketKey r bucket k
|
2011-03-29 22:21:05 +00:00
|
|
|
case res of
|
2011-04-19 18:50:09 +00:00
|
|
|
Right _ -> return $ Right True
|
|
|
|
Left (AWSError _ _) -> return $ Right False
|
|
|
|
Left e -> return $ Left (s3Error e)
|
2012-11-11 04:51:07 +00:00
|
|
|
where
|
|
|
|
noconn = Left $ error "S3 not configured"
|
2011-04-19 18:45:19 +00:00
|
|
|
|
|
|
|
s3Warning :: ReqError -> Annex Bool
|
|
|
|
s3Warning e = do
|
|
|
|
warning $ prettyReqError e
|
|
|
|
return False
|
|
|
|
|
|
|
|
s3Error :: ReqError -> a
|
|
|
|
s3Error e = error $ prettyReqError e
|
|
|
|
|
|
|
|
s3Bool :: AWSResult () -> Annex Bool
|
2011-07-15 16:47:14 +00:00
|
|
|
s3Bool (Right _) = return True
|
|
|
|
s3Bool (Left e) = s3Warning e
|
2011-04-19 18:50:09 +00:00
|
|
|
|
2011-12-31 08:11:39 +00:00
|
|
|
s3Action :: Remote -> a -> ((AWSConnection, String) -> Annex a) -> Annex a
|
2011-05-01 18:05:10 +00:00
|
|
|
s3Action r noconn action = do
|
2011-09-21 03:24:48 +00:00
|
|
|
when (isNothing $ config r) $
|
2011-05-01 18:05:10 +00:00
|
|
|
error $ "Missing configuration for special remote " ++ name r
|
|
|
|
let bucket = M.lookup "bucket" $ fromJust $ config r
|
2012-09-26 16:06:44 +00:00
|
|
|
conn <- s3Connection (fromJust $ config r) (uuid r)
|
2011-05-01 18:05:10 +00:00
|
|
|
case (bucket, conn) of
|
|
|
|
(Just b, Just c) -> action (c, b)
|
|
|
|
_ -> return noconn
|
|
|
|
|
2011-12-31 08:11:39 +00:00
|
|
|
bucketFile :: Remote -> Key -> FilePath
|
2012-08-08 20:06:01 +00:00
|
|
|
bucketFile r = munge . key2file
|
2012-11-11 04:51:07 +00:00
|
|
|
where
|
|
|
|
munge s = case M.lookup "mungekeys" c of
|
|
|
|
Just "ia" -> iaMunge $ fileprefix ++ s
|
|
|
|
_ -> fileprefix ++ s
|
|
|
|
fileprefix = M.findWithDefault "" "fileprefix" c
|
|
|
|
c = fromJust $ config r
|
2011-05-16 15:20:30 +00:00
|
|
|
|
2011-12-31 08:11:39 +00:00
|
|
|
bucketKey :: Remote -> String -> Key -> S3Object
|
2011-05-16 15:20:30 +00:00
|
|
|
bucketKey r bucket k = S3Object bucket (bucketFile r k) "" [] L.empty
|
|
|
|
|
|
|
|
{- Internet Archive limits filenames to a subset of ascii,
|
|
|
|
- with no whitespace. Other characters are xml entity
|
|
|
|
- encoded. -}
|
|
|
|
iaMunge :: String -> String
|
2011-05-16 18:49:28 +00:00
|
|
|
iaMunge = (>>= munge)
|
2012-11-11 04:51:07 +00:00
|
|
|
where
|
|
|
|
munge c
|
|
|
|
| isAsciiUpper c || isAsciiLower c || isNumber c = [c]
|
|
|
|
| c `elem` "_-.\"" = [c]
|
|
|
|
| isSpace c = []
|
|
|
|
| otherwise = "&" ++ show (ord c) ++ ";"
|
2011-05-01 18:05:10 +00:00
|
|
|
|
2012-09-26 16:06:44 +00:00
|
|
|
genBucket :: RemoteConfig -> UUID -> Annex ()
|
|
|
|
genBucket c u = do
|
|
|
|
conn <- s3ConnectionRequired c u
|
2011-07-19 18:07:23 +00:00
|
|
|
showAction "checking bucket"
|
2011-05-16 13:42:54 +00:00
|
|
|
loc <- liftIO $ getBucketLocation conn bucket
|
|
|
|
case loc of
|
2012-04-22 03:32:33 +00:00
|
|
|
Right _ -> noop
|
2011-05-16 13:42:54 +00:00
|
|
|
Left err@(NetworkError _) -> s3Error err
|
|
|
|
Left (AWSError _ _) -> do
|
2011-07-19 18:07:23 +00:00
|
|
|
showAction $ "creating bucket in " ++ datacenter
|
2011-05-16 13:42:54 +00:00
|
|
|
res <- liftIO $ createBucketIn conn bucket datacenter
|
|
|
|
case res of
|
2012-04-22 03:32:33 +00:00
|
|
|
Right _ -> noop
|
2011-05-16 13:42:54 +00:00
|
|
|
Left err -> s3Error err
|
2012-11-11 04:51:07 +00:00
|
|
|
where
|
|
|
|
bucket = fromJust $ M.lookup "bucket" c
|
|
|
|
datacenter = fromJust $ M.lookup "datacenter" c
|
2011-05-16 13:42:54 +00:00
|
|
|
|
2012-09-26 16:06:44 +00:00
|
|
|
s3ConnectionRequired :: RemoteConfig -> UUID -> Annex AWSConnection
|
|
|
|
s3ConnectionRequired c u =
|
|
|
|
maybe (error "Cannot connect to S3") return =<< s3Connection c u
|
2011-04-19 18:50:09 +00:00
|
|
|
|
2012-09-26 16:06:44 +00:00
|
|
|
s3Connection :: RemoteConfig -> UUID -> Annex (Maybe AWSConnection)
|
2012-11-14 23:32:27 +00:00
|
|
|
s3Connection c u = go =<< getRemoteCredPair c creds
|
2012-11-11 04:51:07 +00:00
|
|
|
where
|
2012-11-14 23:32:27 +00:00
|
|
|
go Nothing = do
|
|
|
|
warning $ "Set both " ++ s3AccessKey ++ " and " ++ s3SecretKey ++ " to use S3"
|
|
|
|
return Nothing
|
|
|
|
go (Just (ak, sk)) = return $ Just $ AWSConnection host port ak sk
|
|
|
|
|
|
|
|
creds = s3Creds u
|
|
|
|
(s3AccessKey, s3SecretKey) = credPairEnvironment creds
|
|
|
|
|
2012-11-11 04:51:07 +00:00
|
|
|
host = fromJust $ M.lookup "host" c
|
|
|
|
port = let s = fromJust $ M.lookup "port" c in
|
|
|
|
case reads s of
|
|
|
|
[(p, _)] -> p
|
|
|
|
_ -> error $ "bad S3 port value: " ++ s
|
2011-05-01 18:05:10 +00:00
|
|
|
|
2012-11-14 23:32:27 +00:00
|
|
|
s3Creds :: UUID -> CredPairStorage
|
|
|
|
s3Creds u = CredPairStorage
|
|
|
|
{ credPairFile = fromUUID u
|
|
|
|
, credPairEnvironment = ("AWS_ACCESS_KEY_ID", "AWS_SECRET_ACCESS_KEY")
|
|
|
|
, credPairRemoteKey = Just "s3creds"
|
|
|
|
}
|
2012-09-26 18:42:51 +00:00
|
|
|
|
2012-11-17 19:30:11 +00:00
|
|
|
setCredsEnv :: (String, String) -> IO ()
|
|
|
|
setCredsEnv creds = setEnvCredPair creds $ s3Creds undefined
|