I am trying to use paperclip with S3 AWS. I have set the secret keys and bucket name in the .bash_profile but Rials/Paperclip cannot seem to read them as i get the following error when i try to upload an image in development...
'missing required :bucket option'
If i replace the ENV['S3_BUCKET_NAME'] with the actual name, i then get the following...
'Missing Credentials. Unable to find AWS credentials'
Here is the set-up in the model...
has_attached_file :image, :styles => { :medium => "300x300>", :thumb => "100x100>" },
:storage => :s3,
:s3_credentials => {
:bucket => ENV['S3_BUCKET_NAME'],
:access_key_id => ENV['AWS_ACCESS_KEY_ID'],
:secret_access_key => ENV['AWS_SECRET_ACCESS_KEY']
},
:s3_host_name => 's3-eu-west-1.amazonaws.com'
I have tried putting the credentials in the development config file in Rails but i have the same errors. Do i need to tell rails where to look for the ENV variables or am I doing something else wrong here? It seems others are having similar issues but i cannot find a solution.
Thanks for reading.
Just store the AWS bucket, key and key_id in a YAML file and in 'config/initializers', create a new file to read the YAML file contents and set the corresponding ENV variables. Don't forget to restart your rails server
Example
google_client = YAML.load_file("#{Rails.root.join('config/google_client.yml')}")
ENV['GOOGLE_APP_NAME'] = google_client['APP_NAME']
ENV['GOOGLE_CLIENT_ID'] = google_client['CLIENT_ID']
ENV['GOOGLE_CLIENT_SECRET'] = google_client['CLIENT_SECRET']
ENV['GOOGLE_CLIENT_SCOPE'] = google_client['CLIENT_SCOPE']
Typically, we do not push the aws info in Github commit but just ssh to the remote server and place the YAML file in the config folder in our Rails app. So only people who have access to your server can read your aws credentials and not all people even if they have Github access.
tell me if this solves your problem.
Related
I have a rails 4 app deployed on heroku. I'm using Amazon s3 bucket to host images (using paperclip gem), but when I try to upload an image to my articles controller i get this error:
Permission denied # dir_s_mkdir - /articles
I have gone through the steps listed here. As i understand this could be a folder permission issue, but not really to sure how to tackle the issue.
Try putting the following code in your /config/environments/production.rb file and update ENV secret key names accordingly. The host name is dependent on your region, us-west-1, eu-west-1, etc.
config.paperclip_defaults = {
:storage => :s3,
:s3_credentials => {
:bucket => ENV['S3_BUCKET_NAME'],
:access_key_id => ENV['AWS_ACCESS_KEY_ID'],
:secret_access_key => ENV['AWS_SECRET_ACCESS_KEY'],
:s3_host_name => 's3-us-west-1.amazonaws.com'
}
}
I have tried many different ways to set up S3 using ENV variables for image uploads and cannot get it to work. I know my keys and bucket name work, because when I put them straight into the code, my images upload correctly. However, when I try to switch to ENV variables, things do not work.
I used the figaro gem, which created application.yml. In that file, I have:
S3_BUCKET_NAME "xxxxx"
AWS_ACCESS_KEY_ID: "AAAAAAAAA"
AWS_SECRET_ACCESS_KEY: "BBBbbbBBBB"
Not sure if there should be any quotation marks there or not, but right now, I have them in. I have tried without, also.
In my model (listing.rb), I have:
has_attached_file :image,
:styles => { :medium => "200x" , :thumb => "100x100" },
:default_url => "default.png",
:storage => :s3,
:s3_credentials => Proc.new{|a| a.instance.s3_credentials }
def s3_credentials
{:bucket => ENV["S3_BUCKET_NAME"], :access_key_id => ENV["AWS_ACCESS_KEY_ID"],
:secret_access_key => ENV["AWS_SECRET_ACCESS_KEY"]
end
Like I said, when I hard code the values into def s3_credentials, everything works fine. It's just when I try to swap out ENV variables that things fall apart.
In paperclip.rb, I have:
Paperclip::Attachment.default_options[:s3_host_name] = 's3-us-west-2.amazonaws.com'
I also have this code in both production.rb and development.rb:
config.paperclip_defaults = {
:storage => :s3,
:s3_credentials => {
:bucket => ENV['S3_BUCKET_NAME'],
:access_key_id => ENV['AWS_ACCESS_KEY_ID'],
:secret_access_key => ENV['AWS_SECRET_ACCESS_KEY']
}
}
Here is the error message I get when uploading a new image: "The request signature we calculated does not match the signature you provided. Check your key and signing method." On line: "if #listing.save". The ones that were uploaded w/ the credentials hard-coded are still able to be seen in my app.
I'm fairly new to rails and have looked here and other places, including the S3 and paperclip docs, and cannot find a solution that will work. Please let me know if you need to see any other code. I plan on deploying to heroku, if that matters, and saw that figaro is supposed to play nicely with heroku. THANK YOU.
EDIT/UPDATE: For anyone else reading this in the future, Sachin's answer below worked. However, there was a '+' in one of my key IDs. When trying to added the ENV variable via command line, all the characters after the '+' (and including it) were cut off. Simply wrap them in "", and you should be good to go.
Also, I dropped use of the figaro gem, and set up an aws.rb initializer file (per Amazon's instructions). Here are the contents of that file:
AWS.config(
:access_key_id => ENV['AWS_ACCESS_KEY_ID'],
:secret_access_key => ENV['AWS_SECRET_ACCESS_KEY']
)
S3_BUCKET = AWS::S3.new.buckets[ENV['S3_BUCKET']]
And I don't know if this made any difference, but my development.rb and production.rb files now have the following as paperclip defaults:
config.paperclip_defaults = {
:storage => :s3,
:bucket => "your_real_bucket_name_here_in_quotes",
:s3_credentials => {
:access_key_id => ENV['AWS_ACCESS_KEY_ID'],
:secret_access_key => ENV['AWS_SECRET_ACCESS_KEY']
}
}
Also note the switch to referring to the ENV bucket name as S3_BUCKET vs. S3_BUCKET_NAME.
And the code in my model (listing.rb) is now this:
has_attached_file :image, :styles => { :medium => "200x", :thumb "100x100"}, :default_url => "default.png", :storage => :s3, :bucket => "your_real_bucket_name_here_in_quotes"
validates_attachment_content_type :image, :content_type => ["image/jpg", "image/jpeg", "image/png", "image/gif"]
You can do one thing:
You can set this configuration in your development.rb or production.rb
config.paperclip_defaults = {
:storage => :s3,
:s3_credentials => {
:bucket => ENV['S3_BUCKET_NAME'],
:access_key_id => ENV['AWS_ACCESS_KEY_ID'],
:secret_access_key => ENV['AWS_SECRET_ACCESS_KEY']
}
}
And If you want to set this environment variables into local then use this:
sudo nano ~/.profile
Then add your variables over here
export S3_BUCKET_NAME="your bucket name"
export AWS_ACCESS_KEY_ID="your access key id"
export AWS_SECRET_ACCESS_KEY="your secret access key"
And then reload your ~/.profile with . ~/.profile
Check added variable with echo $S3_BUCKET_NAME
And for Heroku
You can set your variable like:
heroku config:set S3_BUCKET_NAME="your bucket name"
heroku config:set AWS_ACCESS_KEY_ID="your access key id"
heroku config:set AWS_SECRET_ACCESS_KEY="your secret access key"
Check that variables added or not in heroku with heroku config
For more detail you can refer form here.
Let me know if you need me more..
I'm sorry to rehash an old gripe but I'm at my wits end and not sure where to go next. I am using Paperclip on Heroku and have S3 uploads configured. I was able to get things working in my local development environment but once it's running on Heroku I run into this error:
AWS::S3::Errors::PermanentRedirect (The bucket you are attempting to access must be addressed using the specified endpoint. Please send all future requests to this endpoint.
I've googled this error and read through the Heroku documentation and I believe I have everything set up correctly. I initially thought that my problems stemmed from having my bucket in the s3-us-west-1.amazonaws.com region, but I'm not convinced anymore.
Here are the relevant parts of my Heroku config:
AWS_REGION: us-west-1
S3_BUCKET_NAME: my-super-awesomely-amazing-bucket
From my config/environments/production.rb file:
config.paperclip_defaults = {
:storage => :s3,
:s3_credentials => {
:bucket => ENV['S3_BUCKET_NAME'],
:access_key_id => ENV['AWS_ACCESS_KEY_ID'],
:secret_access_key => ENV['AWS_SECRET_ACCESS_KEY']
}
}
My paperclip.rb initialize file:
if Rails.env.production?
Paperclip::Attachment.default_options[:url] = ':s3_domain_url'
Paperclip::Attachment.default_options[:path] = '/:class/:attachment/:id_partition/:style/:filename'
Paperclip::Attachment.default_options[:s3_host_name] = 's3-us-west-1.amazonaws.com'
end
And my paperclip config from the relevant model:
has_attached_file :document,
:styles => { },
:default_url => "/image_styles/:style/missing.png"
So...what am I doing wrong here? At this point I'm sure I've missed something obvious but I'm stumped on where to go from here. I feel like I've assiduously configured everything and yet that PermanentRedirect error keeps coming up.
Bucket
This might not be the direct solution, but we've found that you have to include the bucket option outside of your s3_credentials block:
#config/environments/production.rb
config.paperclip_defaults = {
storage: :s3,
s3_host_name: 's3-eu-west-1.amazonaws.com',
s3_credentials: {
access_key_id: ENV['AWS_ACCESS_KEY_ID'],
secret_access_key: ENV['AWS_SECRET_ACCESS_KEY']
},
bucket: ENV['S3_BUCKET_NAME']
}
This is working 100% for us on Heroku, but whether it wil work for you (as your bucket is in a different region) is a different matter
If you need more help, ask a comment and I'll gladly give you some ideas
Try this link http://adamthedeveloper.blogspot.in/2014/02/awss3permanentredirect-bucket-you-are.html . Previously this happened to Europe region buckets only and get resolved by setting AWS::S3::DEFAULT_HOST. Hope this solve your issue.
Paperclip works perfectly for my app on Heroku, but I can't seem to get it working locally. Every time I try to do something I get an "missing required :bucket option" ... but the bucket is there and it works on Heroku!
Here's my model if it helps:
has_attached_file :screen_one, :styles => { :medium => "800x600>", :thumb => "110x80#" },
:storage => :s3,
:s3_credentials => {
:access_key_id => ENV['accesskeyishere'],
:bucket => ENV['sitebuilderreport'],
:secret_access_key => ENV['secretaccesskeyishere']
}
I've changed the access keys since this is a public post :)
I met the same problem (missing :bucket every single where). The answer below works perfectly in my case.
a. Add these to .bash_profile (Note: Fill in with your Amazon account credentials)
export AWS_ACCESS_KEY_ID=XXXXXXXXXX
export AWS_SECRET_ACCESS_KEY=XXXXXXXXXX
export AWS_BUCKET=XXXXXXXXXX
b. This is my development.rb (Note: Copy and paste without changing anything)
Paperclip.options[:command_path] = "/usr/local/bin/"
config.paperclip_defaults = {
:storage => :s3,
:s3_credentials => {
:bucket => ENV['AWS_BUCKET'],
:access_key_id => ENV['AWS_ACCESS_KEY_ID'],
:secret_access_key => ENV['AWS_SECRET_ACCESS_KEY']
}
}
Be sure you rebundle your Rails app with the latest paperclip and aws-s3 gems. Also, make sure you quit your Terminal and run everything again since this is an update to your .bash_profile file.
I hope everything works out now.
You should define the ENV[] variables in your user .bash_profile in mac os.
You should do "heroku config" to see your heroku environement keys for S3 and define it in your local environement.
For example:
$ heroku config
AWS_ACCESS_KEY_ID: your_S3_XXX_key<br />
AWS_SECRET_ACCESS_KEY: your_secret_XXX_key<br />
AWS_BUCKET: your_production_bucket<br />
DATABASE_URL: postgres://xxxxxxx<br />
[...]<br />
You should copy the access_key and secret in your .bash_profile file:
export AWS_ACCESS_KEY_ID=your_S3_XXX_key<br />
export AWS_SECRET_ACCESS_KEY=your_secret_XXX_key
export AWS_BUCKET=your_development_bucket => "Specify new bucket for your dev environement".
In case anyone is doing the same silly thing I did - and making a local script to source that exports all of the AWS environment variables - be sure you source it in the same Terminal session that you're generating the rails server in! If you use split windows (CMD SHIFT D), bear in mind that sourcing the proper environment variables in one does not do so in the other. Very silly mistake but I'm sure (or at least mildly hopeful) that I won't be the only one who makes it.
You can also simply use (filling in the correct values of course):
config.paperclip_defaults = {
:storage => :s3,
:s3_credentials => {
:bucket => 'AWS_BUCKET',
:access_key_id => 'AWS_ACCESS_KEY_ID',
:secret_access_key => 'AWS_SECRET_ACCESS_KEY'
}
}
I had the same problem and I had config/application.yml (not sure if its a legacy thing or where it came from) but this allows environment variables to be set within rails 'codebase'. I forgot it was here, ignored in heroku and was overriding some settings that were not set.doh!
I'm pretty new to ROR. I've recently deployed an app on heroku and have tried to add an attachment function to the app via paperclip.
I've followed all the steps in adding aws-s3 to my app. Here was my initial code:
user.rb (model)
has_attached_file :avatar,
:styles => {:small => "70x70>"},
:storage => :s3,
:s3_credentials => "#{RAILS_ROOT}/config/s3.yml",
:path => ":attachment/:id/:style/:basename.:extension"
validates_attachment_size :avatar, :less_than => 1.megabytes
validates_attachment_content_type :avatar, :content_type => ['image/jpeg', 'image/png']
s3.yml (file is located in config folder) note: all of these buckets exist on my aws-s3
development:
bucket: my_avatar-dev
access_key_id: amazonaccesskey
secret_access_key: amazon_secret_access_key
test:
bucket: myapp_avatar-test
access_key_id: amazonaccesskey
secret_access_key: amazon_secret_access_key
production:
bucket: myapp_avatar-pro
access_key_id: amazonaccesskey
secret_access_key: amazon_secret_access_key
gemfile
gem 'aws-s3'
When running this configuration, I would get a error page 500 error when loading my app. Running Heroku logs showed the following error: AWS::S3::MissingAccessKey (You did not provide both required access keys.
So I followed some advice and defined the key and secret_key as environment variables to heroku, using the following line of code:
heroku config:add S3_KEY=amazonaccesskey S3_SECRET=amazon_secret_key
I then added an initializer to test environments and launch via key or .yml file depending on environment, code is as follows:
initializers/s3.rb
if Rails.env == "production"
# set credentials from ENV hash
S3_CREDENTIALS = { :access_key_id => ENV['S3_KEY'], :secret_access_key => ENV['S3_SECRET'], :bucket => "myapp_avatar-pro"}
else
# get credentials from YML file
S3_CREDENTIALS = Rails.root.join("config/s3.yml")
end
user.rb model was then update to the following:
has_attached_file :avatar, :storage => :s3, :s3_credentials => S3_CREDENTIALS
I then deployed to heroku and tested the app, but I still keep getting the same error (page 500) and error code: AWS::S3::MissingAccessKey (You did not provide both required access keys.
How is this possible if I have defined the variables in heroku? Is there something I am missing? Is it possible it's something with the gem? Also, I'm using HAML for styling... not sure that matters at all, but just in case it does. I'm quite lost, so any help would be greatly appreciated. Thank you so much!
Having just worked through the same problem and trawling a number of similar posts. I found that any of the possible configurations in the above answer i.e. declaring all of the hashes in the model, using the .yml or using the initializer all work fine from my dev and on heroku as long as the S3 bucket is of US Standard type> The choice is just about how DRY you want to be.
When I originally set S3 up, I used a European bucket. This gave me the spurious error message:
AWS::S3::MissingAccessKey (You did not provide both required access keys.
I note from the AWS site : http://docs.amazonwebservices.com/general/latest/gr/index.html?rande.html
that AWS uses a specific endpoint address for each region to reduce latency and am guessing (because I am a novice coder) that the US standard is either a default or coded into the AWS-S3 plugin. (Maybe someone can edit this up into a more complete answer?)
I solved this problem with this:
:s3_credentials => {
:access_key_id => 'mykey',
:secret_access_key => 'mykey'