This time I am using carrierwave gem with rmagick and fog. Fog is made specifically to upload to Amazon S3.
I'm going to go through what I had to learn.
Having ENV variables: This is a file on your computer that your apps can point to and get information that you don't want to have in your app. More on why this is important later!
I didn't understand how it worked. The directions said:
Since it's a bad practice to have your credentials in source code, you should load them from default fog configuration file:
~/.fog. This file could look like this:default:
aws_access_key_id:
aws_secret_access_key:
So there is a file called .fog that is in my directory and I should put my aws credentials there.
Ok, did that, app doesn't work. I now know that the repo for fog needs to be a whole more descriptive. Developers assume you know some things that they don't tell you and it is annoying reading these readme files. Like for instance, the .fog file did not exist, I had to create it. Also, the app needs you to specify the region and the bucket name.
Here is my slack conversation with a senior developer. You'll need to provide your fog_credentials and a fog_directory (also known as a bucket) in an initializer. For the sake of performance it is assumed that the directory already exists, so please create it if need be. You can also pass in additional options, as documented fully in lib/carrierwave/storage/fog.rb. Here's a full example:
```ruby
CarrierWave.configure do |config|
config.fog_credentials = {
:provider => 'AWS', # required
:aws_access_key_id => 'xxx', # required
:aws_secret_access_key => 'yyy', # required
:region => 'eu-west-1', # optional, defaults to 'us-east-1'
:host => 's3.example.com', # optional, defaults to nil
:endpoint => 'https://s3.example.com:8080' # optional, defaults to nil
}
config.fog_directory = 'name_of_directory' # required
config.fog_public = false # optional, defaults to true
config.fog_attributes = {'Cache-Control'=>'max-age=315576000'} # optional, defaults to {}
end
```
So I put my credentials in this file and pushed to github. Some of you are cringing right now because you know what that means. I realized a while later that my ENV variable go in place of 'AWS','XXX' and so forth. The fact that the example has the actual region 'eu-west-1' made me think this is where those credentials go. After I fixed this, the app was still throwing errors! 9:27pm
Here is when I learned about the .bash_profile and how it works with Iterm or terminal. This is a file that has your ENV variables and you can use it to make sure that they are set correctly.
Can I just say how awesome it is to have friend who is a developer/jedi master. He illuminated my path as I was in the darkness, barely able to feel the force. But this padawan is learning.
Ok so earlier I told you that ENV variable are for info that your app needs but you can not put in your app. There reason is that your aws credentials must be inputed into Heroku config manually so your app can use it. NOT through a file in your app. I made this mistake when I first put my credentials in the carrierwave.rb file. I got a message from Amazon. I'll let you read it.
Case ID: 1648488551Subject: Your AWS account is compromisedSeverity: LowCorrespondence: Dear AWS Customer,
Your AWS Account is compromised! Please review the following notice and take immediate action to secure your account.
Your security is important to us. We have become aware that the AWS Access Key AKIAI3273*hidden along with the corresponding Secret Key is publicly available online at https://github.com/search?q=AKIAI3273PKPPCD3KFPQ&type=Code&utf8=%25E2%259C%2593.
This poses a security risk to your account and other users, could lead to excessive charges from unauthorized activity or abuse, and violates the AWS Customer Agreement.
We also believe that this credential exposure led to unauthorized activity in your account.
Your current EC2 usage is about $1200 per day.
My eyes were fixated on that number after the $. Whaaaaat
Good thing Amazon is so cool. They congradulated me on fixing the problem so soon and started a refund request for me. See the thing is I had no idea this was happening. I pushed the file to github and then I knew it wasn't the right thing to do and deleted it. I was reading this email 2 days later saying "Lord Jesus please handle this. We both know I ain't got no $1200" So i'm still waiting to hear from Amazon as to the refund request.
So to recap, I switched the app from paperclip to carrierwave and the documentation for carrierwave is more detailed that paperclip. (after finishing this app) I went back and read the paperclip gem and I believe I can use it on amazon s3. But I understood it only after using carrierwave.
Sorry for some of the formatting issues. The background makes it easier to read code, but copy and pasting my chat history from Slack comes with some color issues.
Kenyacode
No comments:
Post a Comment