diff options
author | Eugen <eugen@zeonfederated.com> | 2017-04-08 11:38:33 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2017-04-08 11:38:33 +0200 |
commit | a2ec54a20b7426bf6e3d75de19b81e4c4392b7b1 (patch) | |
tree | a45513fa2f0120587958808d62e8c887c5949eb8 | |
parent | e33dcb79c6d13d9ae0d2c9f977077e74e5d59a6f (diff) | |
parent | 4fb24a70d38ff1097f36069caf8532741c486135 (diff) |
Merge pull request #1198 from huertanix/patch-1
Update Heroku-guide.md
-rw-r--r-- | docs/Running-Mastodon/Heroku-guide.md | 34 |
1 files changed, 34 insertions, 0 deletions
diff --git a/docs/Running-Mastodon/Heroku-guide.md b/docs/Running-Mastodon/Heroku-guide.md index 269bc6331..4978a20ac 100644 --- a/docs/Running-Mastodon/Heroku-guide.md +++ b/docs/Running-Mastodon/Heroku-guide.md @@ -39,6 +39,40 @@ You will want Amazon S3 for file storage. The only exception is for development purposes, where you may not care if files are not saved. Follow a guide online for creating a free Amazon S3 bucket and Access Key, then enter the details. +If you deploy from the web, the format for all the S3 bits use Paperclip conventions: + +S3 Bucket is just the name of the bucket, e.g. `bucketname` not the full ARN. + +S3 Region is the AWS code for the region e.g. `ap-northeast-1` not the name of the city displayed on the AWS Dashboard. + +To protect the privacy of the users of the your instance, you should have permissons on the your S3 bucket set to no-read and no-write for the public and non-application-specific AWS users, with only one authorized IAM user or group set up to be able to upload or display content. This is an example of an IAM policy used for the S3 bucket used Mastadon instance hentai.loan: + + { + "Version": "2012-10-17", + "Statement": [ + { + "Effect": "Allow", + "Action": [ + "s3:ListAllMyBuckets" + ], + "Resource": [ + "arn:aws:s3:::*" + ] + }, + { + "Effect": "Allow", + "Action": [ + "s3:*" + ], + "Resource": [ + "arn:aws:s3:::hentailoan”, + "arn:aws:s3:::hentailoan/*" + ] + } + ] + } + + ## Deployment You can deploy from the Heroku web interface or from the command line. Run: |