@allyusd/strapi-provider-upload-azure-storage
v1.1.1
Published
Plugin enabling image uploading to azure storage from strapi.
Downloads
39
Maintainers
allyusdReadme
Strapi Provider Upload Azure Storage
Plugin enabling image uploading to azure storage from strapi.
Fork Notice
This is a fork of the original jakeFeldman/strapi-provider-upload-azure-storage project. It has been modified to meet specific personal requirements and may not align with the original design principles. These changes could potentially break compatibility and are unlikely to be suitable for most use cases.
- Implemented getSignedUrl functions that always return a read-only signed URL, as isPrivate will always return true.
- Implemented hackCustomFilename, where the @ character in the provided filename is converted to a / (path separator).
- Allowed defaultPath to be empty.
Getting Started
These instructions will get you a copy of the project up and running on your local machine for development and testing purposes. See deployment for notes on how to deploy the project on a live system.
Prerequisites
Installing
Inside your strapi project run the following
yarn add strapi-provider-upload-azure-storage
# or
npm install strapi-provider-upload-azure-storageUsage
To enable the provider, create or edit the file at ./config/plugins.js.
This is an example plugins.js file for Azure storage:
module.exports = ({ env }) => ({
upload: {
config: {
provider: "strapi-provider-upload-azure-storage",
providerOptions: {
authType: env("STORAGE_AUTH_TYPE", "default"),
account: env("STORAGE_ACCOUNT"),
accountKey: env("STORAGE_ACCOUNT_KEY"),//either account key or sas token is enough to make authentication
sasToken: env("STORAGE_ACCOUNT_SAS_TOKEN"),
serviceBaseURL: env("STORAGE_URL"), // optional
containerName: env("STORAGE_CONTAINER_NAME"),
createContainerIfNotExist: env("STORAGE_CREATE_CONTAINER_IF_NOT_EXIST", 'false'), // optional
publicAccessType: env("STORAGE_PUBLIC_ACCESS_TYPE"), // optional ('blob' | 'container')
defaultPath: "assets",
cdnBaseURL: env("STORAGE_CDN_URL"), // optional
defaultCacheControl: env("STORAGE_CACHE_CONTROL"), // optional
removeCN: env("REMOVE_CONTAINER_NAME"), // optional, if you want to remove container name from the URL
},
},
},
});
// For using azure identities, the correct authType is 'msi' or (provide it in the environment variable)
// clientId is used for Azure User-Assigned Identity access. If not provided, system-assigned managed identity is used instead
// RBAC Role Storage Blob Data Contributor required for MSI
module.exports = ({ env }) => ({
upload: {
config: {
provider: "strapi-provider-upload-azure-storage",
providerOptions: {
authType: 'msi',
account: env("STORAGE_ACCOUNT"),
clientId: env("STORAGE_AZURE_CLIENT_ID"), // optional
serviceBaseURL: env("STORAGE_URL"), // optional
containerName: env("STORAGE_CONTAINER_NAME"),
createContainerIfNotExist: env("STORAGE_CREATE_CONTAINER_IF_NOT_EXIST", 'false'), // optional
publicAccessType: env("STORAGE_PUBLIC_ACCESS_TYPE"), // optional ('blob' | 'container')
defaultPath: "assets",
cdnBaseURL: env("STORAGE_CDN_URL"), // optional
defaultCacheControl: env("STORAGE_CACHE_CONTROL"), // optional
removeCN: env("REMOVE_CONTAINER_NAME"), // optional, if you want to remove container name from the URL
},
},
},
});
| Property | Required | Description |
| ------------------------- | --------------------------------------------- | ------------------------------------------------------------------------------------------------------|
| authType | true | Whether to use a SAS key ("default") or an identity ("msi") |
| account | true | Azure account name |
| accountKey | if 'authType 'default' | Secret access key |
| clientId | false (consumed if 'authType 'msi') | Azure user-assigned identity client ID. If not provided, system-assigned managed identity ID is used |
| sasToken | false | SAS Token, either accountKey or SASToken is required if 'authType is 'default' |
| serviceBaseURL | false | Base service URL to be used, optional. Defaults to https://${account}.blob.core.windows.net |
| containerName | true | Container name |
| createContainerIfNotExist | false | Attempts to create the container if not existing. Must be one of 'true' or any string |
| publicAccessType | false (param for 'createContainerIfNotExist') | Sets the public access of a newly created container to one of 'blob' or 'container' |
| defaultPath | true | The path to use when there is none being specified. Defaults to assets |
| cdnBaseURL | false | CDN base url |
| defaultCacheControl | false | Cache-Control header value for all uploaded files |
| removeCN | false | Set to true, to remove container name from azure URL |
Security Middleware Configuration
Due to the default settings in the Strapi Security Middleware you will need to modify the contentSecurityPolicy settings to properly see thumbnail previews in the Media Library. You should replace strapi::security string with the object bellow instead as explained in the middleware configuration documentation.
To allow the azure storage content to be displayed, edit the file at ./config/middlewares.js.
You should replace the strapi::security string with the object below instead, see the Middlewares configuration documentation for more details.
./config/middlewares.js
module.exports = [
// ...
{
name: "strapi::security",
config: {
contentSecurityPolicy: {
useDefaults: true,
directives: {
"connect-src": ["'self'", "https:"],
"img-src": [
"'self'",
"data:",
"blob:",
"dl.airtable.com", // Required for Strapi < 4.10.6, you can remove it otherwise
"https://market-assets.strapi.io", // Required for Strapi >= 4.10.6, you can remove it otherwise
/**
* Note: If using a STORAGE_URL replace `https://${process.env.STORAGE_ACCOUNT}.blob.core.windows.net` w/ process.env.STORAGE_URL
* If using a CDN URL make sure to include that url in the CSP headers process.env.STORAGE_CDN_URL
*/
`https://${process.env.STORAGE_ACCOUNT}.blob.core.windows.net`,
],
"media-src": [
"'self'",
"data:",
"blob:",
"dl.airtable.com", // Required for Strapi < 4.10.6, you can remove it otherwise
/**
* Note: If using a STORAGE_URL replace `https://${process.env.STORAGE_ACCOUNT}.blob.core.windows.net` w/ process.env.STORAGE_URL
* If using a CDN URL make sure to include that url in the CSP headers process.env.STORAGE_CDN_URL
*/
`https://${process.env.STORAGE_ACCOUNT}.blob.core.windows.net`,
],
upgradeInsecureRequests: null,
},
},
},
},
// ...
];serviceBaseURL is optional, it is useful when connecting to Azure Storage API compatible services, like the official emulator Azurite. serviceBaseURL would then look like http://localhost:10000/your-storage-account-key.
When serviceBaseURL is not provided, default https://${account}.blob.core.windows.net will be used.
createContainerIfNotExist can also be useful when working with Azurite as the tool provides very little by way of startup scripting.
cdnBaseURL is optional, it is useful when using CDN in front of your storage account. Images will be returned with the CDN URL instead of the storage account URL.
defaultCacheControl is optional. It is useful when you want to allow clients to use a cached version of the file. Azure storage will return this value in the Cache-Control HTTP-header of the response.
removeCN is optional. Some azure account configurations are such that they exclude 'container name' from the URL at which data is saved. It is by default set to false, if you want to remove container name from URL, set it to 'true'.
Contributing
Contributions are welcome
Versioning
We use SemVer for versioning. For the versions available, see the tags on this repository.
Authors
- Jake Feldman - Initial work - jakeFeldman
License
This project is licensed under the MIT License - see the LICENSE.md file for details