Additional configurations for boto3 client under the S3 uploader (#2326)

This PR adds 2 new config variables to allow for this: - `AWS_S3_ADDRESSING_STYLE`: Support for selecting the S3 addressing style. It defaults to "auto" as when it's not set, but can also be set to **virtual** and **path**. See https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-bucket-intro.html#access-bucket-console-ex. - `AWS_S3_CUSTOM_DOMAIN`: Domain that replaces the default one in presigned download URLs. --------- Co-authored-by: Kevin Chung <kchung@ctfd.io>
2025-12-17 05:54:19 +01:00 · 2023-06-30 23:51:01 +02:00
parent 70999b4fa0
commit 7b68babee6
3 changed files with 26 additions and 2 deletions
--- a/CTFd/config.ini
+++ b/CTFd/config.ini
@@ -198,6 +198,17 @@ AWS_S3_ENDPOINT_URL =
 # The aws region that hosts your bucket. Only used in the s3 uploader.
 AWS_S3_REGION =

+# AWS_S3_ADDRESSING_STYLE
+# The S3 addressing style to use for URLs. Only used under the s3 uploader.
+# Defaults to auto; can be set to virtual or path.
+# See https://boto3.amazonaws.com/v1/documentation/api/latest/guide/configuration.html
+AWS_S3_ADDRESSING_STYLE =
+
+# AWS_S3_CUSTOM_DOMAIN
+# A hostname that replaces the default hostname in the generated S3 download URLs. Required by some S3 providers or CDNs.
+# Only used under the s3 uploader.
+AWS_S3_CUSTOM_DOMAIN =
+
 [logs]
 # LOG_FOLDER
 # The location where logs are written. These are the logs for CTFd key submissions, registrations, and logins. The default location is the CTFd/logs folder.
--- a/CTFd/config.py
+++ b/CTFd/config.py
@@ -210,6 +210,10 @@ class ServerConfig(object):

        AWS_S3_REGION: str = empty_str_cast(config_ini["uploads"]["AWS_S3_REGION"])

+        AWS_S3_CUSTOM_DOMAIN: str = empty_str_cast(config_ini["uploads"].get("AWS_S3_CUSTOM_DOMAIN", ""))
+
+        AWS_S3_ADDRESSING_STYLE: str = empty_str_cast(config_ini["uploads"].get("AWS_S3_ADDRESSING_STYLE", ""), default="auto")
+
    # === OPTIONAL ===
    REVERSE_PROXY: Union[str, bool] = empty_str_cast(config_ini["optional"]["REVERSE_PROXY"], default=False)

--- a/CTFd/utils/uploads/uploaders.py
+++ b/CTFd/utils/uploads/uploaders.py
@@ -5,6 +5,7 @@ import string
 import time
 from pathlib import PurePath
 from shutil import copyfileobj, rmtree
+from urllib.parse import urlparse

 import boto3
 from botocore.client import Config
@@ -89,9 +90,12 @@ class S3Uploader(BaseUploader):
        secret_key = get_app_config("AWS_SECRET_ACCESS_KEY")
        endpoint = get_app_config("AWS_S3_ENDPOINT_URL")
        region = get_app_config("AWS_S3_REGION")
+        addressing_style = get_app_config("AWS_S3_ADDRESSING_STYLE")
        client = boto3.client(
            "s3",
-            config=Config(signature_version="s3v4"),
+            config=Config(
+                signature_version="s3v4", s3={"addressing_style": addressing_style}
+            ),
            aws_access_key_id=access_key,
            aws_secret_access_key=secret_key,
            endpoint_url=endpoint,
@@ -141,6 +145,11 @@ class S3Uploader(BaseUploader):
                },
                ExpiresIn=3600,
            )
+
+        custom_domain = get_app_config("AWS_S3_CUSTOM_DOMAIN")
+        if custom_domain:
+            url = urlparse(url)._replace(netloc=custom_domain).geturl()
+
        return redirect(url)

    def delete(self, filename):