when we changed the container to run as a non-root user, it broke some
imageproxy instances that were relying on the default docker user and
file permissions. Users running dockerized imageproxy with a
bind-mounted on-disk cache now need to make sure the user and file
permissions line up.
fixes#198
this is necessary for the new environment variable support for config
values. I don't love that allowHosts is comma separated and cache is
space separated :(
the old nginx config was designed to prevent url canonicalization, which
is no longer a concern, and was causing problems with non-latin
characters.
Fixes#178
If no content types are specified, then accept all responses, regardless
of content type (this is the behavior imageproxy has historically had).
Change default value for the contentTypes flag to be "image/*", so that
the new default when running cmd/imageproxy is that only images will be
proxied. The old default behavior can be achieved by passing an empty
string for the contentTypes flag:
imageproxy -contentTypes ""
Do not send the "XCTO: nosniff" header, since all documentation that I
can find still says that it can cause problems when served with images.
If it's effectively a noop when an explicit content-type is specified in
the response, then this shouldn't actually matter for us either way.
But in the absence of certainty, I'd rather err on the side of following
the spec.
Also add documentation for the new functionality.
Fixes#141
The -cache flag can be specified multiple times to create a tier of
caches. Typically this would be used to be put a small in-memory cache
in front of a slower on-disk cache.
Fixes#111
This uses the official Go SDK from Amazon, which supports the newer v4
authentication method. Fixes#74. Doing so also required adding a new
s3cache package which uses the official SDK.
THIS IS A BREAKING CHANGE for anyone that uses s3, since the syntax of
the command line flag is now different. This is unfortunately necessary
because aws-sdk-go always requires the region to be explicitly declared,
which wasn't always the case with the previous format. This breaking
change is unfortunate, but given that the other s3 package hasn't seen
updates in years, and so many new S3 regions only support the newer v4
authentication method, it's necessary.
values between 0 and 1 have the same behavior as the size option - it is
treated as a percentage of the original image size. Negative values for
cx and cy are calculated from the bottom and right edges of the image.
this flag was never actually doing what I thought it was in the first
place.
Also fix up a few instances of cacheDir still be used in config files
fixes#45
The imageproxy command no longer uses the in-memory cache by default.
Instead, no caching is enabled by default and the in-memory cache can be
enabled by passing `-cache memory`.
The -cache flag also supports specifying directories, and therefore
replaces hte older -cacheDir flag. cacheDir is still supported for
compatibility, but is deprecated and will be removed in the future.
This also sets us up to add support for additional caching backends in
the future.
Partial fix for #49.