beeyev / thumbor-s3-docker Goto Github PK

A docker image for thumbor with AWS S3 / Minio integration for cropping, resizing, applying filters and optimizing images on the fly.

License: MIT License

Shell 4.28% Smarty 77.64% Makefile 4.48% Dockerfile 13.59%

docker-image thumbor thumbor-docker

thumbor-s3-docker's Introduction

Thumbor S3 Docker

A Docker image for Thumbor with AWS S3 and Minio integration, designed for on-the-fly image cropping, resizing, applying filters, and image optimization.

A little of introduction

Thumbor S3 Docker is available in two variants of docker images, a lightweight (slim) - slim-alpine and a full-featured - debian.

All current docker images are packed with these features:

AWS S3 / Minio integration support
jpegtran (already enabled) lossless jpeg optimizer which can make jpegs smaller by optimizing DCT coefficients.
gifsicle allows to generate proper animated gifs, as well as static gifs with the smallest possible size.
thumbor-aws Official extension for asynchronous non-blocking AWS S3 support.
sentry-client Sentry error handling client.
Support for Prometheus metrics collector.
Healthcheck inside the docker container is already configured, it controls that Thumbor service works properly.

The full-featured (`debian`) version provides all possible functionality such as:

gifv optimizer which is able to convert gifs to mp4 or webm videos, often resulting in dramatically smaller sized files.
Facial Detection support.
Ability to process SVG, AVIF and HEIF files.
Lazy Detection functionality.
Image Metadata allows to work with image's metadata.
High Efficiency Image Format avif, heif support.

Before choosing the full-featured image version, make sure that you really need this extra functionality, as the resulting Docker container is three times larger than slim-alpine.

Currently maintained docker images:

thumbor-s3:debian
thumbor-s3:slim-alpine
thumbor-s3:7-debian
thumbor-s3:7-slim-alpine
thumbor-s3:7.7-debian
thumbor-s3:7.7-slim-alpine

Docker Hub | Github packages | Red Hat quay.io

Configuring Thumbor S3

All the configuration can be done via environment variables. For a list of all the variables, please check this config file.
Use variable names from the file as the environment variables to configure your docker container. Besides the variables mentioned in the above config file, there are some additional environment variables:

PORT - The port to run this Thumbor instance at. Default: 8888
LOG_LEVEL - The log level to be used. Possible values are: debug, info, warning, error, critical. Default: warning
NUM_PROCESSES - Number of Thumbor processes to run. Possible values are: 0 - auto detect, 1 - no forks created, or set your number. Default: 0

Also, don't forget to take a look at the official documentation on how to use Thumbor imaging.

Securing thumbor

On production systems please consider the following options:

ALLOW_UNSAFE_URL (default False): Disallow "unsafe" (non HMAC-signed) URLs Docs
SECURITY_KEY (default 31337): a shared secret for HMAC-signing URLs

Please check out HMAC signing in the docs for more information.

Volume mapping

/data:/data

Healthcheck

On production, you should enable a healthcheck to make sure, that your service is up and running. Luckily thumbor comes with a simple healthcheck API built-in.

By default, it's https//host:port/healthcheck/.

How to use this image

Please take a look at this example, it explains everything you need to know to begin working with Thumbor.

Issues

Bug reports and feature requests can be submitted on the Github Issue Tracker.

Credits

Thumbor contributors

License

The MIT License (MIT). Please see License File for more information.

If you love this project, please consider giving me a ⭐

thumbor-s3-docker's People

Contributors

Stargazers

Watchers

Forkers

ninjadavid123 ape-in-the-shell hiteshsondhi88 immohanravi ricardomagamobi jmortlock nyaone imgoptify afterhourhq

thumbor-s3-docker's Issues

how to config multiple buckets

i have 3 buckets in minio, how to config in thumbor??

empty endpoint URL breaks uploads

From what I understand, AWS_RESULT_STORAGE_S3_ENDPOINT_URL is an optional variable that should be specified when using custom s3 endpoint other than AWS. When I do not specify the value, your config template defaults it to None which throws the following error:

[thumbor-staging] [2024-03-26 02:27:47] 2024-03-26 02:27:47 thumbor:ERROR ERROR: Traceback (most recent call last):
[thumbor-staging] [2024-03-26 02:27:47]   File "/usr/local/lib/python3.11/site-packages/tornado/web.py", line 1790, in _execute
[thumbor-staging] [2024-03-26 02:27:47]     result = await result
[thumbor-staging] [2024-03-26 02:27:47]              ^^^^^^^^^^^^
[thumbor-staging] [2024-03-26 02:27:47]   File "/usr/local/lib/python3.11/site-packages/thumbor/handlers/upload.py", line 67, in post
[thumbor-staging] [2024-03-26 02:27:47]     await self.write_file(image_id, body)
[thumbor-staging] [2024-03-26 02:27:47]   File "/usr/local/lib/python3.11/site-packages/thumbor/handlers/__init__.py", line 1084, in write_file
[thumbor-staging] [2024-03-26 02:27:47]     await storage.put(file_id, body)
[thumbor-staging] [2024-03-26 02:27:47]   File "/usr/local/lib/python3.11/site-packages/thumbor_aws/storage.py", line 98, in put
[thumbor-staging] [2024-03-26 02:27:47]     path = await self.upload(
[thumbor-staging] [2024-03-26 02:27:47]            ^^^^^^^^^^^^^^^^^^
[thumbor-staging] [2024-03-26 02:27:47]   File "/usr/local/lib/python3.11/site-packages/thumbor_aws/s3_client.py", line 110, in upload
[thumbor-staging] [2024-03-26 02:27:47]     async with self.get_client() as client:
[thumbor-staging] [2024-03-26 02:27:47]   File "/usr/local/lib/python3.11/site-packages/aiobotocore/session.py", line 25, in __aenter__
[thumbor-staging] [2024-03-26 02:27:47]     self._client = await self._coro
[thumbor-staging] [2024-03-26 02:27:47]                    ^^^^^^^^^^^^^^^^
[thumbor-staging] [2024-03-26 02:27:47]   File "/usr/local/lib/python3.11/site-packages/aiobotocore/session.py", line 215, in _create_client
[thumbor-staging] [2024-03-26 02:27:47]     client = await client_creator.create_client(
[thumbor-staging] [2024-03-26 02:27:47]              ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
[thumbor-staging] [2024-03-26 02:27:47]   File "/usr/local/lib/python3.11/site-packages/aiobotocore/client.py", line 77, in create_client
[thumbor-staging] [2024-03-26 02:27:47]     client_args = self._get_client_args(
[thumbor-staging] [2024-03-26 02:27:47]                   ^^^^^^^^^^^^^^^^^^^^^^
[thumbor-staging] [2024-03-26 02:27:47]   File "/usr/local/lib/python3.11/site-packages/aiobotocore/client.py", line 283, in _get_client_args
[thumbor-staging] [2024-03-26 02:27:47]     return args_creator.get_client_args(
[thumbor-staging] [2024-03-26 02:27:47]            ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
[thumbor-staging] [2024-03-26 02:27:47]   File "/usr/local/lib/python3.11/site-packages/aiobotocore/args.py", line 76, in get_client_args
[thumbor-staging] [2024-03-26 02:27:47]     endpoint = endpoint_creator.create_endpoint(
[thumbor-staging] [2024-03-26 02:27:47]                ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
[thumbor-staging] [2024-03-26 02:27:47]   File "/usr/local/lib/python3.11/site-packages/aiobotocore/endpoint.py", line 308, in create_endpoint
[thumbor-staging] [2024-03-26 02:27:47]     raise ValueError("Invalid endpoint: %s" % endpoint_url)
[thumbor-staging] [2024-03-26 02:27:47] ValueError: Invalid endpoint: None
[thumbor-staging] [2024-03-26 02:27:47] 
[thumbor-sta

Does it support STORAGE and STORAGE_ RESULT？？

Does it support STORAGE and STORAGE_ RESULT？？
if supported, how to config.

Do you consider joining "thumbor-video-engine"?

The thumbor-video-engine can get video frames，it is very important in
image preview service

Unable to get image from AWS S3 bucket

I'm using the image beeyev/thumbor-s3:7.4-alpine.

Thanks for providing the example with MinIO. Thumbor works as expected with MinIO with the following configuration:

LOG_LEVEL=info

LOADER=thumbor_aws.loader
AWS_LOADER_REGION_NAME=local
AWS_LOADER_BUCKET_NAME=awesome-bucket-img
AWS_LOADER_S3_ACCESS_KEY_ID=oc
AWS_LOADER_S3_SECRET_ACCESS_KEY=changeme
AWS_LOADER_S3_ENDPOINT_URL=http://minio:9000
AWS_LOADER_ROOT_PATH=/img

RESULT_STORAGE=thumbor_aws.result_storage
AWS_RESULT_STORAGE_REGION_NAME=local
AWS_RESULT_STORAGE_BUCKET_NAME=awesome-bucket-img-cache
AWS_RESULT_STORAGE_S3_ACCESS_KEY_ID=oc
AWS_RESULT_STORAGE_S3_SECRET_ACCESS_KEY=changeme
AWS_RESULT_STORAGE_S3_ENDPOINT_URL=http://minio:9000
AWS_RESULT_STORAGE_ROOT_PATH=/img-cache

RESULT_STORAGE_STORES_UNSAFE=True
RESULT_STORAGE_EXPIRATION_SECONDS=2629746

# SECURITY_KEY=changeme
ALLOW_UNSAFE_URL=True
QUALITY=80
MAX_AGE=86400
AUTO_PNG_TO_JPG=True
HTTP_LOADER_VALIDATE_CERTS=False

I'm now trying to use two AWS S3 bucket with the following config (minus the secrets of the IAM user):

LOG_LEVEL=info

LOADER=thumbor_aws.loader
AWS_LOADER_REGION_NAME=us-east-1
AWS_LOADER_BUCKET_NAME=awesome-bucket-img
AWS_LOADER_S3_ACCESS_KEY_ID=
AWS_LOADER_S3_SECRET_ACCESS_KEY=
AWS_LOADER_S3_ENDPOINT_URL=http://awesome-bucket-img.s3-website-us-east-1.amazonaws.com
AWS_LOADER_ROOT_PATH=/img

RESULT_STORAGE=thumbor_aws.result_storage
AWS_RESULT_STORAGE_REGION_NAME=us-east-1
AWS_RESULT_STORAGE_BUCKET_NAME=awesome-bucket-img-cache
AWS_RESULT_STORAGE_S3_ACCESS_KEY_ID=
AWS_RESULT_STORAGE_S3_SECRET_ACCESS_KEY=
AWS_RESULT_STORAGE_S3_ENDPOINT_URL=http://awesome-bucket-img-cache.s3-website-us-east-1.amazonaws.com
AWS_RESULT_STORAGE_ROOT_PATH=/img-cache

RESULT_STORAGE_STORES_UNSAFE=True
RESULT_STORAGE_EXPIRATION_SECONDS=2629746

# SECURITY_KEY=changeme
ALLOW_UNSAFE_URL=True
QUALITY=80
MAX_AGE=86400
AUTO_PNG_TO_JPG=True
HTTP_LOADER_VALIDATE_CERTS=False

Here is the policy I use to allow the Thumbor IAM user to read from awesome-bucket-img and read/write to the bucket awesome-bucket-img-cache.

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "s3:ListBucket",
                "s3:GetObject*"
            ],
            "Resource": [
                "arn:aws:s3:::awesome-bucket-img",
                "arn:aws:s3:::awesome-bucket-img/*",
                "arn:aws:s3:::awesome-bucket-img-cache",
                "arn:aws:s3:::awesome-bucket-img-cache/*"
            ]
        },
        {
            "Effect": "Allow",
            "Action": "s3:*Object",
            "Resource": [
                "arn:aws:s3:::awesome-bucket-img-cache/*"
            ]
        }
    ]
}

Thumbor fails to get the image from the AWS bucket with the following error:

  File "/usr/local/lib/python3.10/site-packages/thumbor/handlers/__init__.py", line 212, in get_image
    result = await self._fetch(self.context.request.image_url)
  File "/usr/local/lib/python3.10/site-packages/thumbor/handlers/__init__.py", line 884, in _fetch
    loader_result = await self.context.modules.loader.load(
  File "/usr/local/lib/python3.10/site-packages/thumbor_aws/loader.py", line 89, in load
    status_code, body, last_modified = await client.get_data(
  File "/usr/local/lib/python3.10/site-packages/thumbor_aws/s3_client.py", line 143, in get_data
    response = await client.get_object(Bucket=bucket, Key=path)
  File "/usr/local/lib/python3.10/site-packages/aiobotocore/client.py", line 371, in _make_api_call
    raise error_class(parsed_response, operation_name)
botocore.exceptions.ClientError: An error occurred () when calling the GetObject operation: 

2023-03-21 02:23:04 thumbor:ERROR [BaseHandler] get_image failed for url `triforce.png`. error: `An error occurred () when calling the GetObject operation: `
2023-03-21 02:23:04 tornado.access:ERROR 500 GET /unsafe/triforce.png (172.21.0.1) 213.96ms

For some reason the boto client does not provide details about the error (no error code or reason).

Do you have thoughts on why Thumbor can not read the image from the AWS S3 bucket?

Thanks for having created this Thumbor image!

ARM64 docker support

Is it possible to get docker images supporting ARM platforms?
Getting the following message:
"! thumbor The requested image's platform (linux/amd64) does not match the detected host platform (linux/arm64/v8)"

Missed libraries

Just noticed that few python libraries missed in docker container

for Detection needs opencv-python-headless
for Lazy Detection needs redis