Hosting
The website contents is stored as a set of objects in a NeoFS container. Each object has a FilePath
attribute with a corresponding file name (index.html
, img/something.png
, etc), they also have a Content-Type
attribute with appropriate type (text/html
, image/png
, etc). These objects are uploaded from the website release tarball using neofs-cli, if there is an update, new objects are uploaded first and then all old ones are deleted. Only NeoFS storage nodes have data for this container.
We have an nginx instance accepting initial user’s connections, it:
- handles TLS connections (certificates/encryption)
- accepts original HTTP requests
- rewrites these requests, so that they could be processed by NeoFS REST gateway
- each original request gets converted into
/v1/get_by_attribute/$CID/FilePath/$PATH
where$CID
is the container ID storing website’s objects and$PATH
is the original request (index.html
,img/something.png
, etc) - additional rules convert requests to directories
/something/
into the samev1/get_by_attribute
API, but with anindex.html
appended
- each original request gets converted into
- passes these rewritten requests to one of the configured NeoFS REST gateways (there is a number of them)
- caches responses There can be multiple nginx instances (they only have key/certificate and configuration), but at the moment we’re using one.
Nginx config
rewrite '^/$' /v1/get_by_attribute/$cid/FilePath/index.html break;
rewrite '^/(.+)/$' /v1/get_by_attribute/$cid/FilePath/$1/index.html break;
rewrite '^/(.+)$' /v1/get_by_attribute/$cid/FilePath/$1 break;
proxy_pass https://$neofs_rest_gateway;
Then the request is picked up by NeoFS REST gateway:
- it translates
get_by_attribute
REST request into NeoFS APISEARCH
request which tries to find objects in container$CID
withFilePath
attribute equal to the requested one - this request gets sent to one of the NeoFS storage nodes configured in the gateway (there are multiple of them)
- nodes reply with object IDs corresponding to search request (it should be a single OID)
- REST gateway then issues a NeoFS
GET
request for appropriate CID/OID combination - this request can also be sent to any of configured NeoFS storage nodes
- it receives a reply with content, caches it and replies to nginx
NeoFS nodes just do their job in this scheme, serving SEARCH
and GET
(PUT
as well, for uploads) requests in a usual manner. Containers are set up with basic ACL that allows anyone to read (it’s a widely open website), but allows only owner to upload new content.