Skip to content

Instantly share code, notes, and snippets.

@u1i

u1i/README.md

Created May 23, 2025 00:30
Show Gist options
  • Save u1i/fd27f6025836ecbba0a458a6613f1f91 to your computer and use it in GitHub Desktop.
Save u1i/fd27f6025836ecbba0a458a6613f1f91 to your computer and use it in GitHub Desktop.
Download ZIP
s3cmd Linode
Raw
README.md

Configuring s3cmd with Linode Object Storage

This guide explains how to set up s3cmd to work with Linode Object Storage and make objects publicly accessible.

Installation

# Create a Python virtual environment
python3 -m venv s3cmd-env

# Activate the virtual environment
source s3cmd-env/bin/activate

# Install s3cmd
pip install s3cmd

Configuration

Create a configuration file .s3cfg in your home directory:

# Create the configuration file
cat > ~/.s3cfg << EOF
[default]
# Setup endpoint
host_base = sg-sin-1.linodeobjects.com
host_bucket = %(bucket)s.sg-sin-1.linodeobjects.com
bucket_location = sg-sin-1
use_https = True

# Setup access keys
access_key = YOUR_ACCESS_KEY
secret_key = YOUR_SECRET_KEY

# Enable S3 v4 signature APIs
signature_v2 = False

# Encryption password
gpg_passphrase = 
gpg_command = /usr/bin/gpg
gpg_decrypt = %(gpg_command)s -d --verbose --no-use-agent --batch --yes --passphrase-fd %(passphrase_fd)s -o %(output_file)s %(input_file)s
gpg_encrypt = %(gpg_command)s -c --verbose --no-use-agent --batch --yes --passphrase-fd %(passphrase_fd)s -o %(output_file)s %(input_file)s
gpg_encrypt_key = 

# Miscellaneous
human_readable_sizes = True
guess_mime_type = True
socket_timeout = 300
progress_meter = True
check_ssl_certificate = True
check_ssl_hostname = True
EOF

Replace YOUR_ACCESS_KEY and YOUR_SECRET_KEY with your actual Linode Object Storage credentials. Also update the region (sg-sin-1 in this example) if your bucket is in a different region.

Basic Usage

# Activate the virtual environment
source s3cmd-env/bin/activate

# List buckets
s3cmd ls

# List objects in a bucket
s3cmd ls s3://your-bucket-name/

# Upload a file
s3cmd put file.txt s3://your-bucket-name/

# Download a file
s3cmd get s3://your-bucket-name/file.txt

# Delete a file
s3cmd del s3://your-bucket-name/file.txt

Making Objects Publicly Accessible

To make all objects in a bucket publicly accessible, create a bucket policy:

# Create a bucket policy file
cat > bucket_policy.json << EOF
{
 "Statement": [
  {
    "Effect": "Allow",
    "Principal": {
      "AWS": [
        "*"
      ]
    },
    "Action": [
      "s3:GetObject"
    ],
    "Resource": [
      "arn:aws:s3:::your-bucket-name/*"
    ]
  }
 ]
}
EOF

Replace your-bucket-name with your actual bucket name.

# Apply the bucket policy
s3cmd setpolicy bucket_policy.json s3://your-bucket-name

After applying this policy, all objects in the bucket (both existing and new uploads) will be publicly accessible at:

http://your-bucket-name.region.linodeobjects.com/object-name

For example:

http://acme.sg-sin-1.linodeobjects.com/example.txt

Generating Temporary Signed URLs

If you need to provide temporary access to private objects:

# Generate a signed URL valid for 1 hour
s3cmd signurl s3://your-bucket-name/file.txt $(( $(date +%s) + 3600 ))

Troubleshooting

  • If you encounter ACL-related errors, note that Linode Object Storage has limited support for standard S3 ACL operations. Use bucket policies instead.
  • If the setpolicy command fails, ensure your JSON is correctly formatted and the bucket name matches exactly.
  • If objects are not publicly accessible after setting the policy, verify that the policy was applied correctly with s3cmd info s3://your-bucket-name.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment