Do static images expire after soon point and automatically get deleted?
My situation is that I retrieve images from my PostgreSQL database through a model's ImageField by setting its upload_to equal to static/images. Then, I access the images through mysitesurl.com/static/images/model.url This works perfectly initially. However, after several hours, what I notice is that the images are no longer accessible. When I try to access them through the same url, they no longer exist. I do not do any manual image deletions so the operations I perform should not interfere with this.
Is this something that Heroku does that I do not understand?
Also, one odd occurrence that I notice is that the image is still accessible through the url, but it doesn't actually get saved to static/images. At least, when I run heroku run ls static/images, it is not there. Is this the correct way to check a directory's contents in heroku?
EDIT: My configs
STATIC_ROOT = ''
STATIC_URL = '/static/'
STATICFILES_DIRS = (
'static',
'static/uploaded_stuff/',
)
You can run heroku run bash --app YOUR_APP from your repository directory. This creates a shell to your Heroku instance allowing you to navigate around your files.
You can check on your static images that way.
I would suggest using S3 to serve your static images though. You can view this tutorial on how to integrate it:
http://blog.doismellburning.co.uk/2012/07/14/using-amazon-s3-to-host-your-django-static-files/
After further details, you are trying to allow user uploads and Heroku's file system is read-only. You will need to use S3 or a similar hosting solution for static/uploaded files.
https://devcenter.heroku.com/articles/read-only-filesystem
Related
okay so am using whitenoise to store my static files, thats not an issue when deploying to heroku that works perfectly well.
So I need to use S3 to serve my media files. I can upload perfectly to the bucket with no issues, from the website interface that is, but when it tries to load the actual images am trying to serve I instantly get a 404, when I check this 404 in the dev console it shows me the debug message and the link, when I visit the link it actually exists.
So my amazon credentials work, so does CORS and bucket policy, even accessing the images through the link that it claims does exist works.
This is also my MEDIA_ROOT
MEDIA_ROOT = 'https://%s/' % AWS_S3_CUSTOM_DOMAIN
and prints out correctly, is it an issue with using whitenoise and boto storage together?
edit:
so now my static files serve perfectly from S3 but not my media. seems to be ignoring my media_root and media_url
So, I have set up an upload feature in my admin where an admin can upload photos. These photos are accessed via a view such that an admin can use them. I deployed this to heroku. So far it seems to work where if I upload a photo, it gets linked to the view, and it shows up.
My MEDIA_URL ='/media/' and my MEDIA_ROOT = os.path.join(BASE_DIR , 'media') and at the moment, DEBUG = True for my case.
So the problem is this: After leaving the site for a couple of hours or so, when I try to access the files, it seems to have changed the link and the photos are no longer linked.
Is there a way to fix this such that when I leave for some time, the link to the photos do not change? (I don't see a solution based on google, and it seems that people have not run into this problem...unless I'm google crippled :/ )
I realized my issue. They're being uploaded to the media folders that live in Heroku which is not the way to go. instead I used amazon aws s3 to serve both the media files and static files. Here's a link that answered my question:
django heroku media files 404 error
However, I'm thinking of switching to using smartfile because it's free :D
I have a Django web application which allows users to upload their display picture. Some users can see this display picture but not everyone (not all users) should have access to this picture. With that said, in development, I used to save it locally on my machine. In my settings file, I had
MEDIA_ROOT = '/home/myProfile/Documents/thisFolder/uPhotosFolder'
MEDIA_URL = '/media/'
and Django would save all user uploaded display pictures to media rood (the uPhotosFolder) which was located on my machine.
With that said, I deployed (or at least am trying to deploy) the app and when I left my MEDIA_ROOT and MEDIA_URL in my settings file as
MEDIA_ROOT = '/home/myProfile/Documents/thisFolder/uPhotosFolder'
MEDIA_URL = '/media/'
and tried uploading an image, it said access was denied. Apparently I have to go into my EC2 instance (I use Amazon Web Services) and create the
'/home/myProfile/Documents/thisFolder/uPhotosFolder'
directory and then start saving the display images.
My question is, is this the correct / best way to save private user uploaded images on the server? Or should I use S3 for this as well? (From what I read, images on S3 are stored on the cloud and can be accessed from a URL by anyone) Is there a way to use S3 for my situation right now?
The question whether you store the image on EC2 instance in a folder or on S3 Storage is independent of the file privacy.
The MEDIA_ROOT defines the location of Media Folder. The MEDIA_URL defines the URL formed when serving media.
Now for storing if we use default file system storage we end up saving file in MEDIA_ROOT. We can change the storage to S3 by some additional configuration in settings file. ( Docs Here )
Now securing your files on user basis can be done by restricting access to URLs. For this Media URLs can be protected using X-Accell-Redirect headers use when using nginx to serve files.( eg: Here ).
In case you go ahead and use the S3 storage for serving media files ( more preferable in production environment ) - The S3 storage provides functions to get a protected URL for media which can be passed to client to retrieve media. These urls have accessibility for limited time period.
I'm confused about static files and media files in django. I've seen elsewhere that people use it interchangeably.
When should I use media_root and when should I use static_root?
If I have site images should I put it in static? And if I have product images do I put it in media?
MEDIA_ROOT is the directory where file uploads are placed, as well as where generated files are usually stored. For example, one of my Django apps allows users to upload images. In one of the model classes, I use the ImageField type from sorl-thumbnail with upload_to='%Y-%m'. Whenever a user uploads an image, the file is stored in MEDIA_ROOT/%Y-%m/ (with %Y replaced with the current year and %m replaced with the current month number). Also, when sorl-thumbnail generates a thumbnail for an uploaded image, it places the thumbnail by default somewhere in MEDIA_ROOT/cache/.
STATIC_ROOT is used to configure the directory where static assets are placed. For example, site stylesheets, JavaScript files, and images used in the design of web pages are the types of files that go into STATIC_ROOT. If you have multiple installed apps, each app that uses static files can have its own static files directory. You use the collectstatic management function (invoked via python manage.py collectstatic) to copy all of the apps' static files into STATIC_ROOT.
By default, Django uploads images to the MEDIA_ROOT setting, which is assumed to be a publicly accessible directory.
I don't want users to be able to upload images and to have those images immediately accessible. Instead, I want the images to be uploaded to a non-public tmp directory. Later on, a site moderator will approve images in django-admin, which will move them to a public image directory.
The catch is that the site moderators need to be able to view the images stored in the tmp directory in order to approve them. So, those images need to be served from the web server, but can't be accessible to users who aren't moderators.
How do I:
Extend ImageField to store images in a directory other than MEDIA_ROOT
Protect temporary images so that they are only viewable by site moderators before they are approved?
Re 2: completely protecting them on django level is impossible, since static media is served by the webserver, bypassing django entirely.
What you could do instead, is to create a directory /private/ in your media source and protect it using normal apache means - eg .htaccess;
Though hash, which was suggested earlier, seems like a better method to me.