NOTE: Starting in version 7.0, ObjectiveFS has built-in TLS/SSL support. stunnel is not needed anymore. For TLS details, see here.
This guide covers how to set up ghostunnel for endpoints that support only SSL. If you prefer to use stunnel, please see this stunnel setup doc
Since ObjectiveFS has built-in client side encryption and always encrypts your data at rest and in transit, you don’t need to use ghostunnel for most cases. Common uses for ghostunnel are when using an on-premise object store that supports only SSL or when using the AWS server side encryption feature.
Note: This document uses port 8086
on the localhost for the ghostunnel connection. You can replace 8086
below with the port you prefer.
https://github.com/ghostunnel/ghostunnel/releases/
$ chmod +x ./ghostunnel
/etc/objectivefs.env/AWS_DEFAULT_REGION
points to your bucket’s endpoint$ cat /etc/objectivefs.env/AWS_DEFAULT_REGION
us-east-2
$ ./ghostunnel client \--listen=localhost:8086 \--target=<endpoint>:443
\--disable-authentication
Example:
$ ./ghostunnel client \--listen=localhost:8086 \--target=s3.us-east-2.amazonaws.com:443 \--disable-authentication
http_proxy
environment variable to http://127.0.0.1:8086
./etc/objectivefs.env/http_proxy
with the content as http://127.0.0.1:8086
without needing to specify it in the command line each time.
list
command using ghostunnel$ http_proxy=http://127.0.0.1:8086 mount.objectivefs list
Example: Mount your filesystem with ghostunnel
$ http_proxy=http://127.0.0.1:8086 mount.objectivefs <bucket> <directory>
Reference:
+ Ghostunnel GitHub page: https://github.com/ghostunnel/ghostunnel
Last updated by ObjectiveFS staff, August 8, 2021
ObjectiveFS is a shared file system for OS X and Linux that automatically scales and gives you scalable cloud storage.
If you have questions or article idea suggestions, please email us at support@objectivefs.com