This guide covers how to set up ghostunnel for endpoints that support only SSL. If you prefer to use stunnel, please see this stunnel setup doc
Since ObjectiveFS has built-in client side encryption and always encrypts your data at rest and in transit, you don’t need to use ghostunnel for most cases. Common uses for ghostunnel are when using an on-premise object store that supports only SSL or when using the AWS server side encryption feature.
Note: This document uses port
8086 on the localhost for the ghostunnel connection. You can replace
8086 below with the port you prefer.
Download and install ghostunnel from
$ chmod +x ./ghostunnel
/etc/objectivefs.env/AWS_DEFAULT_REGION points to your bucket’s endpoint
$ cat /etc/objectivefs.env/AWS_DEFAULT_REGION us-east-2
Run ghostunnel on your command line (or using your init tools)
$ ./ghostunnel client --listen=localhost:8086 --target=<endpoint>:443 --disable-authentication
$ ./ghostunnel client --listen=localhost:8086 --target=s3.us-east-2.amazonaws.com:443 --disable-authentication
To use ObjectiveFS with ghostunnel, set the
http_proxy environment variable to
Tip: You can also create a file in the config directory
/etc/objectivefs.env/http_proxy with the content as
http://127.0.0.1:8086 without needing to specify it in the command line each time.
Example: Running the
list command using ghostunnel
$ http_proxy=http://127.0.0.1:8086 mount.objectivefs list
$ http_proxy=http://127.0.0.1:8086 mount.objectivefs <bucket> <directory>
A single ghostunnel can have multiple parallel connections. You can also start multiple copies of ghostunnel for redundancy.
+ Ghostunnel GitHub page: https://github.com/ghostunnel/ghostunnel
Last updated by ObjectiveFS staff, August 8, 2021
ObjectiveFS is a shared file system for OS X and Linux that automatically scales and gives you scalable cloud storage. If you have questions or article idea suggestions, please email us at email@example.com