How to Share Files from Google Cloud Object Storage (GCP)

Google Cloud Storage is the object storage service offered by Google Cloud to store large amounts of files. In this document, we will discuss how to install NirvaShare and share files/folders from google object storage with external users using a simple form-based authentication. NirvaShare can be installed in any operating system and has advanced features to integrate with external identity providers, but in this tutorial, we shall consider Linux Ubuntu operating system with a simple form-based authentication while sharing files from object storage that uses HTTP without SSL certificate. Subsequently, you can enable SSL using your custom domain name and certificate. For more information check Google Documentation.

VM instance

You will require a new Virtual Machine instance with at least 2GB RAM, 20GB hard space and Ubuntu 20.04 LTS. Let us create one and configure the same.

  • Login to https://console.cloud.google.com
  • Go to Compute Engine – VM instances
  • Click on CREATE INSTANCE
  • Provide required details including hardware specification.
  • For the Boot disk, you need to select operating system as Ubuntu 20.04 LTS
  • Create the VM instance.
  • For more information you can also refer to Google Documentation

Once the VM is created, we need to open couple of ports for NirvaShare, so let us create a new firewall rule.

  • From the main menu, click on VPC Network and select Firewall
  • Click on CREATE FIREWALL RULE
  • Provide name and target tags as nirvashare-firewall
  • For Source IP range, enter 0.0.0.0/0 to let access from all source IP addresses.
  • For Protocols and ports, select Specified protocols and ports
  • Enter ports as 8080, 8081 and create it.

Now, let us open the ports to the newly created VM by changing the firewall policy.

firewall Ports

NirvaShare Installation

SSH to the newly created VM instance using your private ssh key or the simplest way is to use the option to open with browser.

  • From the VM instance SSH , select Open in browser window
  • Once you log in to SSH console, run below commands to start the installation as root user. This will download the script and install NirvaShare.
sudo su root
curl -s https://raw.githubusercontent.com/nirvashare/nirvashare/main/linux/ubuntu/install_nirvashare.sh -o ns_install.sh && bash ns_install.sh && rm ns_install.sh

Above command will prompt you to enter database password, once provided, it will proceed and complete the installation within a minute or two.

Verifying Installation

After installation is completed, wait for 3-4 minutes for server to come up as it takes time to create schema, etc.

Access the url as http://(your IP):8080
This should open up login screen as shown below.

Authentication Keys

To configure further, you will require an Authentication Key obtained from GCP . Object Storage. To generate new keys, please follow below steps.

  • Open IAM service or go to URL https://console.cloud.google.com/iam-admin
  • From the left menu, click on Service Accounts, this will list existing service accounts if any.
  • Click on Create New Service Account 
  • Provide necessary detail like name, id, etc and click on Create and continue
create Service Account
  • Click the Select a role field.
  • Under Quick access, click Basic, then click Owner.
  • Click Continue.
  • Click Done to finish creating the service account.

role
  • From the Service Account list, select the one that we created.
  • On the top, click on Keys tab
  • Let us create a new key, from the ADD KEY menu, click on Create New Key
new key
  • For Key Type, select JSON and click on CREATE
  • This will download a json file, keep this file safely.
  • This JSON content is needed while configuring storage in NirvaShare.
  • During NirvaShare configuration which will be discussed in next secton, copy paste the content of this JSON file for the storage details.

Configuration

Assuming, deployment was successful, please open the Admin Console URL  -> http://(your ip):8080

Login to admin console with default credentials as admin/admin . It is advisable to change the password after your first login. To change the password, please refer to the documentation Change Password. You can also create more than one admin user under Delegated Admin tab given full access to reset another admin user password. To reset forgotten password refer to Password Reset.

NOTE: Please note that the default in-built user store does not support password reset functionality for AdminConsole. For a proper production deployment, you can integrate with any of your identity stores such as keycloak, Active Directory, etc for better password management policy.

  • After login into the application, click on Settings at the left menu tab.
  • Click on edit File Storage, select a storage type as Google Cloud Storage, and copy-paste the content of the JSON file that you obtained in earlier section.
  • Save it.
  • Go to the next section, edit User Application URL and provide the user application URL as http://(you ip):8081, and save it.
    Note – During production use, a proper domain with HTTPS is required here.
  • Other settings such as email, audit, etc can be configured later and is optional for now. For more detail, refer to Settings

File Sharing with Form based Authentication

To Share a folder with form based Authentication, please refer to Setup Form based Authentication.

Leave a Comment

Your email address will not be published.