Plans and pricingTemplatesLaTeX helpGo to Overleaf

S3

This document covers the setup of S3 in Server CE and Server Pro. A separate guide can be found on migrating existing data to S3 compatible storage.

When to consider using S3 for data storage

For instances with fewer than 1000 seats we recommend using local disk storage with regular consistent backups.

For larger instances with more than 1000 seats that reach limits of their local storage (size or throughput), we recommend using a S3 compatible object storage back end over other network based storage solutions like NFS.

S3 compatible object storage options

Here are the most popular options for S3 compatible object storage:

  • AWS S3, managed, we suggest picking AWS S3 when running Overleaf CE/Server Pro on AWS

  • MINIO, self-hosted

  • Ceph, self-hosted

  • Other hosting providers also have some kind of managed S3 compatible object storage, you may want to use these instead of running your own when already running Overleaf CE/Server Pro at such a provider.

Latency considerations when picking a S3 compatible object storage

The latency between the Server CE/Server Pro instance and your S3 compatible object storage is a big contributor to the time it takes to complete the migration. The latency also impacts the file-upload performance in Server CE/Server Pro and slow file-downloads can have a big impact on PDF compile times as well. We suggest minimizing the geo-graphical distance between your Server CE/Server Pro instance and the S3 compatible object storage. In a managed environment, this would mean provisioning a bucket in the same region, and for an on-premise solution, running the two on the same campus.

S3 setup

We need four "buckets" and two restricted user accounts.

Buckets should not be publicly accessible

Bucket

Usage

Service

Previously in /var/lib/overleaf/data

overleaf-user-files

project user files

filestore

user_files

overleaf-template-files

template files

filestore

template_files

overleaf-project-blobs

project history blobs

history and read-only filestore

history/overleaf-project-blobs

overleaf-chunks

history chunks

history

history/overleaf-chunks

You may want/need to pick a different name, be sure to use the custom buckets in all the commands.

The following will use placeholders for actual credentials:

Environment variable
Description

OVERLEAF_FILESTORE_S3_ACCESS_KEY_ID

The access key/username of the restricted user of the filestore service.

OVERLEAF_FILESTORE_S3_SECRET_ACCESS_KEY

The secret key/password of the restricted user of the filestore service.

OVERLEAF_HISTORY_S3_ACCESS_KEY_ID

The access key/username of the restricted user of the history service.

OVERLEAF_HISTORY_S3_SECRET_ACCESS_KEY

The secret key/password of the restricted user of the history service.

Server CE and Server Pro only needs a small set of permissions on each bucket:

  • create object

  • get object

  • delete object

  • list bucket

Access Policies

Here is how a policy for the filestore user could look like:

Here is how a policy for the history user could look like:

Overview of variables

When using AWS S3

When using a self-hosted option

MINIO setup

MINIO_ROOT_USER and MINIO_ROOT_PASSWORD are the root credentials of the MINIO instance.

Please follow the official documentation for obtaining a copy of mc.

PreviousRedisNextdocker-compose.yml to Toolkit migration

Last updated

Was this helpful?