[Proposal] Separate independent environmental variables for Minio upload and public urls

[RuiSiang]

It makes sense that public facing urls and private urls are different. In my case, say the Minio endpoint is set up at localhost:9000, and we add a reverse proxy to proxy it at https://s3.example.com while putting it behind Cloudflare. If we use the public facing url to upload the link, placing the uploaded images back over through cloudflare from the backend simple does not make sense, and I've run into weird unsolvable issues with Cloudflare. Moreover, this is bad for security since we cannot limit the write function to specific IPs (all comes from Cloudflare in this case). Codimd's upload does not work like conventional apps that interact with s3 (i.e. outline's) since it uploads it via API and then the backend uploads it to the s3 instance, which makes the flow weird and the backend prone to rate-limiting or bot-filtered.

Proposing additional environmental variables as follows

#Current
CMD_IMAGE_UPLOAD_TYPE=minio
CMD_MINIO_ACCESS_KEY="XXXXXXXXXXXXX"
CMD_MINIO_SECRET_KEY="iYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYY"
CMD_MINIO_ENDPOINT=127.0.0.1
CMD_MINIO_PORT=9000

#Added
CMD_MINIO_PUBLIC_URL=https://s3.example.com

Currently the workaround for this is to override /etc/hosts to resolve the url to the real IP. The issues with this is that the port has to be the same or reverse proxied locally.

[jackycute]

Hi @RuiSiang, thanks for your idea and PR is welcomed.