File Upload System

A secure file upload system built with Cloudflare Workers, R2, and D1.

Components

• file-upload: Worker for generating presigned URLs for file uploads
• file-upload-confirm: Worker for confirming successful uploads
• test-client: Test client for testing the file upload system

Setup

Prerequisites

• Cloudflare account with Workers, R2, and D1 enabled
• Wrangler CLI installed

Environment Variables

Each worker requires environment variables for R2 access. Copy the example files and add your credentials:

cp file-upload/.dev.vars.example file-upload/.dev.vars
cp file-upload-confirm/.dev.vars.example file-upload-confirm/.dev.vars

Edit the .dev.vars files with your R2 credentials:

R2_ACCOUNT_ID="your_r2_account_id"
R2_ACCESS_KEY="your_r2_access_key"
R2_SECRET_KEY="your_r2_secret_key"

Deployment

Deploy the workers:

# Deploy file-upload worker
cd file-upload
wrangler deploy

# Deploy file-upload-confirm worker
cd ../file-upload-confirm
wrangler deploy

Setting Secrets in Production

After deployment, set the secrets for each worker:

# For file-upload worker
cd file-upload
wrangler secret put R2_ACCOUNT_ID --name file-upload
wrangler secret put R2_ACCESS_KEY --name file-upload
wrangler secret put R2_SECRET_KEY --name file-upload

# For file-upload-confirm worker
cd ../file-upload-confirm
wrangler secret put R2_ACCOUNT_ID --name file-upload-confirm
wrangler secret put R2_ACCESS_KEY --name file-upload-confirm
wrangler secret put R2_SECRET_KEY --name file-upload-confirm

Testing

Run the test client to test the file upload system:

cd test-client
npm install
npm test

Security

• Never commit .dev.vars files to the repository
• Always use the Wrangler CLI or Cloudflare Dashboard to set secrets in production
• The .gitignore file is configured to exclude sensitive files