Андрей Новиков, profile picture
Uploaded byАндрей Новиков
PDF, PPTX533 views

imgproxy is amazing

The document discusses the benefits of using imgproxy, an image processing server designed for efficiently handling user-uploaded images in web applications. It highlights the limitations of traditional image handling methods, such as unpredictable latency and security risks, and presents imgproxy as a solution that allows for on-the-fly image processing with optimized speed and safety. The server features signed URLs for security, easy deployment, and various processing options, emphasizing its suitability for modern web applications.

Embed presentation

Download as PDF, PPTX
Handling user-uploaded images with ease and confidence Andrey Novikov, Evil Martians Osaka Web Designers and Developers Meetup 22 July 2023
That title is boring! Let’s change!
imgproxy is amazing! Andrey Novikov, Evil Martians Osaka Web Designers and Developers Meetup 22 July 2023
About me Back-end engineer at Evil Martians Writing Ruby, Go, and whatever SQL, Dockerfiles, TypeScript, bash… Love open-source software Created and maintaining a fewRuby gems Living in Japan for 1 year already Driving a moped And also a bicycle to get kids to kindergarten Hi, I’m Andrey
evilmartians.com evilmartians.jp 邪悪な火星人? イービルマーシャンズ!
Martian Open Source Yabeda:Ruby application instrumentation framework Lefthook:git hooks manager AnyCable:Polyglot replacement for ActionCable server PostCSS:A tool for transforming CSS with JavaScript Imgproxy:Fast and secure standalone server for resizing and converting remote images Logux:Client-server communication framework based on Optimistic UI, CRDT, and log Overmind:Process manager for Procfile-based applications and tmux Even more at evilmartians.com/oss Today's topic
So, you need to handle user images Profile pictures Product photos Recipes Reviews Photos in feedback forms … Surprisingly often you need to do it in a web application!
What you will do with them? Generate thumbnails to save bandwidth Crop them to fit design Add watermarks to prevent theft Apply filters However, CSS can do it too Showthem in various places, of course!
“Classic” way Upload image to the server Probablyamong other form fields Store it somewhere Often on S3 or other cloud storage Generate all required thumbnails As manyasyour design requires Store them somewhere Again S3 or other cloud storage Serve them to the user CDN will help here
“Classic” way visualized User Server Storage JobQueue Job started Uploads Image Stores Image Queues Job Upload successful Requests thumbnail Retrieves Thumbnail There are no thumbnails yet! “Image is processing” Retrieve image Unpredictable latency here
Generates thumbnail Stores Thumbnail Requests thumbnail Retrieves Thumbnail Oh yes, of course, here it is Returns thumbnail User Server ImageStorage JobQueue
Problems of “classic” approach Hard to predict latency These “image is processing” fallbacks are ugly Hard to add newvariants Need to reprocess all images before changing front-end And hard to clean up old ones Space is cheap, but not free Deployment gets complicated You need to install ImageMagick or something on all servers/containers Security also is your headache Processing images on your servers is a securityand stabilityrisk, e.g. PNG decompression bomb.
Do we have to do things this way? What if we could just generate thumbnails on the fly?
Meet image processing servers There are many of them: imaginary, cloudinary, etc. And, of course, imgproxy! They do just one thing, but do it well User Server Storage imgproxy generate thumbnail on the fly Uploads Image Notifies about upload Thumbnail URL Requests thumbnail Retrieves image Respond with thumbnail User Server Storage imgproxy
What the URL! Given original image URL: I need to get 300×150 thumbnail, but for Retina displays, smart cropped, and saturated, also with watermark in right bottom corner. Here is the result URL for such a thumbnail: See https://docs.imgproxy.net/generating_the_url The only thing you need to care about is constructing URLs https://www.nasa.gov/sites/default/files/thumbnails/image/pia22228.jpg https://imgproxy.evilmartians.com/ PeInr5PpUxqmfAQlYON_cPs2HC96QOoXik3UaDzIA6c/ rs:fill:300:150:1/dpr:2/g:ce/sa:1.4/ wm:0.5:soea:0:0:0.2/wmu:aHR0cHM6Ly9pbWdwcm94eS5uZXQvd2F0ZXJtYXJrLnN2Zw/ plain/ https:%2F%2Fwww.nasa.gov%2Fsites%2Fdefault%2Ffiles%2Fthumbnails%2Fimage%2Fpia22228.jpg Digital signature Processing options Original image URL
Original image Original image: 1.9MB
Processed image Imageprocessedwith imgproxy: 32kB
imgproxy Written in Go Great concurrency, lowmemoryfootprint, squeezes everything from your servers CPU Uses libvips for image handling Along with speciallycrafted processing pipeline optimized for speed and concurrency Open source and open core Free to use OSS version that covers needs of 99% users, paid PRO version with more features and support for those who reallyneed it Easy to deploy Just spin up a Docker container and forget and it is readyto go. Easy to use Just construct a URL using one of the client libraries, send it to a browser, done! Secure and safe Uses signed URIs, handles image bombs, invalid images, and more.
More on security Signed URLs No one can generate URLswithout knowing your secret keyand use your imgproxyto process their images for free. Or DDoS and cache-poison your CDN byrequesting your imageswith all possible sizes and options. Examples howto sign URL in different languages: https://github.com/imgproxy/imgproxy/tree/master/examples Image compression bombs imgproxywill check metadata and won’t process images that are too large bydimensions Authentication imgproxycan check for authentication headers, and will not process images if someone try to access it bypassing CDN Source restrictions imgproxycan be instructed to allowprocess images onlyfrom sources that you control.
How it solves “classic” approach Latency: Dedicated servicethat do onlyimages processing Veryperformant per se, and you can scale it independentlyfrom your main application, also add CDN in front of it Adding newvariants: Just construct newURL Construct newURL, request it, done! Cleaning up old ones: Let CDN caches to expire Do you reallyneed to store thumbnails at all? Care onlyfor originals. Security and stability: it is separate fromyour main application It handles image bombs, and other nastystuff, but even if some malicious code will be executed, it will find itself in emptyDocker container without anything in it.
Recommended setup Use direct-upload to cloud storage (S3, …) No need to pass images through your application servers at all Place a caching CDN in front of imgproxy Take repetitive load off from imgproxy, save some CO₂
Migration pitfalls Only back-end can construct signed URLs No more guessing on front-end of what variants are available But you can opt-out from signing URLs if you want Couldn't recall any more 🌚
Open source imgproxy will cover you But there are more goodies (and support) in PRO version! Advanced per-image settings Different resizing algirithms, watermarks, compression for individual images Automagic selection of image format and quality settings Maximum per-image compression using most modern format without visible qualityloss Even smarter crop with object detection Detect objects using ML algorithms to crop more accuratelyor blur them SVG processing Inject custom styles, minify Videos, animated GIFs, PDFs support Thumbnailing videos, GIF to video conversion, getting image info OSS version has everything that most web applications need… imgproxy.net/features
Read more imgproxy is amazing byJohn Nunemaker heavilyinfluenced this talk plot (and title, yes) imgproxy: Resize your images instantly and securely bySergeyAlexandrovich (imgproxyauthor) with more details on howimgproxyworks and howto use it Decoding AVIF: Deep dive with cats and imgproxy byPolina Gurtovaya illustrated explanation of modern video and image format internals and howto start using them with imgproxy!
Thank you! @Envek @Envek @Envek @Envek github.com/Envek @evilmartians @evilmartians @evil-martians @evil.martians evilmartians.com Our awesome blog: evilmartians.com/chronicles! See these slides at envek.github.io/owddm-imgproxy-is-amazing Go get imgproxy! imgproxy.net

More Related Content

ODP
Unity ネイティブプラグインの作成について
byTatsuhiko Yamamura
 
PDF
リーンなコードを書こう:実践的なオブジェクト指向設計
by増田 亨
 
PDF
インフラエンジニアってなんでしたっけ(仮)
byAkihiro Kuwano
 
PDF
SQLアンチパターン 幻の第26章「とりあえず削除フラグ」
byTakuto Wada
 
PPTX
MediaRecorder と WebM で、オレオレ Live Streaming
bymganeko
 
PPTX
Product ManagerとProduct Ownerの役割の違いについて
byNoritaka Shinohara
 
PDF
俺とHashiCorp
byToru Makabe
 
PDF
オンラインゲームのRails複数db戦略
byYasutomo Uemori
 
Unity ネイティブプラグインの作成について
byTatsuhiko Yamamura
 
リーンなコードを書こう:実践的なオブジェクト指向設計
by増田 亨
 
インフラエンジニアってなんでしたっけ(仮)
byAkihiro Kuwano
 
SQLアンチパターン 幻の第26章「とりあえず削除フラグ」
byTakuto Wada
 
MediaRecorder と WebM で、オレオレ Live Streaming
bymganeko
 
Product ManagerとProduct Ownerの役割の違いについて
byNoritaka Shinohara
 
俺とHashiCorp
byToru Makabe
 
オンラインゲームのRails複数db戦略
byYasutomo Uemori
 

What's hot

PDF
elixirを使ったゲームサーバ
byHidetaka Kojo
 
PDF
Unityではじめるオープンワールド制作 エンジニア編
byUnity Technologies Japan K.K.
 
PDF
Pull Request & TDD 入門
byESM SEC
 
PDF
[IGC2018] 파더메이드 이찬수 - 블루홀 10년차 개발자의 1인개발이야기
by강 민우
 
PDF
「自分のとこでは動くけど…」を無くす devcontainer
byYuta Matsumura
 
PDF
開発速度が速い #とは(LayerX社内資料)
bymosa siru
 
PDF
PostgreSQLのリカバリ超入門(もしくはWAL、CHECKPOINT、オンラインバックアップの仕組み)
byHironobu Suzuki
 
PDF
Tackling Complexity
byYoshitaka Kawashima
 
PDF
Unityでパフォーマンスの良いUIを作る為のTips
byUnity Technologies Japan K.K.
 
PDF
エラー・バジェットによるリスク管理 Managing risk with error budgets
byGoogle Cloud Platform - Japan
 
PPTX
Photon Fusionのはじめの一歩
by聡 大久保
 
PDF
【Unite Tokyo 2019】大量のアセットも怖くない!~HTTP/2による高速な通信の実装例~
byUnityTechnologiesJapan002
 
PDF
コールバックと戦う話
bytorisoup
 
PDF
Unityでオンラインゲーム作った話
bytorisoup
 
PDF
[NDC10] Unity Build 로 빌드타임 반토막내기 - 송창규
byChangKyu Song
 
PPTX
自宅インフラの育て方 第2回
by富士通クラウドテクノロジーズ株式会社
 
PPTX
上司が信用できない会社の内部統制~第32回WebSig会議「便利さと、怖さと、心強さと〜戦う会社のための社内セキュリティ 2013年のスタンダードとは?!...
byWebSig24/7
 
PDF
Go mobileでモバイルアプリを作ろう
byTakuya Ueda
 
PDF
pg_bigmを用いた全文検索のしくみ(前編)
byNTT DATA OSS Professional Services
 
PDF
ソフトウェアにおける 複雑さとは何なのか?
byYoshitaka Kawashima
 
elixirを使ったゲームサーバ
byHidetaka Kojo
 
Unityではじめるオープンワールド制作 エンジニア編
byUnity Technologies Japan K.K.
 
Pull Request & TDD 入門
byESM SEC
 
[IGC2018] 파더메이드 이찬수 - 블루홀 10년차 개발자의 1인개발이야기
by강 민우
 
「自分のとこでは動くけど…」を無くす devcontainer
byYuta Matsumura
 
開発速度が速い #とは(LayerX社内資料)
bymosa siru
 
PostgreSQLのリカバリ超入門(もしくはWAL、CHECKPOINT、オンラインバックアップの仕組み)
byHironobu Suzuki
 
Tackling Complexity
byYoshitaka Kawashima
 
Unityでパフォーマンスの良いUIを作る為のTips
byUnity Technologies Japan K.K.
 
エラー・バジェットによるリスク管理 Managing risk with error budgets
byGoogle Cloud Platform - Japan
 
Photon Fusionのはじめの一歩
by聡 大久保
 
【Unite Tokyo 2019】大量のアセットも怖くない!~HTTP/2による高速な通信の実装例~
byUnityTechnologiesJapan002
 
コールバックと戦う話
bytorisoup
 
Unityでオンラインゲーム作った話
bytorisoup
 
[NDC10] Unity Build 로 빌드타임 반토막내기 - 송창규
byChangKyu Song
 
自宅インフラの育て方 第2回
by富士通クラウドテクノロジーズ株式会社
 
上司が信用できない会社の内部統制~第32回WebSig会議「便利さと、怖さと、心強さと〜戦う会社のための社内セキュリティ 2013年のスタンダードとは?!...
byWebSig24/7
 
Go mobileでモバイルアプリを作ろう
byTakuya Ueda
 
pg_bigmを用いた全文検索のしくみ(前編)
byNTT DATA OSS Professional Services
 
ソフトウェアにおける 複雑さとは何なのか?
byYoshitaka Kawashima
 

Similar to imgproxy is amazing

PDF
stackconf 2023 | Dynamic Image Optimization with imgproxy at Schwarz IT by An...
byNETWAYS
 
PDF
HotPics 2021
byneexemil
 
PDF
Freeing the cloud, one service at a time
byFrancois Marier
 
PPT
MontrealRb presentation: Cloudinary
byAlain Pilon
 
PDF
The image problem of the web and how to solve it…
byChristian Heilmann
 
PDF
Image Manipulation in WordPress 3.5 - WordCamp Phoenix 2013
byGetSource
 
PPTX
Flyimg: Resize, Crop and Compress images on the fly.
bySadok Ferjani
 
PDF
Flickr Architecture Presentation
byeraz
 
PDF
Flickr and PHP - Cal Henderson
bykangaro10a
 
PDF
Accessing ColdFusion Services From Flex Applications
byMatt Gifford
 
PDF
Image manipulation in WordPress 3.5
byMarko Heijnen
 
PDF
Flickr Architecture Presentation
byweb25
 
PPTX
Introducing the Microservices Reference Architecture Version 1.2
byNGINX, Inc.
 
PPTX
Python Tutorial-Mining imgur images
byWeiai Wayne Xu
 
PDF
How To Make Your Image Go Viral
byMakeMoneyIM.com
 
PDF
Yahoo is open to developers
byChristian Heilmann
 
PDF
EuroPython 2015 - Storing files for the web is not as straightforward as you ...
byAlessandro Molina
 
PDF
Image Mastery within WordPress: Upload, Edit, Display, and Share with Ease
byAmber Hewitt
 
PPTX
Web Optimisation
byGregory Benner
 
PDF
Simple Photo Processing and Web Display with Perl
byKent Cowgill
 
stackconf 2023 | Dynamic Image Optimization with imgproxy at Schwarz IT by An...
byNETWAYS
 
HotPics 2021
byneexemil
 
Freeing the cloud, one service at a time
byFrancois Marier
 
MontrealRb presentation: Cloudinary
byAlain Pilon
 
The image problem of the web and how to solve it…
byChristian Heilmann
 
Image Manipulation in WordPress 3.5 - WordCamp Phoenix 2013
byGetSource
 
Flyimg: Resize, Crop and Compress images on the fly.
bySadok Ferjani
 
Flickr Architecture Presentation
byeraz
 
Flickr and PHP - Cal Henderson
bykangaro10a
 
Accessing ColdFusion Services From Flex Applications
byMatt Gifford
 
Image manipulation in WordPress 3.5
byMarko Heijnen
 
Flickr Architecture Presentation
byweb25
 
Introducing the Microservices Reference Architecture Version 1.2
byNGINX, Inc.
 
Python Tutorial-Mining imgur images
byWeiai Wayne Xu
 
How To Make Your Image Go Viral
byMakeMoneyIM.com
 
Yahoo is open to developers
byChristian Heilmann
 
EuroPython 2015 - Storing files for the web is not as straightforward as you ...
byAlessandro Molina
 
Image Mastery within WordPress: Upload, Edit, Display, and Share with Ease
byAmber Hewitt
 
Web Optimisation
byGregory Benner
 
Simple Photo Processing and Web Display with Perl
byKent Cowgill
 

More from Андрей Новиков

PDF
PostgreSQL as seen by Rubyists (Kaigi on Rails 2022)
byАндрей Новиков
 
PDF
Нюансы запуска приложений в Kubernetes
byАндрей Новиков
 
PDF
Индексируем базу: как делать хорошо и не делать плохо Winter saint p 2021 m...
byАндрей Новиков
 
PDF
What's in a metrics? Ruby Russia 2018
byАндрей Новиков
 
ODP
Spb RubyConf 2017 — надёжные вебсокеты
byАндрей Новиков
 
ODP
Правильная работа с часовыми поясами в Rails приложении — DevConf 2015
byАндрей Новиков
 
PostgreSQL as seen by Rubyists (Kaigi on Rails 2022)
byАндрей Новиков
 
Нюансы запуска приложений в Kubernetes
byАндрей Новиков
 
Индексируем базу: как делать хорошо и не делать плохо Winter saint p 2021 m...
byАндрей Новиков
 
What's in a metrics? Ruby Russia 2018
byАндрей Новиков
 
Spb RubyConf 2017 — надёжные вебсокеты
byАндрей Новиков
 
Правильная работа с часовыми поясами в Rails приложении — DevConf 2015
byАндрей Новиков
 

Recently uploaded

PPTX
Best Way to Convert PST File to MBOX Format
bykyla142000
 
PDF
Prasenjit Bhaumik Plano - Specializing In Web Applications
byPrasenjit Bhaumik Plano
 
PPTX
Google Trips Data Scraping for Tourism & Demand Analysis.pptx
byWeb Data Crawler
 
PDF
Driving Finance Growth with Business Central ERP
byNavision India
 
PPTX
Project System Presentation details process presentation
bytejpratappandey4
 
PPTX
ManageIQ - Sprint 278 Review - Slide Deck
byManageIQ
 
PPTX
Introduction to Software Development and Modern Practices
byM Munim
 
PDF
Salesforce Agentforce Service Agent​.pdf
byRobert Mark
 
PDF
DSD-INT 2025 Groundwater table lowering due to surface water lowering - Reusen
byDeltares
 
PPTX
UAE-Based Insurer Transforms Operations with InsureEdge
byInsurance Tech Services
 
PDF
Cloud Engineering Services | Infysion Technologies
bysolutioninginfysion
 
PDF
Building Strong IT Systems Using the Site Reliability Engineering
byAvekshaa Technologies
 
PDF
Inside An AI Powered ERP System for Process Manufacturers
byBatchMaster Software Pvt. Ltd.
 
PPTX
Free AI Paraphrasing Tool to Rewrite Sentences – SENTENCIFY
bySENTENCIFY
 
PDF
From Sound Workflow Nets to LTLf Declarative Specifications
byLucaBarbaro3
 
PDF
Mitr Sarthi: A Smart ERP for Modern Manufacturers
byGamavis Software Solutions
 
PDF
DSD-INT 2025 Large scale unsaturated zone modelling - Sequential Steady State...
byDeltares
 
PDF
Latest Courier Management Software 2026 | Complete Courier & Logistics Solution
byCourier Softwares
 
PPTX
Inside An AI Powered ERP System for Process Manufacturers
byBatchMaster Software Pvt. Ltd.
 
PDF
DSD-INT 2025 iMOD Parallel coupler development plan - Verkaik
byDeltares
 
Best Way to Convert PST File to MBOX Format
bykyla142000
 
Prasenjit Bhaumik Plano - Specializing In Web Applications
byPrasenjit Bhaumik Plano
 
Google Trips Data Scraping for Tourism & Demand Analysis.pptx
byWeb Data Crawler
 
Driving Finance Growth with Business Central ERP
byNavision India
 
Project System Presentation details process presentation
bytejpratappandey4
 
ManageIQ - Sprint 278 Review - Slide Deck
byManageIQ
 
Introduction to Software Development and Modern Practices
byM Munim
 
Salesforce Agentforce Service Agent​.pdf
byRobert Mark
 
DSD-INT 2025 Groundwater table lowering due to surface water lowering - Reusen
byDeltares
 
UAE-Based Insurer Transforms Operations with InsureEdge
byInsurance Tech Services
 
Cloud Engineering Services | Infysion Technologies
bysolutioninginfysion
 
Building Strong IT Systems Using the Site Reliability Engineering
byAvekshaa Technologies
 
Inside An AI Powered ERP System for Process Manufacturers
byBatchMaster Software Pvt. Ltd.
 
Free AI Paraphrasing Tool to Rewrite Sentences – SENTENCIFY
bySENTENCIFY
 
From Sound Workflow Nets to LTLf Declarative Specifications
byLucaBarbaro3
 
Mitr Sarthi: A Smart ERP for Modern Manufacturers
byGamavis Software Solutions
 
DSD-INT 2025 Large scale unsaturated zone modelling - Sequential Steady State...
byDeltares
 
Latest Courier Management Software 2026 | Complete Courier & Logistics Solution
byCourier Softwares
 
Inside An AI Powered ERP System for Process Manufacturers
byBatchMaster Software Pvt. Ltd.
 
DSD-INT 2025 iMOD Parallel coupler development plan - Verkaik
byDeltares
 

imgproxy is amazing

  • 1.
    Handling user-uploaded images withease and confidence Andrey Novikov, Evil Martians Osaka Web Designers and Developers Meetup 22 July 2023
  • 2.
    That title isboring! Let’s change!
  • 3.
    imgproxy is amazing! AndreyNovikov, Evil Martians Osaka Web Designers and Developers Meetup 22 July 2023
  • 4.
    About me Back-end engineerat Evil Martians Writing Ruby, Go, and whatever SQL, Dockerfiles, TypeScript, bash… Love open-source software Created and maintaining a fewRuby gems Living in Japan for 1 year already Driving a moped And also a bicycle to get kids to kindergarten Hi, I’m Andrey
  • 5.
  • 6.
    Martian Open Source Yabeda:Rubyapplication instrumentation framework Lefthook:git hooks manager AnyCable:Polyglot replacement for ActionCable server PostCSS:A tool for transforming CSS with JavaScript Imgproxy:Fast and secure standalone server for resizing and converting remote images Logux:Client-server communication framework based on Optimistic UI, CRDT, and log Overmind:Process manager for Procfile-based applications and tmux Even more at evilmartians.com/oss Today's topic
  • 7.
    So, you needto handle user images Profile pictures Product photos Recipes Reviews Photos in feedback forms … Surprisingly often you need to do it in a web application!
  • 8.
    What you willdo with them? Generate thumbnails to save bandwidth Crop them to fit design Add watermarks to prevent theft Apply filters However, CSS can do it too Showthem in various places, of course!
  • 9.
    “Classic” way Upload imageto the server Probablyamong other form fields Store it somewhere Often on S3 or other cloud storage Generate all required thumbnails As manyasyour design requires Store them somewhere Again S3 or other cloud storage Serve them to the user CDN will help here
  • 10.
    “Classic” way visualized UserServer Storage JobQueue Job started Uploads Image Stores Image Queues Job Upload successful Requests thumbnail Retrieves Thumbnail There are no thumbnails yet! “Image is processing” Retrieve image Unpredictable latency here
  • 11.
    Generates thumbnail Stores Thumbnail Requests thumbnail RetrievesThumbnail Oh yes, of course, here it is Returns thumbnail User Server ImageStorage JobQueue
  • 12.
    Problems of “classic”approach Hard to predict latency These “image is processing” fallbacks are ugly Hard to add newvariants Need to reprocess all images before changing front-end And hard to clean up old ones Space is cheap, but not free Deployment gets complicated You need to install ImageMagick or something on all servers/containers Security also is your headache Processing images on your servers is a securityand stabilityrisk, e.g. PNG decompression bomb.
  • 13.
    Do we haveto do things this way? What if we could just generate thumbnails on the fly?
  • 14.
    Meet image processingservers There are many of them: imaginary, cloudinary, etc. And, of course, imgproxy! They do just one thing, but do it well User Server Storage imgproxy generate thumbnail on the fly Uploads Image Notifies about upload Thumbnail URL Requests thumbnail Retrieves image Respond with thumbnail User Server Storage imgproxy
  • 15.
    What the URL! Givenoriginal image URL: I need to get 300×150 thumbnail, but for Retina displays, smart cropped, and saturated, also with watermark in right bottom corner. Here is the result URL for such a thumbnail: See https://docs.imgproxy.net/generating_the_url The only thing you need to care about is constructing URLs https://www.nasa.gov/sites/default/files/thumbnails/image/pia22228.jpg https://imgproxy.evilmartians.com/ PeInr5PpUxqmfAQlYON_cPs2HC96QOoXik3UaDzIA6c/ rs:fill:300:150:1/dpr:2/g:ce/sa:1.4/ wm:0.5:soea:0:0:0.2/wmu:aHR0cHM6Ly9pbWdwcm94eS5uZXQvd2F0ZXJtYXJrLnN2Zw/ plain/ https:%2F%2Fwww.nasa.gov%2Fsites%2Fdefault%2Ffiles%2Fthumbnails%2Fimage%2Fpia22228.jpg Digital signature Processing options Original image URL
  • 16.
  • 17.
  • 18.
    imgproxy Written in Go Greatconcurrency, lowmemoryfootprint, squeezes everything from your servers CPU Uses libvips for image handling Along with speciallycrafted processing pipeline optimized for speed and concurrency Open source and open core Free to use OSS version that covers needs of 99% users, paid PRO version with more features and support for those who reallyneed it Easy to deploy Just spin up a Docker container and forget and it is readyto go. Easy to use Just construct a URL using one of the client libraries, send it to a browser, done! Secure and safe Uses signed URIs, handles image bombs, invalid images, and more.
  • 19.
    More on security SignedURLs No one can generate URLswithout knowing your secret keyand use your imgproxyto process their images for free. Or DDoS and cache-poison your CDN byrequesting your imageswith all possible sizes and options. Examples howto sign URL in different languages: https://github.com/imgproxy/imgproxy/tree/master/examples Image compression bombs imgproxywill check metadata and won’t process images that are too large bydimensions Authentication imgproxycan check for authentication headers, and will not process images if someone try to access it bypassing CDN Source restrictions imgproxycan be instructed to allowprocess images onlyfrom sources that you control.
  • 20.
    How it solves“classic” approach Latency: Dedicated servicethat do onlyimages processing Veryperformant per se, and you can scale it independentlyfrom your main application, also add CDN in front of it Adding newvariants: Just construct newURL Construct newURL, request it, done! Cleaning up old ones: Let CDN caches to expire Do you reallyneed to store thumbnails at all? Care onlyfor originals. Security and stability: it is separate fromyour main application It handles image bombs, and other nastystuff, but even if some malicious code will be executed, it will find itself in emptyDocker container without anything in it.
  • 21.
    Recommended setup Use direct-uploadto cloud storage (S3, …) No need to pass images through your application servers at all Place a caching CDN in front of imgproxy Take repetitive load off from imgproxy, save some CO₂
  • 22.
    Migration pitfalls Only back-endcan construct signed URLs No more guessing on front-end of what variants are available But you can opt-out from signing URLs if you want Couldn't recall any more 🌚
  • 23.
    Open source imgproxywill cover you But there are more goodies (and support) in PRO version! Advanced per-image settings Different resizing algirithms, watermarks, compression for individual images Automagic selection of image format and quality settings Maximum per-image compression using most modern format without visible qualityloss Even smarter crop with object detection Detect objects using ML algorithms to crop more accuratelyor blur them SVG processing Inject custom styles, minify Videos, animated GIFs, PDFs support Thumbnailing videos, GIF to video conversion, getting image info OSS version has everything that most web applications need… imgproxy.net/features
  • 24.
    Read more imgproxy isamazing byJohn Nunemaker heavilyinfluenced this talk plot (and title, yes) imgproxy: Resize your images instantly and securely bySergeyAlexandrovich (imgproxyauthor) with more details on howimgproxyworks and howto use it Decoding AVIF: Deep dive with cats and imgproxy byPolina Gurtovaya illustrated explanation of modern video and image format internals and howto start using them with imgproxy!
  • 25.
    Thank you! @Envek @Envek @Envek @Envek github.com/Envek @evilmartians @evilmartians @evil-martians @evil.martians evilmartians.com Our awesomeblog: evilmartians.com/chronicles! See these slides at envek.github.io/owddm-imgproxy-is-amazing Go get imgproxy! imgproxy.net