Closed AkarinLiu closed 1 month ago
lobehubbot
commented
1 month ago 👀 @AkarinLiu
Thank you for raising an issue. We will investigate into the matter and get back to you as soon as possible. Please make sure you have given us as much context as possible.\ 非常感谢您提交 issue。我们会尽快调查此事,并尽快回复您。 请确保您已经提供了尽可能多的背景信息。
dosubot[bot]
commented
1 month ago I found a similar unsolved discussion regarding authorization issues with MinIO: LobeChat 因授权问题无法连接至MinIO服务器 [1].
To resolve the "UNAUTHORIZED" error when trying to connect LobeChat to the MinIO server, ensure that you have correctly configured the access keys and bucket policies in your .env file and MinIO settings.
Check Access Keys: Ensure that the S3_ACCESS_KEY_ID and S3_SECRET_ACCESS_KEY in your .env file match the access keys created in MinIO. Your .env file should include the following MinIO S3 configuration:
# MinIO S3 配置
S3_ACCESS_KEY_ID=YOUR_S3_ACCESS_KEY_ID
S3_SECRET_ACCESS_KEY=YOUR_S3_SECRET_ACCESS_KEY
S3_ENDPOINT=https://lobe-s3-api.example.com
S3_BUCKET=lobe
S3_PUBLIC_DOMAIN=https://lobe-s3-api.example.com
S3_ENABLE_PATH_STYLE=1Bucket Policy: Verify that the bucket policy is correctly set. The policy should look like this:
{
"Statement": [
{
"Effect": "Allow",
"Principal": {
"AWS": ["*"]
},
"Action": ["s3:GetBucketLocation"],
"Resource": ["arn:aws:s3:::lobe"]
},
{
"Effect": "Allow",
"Principal": {
"AWS": ["*"]
},
"Action": ["s3:ListBucket"],
"Resource": ["arn:aws:s3:::lobe"],
"Condition": {
"StringEquals": {
"s3:prefix": ["files/*"]
}
}
},
{
"Effect": "Allow",
"Principal": {
"AWS": ["*"]
},
"Action": ["s3:PutObject", "s3:DeleteObject", "s3:GetObject"],
"Resource": ["arn:aws:s3:::lobe/files/**"]
}
],
"Version": "2012-10-17"
}Restart LobeChat Service: After making changes to the .env file or MinIO settings, restart the LobeChat service to apply the new configurations:
docker compose up -dEnsure that you do not use docker compose restart lobe as it will not reload the environment variables, and your S3 configuration will not take effect [2][3].
Additionally, if you are using Cloudflare R2 as your S3 storage service, make sure to configure the environment variables and CORS settings correctly:
# Bucket name
S3_BUCKET=lobechat
# Request endpoint of the bucket (note that the path in this link includes the bucket name, which must be removed, or use the link provided on the page for applying S3 API token)
S3_ENDPOINT=https://0b33a03b5c993fd2f453379dc36558e5.r2.cloudflarestorage.com
# Access domain of the bucket
S3_PUBLIC_DOMAIN=https://s3-for-lobechat.your-domain.comS3_ACCESS_KEY_ID=9998d6757e276cf9f1edbd325b7083a6
S3_SECRET_ACCESS_KEY=55af75d8eb6b99f189f6a35f855336ea62cd9c4751a5cf4337c53c1d3f497ac2[
{
"AllowedOrigins": ["https://your-project.vercel.app"],
"AllowedMethods": ["GET", "PUT", "HEAD", "POST", "DELETE"],
"AllowedHeaders": ["*"]
}
]After configuration, click save [4].
To continue talking to Dosu, mention @dosu.
LovelyGuYiMeng
commented
1 month ago 你没设置登录系统,数据库版必须要有个登录系统,没有登录系统就会一直授权失败
lobehubbot
commented
1 month ago Bot detected the issue body's language is not English, translate it automatically. 👯👭🏻🧑🤝🧑👫🧑🏿🤝🧑🏻👩🏾🤝👨🏿👬🏿
You have not set up a login system. The database version must have a login system. Without a login system, authorization will continue to fail.
zhangleijun111
commented
1 month ago 你没设置登录系统,数据库版必须要有个登录系统,没有登录系统就会一直授权失败
是否可以通过配置环境变量跳过身份认证这个环节
lobehubbot
commented
1 month ago Bot detected the issue body's language is not English, translate it automatically. 👯👭🏻🧑🤝🧑👫🧑🏿🤝🧑🏻👩🏾🤝👨🏿👬🏿
You have not set up a login system. The database version must have a login system. Without a login system, authorization will always fail.
Is it possible to skip the identity authentication step by configuring environment variables?
Discussed in https://github.com/lobehub/lobe-chat/discussions/3988