Closed yaleman closed 1 month ago
jessebot
commented
1 month ago Thanks for reporting this! I think it's because this needs to be quoted:
so I think I need to submit a PR to change it to:
{{- with .Values.nextcloud.objectStore.s3.legacyAuth }}
- name: OBJECTSTORE_S3_LEGACYAUTH
value: {{ . | quote }}
{{- end }}I'll get on that :)
jessebot
commented
1 month ago This was automatically closed by #638, but can you give a try and make sure it's working now? :)
yaleman
commented
1 month ago Thanks @jessebot it does seem to have solved the issue, but I'm still very confused as to how to get Minio working as an S3 backend. Have you any direction on this one?
FWIW, nextcloud.objectStore.s3.autoCreate is supposedly set by default to false according to the docs, but it's throwing 403's about creating the bucket... which seems to indicate another issue.
jessebot
commented
1 month ago @yaleman this may be an issue where you need to set verify_bucket_exists to false which is mentioned in the docs, however that won't be supported in this chart until https://github.com/nextcloud/helm/pull/614 is merged, which is blocked by https://github.com/nextcloud/docker/pull/2271 (@joshtrichards set the milestone for this to be Nextcloud 30.0.2 so perhaps we can expect it for 30.0.2).
In the meantime, you could use the include your own env var and pass in a custom config like this one: https://github.com/nextcloud/docker/blob/0f899fe772b179e65fdb0bc77933d2c53b2724f7/.config/s3.config.php#L29
Let me know if you need any other help :)
yaleman
commented
1 month ago The next issue is that it's returning HTTP urls when accessing it via HTTPS, so most of the page assets won't load. I'm not using the helm chart to do the certs/TLS, how do I tell it to fix that?
jessebot
commented
1 month ago The next issue is that it's returning HTTP urls when accessing it via HTTPS, so most of the page assets won't load. I'm not using the helm chart to do the certs/TLS, how do I tell it to fix that?
The word "it" is used a lot here, but I'm not sure what "it" is. 🤔 What error are you getting exactly and from where?
There is a use_ssl option you can set for s3, but if you're asking about ssl for minio, you need to consult the minio chart.
If you're asking about SSL for nextcloud itself, you could do that via nginx + cert-manager. The way I do certs via the values.yaml is like this:
ingress:
enabled: true
className: nginx
annotations:
cert-manager.io/cluster-issuer: 'letsencrypt-prod'Sorry "it" is the Nextcloud stack, which is responding with http URLs in the HTML responses, so it fails to load things like CSS. I'll have to test the above when I can thanks.
jessebot
commented
1 month ago Sorry "it" is the Nextcloud stack, which is responding with http URLs in the HTML responses, so it fails to load things like CSS. I'll have to test the above when I can thanks.
hmmm, I haven't run into that issue before, but let us know how it goes! If minio is using https traffic, and so is nextcloud, you should be good to go, but if not, I can try to take a look at both your nextcloud and minio values files and see what may be up. A reminder that I do this in my spare time, so if I drop off on responses for a bit, it's not you, and I will eventually come back around and take a look.
Others in the community are also always free to chime in 🙏
Describe your Issue
Set value of nextcloud.objectStore.s3.legacyAuth to "true" or "false" or "yes" or "no" (note, string values) and it ends up as a bool when being set in the provider:
Logs and Errors
Describe your Environment
Kubernetes distribution: kss
Helm Version (or App that manages helm): tofu
Helm Chart Version: 6.0.2
values.yaml:Additional context, if any
I'm trying to configure minio as an s3 backing store, if there's a better path I'm happy to follow it 😄
Setting it to "test" works fine. Other settings like this work fine too, just not legacyAuth: