Is there a way to disable encryption on data folder when using S3 as primary storage?

I’ve succesfully installed and configure Nextcloud on my server, using a Digital Ocean’s Space (which is S3 compatible) as my primary storage. I noticed that the actual data gets stored in the Space as a bunch of urn:oid: files, which I assume that are my files encrypted.

Is there any way to disable this encryption? If not, is is possible to decrypt them to read them as the original files?

Here’s my config.php:

$CONFIG = array (
  'passwordsalt' => 'XXX',
  'secret' => 'XXX',
  'trusted_domains' =>
  array (
    0 => 'myhost.domain',
  'datadirectory' => 'myhost-data-folder',
  'dbtype' => 'mysql',
  'version' => '',
  'overwrite.cli.url' => 'https://myhost.domain',
  'dbname' => 'myhost-dbname',
  'dbhost' => 'myhost-dbhost',
  'dbport' => '',
  'dbtableprefix' => 'oc_',
  'mysql.utf8mb4' => true,
  'dbuser' => 'myhost-dbuser',
  'objectstore' =>
  array (
    'class' => '\\OC\\Files\\ObjectStore\\S3',
    'arguments' =>
    array (
      'bucket' => 'digital-ocean-space-name',
      'autocreate' => true,
      'key' => 'digital-ocean-space-key',
      'secret' => 'digital-ocean-space-secret',
      'hostname' => '',
      'port' => 443,
      'use_ssl' => true,
      'region' => 'nyc3',
      'use_path_style' => false,
  'instanceid' => 'myhost-instanceid',
  'dbpassword' => 'myhost-dbpassword',
  'installed' => true,
  'ldapIgnoreNamingRules' => false,
  'ldapProviderFactory' => 'OCA\\User_LDAP\\LDAPProviderFactory',
  'maintenance' => false,
  'app_install_overwrite' =>
  array (
    0 => 'ldaporg',

Nextcloud version: 17.0.2
Operating system and version: CentOS 8
Nginx version: 1.14.1
PHP version: 7.2.11-1

These filenames come from the setup of s3 as primary storage.
The content should only be encrypted if you have activated the server side encryption for local storage.

1 Like

Thanks for your response. What I was looking for was to see the actual files that were being upload in my Nextcloud instance in the Space from my Digital Ocean account, just like I would if was using the local filesystem.

But I’ve looked further into this and found this:

Basically, the original files can not be seen outside Nextcloud (which is fair).


Thanks for clarifying the same for others as a future reference point.

Make sure you make SQL backups!

You can still open the files of you download them directly from your s3 instance, but the filenames will not be usable (urn:oid:xxxx).
Only if you enable encryption you won’t be able to open them.