Nextcloud unable to access S3 files, but when I bash into the container I can curl it

Title, already made an issue but no response yet.

How are you testing via cURL at the command line? Like a pre signed URL or… ?

My setups that are v28.0.3 based have S3 External Storage mounts on them which seem to be functioning fine.

Based on the logs you posted in the Issue, it appears you mounted the External Storage as your account’s root folder rather than a subdirectory under it. Is that correct?

I don’t know if this is a pre-signed URL or not, but I’m simply cURL’ing the link that fails to fopen. E.g. curl

Also yes, S3 is mounted at root.

Gotcha. Well, without authentication those cURL tests aren’t really downloading your files (unless your bucket is open to the public). You’re most likely getting denied by AWS’s S3 frontend unfortunately it’s not really a valid comparison test. :slight_smile:

To test with cURL for real, you’ll need to generate a presigned URL for one of your bucket files via the AWS control panel or CLI. That will allow a better test scenario.

The logs suggest it really is just a standard outbound connectivity matter.

Is your Nextcloud server fairly near to AWS’s us-east data center geographically and network-wise?

I opened my bucket to the public after I opened the issue, so that isn’t the issue. But I tested with a presigned URL nonetheless, cURL still works fine.

My Nextcloud server’s in an EC2 instance that’s in the same availability center as my S3 bucket. Logically there should be no reason for it not to work.

In your report you mentioned you recently moved everything to S3. So this worked for a bit then stopped? Can you identify what may have occurred around the time period when it stopped? Had their been a recent update or anything like that?

I just re-installed Nextcloud (using AIO) from scratch and the same thing’s happening, so that’s not it unfortunately. Just for the record, I’m using a custom network in my docker compose to enable IPv6:

    name: nextcloud-aio
    driver: bridge
    enable_ipv6: true
    attachable: true
      driver: default
        - subnet: 2600:1f16:1cfb:1c00::/56

Figured it out, I’d forgot to enable IPv6 in Docker in this new instance.

1 Like

This topic was automatically closed 8 days after the last reply. New replies are no longer allowed.