As a big research institution we want to offer Nextcloud as standard web GUI for our researchers to manage their research data stored on our S3 object storage. Therefore, we enabled External Storage for S3, so the needed buckets can be mounted into their own Nextcloud profile.
So far, it works fine. But enabling S3 as external storage also makes it possible to mount any S3 storage (e.g. one’s custom Amazon S3 buckets) into Nextcloud. Due to our institutional policies we need the users to mount only buckets from our own S3 storage.
Is there a way to restrict the mounting of external storage to specific domains/IP’s?
In the GUI of the admin account seems to be no possibility for this case. One can only select a general type of storage. I’ve been reading through the docs and occ manual, but so far couldn’t find a solution. If anyone has an idea or knows an option how to allow only specific FQDN’s or IP’s to be mountable, that would be very helpful and welcome!
Some Infos
- Nextcloud Server version (e.g., 29.x.x):
Nextcloud Hub 9 (30.0.2 Enterprise)
- Operating system and version (e.g., Ubuntu 24.04):
RHEL 8.10
- Web server and version (e.g, Apache 2.4.25):
Apache/2.4.37
- PHP version (e.g, 8.3):
8.3.20
