Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Cannot access files in sub-directories #35

Open
johhue opened this issue Jul 6, 2023 · 7 comments · May be fixed by #54
Open

Cannot access files in sub-directories #35

johhue opened this issue Jul 6, 2023 · 7 comments · May be fixed by #54

Comments

@johhue
Copy link

johhue commented Jul 6, 2023

We are uploading a file to bucket/subdir1/file1 and we can access the file from S3 using Spring Clients, but s3manager gives a "404 not found" error.

How do I browse subdirectories and access files under those subdirectories?
@asgardius
Copy link

If a subdirectory has spaces or unicode characters it won't work, otherwise it will work.
I'm using a MinIO instance with NGINX reverse proxy
Here is a comparison of my server logs
This request is successful
127.0.0.1 - - [17/Dec/2023:15:40:42 +0100] "GET /photos/?prefix=The+Honkers%2F&delimiter=%2F&max-keys=1000 HTTP/1.1" 200 346292 "-" "Asgardius S3 Manager"
This one return an empty list
127.0.0.1 - - [17/Dec/2023:15:43:41 +0100] "GET /photos/?delimiter=%2F&encoding-type=url&fetch-owner=true&list-type=2&prefix=The%2520Honkers%2F HTTP/1.1" 200 309 "-" "MinIO (linux; amd64) minio-go/v7.0.65"
Here is another example
127.0.0.1 - - [17/Dec/2023:15:49:20 +0100] "GET /asgardiustest/?prefix=pe%C3%B1a%2F&delimiter=%2F&max-keys=1000 HTTP/1.1" 200 599 "-" "Asgardius S3 Manager"
127.0.0.1 - - [17/Dec/2023:15:50:31 +0100] "GET /asgardiustest/?delimiter=%2F&encoding-type=url&fetch-owner=true&list-type=2&prefix=pe%25C3%25B1a%2F HTTP/1.1" 200 314 "-" "MinIO (linux; amd64) minio-go/v7.0.65"
As you can see, this issue is due this client is asking wrong prefix
This app is encoding prefix name twice. I have a fix. I'm preparing a pull request for this

@asgardius asgardius mentioned this issue Dec 17, 2023
Closed
@Magnitus-
Copy link

@asgardius Thanks for the fix. Saved me some time hunting it down.

@asgardius asgardius linked a pull request Mar 6, 2024 that will close this issue
Open
@ishan-kpit
Copy link

@asgardius Could you please share your nginx reverse proxy config?

@asgardius
Copy link

@asgardius Could you please share your nginx reverse proxy config?

Here is my nginx config file

server {
    server_name s3manager.example.com;
    root /var/www/html;

    index index.html index.htm  index.nginx-debian.html;
    client_max_body_size 0;
  gzip on;
  gzip_disable "msie6";
  gzip_vary on;
  gzip_proxied any;
  gzip_comp_level 6;
  gzip_buffers 16 8k;
  gzip_http_version 1.1;
  gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript image/svg+xml image/x-icon;

    location / {
        proxy_pass http://127.0.0.1:8009;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Forwarded-Protocol $scheme;
        proxy_set_header X-Forwarded-Host $http_host;
        auth_basic "Only Page Asgardius is allowed here";
        auth_basic_user_file /etc/nginx/s3managerpasswd;

    }

    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/s3manager.example.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/s3manager.example.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}

@ishan-kpit
Copy link

@asgardius How do we reverse proxy in the following scenario?

For example: If I want to proxy localhost:8080/buckets/my-bucket >> localhost/s3

I have tried a couple of different nginx proxy configs but none seem to be working properly.

@asgardius
Copy link

@asgardius How do we reverse proxy in the following scenario?

For example: If I want to proxy localhost:8080/buckets/my-bucket >> localhost/s3

I have tried a couple of different nginx proxy configs but none seem to be working properly.

It seems that is not possible without edit backend source code, but you can use the following aproach instead

server {
    server_name s3manager.example.com;
    root /var/www/html;

    index index.html index.htm  index.nginx-debian.html;
    client_max_body_size 0;
  gzip on;
  gzip_disable "msie6";
  gzip_vary on;
  gzip_proxied any;
  gzip_comp_level 6;
  gzip_buffers 16 8k;
  gzip_http_version 1.1;
  gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript image/svg+xml image/x-icon;


#api and buckets endpoints are required
#Page Asgardius is an admin user
    location /buckets {
        proxy_pass http://127.0.0.1:8009/buckets;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Forwarded-Protocol $scheme;
        proxy_set_header X-Forwarded-Host $http_host;
        auth_basic "Only Page Asgardius is allowed here";
        auth_basic_user_file /etc/nginx/s3managerpasswd;

    }

location /api {
        proxy_pass http://127.0.0.1:8009/api;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Forwarded-Protocol $scheme;
        proxy_set_header X-Forwarded-Host $http_host;
        auth_basic "Only Page Asgardius is allowed here";
        auth_basic_user_file /etc/nginx/s3managerpasswd;

    }

#Emily Asgardius is an user that only can access a specific bucket
    location /buckets/emily {
        proxy_pass http://127.0.0.1:8009/buckets/emily;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Forwarded-Protocol $scheme;
        proxy_set_header X-Forwarded-Host $http_host;
        auth_basic "Only Emily Asgardius is allowed here";
        auth_basic_user_file /etc/nginx/s3managerpasswd-emily;

    }

    location /api/buckets/emily {
        proxy_pass http://127.0.0.1:8009/api/buckets/emily;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Forwarded-Protocol $scheme;
        proxy_set_header X-Forwarded-Host $http_host;
        auth_basic "Only Emily Asgardius is allowed here";
        auth_basic_user_file /etc/nginx/s3managerpasswd-emily;

    }

#We have a test bucket with limited storage quota where everybody can test this app
    location /buckets/public {
        proxy_pass http://127.0.0.1:8009/buckets/public;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Forwarded-Protocol $scheme;
        proxy_set_header X-Forwarded-Host $http_host;
    }

    location /api/buckets/public {
        proxy_pass http://127.0.0.1:8009/api/buckets/public;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Forwarded-Protocol $scheme;
        proxy_set_header X-Forwarded-Host $http_host;
    }

#This will redirect users to public bucket when entering subdomain in url bar
    location = / {
    return 302 https://$host/buckets/public;
    }

    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/s3manager.example.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/s3manager.example.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

1 similar comment
@asgardius
Copy link

@asgardius How do we reverse proxy in the following scenario?

For example: If I want to proxy localhost:8080/buckets/my-bucket >> localhost/s3

I have tried a couple of different nginx proxy configs but none seem to be working properly.

It seems that is not possible without edit backend source code, but you can use the following aproach instead

server {
    server_name s3manager.example.com;
    root /var/www/html;

    index index.html index.htm  index.nginx-debian.html;
    client_max_body_size 0;
  gzip on;
  gzip_disable "msie6";
  gzip_vary on;
  gzip_proxied any;
  gzip_comp_level 6;
  gzip_buffers 16 8k;
  gzip_http_version 1.1;
  gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript image/svg+xml image/x-icon;


#api and buckets endpoints are required
#Page Asgardius is an admin user
    location /buckets {
        proxy_pass http://127.0.0.1:8009/buckets;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Forwarded-Protocol $scheme;
        proxy_set_header X-Forwarded-Host $http_host;
        auth_basic "Only Page Asgardius is allowed here";
        auth_basic_user_file /etc/nginx/s3managerpasswd;

    }

location /api {
        proxy_pass http://127.0.0.1:8009/api;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Forwarded-Protocol $scheme;
        proxy_set_header X-Forwarded-Host $http_host;
        auth_basic "Only Page Asgardius is allowed here";
        auth_basic_user_file /etc/nginx/s3managerpasswd;

    }

#Emily Asgardius is an user that only can access a specific bucket
    location /buckets/emily {
        proxy_pass http://127.0.0.1:8009/buckets/emily;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Forwarded-Protocol $scheme;
        proxy_set_header X-Forwarded-Host $http_host;
        auth_basic "Only Emily Asgardius is allowed here";
        auth_basic_user_file /etc/nginx/s3managerpasswd-emily;

    }

    location /api/buckets/emily {
        proxy_pass http://127.0.0.1:8009/api/buckets/emily;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Forwarded-Protocol $scheme;
        proxy_set_header X-Forwarded-Host $http_host;
        auth_basic "Only Emily Asgardius is allowed here";
        auth_basic_user_file /etc/nginx/s3managerpasswd-emily;

    }

#We have a test bucket with limited storage quota where everybody can test this app
    location /buckets/public {
        proxy_pass http://127.0.0.1:8009/buckets/public;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Forwarded-Protocol $scheme;
        proxy_set_header X-Forwarded-Host $http_host;
    }

    location /api/buckets/public {
        proxy_pass http://127.0.0.1:8009/api/buckets/public;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Forwarded-Protocol $scheme;
        proxy_set_header X-Forwarded-Host $http_host;
    }

#This will redirect users to public bucket when entering subdomain in url bar
    location = / {
    return 302 https://$host/buckets/public;
    }

    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/s3manager.example.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/s3manager.example.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
4 participants
@Magnitus- @johhue @asgardius @ishan-kpit