We have a really small Space installation, and run it using docker compose based on the files provided in the beta and the updated the generated configuration files with keys/endpoints, but have some endpoints to go, it seems.
I create a package repository and successfully upload a file. (Yay!)
When I try to download the file, I get a **redirect** to an URI with a bunch of parameters, but the URI **point to an internal address** http:minio:9000/. The conf files has a number of places where this string is found, and I tried changing them to the external Uri, but that didn't work and broke a bunch of other stuff.... :(
I would greatly appreciate some direction here on which of all the places in the conf files that mentions http://minio:9000 should be replaced with the corresponding external url?
Heres a redacted dump from cUrl which shows what happens from the client's point of view:
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
00000000 --:--:-- --:--:-- --:--:-- 0* Trying _IP_redacted_:443...
* Connected to example.com (_IP_redacted_) port 443 (#0)
* ALPN: offers h2
* ALPN: offers http/1.1
* CAfile: /etc/ssl/cert.pem
* CApath: none
* [CONN-0-0][CF-SSL] (304) (OUT), TLS handshake, Client hello (1):
} [321 bytes data]
* [CONN-0-0][CF-SSL] (304) (IN), TLS handshake, Server hello (2):
{ [122 bytes data]
* [CONN-0-0][CF-SSL] (304) (IN), TLS handshake, Unknown (8):
{ [19 bytes data]
* [CONN-0-0][CF-SSL] (304) (IN), TLS handshake, Certificate (11):
{ [4099 bytes data]
* [CONN-0-0][CF-SSL] (304) (IN), TLS handshake, CERT verify (15):
{ [78 bytes data]
* [CONN-0-0][CF-SSL] (304) (IN), TLS handshake, Finished (20):
{ [36 bytes data]
* [CONN-0-0][CF-SSL] (304) (OUT), TLS handshake, Finished (20):
} [36 bytes data]
* SSL connection using TLSv1.3 / AEAD-CHACHA20-POLY1305-SHA256
* ALPN: server accepted h2
* Server certificate:
* subject: CN=space.example.com
* start date: May 11 11:14:04 2023 GMT
* expire date: Aug 9 11:14:03 2023 GMT
* subjectAltName: host "example.com" matched cert's "example.com"
* issuer: C=US; O=Let's Encrypt; CN=R3
* SSL certificate verify ok.
* Using HTTP2, server supports multiplexing
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* h2h3 [:method: GET]
* h2h3 [:path: /files/p/dso/files/test/file.tar.gz]
* h2h3 [:scheme: https]
* h2h3 [:authority: example.com]
* h2h3 [user-agent: curl/7.87.0]
* h2h3 [accept: */*]
* h2h3 [authorization: Bearer _redacted_]
* Using Stream ID: 1 (easy handle 0x130011400)
> GET /files/p/dso/files/test/file.tar.gz HTTP/2
> Host: example.com
> user-agent: curl/7.87.0
> accept: */*
> authorization: Bearer _redacted_
>
* Connection state changed (MAX_CONCURRENT_STREAMS == 128)!
< HTTP/2307
< server: nginx/1.22.1
< date: Thu, 11 May 2023 14:35:26 GMT
< content-length: 0
< vary: Origin
< x-frame-options: DENY
< content-security-policy: frame-ancestors 'none'
< referrer-policy: no-referrer
< location: http://minio:9000/packages-local/7364723526216753742/files/2781743216076945795/test/file.tar.gz?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20230511T143526Z&X-Amz-SignedHeaders=host&X-Amz-Expires=600&X-Amz-Credential=space-access-key_Redacted__X-Amz-Signature=_redacted_
Hi Per-Olof Bengtsson, thanks for reporting this! It's a known issue and we're currently working on the new On-Premises version with the fix included. The ETA is about a month, but I'll try to share early builds if possible. Sorry for the inconvenience caused. Please stay tuned.
Ok great! thanks for answering.
We look forward to the new release then, with a fix and all other new good stuff!
You got something good going with space. I especially like how I can put my personal todos on just about everything in space. If the can be made even more granular it would be un-beatable :)