StorJ S3 as primary object storage for Nextcloud

I am currently trying to setup StorJ S3-compatible access with Nextcloud as primary object storage following https://docs.nextcloud.com/server/stable/admin_manual/configuration_files/primary_storage.html#simple-storage-service-s3.

However, it seems that I always get an “Access Denied” error. I configured other services before such as S3 storage for Matrix server and GoToSocial before without any issue.

I have tried several configurations, such as disabling and enabling the auto creation or even with and without combination of path style.

I have also created new credentials just to be sure it was not my fault.

Does this happen to you? Did any of you got it working without the application for external storage (which can also be used as primary storage by making it dependent in that the application is not disabled) or the self-hosted gateway?

Hello @EchedeyLR,
Welcome to the forum!

Have you specified the Endpoint? If not, it will try to connect to Amazon S3 instead of Storj DCS.
It’s also working with self-hosted s3-compatible gateway as well (but requires to be run on the same server or need to be configured with reverse proxy and SSL support to secure your connection, because by default it uses HTTP).
You may also take a look on a native integration instead of S3: Nextcloud with Storj - Storj DCS Docs

Could you please show your current configuration for the S3 integration (you may mask the private information)?

'objectstore' => [
    'class' => '\\OC\\Files\\ObjectStore\\S3',
    'arguments' => [
      'bucket' => 'cloud',
      'autocreate' => true,
      'key' => 'XXX',
      'secret' => 'XXXXX',
      'hostname' => 'gateway.storjshare.io',
      'port' => 443,
      'use_ssl' => true,
      'region' => 'optional',
      // required for some non Amazon S3 implementations
      'use_path_style'=>true,
    ],
  ],

Th error given is:

 "message": "Error executing \"PutObject\" on \"https://gateway.storjshare.io/cloud/urn%3Aoid%3A189\"; AWS HTTP error: Client error: `PUT https://gateway.storjshare.io/cloud/urn%3Aoid%3A189` resulted in a `403 Forbidden` response:\n<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<Error><Code>AccessDenied</Code><Message>Access Denied.</Message><Key>urn:oid:189 (truncated...)\n AccessDenied (client): Access Denied. - <?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<Error><Code>AccessDenied</Code><Message>Access Denied.</Message><Key>urn:oid:189</Key><BucketName>cloud</BucketName><Resource>/cloud/urn:oid:189</Resource><RequestId>XXXX</RequestId><HostId></HostId></Error>",

EDITED:

As told before, I have also tried removing region, putting path style as false or removing it and also putting autocreate to false instead of true.

The credentials are correct and I even generate new ones and tested other credentials over other S3-based apps.

The region doesn’t matter - in Storj DCS you have a global availability for the same price.
Could you please check these S3 credentials with AWS CLI?

Also, when you created an S3 credentials did you provide a limited acces to only one bucket?

Also, when you created an S3 credentials did you provide a limited acces to only one bucket?

Yes, I always do that for every bucket and works properly with other services.

I will try AWS Cli for these specific credentials in a bit.

Also please try to grant all permissions to these credentials, maybe it want something unusual (for example, if you specified a wrong name for the bucket and it wants to create it).

I granted all permissions but only for that bucket.

I also disabled auto create before and the error was the same. It is even trying to put a simple object given the error currently.

So I am sure the error is not that I should give permissions to everything.

Could you please just try to give it all permissions, maybe this is exactly what it wants?
Later you can provide a more strict credentials.

Finished using the application directly.

I hope it doesn’t get disabled suddenly. I will have to check if it supports newer Nextcloud releases before upgrading, but that is all I guess.