dirien
June 14, 2021, 5:45am
1
Hi everybody,
we stumbled over a strange issue.
Our setting:
Discourse: 2.8.0.beta2
S3: Minio
CDN: Myra
The S3 is configured:
root@assets-prod-app01:~# sudo -u minio mc admin policy info minio readwrite-discourse
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:ListBucketMultipartUploads",
"s3:GetBucketLocation",
"s3:ListBucket"
],
"Resource": [
"arn:aws:s3:::discourse"
]
},
{
"Effect": "Allow",
"Action": [
"s3:*"
],
"Resource": [
"arn:aws:s3:::discourse/*"
]
}
]
}
But we get all the time, when we edit following error message
In the logs files we get
Aws::S3::Errors::NotImplemented (A header you provided implies functionality that is not implemented)
lib/file_store/s3_store.rb:279:in `update_ACL'
lib/file_store/s3_store.rb:209:in `update_upload_ACL'
...
Is there a setting we did not consider, or is Minio not compatible with discourse?
Any hint would be nice, as we get a little bit pressure from our users
Thanks in advance
dirien
June 22, 2021, 4:24am
2
Is this setting so uncommon?
I would appriciate some direction on what to look at in more detail or what to change? @Falco At the moment we are quite stuck…
Falco
June 22, 2021, 4:55pm
3
Did you enable the site setting secure_uploads? That won’t work with MinIO at all .
Falco
June 22, 2021, 9:01pm
5
Is the S3 setup configured as the documentation at Using Object Storage for Uploads (S3 & Clones) ?
dirien
June 23, 2021, 4:44am
6
Yepp, really letter for letter
dirien
July 1, 2021, 5:03am
7
Sorry to bother, but could you spot anything?
dirien
July 8, 2021, 5:32am
8
Hi, do you have any ideas? Sorry to bother…
Hey,
Today I upgraded to 2.8.0.beta2, same error:
just select secure_media, minio work again.
Falco
July 8, 2021, 3:50pm
10
@pmusaraj / @martin looks like a regression caused by
https://github.com/discourse/discourse/pull/13110
which didn’t take into account the same stuff that was fixed by
https://github.com/discourse/discourse/commit/5c5d8a307a816afcda4b97eecf49b836fc9ecb01
So the post_creator does:
and models/post:
tags_added: added_tags,
tags_removed: removed_tags,
},
)
end
def self.tags_changed_raw(added:, removed:)
if removed.present? && added.present?
I18n.t(
"topic_tag_changed.added_and_removed",
added: tag_list_to_raw(added),
removed: tag_list_to_raw(removed),
)
elsif added.present?
I18n.t("topic_tag_changed.added", added: tag_list_to_raw(added))
elsif removed.present?
I18n.t("topic_tag_changed.removed", removed: tag_list_to_raw(removed))
end
end
def self.tag_list_to_raw(tag_list)
1 Like
martin
July 9, 2021, 12:18am
12
There has already been a fix for this that was done for performance reasons but should also fix your problem:
https://github.com/discourse/discourse/commit/d1b2e9db3bcb7693094511edc415a953dc8a9116
Though I will make a fix to the job so that it exits early if secure media is disabled.
Actually, I cannot do the above because we want post uploads to be marked not secure if secure media is disabled or if the post has been moved to a different category. Instead I will add a fix to capture the Aws::S3::Errors::NotImplemented error when we run Discourse.store.update_upload_ACL(self). That way clients that do not support the private ACLs should have no problem.
Edit: I merged this fix today, hopefully it will help FIX: Handle storage providers not implementing ACLs by martin-brennan · Pull Request #13675 · discourse/discourse · GitHub . I think we are cutting a new beta next week as well.
3 Likes
Falco
July 12, 2021, 11:00am
13
This topic was automatically closed after 3 days. New replies are no longer allowed.
