Hi all,
is it possibile to use V2 api signature versions for S3 compatible backup backend instead of V4?
That should be possible using a MINIO_SHARED_CREDENTIALS_FILE
. Set the environment variable or place the configuration at ~/.mc/config.json
. The configuration should then look similar to the following:
{
"version": "10",
"aliases": {
"s3": {
"url": "http://127.0.0.1:9000",
"accessKey": "accessKey",
"secretKey": "secretKey",
"api": "S3v2",
},
},
}
If you also set MINIO_ALIAS
, then you can use an alias different than s3
.
I’m using rpm on Centos 7 (restic-0.9.6-1.ns7.x86_64). Is your suggestion valid for this environment?
Thank you
I’m getting this:
[root@hosting ~]# restic -r s3:r1-it.storage.cloud.it/qgbackup init
Fatal: create repository at s3:r1-it.storage.cloud.it/qgbackup failed: client.BucketExists: Error response code AuthMethodNotRecognized.
Setted via:
export AWS_ACCESS_KEY_ID=<MY_ACCESS_KEY>
export AWS_SECRET_ACCESS_KEY=<MY_SECRET_ACCESS_KEY>
Using the AWS*
environment variables always uses auth version 4. I don’t see why my previous suggestion shouldn’t work.
Should I have to configure your suggested file and then relaunch restic -r command? Sorry but I’m new
Yes, please fill in the fields in the suggested config.json structure, set the MINIO_SHARED_CREDENTIALS_FILE
environment variable, make sure that the AWS_*
environment variables are not set. And then run restic again.
Can you give me an example of how to set MINIO_SHARED_CREDENTIALS_FILE variable?
export MINIO_SHARED_CREDENTIALS_FILE=path/to/config.json
?
[root@hosting .mc]# pwd
/root/.mc
[root@hosting .mc]# ls -l
total 4
-rw-r--r-- 1 root root 174 Dec 23 23:15 config.json
Then:
export MINIO_SHARED_CREDENTIALS_FILE=/root/.mc/config.json
Launch backup:
[root@hosting .mc]# restic -r s3:r1-it.storage.cloud.it/qgbackup init
enter password for new repository:
enter password again:
Fatal: create key in repository at s3:r1-it.storage.cloud.it/qgbackup failed: client.PutObject: Access Denied
Content of config.json:
[root@hosting .mc]# cat config.json
{
"version": "10",
"aliases": {
"s3": {
"url": "r1-it.storage.cloud.it",
"accessKey": "myaccesskey",
"secretKey": "mypassword",
"api": "S3v2",
},
},
}
What is wrong?
Ok, I understand what you suggested. But this is my problem.
I have bought a compatible-s3 space that seems to works only with v2 signature. It is possible in restic to use v2 signature also if it’s deprecated?
I tried with s3cmd and it works by forcing v2 signature, but I think it’s not possible to create restic repo with s3cmd; or not?
The error message is a different one now. I’d suggest you try whether you can create a bucket and files within our using generic S3 tools (like mc
) first to rule out any other problems such as ACL. Once that works you could continue with restic.
In addition I’d recommend to either convince cloud.it to support an up-to-date S3 interface or to switch to a different provider who does. There are plenty of choices out there so there is really no need to struggle with such problems.
I found a working configuration via rclone. I think I’ll use it. Thank you.