You would need to not use a custom domain or do the auth yourself in a worker or some other means be

UUnsmart You would need to not use a custom domain or do the auth yourself in a worker or...

!

!! Wilian M.•11/30/24, 1:00 AM

but is it possible to use my custom domain?

!!! Wilian M.but is it possible to use my custom domain?

U

UnsmartOP•11/30/24, 1:00 AM

that was this part of my message

UUnsmart that was this part of my message

!

!! Wilian M.•11/30/24, 1:02 AM

kind of complicated, s3 is simpler and easier, but I'll read more

U

UnsmartOP•11/30/24, 1:03 AM

I just use the r2 url no reason to make a custom domain for things that are locked behind auth

UUnsmart I just use the r2 url no reason to make a custom domain for things that are lock...

!

!! Wilian M.•11/30/24, 1:04 AM

but isn't the r2 url just for development?

!!! Wilian M.but isn't the r2 url just for development?

H

Hello, I’m Allie!•11/30/24, 1:04 AM

No?

!

!! Wilian M.•11/30/24, 2:45 PM

I managed to make it work, but I wanted to use a custom domain, but if I add the domain, everything becomes public

T

tripheo2410•12/1/24, 10:59 AM

Hi, my R2 always return SSL handshake error? Do you know how to debug?

openssl s_client -connect c2cb23ce609ba91a6a649d90f7ca72b3.r2.cloudflarestorage.com:443
Connecting to 162.159.140.238
CONNECTED(00000006)
008CC1F101000000:error:0A000410:SSL routines:ssl3_read_bytes:ssl/tls alert handshake failure:ssl/record/rec_layer_s3.c:908:SSL alert number 40
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 7 bytes and written 368 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Protocol: TLSv1.3
This TLS version forbids renegotiation.
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---

openssl s_client -connect c2cb23ce609ba91a6a649d90f7ca72b3.r2.cloudflarestorage.com:443
Connecting to 162.159.140.238
CONNECTED(00000006)
008CC1F101000000:error:0A000410:SSL routines:ssl3_read_bytes:ssl/tls alert handshake failure:ssl/record/rec_layer_s3.c:908:SSL alert number 40
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 7 bytes and written 368 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Protocol: TLSv1.3
This TLS version forbids renegotiation.
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---

openssl s_client -connect c2cb23ce609ba91a6a649d90f7ca72b3.r2.cloudflarestorage.com:443
Connecting to 162.159.140.238
CONNECTED(00000006)
008CC1F101000000:error:0A000410:SSL routines:ssl3_read_bytes:ssl/tls alert handshake failure:ssl/record/rec_layer_s3.c:908:SSL alert number 40
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 7 bytes and written 368 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Protocol: TLSv1.3
This TLS version forbids renegotiation.
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---

openssl s_client -connect c2cb23ce609ba91a6a649d90f7ca72b3.r2.cloudflarestorage.com:443
Connecting to 162.159.140.238
CONNECTED(00000006)
008CC1F101000000:error:0A000410:SSL routines:ssl3_read_bytes:ssl/tls alert handshake failure:ssl/record/rec_layer_s3.c:908:SSL alert number 40
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 7 bytes and written 368 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Protocol: TLSv1.3
This TLS version forbids renegotiation.
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---

S

SuperHelpflare•12/1/24, 11:57 AM

To contact Cloudflare Support about an issue, please visit the Support Portal and fill in the form on the portal. After submission, you will receive confirmation over email.

Some issues, such as Account or Billing related issues, cannot be solved by the community.
Any plan level (including Free plans) can open tickets for Account, Billing or Registrar ticket categories. Make sure to select the correct category to ensure it goes to the right place.
For more information on the methods by which you can contact Support for your plan level, see Contacting Cloudflare Support - Cloudflare Docs

K

KWAC•12/1/24, 11:58 AM

I'm using nuxt 3 with r2, it generates url like this for example

https://${accountId}.r2.cloudflarestorage.com/${bucketName}/${encodedFileName}?uid=${encodeURIComponent(accountId)}&exp=${Math.round(expiration.getTime() / 1000)}&signature=${signature}

https://${accountId}.r2.cloudflarestorage.com/${bucketName}/${encodedFileName}?uid=${encodeURIComponent(accountId)}&exp=${Math.round(expiration.getTime() / 1000)}&signature=${signature}

https://${accountId}.r2.cloudflarestorage.com/${bucketName}/${encodedFileName}?uid=${encodeURIComponent(accountId)}&exp=${Math.round(expiration.getTime() / 1000)}&signature=${signature}

https://${accountId}.r2.cloudflarestorage.com/${bucketName}/${encodedFileName}?uid=${encodeURIComponent(accountId)}&exp=${Math.round(expiration.getTime() / 1000)}&signature=${signature}

;

but in console im getting this error

Access to fetch at 'https://343836b9a1933af53d195c2d778a27d0.r2.cloudflarestorage.com/project1/email_verify_hero.json?uid=343836b9a1933af53d195c2d778a27d0&exp=1733057758&signature=dd245094b0d73d23f0c513f342e52e32b1bec065763d72bd11335408804e16d8' from origin 'http://localhost.com:3000' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
upload.vue:62 
 PUT https://343836b9a1933af53d195c2d778a27d0.r2.cloudflarestorage.com/project1/email_verify_hero.json?uid=343836b9a1933af53d195c2d778a27d0&exp=1733057758&signature=dd245094b0d73d23f0c513f342e52e32b1bec065763d72bd11335408804e16d8 net::ERR_FAILED 400 (Bad Request)
handleFileUpload @ upload.vue:62
await in handleFileUpload
callWithErrorHandling @ runtime-core.esm-bundler.js:193
callWithAsyncErrorHandling @ runtime-core.esm-bundler.js:201
invoker @ runtime-dom.esm-bundler.js:671Understand this errorAI
upload.vue:69 TypeError: Failed to fetch
    at handleFileUpload (upload.vue:62:13)

Access to fetch at 'https://343836b9a1933af53d195c2d778a27d0.r2.cloudflarestorage.com/project1/email_verify_hero.json?uid=343836b9a1933af53d195c2d778a27d0&exp=1733057758&signature=dd245094b0d73d23f0c513f342e52e32b1bec065763d72bd11335408804e16d8' from origin 'http://localhost.com:3000' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
upload.vue:62 
 PUT https://343836b9a1933af53d195c2d778a27d0.r2.cloudflarestorage.com/project1/email_verify_hero.json?uid=343836b9a1933af53d195c2d778a27d0&exp=1733057758&signature=dd245094b0d73d23f0c513f342e52e32b1bec065763d72bd11335408804e16d8 net::ERR_FAILED 400 (Bad Request)
handleFileUpload @ upload.vue:62
await in handleFileUpload
callWithErrorHandling @ runtime-core.esm-bundler.js:193
callWithAsyncErrorHandling @ runtime-core.esm-bundler.js:201
invoker @ runtime-dom.esm-bundler.js:671Understand this errorAI
upload.vue:69 TypeError: Failed to fetch
    at handleFileUpload (upload.vue:62:13)

Access to fetch at 'https://343836b9a1933af53d195c2d778a27d0.r2.cloudflarestorage.com/project1/email_verify_hero.json?uid=343836b9a1933af53d195c2d778a27d0&exp=1733057758&signature=dd245094b0d73d23f0c513f342e52e32b1bec065763d72bd11335408804e16d8' from origin 'http://localhost.com:3000' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
upload.vue:62 
 PUT https://343836b9a1933af53d195c2d778a27d0.r2.cloudflarestorage.com/project1/email_verify_hero.json?uid=343836b9a1933af53d195c2d778a27d0&exp=1733057758&signature=dd245094b0d73d23f0c513f342e52e32b1bec065763d72bd11335408804e16d8 net::ERR_FAILED 400 (Bad Request)
handleFileUpload @ upload.vue:62
await in handleFileUpload
callWithErrorHandling @ runtime-core.esm-bundler.js:193
callWithAsyncErrorHandling @ runtime-core.esm-bundler.js:201
invoker @ runtime-dom.esm-bundler.js:671Understand this errorAI
upload.vue:69 TypeError: Failed to fetch
    at handleFileUpload (upload.vue:62:13)

Access to fetch at 'https://343836b9a1933af53d195c2d778a27d0.r2.cloudflarestorage.com/project1/email_verify_hero.json?uid=343836b9a1933af53d195c2d778a27d0&exp=1733057758&signature=dd245094b0d73d23f0c513f342e52e32b1bec065763d72bd11335408804e16d8' from origin 'http://localhost.com:3000' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
upload.vue:62 
 PUT https://343836b9a1933af53d195c2d778a27d0.r2.cloudflarestorage.com/project1/email_verify_hero.json?uid=343836b9a1933af53d195c2d778a27d0&exp=1733057758&signature=dd245094b0d73d23f0c513f342e52e32b1bec065763d72bd11335408804e16d8 net::ERR_FAILED 400 (Bad Request)
handleFileUpload @ upload.vue:62
await in handleFileUpload
callWithErrorHandling @ runtime-core.esm-bundler.js:193
callWithAsyncErrorHandling @ runtime-core.esm-bundler.js:201
invoker @ runtime-dom.esm-bundler.js:671Understand this errorAI
upload.vue:69 TypeError: Failed to fetch
    at handleFileUpload (upload.vue:62:13)

C

Chip•12/1/24, 6:29 PM

I have a quick question, in R2's pricing, it states that egress is free, but does that mean it's entirely free to host the resource and have it load, or does the initial GET request to fetch the resource still fall under a Class B operation, even if the egress is free?

C

Chip•12/1/24, 6:32 PM

Alright good to know, just wanted to make sure before I made any commitment

C

Chip•12/1/24, 6:32 PM

Yeah I figured that

C

Chip•12/1/24, 6:32 PM

Good to know, I'll definitely consider R2 though because it's got a pretty good free tier

C

Chip•12/1/24, 6:34 PM

Yeah, I'd be getting some fair bandwidth so I wouldn't need to use infrequent access

K

Kavatch•12/1/24, 6:48 PM

This might be a really dumb questions but when I want to publish assets I have in R2 to thousands of users how would I best do this? Because the best case would of course be to distribute them via cloudflares CDN as this makes access times short and doesn't result in extra R2 costs, but how would I do something like this? I can't seem to find any option for this

K

Kavatch•12/1/24, 6:55 PM

And then the caching is done automagically?

K

Kavatch•12/1/24, 6:57 PM

Ah okay but how would / could it hurt things?

K

Kavatch•12/1/24, 6:59 PM

I see the streaming won't matter for me (yet) and all files should be below 500mb so that should be fine
Thank you so much!

!

!! Wilian M.•12/1/24, 7:14 PM

Where can I send suggestions to Cloudflare? R2 needs to be made easier

!

!! Wilian M.•12/1/24, 7:15 PM

There should be a simple option when inserting a custom domain and it should not be public, just replace the endpoint

!

!! Wilian M.•12/1/24, 7:15 PM

instead of having to create an 'access application'

!

!! Wilian M.•12/1/24, 7:19 PM

Currently you generate a 'signed URL' and return the endpoint URL etc, but the domain of R2 itself, I wanted to use my domain, but for me to use my domain I saw that I need to create an access application etc.

Original message was deleted

!

!! Wilian M.•12/1/24, 7:20 PM

I prefer to use the endpoint domain which already has everything working, expires, etc.

!

!! Wilian M.•12/1/24, 7:20 PM

but I still think there should be an option to add my own domain and make it work in 1 click

!

!! Wilian M.•12/1/24, 7:21 PM

and also the 'visibility' option does not exist, it would be much easier too

Original message was deleted

!

!! Wilian M.•12/1/24, 7:21 PM

I know, it's access control etc.

Original message was deleted

!

!! Wilian M.•12/1/24, 7:23 PM

I created an 'app access' and there I have several options for how and who can access the bucket files

Original message was deleted

!

!! Wilian M.•12/1/24, 7:23 PM

Do you have any article?

Original message was deleted

!

!! Wilian M.•12/1/24, 7:25 PM

I just want expiration control for my files, and if I try to access them directly there is no way, is that it?

Original message was deleted

!

!! Wilian M.•12/1/24, 7:39 PM

but I still don't understand about the own domain

C

Chirag•12/2/24, 8:14 AM

We spent hours yesterday moving 200k+ files from our local account to cloudflare and then tried using rclone mount to mount the system. It failed after 10 mins and it was essecially useless for us.

This is the error we got. Is there a limit on R2 that we should be aware of when using with rclone mount?

2024/12/01 10:33:52 ERROR : /: Dir.Stat error: operation error S3: ListObjects, https response error StatusCode: 403, RequestID: , HostID: , api error AccessDenied: Access Denied
2024/12/01 10:33:52 ERROR : IO error: operation error S3: ListObjects, https response error StatusCode: 403, RequestID: , HostID: , api error AccessDenied: Access Denied
2024/12/01 10:33:57 ERROR : /: Dir.Stat error: operation error S3: ListObjects, https response error StatusCode: 403, RequestID: , HostID: , api error AccessDenied: Access Denied

2024/12/01 10:33:52 ERROR : /: Dir.Stat error: operation error S3: ListObjects, https response error StatusCode: 403, RequestID: , HostID: , api error AccessDenied: Access Denied
2024/12/01 10:33:52 ERROR : IO error: operation error S3: ListObjects, https response error StatusCode: 403, RequestID: , HostID: , api error AccessDenied: Access Denied
2024/12/01 10:33:57 ERROR : /: Dir.Stat error: operation error S3: ListObjects, https response error StatusCode: 403, RequestID: , HostID: , api error AccessDenied: Access Denied

2024/12/01 10:33:52 ERROR : /: Dir.Stat error: operation error S3: ListObjects, https response error StatusCode: 403, RequestID: , HostID: , api error AccessDenied: Access Denied
2024/12/01 10:33:52 ERROR : IO error: operation error S3: ListObjects, https response error StatusCode: 403, RequestID: , HostID: , api error AccessDenied: Access Denied
2024/12/01 10:33:57 ERROR : /: Dir.Stat error: operation error S3: ListObjects, https response error StatusCode: 403, RequestID: , HostID: , api error AccessDenied: Access Denied

2024/12/01 10:33:52 ERROR : /: Dir.Stat error: operation error S3: ListObjects, https response error StatusCode: 403, RequestID: , HostID: , api error AccessDenied: Access Denied
2024/12/01 10:33:52 ERROR : IO error: operation error S3: ListObjects, https response error StatusCode: 403, RequestID: , HostID: , api error AccessDenied: Access Denied
2024/12/01 10:33:57 ERROR : /: Dir.Stat error: operation error S3: ListObjects, https response error StatusCode: 403, RequestID: , HostID: , api error AccessDenied: Access Denied

C

Chirag•12/2/24, 8:19 AM

@Space we were using it as mount system and we tried doing listobjects

M

maurus•12/2/24, 10:27 AM

Does

*.r2.cloudflarestorage.com

*.r2.cloudflarestorage.com

*.r2.cloudflarestorage.com

*.r2.cloudflarestorage.com really only support HTTP1? There's no HTTP2 or QUIC support on those domains? (I'm getting a Chrome

net::ERR_H2_OR_QUIC_REQUIRED

net::ERR_H2_OR_QUIC_REQUIRED

net::ERR_H2_OR_QUIC_REQUIRED

net::ERR_H2_OR_QUIC_REQUIRED error when trying to do a

fetch

fetch

upload with

duplex: "half"

duplex: "half"

duplex: "half"

duplex: "half")

M

madelaney•12/2/24, 4:54 PM

Is there any documentation that says what IAM rules/roles are needed to enable sippy on a r2 bucket (https://developers.cloudflare.com/api-next/resources/r2/subresources/buckets/subresources/sippy/) ?

Cloudflare API | R2 › Buckets › Sippy

Interact with Cloudflare's products and services via the Cloudflare API

Mmadelaney Is there any documentation that says what IAM rules/roles are needed to enable s...

H

harshil1712•12/2/24, 5:00 PM

You can find it here: https://developers.cloudflare.com/r2/data-migration/sippy/#amazon-s3

Cloudflare Docs

Sippy · Cloudflare R2 docs

Sippy is a data migration service that allows you to copy data from other cloud providers to R2 as the data is requested, without paying unnecessary cloud egress fees typically associated with moving large amounts of data.

M

madelaney•12/2/24, 5:03 PM

Thanks @harshil1712 . What about on the CloudFlare side? I have a valid API token (I verified via

curl https://api.cloudflare.com/client/v4/user/tokens/verify

curl https://api.cloudflare.com/client/v4/user/tokens/verify

curl https://api.cloudflare.com/client/v4/user/tokens/verify

curl https://api.cloudflare.com/client/v4/user/tokens/verify), but when I try to call

https://api.cloudflare.com/client/v4/accounts/<id>/r2/buckets/<bucket name>/sippy

https://api.cloudflare.com/client/v4/accounts/<id>/r2/buckets/<bucket name>/sippy

https://api.cloudflare.com/client/v4/accounts/<id>/r2/buckets/<bucket name>/sippy

https://api.cloudflare.com/client/v4/accounts/<id>/r2/buckets/<bucket name>/sippy, I'm getting an authetnication error.

M

madelaney•12/2/24, 5:05 PM

I am resource scoping the api token to

com.cloudflare.edge.r2.bucket.<account id>_<jurisdiction>_<bucket name>

com.cloudflare.edge.r2.bucket.<account id>_<jurisdiction>_<bucket name>

com.cloudflare.edge.r2.bucket.<account id>_<jurisdiction>_<bucket name>

com.cloudflare.edge.r2.bucket.<account id>_<jurisdiction>_<bucket name>; maybe that syntax is incorrect?

D

dedboi•12/2/24, 6:24 PM

Hi! can we list a public bucket path that's not root on r2 using a s3 client with

--no-sign-request

--no-sign-request

--no-sign-request

--no-sign-request ?

D

dedboi•12/2/24, 6:26 PM

Yep

Original message was deleted

D

dedboi•12/2/24, 6:28 PM

Damn, for real? The docs only mention the root path as a path we can't list :/

Original message was deleted

D

dedboi•12/2/24, 6:28 PM

Oh okay, thanks!

D

dedboi•12/2/24, 6:29 PM

Yeah would be great

D

dedboi•12/2/24, 6:29 PM

S3 with list-objects-v2

D

dedboi•12/2/24, 6:31 PM

Yeah, this could work

D

dedboi•12/2/24, 6:32 PM

Through a worker or (authenticated?) api call ?

D

dedboi•12/2/24, 6:33 PM

Perfect, thank you!

D

dedboi•12/2/24, 6:34 PM

For sure, thanks!

D

DCsan•12/2/24, 6:35 PM

understand this is the place for R2 support

https://community.cloudflare.com/t/cannot-find-r2-bucket-items-added-via-the-dashboard/742928

I uploaded an image via the dashboard to an R2 bucket.
but the image cannot be found when using the API.
other objects added via API display fine, so I know it’s not a problem with the bucket.
are items added via the dashboard somehow not available via the API?

What are the steps to reproduce the issue?
image is available here:

https://dash.cloudflare.com/ed5926d2699189886ec701e9e567d729/r2/default/buckets/wishes/objects/eclipse.jpg/details

async function getObjectOrDefault(env: any, objId: string) {
  let object = await env.WISHES_BUCKET.get(objId as string);
  if (object === null) {
    console.error('Object Not Found', objId);

async function getObjectOrDefault(env: any, objId: string) {
  let object = await env.WISHES_BUCKET.get(objId as string);
  if (object === null) {
    console.error('Object Not Found', objId);

async function getObjectOrDefault(env: any, objId: string) {
  let object = await env.WISHES_BUCKET.get(objId as string);
  if (object === null) {
    console.error('Object Not Found', objId);

async function getObjectOrDefault(env: any, objId: string) {
  let object = await env.WISHES_BUCKET.get(objId as string);
  if (object === null) {
    console.error('Object Not Found', objId);

Original message was deleted

D

dedboi•12/2/24, 6:40 PM

Will list-objects call be possible in the future though?

You would need to not use a custom domain or do the auth yourself in a worker or some other means be

Similar Threads

Similar Threads

Similar Threads