Cloudflare R2 Configuration

[ben-krieger]

There needs to be better docs for getting Cloudflare R2 configured for image uploads. I don't have immediate time to create a high quality issue or PR, so I'm posting what I learned here first.

Env vars needed:

• ACTIVE_STORAGE_SERVICE=s3 (this selects s3 over local storage)
• S3_BUCKET=BUCKET_NAME
• S3_REGION=auto (not strictly needed, as Cloudflare treats us-east-1 as auto)
• S3_ACCESS_KEY_ID + S3_SECRET_ACCESS_KEY (credentials as you'd expect)
• S3_CHECKSUM_CALCULATION=when_required (found this documented somewhere)
• S3_CHECKSUM_VALIDATION=when_required (same as above)
• S3_FORCE_PATH_STYLE=true (this puts the bucket name in the path instead of the subdomain)
• S3_ENDPOINT=https://ACCOUNT_ID.r2.cloudflarestorage.com (no bucket name in path here)
• CSP_CONNECT_SRC=https://ACCOUNT_ID.r2.cloudflarestorage.com (this took me a while to figure out)

Then in Cloudflare, you need to configure CORS as:

[
  {
    "AllowedOrigins": [
      "https://example.com"
    ],
    "AllowedMethods": [
      "GET",
      "PUT"
    ],
    "AllowedHeaders": [
      "Content-Type",
      "Content-Disposition",
      "Content-MD5"
    ]
  }
]

Those headers are important.

[grahamom]

Didn't think about that. Thanks @ben-krieger

[jeremy]

Check out the SaaS storage config for a similar setup: https://github.com/basecamp/fizzy/blob/main/saas/config/storage.yml

That shows MinIO and Pure Storage FlashBlade config, but nearly all S3-compatible providers will look very similar, if not identical.