diff --git a/README.md b/README.md index 049e4ba..aae84bf 100644 --- a/README.md +++ b/README.md @@ -180,11 +180,11 @@ Shared services used across multiple applications. **Configuration:** Requires Pangolin endpoint URL, Newt ID, and Newt secret. -### versitygw/ (`komodo/common/versitygw/`) +### versitygw/ (`komodo/s3/versitygw/`) - **[Versity S3 Gateway](https://github.com/versity/versitygw)** (Port: 10000 by default) - S3-compatible API over a POSIX directory (named Docker volumes). Use as shared object storage for apps that expect S3; pair with clients using path-style URLs and your LAN hostname or reverse proxy. -**Configuration:** Requires `ROOT_ACCESS_KEY` and `ROOT_SECRET_KEY` for the bundled IAM directory mode. Optional `VERSITYGW_PORT` for the published host port. +**Configuration:** Set either `ROOT_ACCESS_KEY` / `ROOT_SECRET_KEY` or `ROOT_ACCESS_KEY_ID` / `ROOT_SECRET_ACCESS_KEY`. Optional `VERSITYGW_PORT`. The compose file uses pass-through env (not `${VAR}`) so secrets from the deploy environment (e.g. Komodo) are not blanked by interpolation; if the UI does not export vars to the compose process, use a `.env` beside `compose.yaml` with those names. --- diff --git a/komodo/s3/versitygw/.env.sample b/komodo/s3/versitygw/.env.sample index a0bceb4..ae26c5e 100644 --- a/komodo/s3/versitygw/.env.sample +++ b/komodo/s3/versitygw/.env.sample @@ -1,9 +1,15 @@ # Versity S3 Gateway — root credentials for the flat-file IAM backend. # Copy to `.env` and set strong values before `docker compose up -d`. # https://github.com/versity/versitygw/wiki/Quickstart +# +# Set either pair (same names as the Kubernetes Helm chart): +# ROOT_ACCESS_KEY + ROOT_SECRET_KEY +# ROOT_ACCESS_KEY_ID + ROOT_SECRET_ACCESS_KEY ROOT_ACCESS_KEY= ROOT_SECRET_KEY= +# ROOT_ACCESS_KEY_ID= +# ROOT_SECRET_ACCESS_KEY= # Host port mapped to the gateway (container listens on 10000). VERSITYGW_PORT=10000 diff --git a/komodo/s3/versitygw/compose.yaml b/komodo/s3/versitygw/compose.yaml index 1833ce4..ee087e4 100644 --- a/komodo/s3/versitygw/compose.yaml +++ b/komodo/s3/versitygw/compose.yaml @@ -6,8 +6,12 @@ services: container_name: versitygw restart: unless-stopped environment: - - ROOT_ACCESS_KEY=${ROOT_ACCESS_KEY} - - ROOT_SECRET_KEY=${ROOT_SECRET_KEY} + # Pass-through (no `${VAR}`): avoids empty interpolation when secrets are + # only in the deploy environment (e.g. Komodo) or not in `.env`. + - ROOT_ACCESS_KEY + - ROOT_SECRET_KEY + - ROOT_ACCESS_KEY_ID + - ROOT_SECRET_ACCESS_KEY # Matches Helm chart default; enables `/_/health` for probes. - VGW_HEALTH=/_/health ports: