{"id":25642094,"url":"https://github.com/trieb-work/strapi-provider-cloudflare-r2","last_synced_at":"2025-10-11T05:17:49.577Z","repository":{"id":143648254,"uuid":"615263981","full_name":"trieb-work/strapi-provider-cloudflare-r2","owner":"trieb-work","description":"Official strapi provider to use the Cloudflare R2 object storage","archived":false,"fork":false,"pushed_at":"2024-06-11T00:01:48.000Z","size":196,"stargazers_count":24,"open_issues_count":6,"forks_count":10,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-10-11T05:17:47.711Z","etag":null,"topics":["cloudflare","cloudflare-r2","s3","strapi"],"latest_commit_sha":null,"homepage":"https://market.strapi.io/providers/strapi-provider-cloudflare-r2","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/trieb-work.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2023-03-17T10:02:13.000Z","updated_at":"2025-09-03T06:33:45.000Z","dependencies_parsed_at":null,"dependency_job_id":"0a8886a3-b4d8-4b55-8be5-557a70944b41","html_url":"https://github.com/trieb-work/strapi-provider-cloudflare-r2","commit_stats":null,"previous_names":[],"tags_count":9,"template":false,"template_full_name":null,"purl":"pkg:github/trieb-work/strapi-provider-cloudflare-r2","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/trieb-work%2Fstrapi-provider-cloudflare-r2","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/trieb-work%2Fstrapi-provider-cloudflare-r2/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/trieb-work%2Fstrapi-provider-cloudflare-r2/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/trieb-work%2Fstrapi-provider-cloudflare-r2/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/trieb-work","download_url":"https://codeload.github.com/trieb-work/strapi-provider-cloudflare-r2/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/trieb-work%2Fstrapi-provider-cloudflare-r2/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":279006351,"owners_count":26084084,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-11T02:00:06.511Z","response_time":55,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cloudflare","cloudflare-r2","s3","strapi"],"created_at":"2025-02-23T05:18:38.665Z","updated_at":"2025-10-11T05:17:49.562Z","avatar_url":"https://github.com/trieb-work.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"[![npm version](https://badge.fury.io/js/strapi-provider-cloudflare-r2.svg)](https://badge.fury.io/js/strapi-provider-cloudflare-r2)\n\n# strapi-provider-cloudflare-r2\n\n## Installation\n\n```bash\n# using yarn\nyarn add strapi-provider-cloudflare-r2\n\n# using npm\nnpm install strapi-provider-cloudflare-r2 --save\n\n# using pnpm\npnpm add strapi-provider-cloudflare-r2\n```\n\n## Configuration\n\n- `provider` defines the name of the provider\n- `providerOptions` is passed down during the construction of the provider. (ex: `new AWS.S3(config)`). [Complete list of options](https://docs.aws.amazon.com/AWSJavaScriptSDK/latest/AWS/S3.html#constructor-property)\n- `actionOptions` is passed directly to the parameters to each method respectively. You can find the complete list of [upload/ uploadStream options](https://docs.aws.amazon.com/AWSJavaScriptSDK/latest/AWS/S3.html#upload-property) and [delete options](https://docs.aws.amazon.com/AWSJavaScriptSDK/latest/AWS/S3.html#deleteObject-property)\n\nSee the [documentation about using a provider](https://docs.strapi.io/developer-docs/latest/plugins/upload.html#using-a-provider) for information on installing and using a provider. To understand how environment variables are used in Strapi, please refer to the [documentation about environment variables](https://docs.strapi.io/developer-docs/latest/setup-deployment-guides/configurations/optional/environment.html#environment-variables).\n\n### Provider Configuration\n\n`./config/plugins.js` or `./config/plugins.ts` for TypeScript projects:\n\n```js\nmodule.exports = ({ env }) =\u003e ({\n  // ...\n  upload: {\n    config: {\n      provider: \"strapi-provider-cloudflare-r2\",\n      providerOptions: {\n        accessKeyId: env(\"CF_ACCESS_KEY_ID\"),\n        secretAccessKey: env(\"CF_ACCESS_SECRET\"),\n        /**\n         * `https://\u003cACCOUNT_ID\u003e.r2.cloudflarestorage.com`\n         */\n        endpoint: env(\"CF_ENDPOINT\"),\n        params: {\n          Bucket: env(\"CF_BUCKET\"),\n        },\n        /**\n         * Set this Option to store the CDN URL of your files and not the R2 endpoint URL in your DB.\n         * Can be used in Cloudflare R2 with Domain-Access or Public URL: https://pub-\u003cYOUR_PULIC_BUCKET_ID\u003e.r2.dev\n         * This option is required to upload files larger than 5MB, and is highly recommended to be set.\n         * Check the cloudflare docs for the setup: https://developers.cloudflare.com/r2/data-access/public-buckets/#enable-public-access-for-your-bucket\n         */\n        cloudflarePublicAccessUrl: env(\"CF_PUBLIC_ACCESS_URL\"),\n        /**\n         * Sets if all assets should be uploaded in the root dir regardless the strapi folder.\n         * It is useful because strapi sets folder names with numbers, not by user's input folder name\n         * By default it is false\n         */\n        pool: false,\n      },\n      actionOptions: {\n        upload: {},\n        uploadStream: {},\n        delete: {},\n      },\n    },\n  },\n  // ...\n});\n```\n\n**Where to find the configuration options**  \nYou can find all needed values in the Cloudflare dashboard unter `R2`. All your buckets, your account ID and the access keys can be found there.\n\n- endpoint: `https://\u003cACCOUNT_ID\u003e.r2.cloudflarestorage.com`\n- accessKeyId: You need to click on `Manage R2 API Tokens` to create a new token.\n- secretAccessKey: You need to click on `Manage R2 API Tokens` to create a new token.\n\n### Security Middleware Configuration\n\nDue to the default settings in the Strapi Security Middleware you will need to modify the `contentSecurityPolicy` settings to properly display thumbnail previews in the Media Library. You should replace the `strapi::security` string with the object below **instead as explained in the [middleware configuration](https://docs.strapi.io/developer-docs/latest/setup-deployment-guides/configurations/required/middlewares.html#loading-order) documentation**.\n\n`./config/middlewares.js`\n\n```js\nmodule.exports = ({ env }) =\u003e [\n  // ...\n  {\n    name: \"strapi::security\",\n    config: {\n      contentSecurityPolicy: {\n        useDefaults: true,\n        directives: {\n          \"connect-src\": [\"'self'\", \"https:\"],\n          \"img-src\": [\n            \"'self'\",\n            \"data:\",\n            \"blob:\",\n            \"market-assets.strapi.io\",\n            env(\"CF_PUBLIC_ACCESS_URL\") ? env(\"CF_PUBLIC_ACCESS_URL\").replace(/^https?:\\/\\//, \"\") : \"\",\n          ],\n          \"media-src\": [\n            \"'self'\",\n            \"data:\",\n            \"blob:\",\n            \"market-assets.strapi.io\",\n            env(\"CF_PUBLIC_ACCESS_URL\") ? env(\"CF_PUBLIC_ACCESS_URL\").replace(/^https?:\\/\\//, \"\") : \"\",\n          ],\n          upgradeInsecureRequests: null,\n        },\n      },\n    },\n  },\n  // ...\n];\n```\n\n### `aws-sdk` configuration and `AWS_...` env variables\n\nAs the Clouflare R2 spec follows the AWS S3 spec we make use of `aws-sdk` package to communicate with Cloudflare R2. Because of this dependency all `AWS_...` env variables used to configure the `aws-sdk` are still beeing pulled in by this dependency. If you do not want to configure any special functionality of the `aws-sdk` then make sure to remove all `AWS_...` env variables in you deployment.\n\n## Bucket CORS Configuration\n\nDo not forget to configure your R2 Endpoint CORS settings as described here: https://developers.cloudflare.com/r2/buckets/cors/\n\nThe simplest configuration is to allow GET from all origins:\n\n```json\n[\n  {\n    \"AllowedOrigins\": [\"*\"],\n    \"AllowedMethods\": [\"GET\"]\n  }\n]\n```\n\nMore safe would be to only allow it from your Strapi deployment Origins (**better for production**):\n\n```json\n[\n  {\n    \"AllowedOrigins\": [\"YOUR STRAPI URL\"],\n    \"AllowedMethods\": [\"GET\"]\n  }\n]\n```\n\n\n## Sponsors\n\n[Strapi Plugin developed and maintained by trieb.work cloud consulting](https://trieb.work/)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftrieb-work%2Fstrapi-provider-cloudflare-r2","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ftrieb-work%2Fstrapi-provider-cloudflare-r2","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftrieb-work%2Fstrapi-provider-cloudflare-r2/lists"}