yay it works!
Thanks for your help, after changing the customrule again and restarting the mender-api-gateway i now do get a 200response! The “nginx 404” was actually Google Cloud Storage’s internal nginx responding to unauthenticated requests, not a separate nginx server. For future reference, the working yaml:
# Mender Helm Chart Values Template
# This file is used by the combined Terraform configuration
global:
url: https://${actual_domain}
storage: aws
s3:
AWS_URI: "https://storage.googleapis.com"
AWS_BUCKET: ${storage_bucket}
AWS_REGION: ${region} # ignored with GCS
AWS_FORCE_PATH_STYLE: "true"
AWS_ACCESS_KEY_ID: ${hmac_access_key}
AWS_SECRET_ACCESS_KEY: ${hmac_secret_key}
ingress:
enabled: true
ingressClassName: "traefik"
path: /
annotations:
cert-manager.io/cluster-issuer: "letsencrypt-${ssl_environment}"
traefik.ingress.kubernetes.io/redirect-to-https: "true"
hosts:
- ${actual_domain}
tls:
- secretName: mender-tls
hosts:
- ${actual_domain}
api_gateway:
storage_proxy:
enabled: true
url: "https://storage.googleapis.com"
customRule: 'PathRegexp(`^/${storage_bucket}`)'