Final config that i reached to via trial/error because didn’t find solution anywhere else:
inside .env:
DO_SPACE_ACCESS_KEY=****
DO_SPACE_SECRET_KEY=****
DO_SPACE_ENDPOINT=nyc3.digitaloceanspaces.com // remove https and the space name from the DO origin endpoint
DO_SPACE_BUCKET=**** // DO space name
DO_SPACE_DIRECTORY=**** // directory name from root without slash or trailing slash. This can also be skipped entirely from here as well as plugin config, if everything needs to be stored in root
DO_SPACE_CDN=**** // DO CDN endpoint without https or trailing slash, just the domain
config/plugins.js:
module.exports = ({ env }) => ({
upload: {
config: {
provider: 'strapi-provider-upload-do',
providerOptions: {
key: env('DO_SPACE_ACCESS_KEY'),
secret: env('DO_SPACE_SECRET_KEY'),
endpoint: env('DO_SPACE_ENDPOINT'),
space: env('DO_SPACE_BUCKET'),
directory: env('DO_SPACE_DIRECTORY'),
cdn: env('DO_SPACE_CDN'),
},
},
},
});
config/middleware.js:
module.exports = ({ env }) => [
'strapi::errors',
'strapi::security',
'strapi::cors',
'strapi::poweredBy',
'strapi::logger',
'strapi::query',
'strapi::body',
'strapi::session',
'strapi::favicon',
'strapi::public',
{
name: 'strapi::security',
config: {
contentSecurityPolicy: {
useDefaults: true,
directives: {
'connect-src': ["'self'", 'https:'],
'img-src': [
"'self'",
'blob:',
'data:',
`${env('DO_SPACE_BUCKET')}.${env('DO_SPACE_ENDPOINT')}`,
`${env('DO_SPACE_CDN')}`,
],
'media-src': [
"'self'",
'blob:',
'data:',
`${env('DO_SPACE_BUCKET')}.${env('DO_SPACE_ENDPOINT')}`,
`${env('DO_SPACE_CDN')}`,
],
upgradeInsecureRequests: null,
},
},
},
},
];