Difference between revisions of "Minio"
From Free Knowledge Free Technology Wiki
(→Install Minio with self signed certs) |
(→Install Minio for one client and include self signed certs) |
||
| Line 26: | Line 26: | ||
We don't want to share the same keys between different tenants(clients). We don't want one tenant to have access to another tenant's data. So we run a different minio server for each tenant. | We don't want to share the same keys between different tenants(clients). We don't want one tenant to have access to another tenant's data. So we run a different minio server for each tenant. | ||
| − | |||
/opt/minio/minio --config-dir /opt/minio/config/tenant_1 server --address :9001 /data/tenant_1 | /opt/minio/minio --config-dir /opt/minio/config/tenant_1 server --address :9001 /data/tenant_1 | ||
| Line 33: | Line 32: | ||
openssl genrsa -out private.key 2048 | openssl genrsa -out private.key 2048 | ||
openssl req -new -x509 -days 3650 -key private.key -out public.crt -subj "/C=US/ST=state/L=location/O=organization/CN=domain" | openssl req -new -x509 -days 3650 -key private.key -out public.crt -subj "/C=US/ST=state/L=location/O=organization/CN=domain" | ||
| + | |||
| + | ===Start a minio server for tenant_1=== | ||
| + | |||
| + | apt-get install supervisor | ||
| + | |||
| + | Config /etc/supervisor/conf.d/minio_tenant_1.conf | ||
| + | /opt/minio/minio --config-dir /opt/minio/config/tenant_1 server --address :9001 /data/tenant_1 | ||
| + | directory = /opt/minio/ | ||
| + | autorestart = True | ||
| + | user = minio | ||
| + | |||
| + | /etc/init.d/supervisor restart | ||
==Install Minio server using nginx and letsencrypt cert.== | ==Install Minio server using nginx and letsencrypt cert.== | ||
Revision as of 21:56, 19 September 2017
Contents
Install Minio server
Create minio user
adduser --disabled-login --shell /usr/sbin/nologin --home /opt/minio minio
Install minio
cd /opt/minio wget https://dl.minio.io/server/minio/release/linux-amd64/minio chmod +x minio mkdir /opt/minio/config mkdir /opt/minio/data chown -R minio /opt/minio
Start minio at boot with supervisor
apt-get install supervisor
Config /etc/supervisor/conf.d/minio.conf
command = /opt/minio/minio server -C "/opt/minio/config/" "/opt/minio/data/" directory = /opt/minio/ autorestart = True user = minio
/etc/init.d/supervisor restart
Install Minio for one client and include self signed certs
We don't want to share the same keys between different tenants(clients). We don't want one tenant to have access to another tenant's data. So we run a different minio server for each tenant.
/opt/minio/minio --config-dir /opt/minio/config/tenant_1 server --address :9001 /data/tenant_1
cd /opt/minio/config/tenant_1/certs openssl genrsa -out private.key 2048 openssl req -new -x509 -days 3650 -key private.key -out public.crt -subj "/C=US/ST=state/L=location/O=organization/CN=domain"
Start a minio server for tenant_1
apt-get install supervisor
Config /etc/supervisor/conf.d/minio_tenant_1.conf
/opt/minio/minio --config-dir /opt/minio/config/tenant_1 server --address :9001 /data/tenant_1 directory = /opt/minio/ autorestart = True user = minio
/etc/init.d/supervisor restart
Install Minio server using nginx and letsencrypt cert.
Configurar nginx
server {
listen 80;
server_name min.my-domain.com;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
server_name min.my-domain.com;
ssl_certificate /etc/letsencrypt/live/min.my-domain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/min.my-domain.com/privkey.pem;
location / {
client_max_body_size 1000m;
client_body_buffer_size 1000m;
proxy_pass http://localhost:9000/;
proxy_set_header Host $host;
}
access_log /var/log/nginx/minio.access.log;
error_log /var/log/nginx/minio.error.log notice;
}
Find you access keys here
/opt/minio/config/config.json
Create Bucket and prefix (read/write) at https://min.my-domain.com
