Difference between revisions of "Minio"

From Free Knowledge Free Technology Wiki
Jump to: navigation, search
(Install Minio server)
(Install Minio with self signed certs)
Line 23: Line 23:
 
     /etc/init.d/supervisor restart
 
     /etc/init.d/supervisor restart
  
==Install Minio with self signed certs==
+
==Install Minio for one client and include self signed certs==
    /opt/minio/minio --config-dir /opt/minio/config/tenant server --address :9001 /data/tenant
+
  
     cd /opt/minio/config/tenant/certs
+
We don't want to share the same keys between different tenants(clients). We don't want one tenant to have access to another tenant's data. So we run a different minio server for each tenant.
 +
 
 +
 
 +
    /opt/minio/minio --config-dir /opt/minio/config/tenant_1 server --address :9001 /data/tenant_1
 +
 
 +
     cd /opt/minio/config/tenant_1/certs
 
     openssl genrsa -out private.key 2048
 
     openssl genrsa -out private.key 2048
 
     openssl req -new -x509 -days 3650 -key private.key -out public.crt -subj "/C=US/ST=state/L=location/O=organization/CN=domain"
 
     openssl req -new -x509 -days 3650 -key private.key -out public.crt -subj "/C=US/ST=state/L=location/O=organization/CN=domain"
 
  
 
==Install Minio server using nginx and letsencrypt cert.==
 
==Install Minio server using nginx and letsencrypt cert.==

Revision as of 21:54, 19 September 2017

Install Minio server

Create minio user

   adduser --disabled-login --shell /usr/sbin/nologin --home /opt/minio minio

Install minio

   cd /opt/minio
   wget https://dl.minio.io/server/minio/release/linux-amd64/minio
   chmod +x minio
   mkdir /opt/minio/config
   mkdir /opt/minio/data
   chown -R minio /opt/minio

Start minio at boot with supervisor

   apt-get install supervisor

Config /etc/supervisor/conf.d/minio.conf

   command = /opt/minio/minio server -C "/opt/minio/config/" "/opt/minio/data/"
   directory = /opt/minio/
   autorestart = True
   user = minio
   /etc/init.d/supervisor restart

Install Minio for one client and include self signed certs

We don't want to share the same keys between different tenants(clients). We don't want one tenant to have access to another tenant's data. So we run a different minio server for each tenant.


   /opt/minio/minio --config-dir /opt/minio/config/tenant_1 server --address :9001 /data/tenant_1
   cd /opt/minio/config/tenant_1/certs
   openssl genrsa -out private.key 2048
   openssl req -new -x509 -days 3650 -key private.key -out public.crt -subj "/C=US/ST=state/L=location/O=organization/CN=domain"

Install Minio server using nginx and letsencrypt cert.

Configurar nginx

   server {
        listen             80;
        server_name        min.my-domain.com;
        return             301 https://$server_name$request_uri;
   }
   server {
       listen              443 ssl;
       server_name         min.my-domain.com;
   
           ssl_certificate      /etc/letsencrypt/live/min.my-domain.com/fullchain.pem;
           ssl_certificate_key  /etc/letsencrypt/live/min.my-domain.com/privkey.pem;
   
           location / {
               client_max_body_size        1000m;
               client_body_buffer_size     1000m;
               proxy_pass             http://localhost:9000/;
               proxy_set_header       Host $host;
           }
           access_log /var/log/nginx/minio.access.log;
           error_log /var/log/nginx/minio.error.log notice;
   }

Find you access keys here

   /opt/minio/config/config.json

Create Bucket and prefix (read/write) at https://min.my-domain.com