用minio搭建自己的s3

日常 | General
1

# mjj的机器又有一个作用了

# 原文链接

https://blog.0031400.xyz/p/linuxda-jian-minio

# 格式奇怪的原因

不知道怎么把halo的文章弄过来

# 正文

概述

s3是aws推出的文件存储协议,minio是兼容了s3的采用AGPL v3的开源实现。我们可以使用minio来搭建自己的s3存储。

下载minio

我们到minio的中文网站https://www.minio.org.cn下载linux版本https://www.minio.org.cn/download.shtml#/linux,貌似只能从国内下载,所以如果是国外的云服务器,可以通过本地下载,再使用sftp上传到服务器。

启动minio

官方的启动命令是MINIO_ROOT_USER=admin MINIO_ROOT_PASSWORD=password ./minio server /mnt/data --console-address ":9001" MINIO_ROOT_USER 这个环境变量是管理员账号,MINIO_ROOT_PASSWORD 是管理员密码,/mnt/data 是文件存储位置,--console-address ":9001" 是web面板的开放端口,可以使用"0.0.0.0:9001"或者"[::]:9001" 对外开放。

nohup启动命令:nohup env MINIO_ROOT_USER=admin MINIO_ROOT_PASSWORD=password ./minio server /mnt/data --console-address ":9001" MINIO_ROOT_USER &

提示

minio需要开放9000端口

nginx反向代理

以下是minio的官方配置

upstream minio_s3 {
least_conn;
server minio-01.internal-domain.com:9000;
server minio-02.internal-domain.com:9000;
server minio-03.internal-domain.com:9000;
server minio-04.internal-domain.com:9000;
}

upstream minio_console {
least_conn;
server minio-01.internal-domain.com:9001;
server minio-02.internal-domain.com:9001;
server minio-03.internal-domain.com:9001;
server minio-04.internal-domain.com:9001;
}

server {
listen 80;
listen [::]:80;
server_name minio.example.net;

# Allow special characters in headers

ignore_invalid_headers off;

# Allow any size file to be uploaded.

# Set to a value such as 1000m; to restrict file size to a specific value

client_max_body_size 0;

# Disable buffering

proxy_buffering off;
proxy_request_buffering off;

location / {
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;

proxy_connect_timeout 300;
# Default is HTTP/1, keepalive is only enabled in HTTP/1.1
proxy_http_version 1.1;
proxy_set_header Connection “”;
chunked_transfer_encoding off;

proxy_pass https://minio_s3; # This uses the upstream directive definition to load balance

}

location /minio/ui/ {
rewrite ^/minio/ui/(.*) /$1 break;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-NginX-Proxy true;

# This is necessary to pass the correct IP to be hashed
real_ip_header X-Real-IP;

proxy_connect_timeout 300;

# To support websockets in MinIO versions released after January 2023
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection “upgrade”;
# Some environments may encounter CORS errors (Kubernetes + Nginx Ingress)
# Uncomment the following line to set the Origin request to an empty string
# proxy_set_header Origin ‘’;

chunked_transfer_encoding off;

proxy_pass https://minio_console; # This uses the upstream directive definition to load balance

}
}

注意client_max_body_size要修改成一个非0值。

我写出我的配置,我只有一个后端,而且一般不会反向代理web面板。使用面板创建了令牌就不会对外开放了

server {
listen 443 ssl;
listen [::]:443 ssl;
ssl_certificate /etc/nginx/ssl/fullchain.pem;
ssl_certificate_key /etc/nginx/ssl/certkey.pem;
server_name minio.com;

# Allow special characters in headers
ignore_invalid_headers off;
# Allow any size file to be uploaded.
# Set to a value such as 1000m; to restrict file size to a specific value
client_max_body_size 1024m;
# Disable buffering
proxy_buffering off;
proxy_request_buffering off;

location / {
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;

proxy_connect_timeout 300;
# Default is HTTP/1, keepalive is only enabled in HTTP/1.1
proxy_http_version 1.1;
proxy_set_header Connection “”;
chunked_transfer_encoding off;

proxy_pass http://127.0.0.1:9000; # This uses the upstream directive definition to load balance
}

}