93 lines
2.7 KiB
Bash
Executable File
93 lines
2.7 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
# Exit immediately if a command exits with a non-zero status.
|
|
set -e
|
|
|
|
# MinIO server should be running on port 45855
|
|
MINIO_PORT=45855
|
|
|
|
# Configure nginx to proxy requests to the MinIO server
|
|
sudo tee /etc/nginx/sites-available/minio.sa.vin.conf > /dev/null <<EOL
|
|
server {
|
|
listen 80;
|
|
server_name minio.sa.vin;
|
|
|
|
location / {
|
|
proxy_pass http://127.0.0.1:$MINIO_PORT;
|
|
proxy_set_header Host \$host;
|
|
proxy_set_header X-Real-IP \$remote_addr;
|
|
proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto \$scheme;
|
|
}
|
|
}
|
|
EOL
|
|
|
|
sudo tee /etc/nginx/sites-available/minio.sa.vin.conf > /dev/null <<EOL
|
|
upstream minio_s3 {
|
|
server 10.0.0.190:9000;
|
|
}
|
|
|
|
upstream minio_console {
|
|
server 10.0.0.190:$MINIO_PORT;
|
|
}
|
|
|
|
server {
|
|
server_name minio.sa.vin;
|
|
|
|
location / {
|
|
proxy_set_header Host $http_host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
|
|
proxy_connect_timeout 300;
|
|
# Default is HTTP/1, keepalive is only enabled in HTTP/1.1
|
|
proxy_http_version 1.1;
|
|
proxy_set_header Connection "";
|
|
chunked_transfer_encoding off;
|
|
|
|
proxy_pass http://minio_s3; # This uses the upstream directive definition to load balance
|
|
}
|
|
|
|
location /minio/ui/ {
|
|
rewrite ^/minio/ui/(.*) /$1 break;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
proxy_set_header X-NginX-Proxy true;
|
|
|
|
# This is necessary to pass the correct IP to be hashed
|
|
real_ip_header X-Real-IP;
|
|
|
|
proxy_connect_timeout 300;
|
|
|
|
# To support websockets in MinIO versions released after January 2023
|
|
proxy_http_version 1.1;
|
|
proxy_set_header Upgrade $http_upgrade;
|
|
proxy_set_header Connection "upgrade";
|
|
# Some environments may encounter CORS errors (Kubernetes + Nginx Ingress)
|
|
# Uncomment the following line to set the Origin request to an empty string
|
|
# proxy_set_header Origin '';
|
|
|
|
chunked_transfer_encoding off;
|
|
|
|
proxy_pass http://minio_console; # This uses the upstream directive definition to load balance
|
|
}
|
|
|
|
listen 80;
|
|
|
|
}
|
|
EOL
|
|
|
|
# Create a symbolic link to enable the site
|
|
sudo ln -s /etc/nginx/sites-available/minio.sa.vin.conf /etc/nginx/sites-enabled/
|
|
|
|
# Reload nginx to apply changes
|
|
sudo systemctl reload nginx
|
|
|
|
# Use certbot to add SSL certificate for the MinIO server
|
|
sudo certbot --nginx -d minio.sa.vin
|
|
|
|
echo "MinIO server has been set up successfully. Access the server at https://minio.sa.vin"
|