docker部署minio +nginx代理
1.拉取镜像
2.启动镜像
docker run -itd --restart=always --name minio-tmp -p 9000:9000 -p 9001:9001 \
-v /data/minio:/data -e MINIO_ROOT_USER=minioadmin -e MINIO_ROOT_PASSWORD=minioadmin \
minio/minio:RELEASE.2023-01-02T09-40-09Z server /data --console-address ":9001"
3.查看日志是否启动成功
API: http://172.17.0.3:9000 http://127.0.0.1:9000 #minio的接口地址
RootUser: minioadmin
RootPass: minioadmin
Console: http://172.17.0.3:9001 http://127.0.0.1:9001 #minio的管理后台地址
RootUser: minioadmin
RootPass: minioadmin
4访问地址
5.配置minio+nginx代理
upstream minio_s3 {
least_conn;
server 10.0.0.136:9017;
}
upstream minio_console {
least_conn;
server 10.0.0.136:9018;
}
server {
listen 8501 ssl;
server_name minio-test.sjdit.com;
# SSL 证书配置
ssl_certificate /etc/nginx/cert/_.sjdit.com.crt;
ssl_certificate_key /etc/nginx/cert/_.sjdit.com.key;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers HIGH:!aNULL:!MD5;
#proxy_redirect off;
#proxy_ssl_verify off;
proxy_buffering off;
proxy_request_buffering off;
#location /s3 {
# proxy_pass http://minio_s3/;
# proxy_set_header Host $http_host;
# proxy_set_header X-Real-IP $remote_addr;
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# proxy_set_header X-Forwarded-Proto $scheme;
# add_header 'Access-Control-Allow-Origin' '*';
# add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS';
# add_header 'Access-Control-Allow-Headers' 'Authorization, Content-Type, Accept';
# if ($request_method = OPTIONS) {
# return 204;
# }
#}
location / {
client_max_body_size 1G;
proxy_pass http://minio_s3/;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-NginX-Proxy true;
# This is necessary to pass the correct IP to be hashed
real_ip_header X-Real-IP;
# To support websockets in MinIO versions released after January 2023
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
chunked_transfer_encoding off;
proxy_hide_header Access-Control-Allow-Origin;
proxy_hide_header Access-Control-Allow-Methods;
proxy_hide_header Access-Control-Allow-Headers;
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'Authorization, Content-Type, Accept';
}
}
server {
listen 8501 ssl;
server_name minio-console-test.sjdit.com;
# SSL 证书配置
ssl_certificate /etc/nginx/cert/_.sjdit.com.crt;
ssl_certificate_key /etc/nginx/cert/_.sjdit.com.key;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers HIGH:!aNULL:!MD5;
#ignore_invalid_headers off;
#client_max_body_size 0;
proxy_buffering off; #关闭响应缓存
#proxy_request_buffering off;
proxy_redirect off; 关闭请求缓存
proxy_ssl_verify off;
location / {
client_max_body_size 1G;
proxy_pass http://minio_console;
proxy_set_header Host $http_host; #MinIO 签名 / 预签名 URL 必须
proxy_set_header X-Real-IP $remote_addr; #
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-NginX-Proxy true;
# This is necessary to pass the correct IP to be hashed
real_ip_header X-Real-IP;
# To support websockets in MinIO versions released after January 2023
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
#chunked_transfer_encoding off;
#CORS 处理隐藏 MinIO 原有 CORS 防止重复 / 冲突
proxy_hide_header Access-Control-Allow-Origin;
proxy_hide_header Access-Control-Allow-Methods;
proxy_hide_header Access-Control-Allow-Headers;
#Nginx 强制返回 CORS 允许前端跨域访问
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'Authorization, Content-Type, Accept';
}
}
6.创建桶
7.配置桶的参数
8.创建ak和sk
9.创建好之后点击账号,配置账号和桶的权限
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:GetBucketLocation",
"s3:GetObject",
"s3:ListBucket",
"s3:PutObject",
"s3:CreateBucket",
"s3:DeleteObject",
"s3:GetBucketPolicy",
"s3:List*",
"s3:Put*",
"s3:PutBucketPolicy"
],
"Resource": [
"arn:aws:s3:::sg-prod/*",
"arn:aws:s3:::sg-prod"
]
}
]
}
10.后端yml文件
11.数据库配置
浙公网安备 33010602011771号