MinIO – Small MinIO Deployment with NGinx Reverse Proxy

minio logo

Deploying a small MinIO deployment with Nginx as a reverse proxy is a simple process that can be done in a few steps. This tutorial will guide you through the process of deploying MinIO with Nginx as a reverse proxy on a Linux system.

Step 1: Install and configure Nginx
The first step is to install and configure Nginx as a reverse proxy for MinIO. Install Nginx using your distribution’s package manager, and then create a configuration file for the reverse proxy.

# Install Nginx on Ubuntu/Debian
sudo apt update
sudo apt install nginx

# Create a configuration file for the reverse proxy
sudo vi /etc/nginx/sites-available/minio

# Add the following configuration to the file
server {
  listen 443 ssl http2;
  listen [::]:443 ssl http2;
  server_name s3.example.com;
  
  error_log /var/log/nginx/minio.log;
  access_log /var/log/nginx/minio.log;
  ssl_certificate /etc/ssl/certs/certificate.pem;
  ssl_certificate_key /etc/ssl/private/key.pem;
  ssl_session_timeout 1d;
  ssl_session_cache shared:MozSSL:10m;
  ssl_session_tickets off;
  ssl_protocols TLSv1.2 TLSv1.3;
  ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
  ssl_prefer_server_ciphers off;

  ignore_invalid_headers off;
  client_max_body_size 0;
  proxy_buffering off;

  location / {
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_set_header Host $http_host;

    proxy_connect_timeout 300;
    proxy_http_version 1.1;
    proxy_set_header Connection "";
    chunked_transfer_encoding off;

    proxy_pass http://localhost:9000;
  }
}

# Enable the site
sudo ln -s /etc/nginx/sites-available/minio /etc/nginx/sites-enabled/

# Restart Nginx
sudo systemctl restart nginx

Step 2: Install MinIO
Download and install MinIO on your system. You can download the latest version of MinIO from the official website. After downloading, create a new user and group for MinIO and set the necessary permissions for the installation directory.

# Download the latest version of MinIO
wget https://dl.min.io/server/minio/release/linux-amd64/minio

# Make the binary executable
chmod +x minio

# Move the binary to /usr/local/bin
sudo mv minio /usr/local/bin/

# Create a user and group for MinIO
sudo useradd -r minio-user -s /sbin/nologin
sudo groupadd minio-user
sudo usermod -a -G minio-user minio-user

# Create a directory for MinIO data
sudo mkdir -p /var/minio

# Set the necessary permissions for the MinIO directory
sudo chown -R minio-user:minio-user /var/minio/
sudo chmod -R 755 /var/minio/

Step 3: Configure MinIO
Next, create a configuration file for MinIO at /etc/default/minio. In the configuration file, set the MINIO_VOLUMES and MINIO_OPTS variables to specify the data directory and network address for MinIO, respectively.

# Create a configuration file for MinIO
sudo vi /etc/default/minio

# Add the following configuration to the file
MINIO_VOLUMES="/var/minio"
MINIO_OPTS="--address localhost:9000 --console-address localhost:9001"
MINIO_ROOT_USER=superuser
MINIO_ROOT_PASSWORD=superuserpassword

MINIO_CONFIG_ENV_FILE=/etc/default

Step 4: Create a systemd service file for MinIO

Open a new file at /etc/systemd/system/minio.service for editing:

sudo vi /etc/systemd/system/minio.service

Add the following contents to the file

[Unit]
Description=MinIO
Documentation=https://docs.min.io
Wants=network-online.target
After=network-online.target
AssertFileIsExecutable=/usr/local/bin/minio

[Service]
WorkingDirectory=/usr/local/

User=minio-user
Group=minio-user

EnvironmentFile=/etc/default/minio
ExecStart=/usr/local/bin/minio server $MINIO_OPTS $MINIO_VOLUMES

Restart=always
LimitNOFILE=1048576

TasksMax=infinity

TimeoutStopSec=infinity
SendSIGKILL=no

[Install]
WantedBy=multi-user.target

Reload the systemd configuration to load the new service

sudo systemctl daemon-reload

Start the MinIO service

sudo systemctl start minio

Check the status of the service to ensure it’s running correctly

sudo systemctl status minio

If everything is running correctly, you should see output similar to

● minio.service - MinIO
     Loaded: loaded (/etc/systemd/system/minio.service; enabled; vendor preset: enabled)
     Active: active (running) since Fri 2022-02-18 17:13:45 UTC; 3s ago
   Main PID: 12345 (minio)
      Tasks: 6 (limit: 2353)
     Memory: 13.2M
     CGroup: /system.slice/minio.service
             └─12345 /usr/local/bin/minio server --address localhost:9000 --console-address localhost:9001 /var/minio

Feb 18 17:13:45 hostname systemd[1]: Started MinIO.

In conclusion, deploying a small MinIO deployment with Nginx as a reverse proxy is a straightforward process that can be done in a few simple steps. With the proper installation and configuration of both MinIO and Nginx, you can easily access and manage your data through a secure web interface.

Leave a Reply

Your email address will not be published. Required fields are marked *