1668批发官网网站关键词优化公司哪家好
【Minio】Docker部署Minio + 使用nginx配置https访问
- 前言
- 1. 申请ssl证书
- 2. 部署Minio
- 3. 配置Nginx
- 4. 问题记录
前言
通过nginx反向代理,将https请求转发到内部Minio服务端口,内部的Minio还是使用http
Docker安装可参考:Docker实战
1. 申请ssl证书
如果是使用阿里云的话,可以搜索数字证书管理服务,个人免费版90天有效期。
申请好后下载Nginx证书,并上传到自己的服务器/etc/nginx/ssl/minio目录下。
2. 部署Minio
# 定义compose语义版本
version: '3.8'
# 定义服务
services:minio:image: minio/minio:latestcontainer_name: miniorestart: unless-stoppedcommand: server /data --console-address ":9001" -address ":9000"environment:TZ: Asia/ShanghaiLANG: en_US.UTF-8MINIO_SERVER_URL: https://minio.xxxx.com # Minio APIMINIO_BROWSER_REDIRECT_URL: https://minio.xxxx.com/web # Minio Web控制台MINIO_ROOT_USER: minioadmin # Root用户名MINIO_ROOT_PASSWORD: xxxxxx # Root用户密码volumes:- "/usr/local/docker/minio/data:/data"- "/usr/local/docker/minio/config:/root/.minio"ports:- "9000:9000"- "9001:9001"
3. 配置Nginx
在/etc/nginx/conf.d下新增配置文件minio.conf,配置如下:
server {listen 443 ssl;server_name minio.xxxx.com;ssl_certificate /etc/nginx/ssl/minio/minio.xxxx.com.pem;ssl_certificate_key /etc/nginx/ssl/minio/minio.xxxx.com.key;ssl_session_timeout 5m;ssl_protocols TLSv1 TLSv1.1 TLSv1.2;ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;ssl_prefer_server_ciphers on;location / {client_max_body_size 500m;proxy_connect_timeout 300;proxy_send_timeout 300;proxy_read_timeout 300;proxy_set_header Host $http_host;proxy_set_header X-Real-IP $remote_addr;proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;proxy_set_header X-Forwarded-Host $http_host;proxy_set_header X-Forwarded-Port $server_port;proxy_set_header X-Forwarded-Proto $scheme;proxy_buffering off;proxy_pass http://localhost:9000;}location /web/ {proxy_set_header Host $http_host;proxy_set_header X-Real-IP $remote_addr;proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;proxy_set_header X-Forwarded-Host $http_host;proxy_set_header X-Forwarded-Port $server_port;proxy_set_header X-Forwarded-Proto $scheme;proxy_set_header Upgrade $http_upgrade;proxy_set_header Connection "upgrade";proxy_buffering off;proxy_pass http://localhost:9001/;}}#http forced jump https http强制跳转https配置
server{listen 80;server_name minio.xxxx.com;rewrite ^(.*)$ https://minio.xxxx.com;location ~ / {index index.html index.php index.htm;}
}
配置好后,记得执行:nginx -s realod
4. 问题记录
问题1: web控制台中无法查看bucket里面的内容
打开浏览器 F12 控制台发现有很多WebSocket connection to ...的报错信息如下图:
解决方案:Nginx配置中增加以下内容:
