console
console copied to clipboard
After setting environment variable "MINIO_SERVER_URL", some interface errors occur.
Expected Behavior
The interface does not report errors and can preview and download files normally.
Current Behavior
After setting environment variable "MINIO_SERVER_URL",
interface:/api/v1/buckets/kuku/objects/metadata?prefix=NDUyNzg4MTAuanBn
,
responed:
interface: /api/v1/buckets/kuku/objects/download?prefix=NDUyNzg4MTAuanBn&version_id=null
responed code : 403 ,no information in the response body
Possible Solution
i don't know
Steps to Reproduce (for bugs)
- setting environment variable "MINIO_SERVER_URL"
- Create a bucket and upload the file, then view the file
- Found it impossible to download images and preview images
- Unable to download files and preview files
Context
I can't download and preview the file
Your Environment
- Version used (
minio --version
): minio version RELEASE.2022-06-17T02-00-35Z - Server setup and configuration:
export MINIO_ROOT_USER="xx"
export MINIO_ROOT_PASSWORD="xx"
export MINIO_BROWSER_REDIRECT_URL="https://xx.com"
export MINIO_SERVER_URL="https://minio.xx.com"
./minio server /data/wwwroot/minio.xx.com/data --console-address ":9001"
- Operating System and version (
uname -a
): Linux v2202111150657169024 5.10.0-9-amd64 minio/minio#1 SMP Debian 5.10.70-1 (2021-09-30) x86_64 GNU/Linux
export MINIO_SERVER_URL="https://minio.xx.com"
You might need to add ':9000'
My domain name is a reverse proxy of nginx, set up in accordance with the documentation
Did you try 'mc' with your load balancer address ? is it doing what you are trying to do with Console UI ?
I only runmc alias set myminio
, I don't understand the other commands of mc
@kukume what is the user used to login?
export MINIO_ROOT_USER="xx" export MINIO_ROOT_PASSWORD="xx" export MINIO_BROWSER_REDIRECT_URL="https://xx.com" export MINIO_SERVER_URL="https://minio.xx.com" ./minio server /data/wwwroot/minio.xx.com/data --console-address ":9001"
Please share your nginx config.
login withexport MINIO_ROOT_USER
nginx config:
server {
listen 80;
listen [::]:80;
listen 443 ssl http2;
listen [::]:443 ssl http2;
ssl_certificate /usr/local/nginx/conf/ssl/minio.xx.me.crt;
ssl_certificate_key /usr/local/nginx/conf/ssl/minio.xx.me.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
ssl_ciphers TLS13-AES-256-GCM-SHA384:TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES-128-GCM-SHA256:TLS13-AES-128-CCM-8-SHA256:TLS13-AES-128-CCM-SHA256:EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
ssl_prefer_server_ciphers on;
ssl_session_timeout 10m;
ssl_session_cache builtin:1000 shared:SSL:10m;
ssl_buffer_size 1400;
add_header Strict-Transport-Security max-age=15768000;
ssl_stapling on;
ssl_stapling_verify on;
server_name minio.xx.me;
access_log off;
index index.html index.htm index.php;
root /data/wwwroot/minio.xx.me;
if ($ssl_protocol = "") { return 301 https://$host$request_uri; }
ignore_invalid_headers off;
client_max_body_size 1000m;
proxy_buffering off;
include /usr/local/nginx/conf/rewrite/minio.conf;
#error_page 404 /404.html;
#error_page 502 /502.html;
location ~ [^/]\.php(/|$) {
#fastcgi_pass remote_php_ip:9000;
fastcgi_pass unix:/dev/shm/php-cgi.sock;
fastcgi_index index.php;
include fastcgi.conf;
}
location /.well-known {
allow all;
}
}
/usr/local/nginx/conf/rewrite/minio.conf
:
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $http_host;
proxy_connect_timeout 300;
# Default is HTTP/1, keepalive is only enabled in HTTP/1.1
proxy_http_version 1.1;
proxy_set_header Connection "";
chunked_transfer_encoding off;
proxy_pass http://localhost:9000; # If you are using docker-compose this would be the hostname i.e. minio
# Health Check endpoint might go here. See https://www.nginx.com/resources/wiki/modules/healthcheck/
# /minio/health/live;
}
I have the exact same issue, if I don't set the env var MINIO_SERVER_URL, preview & download are working, but sharing url is showing the local ip of the container. If I set MINIO_SERVER_URL to the correct url with port, sharing is working perfectly but preview/download are not working anymore
Hi!
We've tried to reproduce the issue using the following NGINX configuration:
events { worker_connections 1024; }
http {
server {
listen 80;
server_name minio.localhost;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $http_host;
proxy_connect_timeout 300;
# Default is HTTP/1, keepalive is only enabled in HTTP/1.1
proxy_http_version 1.1;
proxy_set_header Connection "";
chunked_transfer_encoding off;
proxy_pass http://localhost:9000; # If you are using docker-compose this would be the hostname i.e. minio
# Health Check endpoint might go here. See https://www.nginx.com/resources/wiki/modules/healthcheck/
# /minio/health/live;
}
client_max_body_size 0;
}
server {
listen 80;
server_name console.localhost;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $http_host;
proxy_connect_timeout 300;
# Default is HTTP/1, keepalive is only enabled in HTTP/1.1
proxy_http_version 1.1;
proxy_set_header Connection "";
chunked_transfer_encoding off;
proxy_pass http://localhost:9001; # If you are using docker-compose this would be the hostname i.e. minio
# Health Check endpoint might go here. See https://www.nginx.com/resources/wiki/modules/healthcheck/
# /minio/health/live;
}
client_max_body_size 0;
}
}
and browsing into the objects list as well as preview / download the files was possible.
I see in your NGINX configuration that you are not setting a directive to access console. The root cause could be related to this as both directives are required.
The following command was used to start MinIO: MINIO_ROOT_USER=minio MINIO_ROOT_PASSWORD=minio123 MINIO_BROWSER_REDIRECT_URL=http://console.localhost MINIO_SERVER_URL=http://minio.localhost minio server ~/dat2{1...4} --console-address ":9001"
Could you please help us to verify your configuration with these steps and see if it solves your problem?
Thank you.
My nginx config: minio:
server {
listen 443 ssl http2 ; #listen end
server_name minio.localhost; #server_name end
index index.html index.htm index.php; #index end
location / {
default_type text/html;
subs_filter_types text/css text/xml; #subs_filtert end
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Referer $http_referer; #header_referer end
proxy_set_header Host $host; #header_host end
proxy_pass http://localhost:9000; #proxy_pass end
proxy_set_header Accept-Encoding "";
proxy_set_header X-Forwarded-Proto $scheme;
proxy_connect_timeout 300;
proxy_http_version 1.1;
proxy_set_header Connection "";
chunked_transfer_encoding off;
}
client_max_body_size 0;
access_log off; #access_log end
error_log /dev/null; #error_log end
}
console:
server {
listen 443 ssl http2 ; #listen end
server_name console.minio.localhost; #server_name end
location / {
default_type text/html;
subs_filter_types text/css text/xml; #subs_filtert end
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Referer $http_referer; #header_referer end
proxy_set_header Host $host; #header_host end
proxy_pass http://localhost:9001; #proxy_pass end
proxy_set_header Accept-Encoding "";
proxy_set_header X-Forwarded-Proto $scheme;
proxy_connect_timeout 300;
proxy_http_version 1.1;
proxy_set_header Connection "";
chunked_transfer_encoding off;
}
client_max_body_size 0;
}
start MinIO:
MINIO_ROOT_USER=minio MINIO_ROOT_PASSWORD=minio123 MINIO_BROWSER_REDIRECT_URL=https://console.minio.localhost MINIO_SERVER_URL=https://minio.localhost minio server ./data --console-address ":9001"
Still can't download and preview
My nginx config: minio:
server { listen 443 ssl http2 ; #listen end server_name minio.localhost; #server_name end index index.html index.htm index.php; #index end location / { default_type text/html; subs_filter_types text/css text/xml; #subs_filtert end proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Referer $http_referer; #header_referer end proxy_set_header Host $host; #header_host end proxy_pass http://localhost:9000; #proxy_pass end proxy_set_header Accept-Encoding ""; proxy_set_header X-Forwarded-Proto $scheme; proxy_connect_timeout 300; proxy_http_version 1.1; proxy_set_header Connection ""; chunked_transfer_encoding off; } client_max_body_size 0; access_log off; #access_log end error_log /dev/null; #error_log end }
console:
server { listen 443 ssl http2 ; #listen end server_name console.minio.localhost; #server_name end location / { default_type text/html; subs_filter_types text/css text/xml; #subs_filtert end proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Referer $http_referer; #header_referer end proxy_set_header Host $host; #header_host end proxy_pass http://localhost:9001; #proxy_pass end proxy_set_header Accept-Encoding ""; proxy_set_header X-Forwarded-Proto $scheme; proxy_connect_timeout 300; proxy_http_version 1.1; proxy_set_header Connection ""; chunked_transfer_encoding off; } client_max_body_size 0; }
start MinIO:
MINIO_ROOT_USER=minio MINIO_ROOT_PASSWORD=minio123 MINIO_BROWSER_REDIRECT_URL=https://console.minio.localhost MINIO_SERVER_URL=https://minio.localhost minio server ./data --console-address ":9001"
Still can't download and preview
Hi!
Could you please try using the latest version of MinIO? We tested using RELEASE.2022-07-04T21-02-54Z
. Thank you!
I use the latest version of the docker image,
The login page shows Latest Version: minio/minio:RELEASE.2022-07-15T03-44-22Z
Still can't download and preview
Hi @kukume!
We applied some changes in https://github.com/minio/console/pull/2286 that may solve the issue you are seeing. Can you please confirm with the latest version of MinIO / Console if the issue is still present?
Thank you.
I used the latest image of docker and the problem still exists, this is my docker-compose.yml
version: "3.7"
services:
minio:
container_name: minio
image: minio/minio
ports:
- "9000:9000"
- "9001:9001"
command: server /data --console-address ":9001"
volumes:
- ./data:/data
environment:
MINIO_BROWSER_REDIRECT_URL: https://console.minio.xx.com
MINIO_SERVER_URL: https://minio.xx.com
MINIO_ROOT_USER: xxxx
MINIO_ROOT_PASSWORD: xxxxxxxx
@kukume Try RELEASE.2022-09-25T15-44-53Z
seems it fixed
I use this version, the yaml is :
version: "3.7"
services:
minio:
container_name: minio
image: minio/minio:RELEASE.2022-09-25T15-44-53Z
ports:
- "9000:9000"
- "9001:9001"
command: server /data --console-address ":9001"
volumes:
- ./data:/data
environment:
MINIO_BROWSER_REDIRECT_URL: https://console.minio.xxx.me
MINIO_SERVER_URL: https://minio.xxx.me
MINIO_ROOT_USER: xxxxx
MINIO_ROOT_PASSWORD: xxxx
logs:
docker-compose logs
Attaching to minio
minio | MinIO Object Storage Server
minio | Copyright: 2015-2022 MinIO, Inc.
minio | License: GNU AGPLv3 <https://www.gnu.org/licenses/agpl-3.0.html>
minio | Version: RELEASE.2022-09-25T15-44-53Z (go1.18.6 linux/amd64)
minio |
minio | Status: 1 Online, 0 Offline.
minio | API: https://minio.xxxx.me
minio | Console: https://console.minio.xxxx.me
minio |
minio | Documentation: https://docs.min.io
Still have this problem
Because I changed the nginx tool, the new nginx configuration file
server
{
listen 443 ssl http2;
#listen [::]:443 ssl http2;
server_name minio.xxxx.me ;
index index.html index.htm index.php default.html default.htm default.php;
root /home/wwwroot/minio.xxxx.me;
ssl_certificate /usr/local/nginx/conf/ssl/minio.xxxx.me/fullchain.cer;
ssl_certificate_key /usr/local/nginx/conf/ssl/minio.xxxx.me/minio.xxxx.me.key;
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
ssl_ciphers "TLS13-AES-256-GCM-SHA384:TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES-128-GCM-SHA256:TLS13-AES-128-CCM-8-SHA256:TLS13-AES-128-CCM-SHA256:EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5";
ssl_session_cache builtin:1000 shared:SSL:10m;
# openssl dhparam -out /usr/local/nginx/conf/ssl/dhparam.pem 2048
ssl_dhparam /usr/local/nginx/conf/ssl/dhparam.pem;
include rewrite/minio.conf;
#error_page 404 /404.html;
# Deny access to PHP files in specific directory
#location ~ /(wp-content|uploads|wp-includes|images)/.*\.php$ { deny all; }
include enable-php.conf;
#location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
#{
# expires 30d;
#}
#location ~ .*\.(js|css)?$
#{
# expires 12h;
#}
location ~ /.well-known {
allow all;
}
location ~ /\.
{
deny all;
}
access_log off;
}
and rewrite/minio.conf:
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Referer $http_referer; #header_referer end
proxy_set_header Host $host; #header_host end
proxy_pass http://localhost:9000; #proxy_pass end
proxy_set_header Accept-Encoding "";
proxy_set_header X-Forwarded-Proto $scheme;
proxy_connect_timeout 300;
proxy_http_version 1.1;
proxy_set_header Connection "";
chunked_transfer_encoding off;
}
I have the similar issue. I setup MinIO on K8s. If I don't set the environment variable MINIO_SERVER_URL, sharing url is showing the local IP (http://127.0.0.1:9000), download working for every file types. If I set MINIO_SERVER_URL, sharing is working but download is not working except for downloading text file (JSON, LOG file). My container image is: quay.io/minio/minio:RELEASE.2022-10-24T18-35-07Z. Edit: I try updating to latest image: RELEASE.2022-11-10T18-20-21Z. Still cannot download and preview.
Not to beat a dead horse, but Im also having the exact same problem on k8s behind a traefik ingress with the console and the server running under two different sub domains. s3.xxx.com and minio.xxx.com. Without setting the server MINIO_SERVER_URL image previews and downloads work, but share url is wrong, with MINIO_SERVER_URL set, share url is right and the console is showing
I finally got this working with Cloudflare and Nginx Proxy Manager
docker run --detach --restart=on-failure \
-p 9000 \
--name minio \
-p 9001 \
-e "MINIO_ROOT_USER=username" \
-e "MINIO_ROOT_PASSWORD=password" \
-e "MINIO_SERVER_URL=https://mini.domain.com" \
-v /data/minio:/data \
--network nginx-proxy-manager_default \ #your network may vary
quay.io/minio/minio server /data --console-address ":9001"
Set 2 domains.
- console.domain.com to port 9001
- mini.domain.com to port 9000
Visit console.domain.com to login. Share urls will point to mini.domain.com
This is fixed in the latest release of MinIO
I am using the latest version of MinIO, set 2 domains on cloudflare (minio.mydomain.com for console and s3.mydomain.com for server)
My environment:
MINIO_ROOT_USER=******
MINIO_ROOT_PASSWORD=******
MINIO_BROWSER_REDIRECT_URL="https://minio.mydomain.com"
MINIO_SERVER_URL="https://s3.mydomain.com"
/etc/nginx/sites-available/minio:
server {
listen 80;
listen [::]:80;
server_name minio.mydomain.com;
location / {
proxy_pass http://localhost:9001;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
/etc/nginx/sites-available/s3
server {
listen 80;
listen [::]:80;
server_name s3.mydomain.com;
location / {
proxy_pass http://localhost:9000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
Result: share link works correctly, but download and preview does not. When I remove MINIO_SERVER_URL variable, I got the opposite (download and preview works, but share link points to localhost and does not work)
After many research, I figured out that Cloudflare CDN proxy does not work with non HTML content (like files stored on bucket) on a free plan. I disabled the cloudflare proxy for s3.mydomain.com and everything works fine.
This problem still exists
minio version RELEASE.2024-01-18T22-51-28Z (commit-id=19387cafab76133c2e7642de4aac8c81b9f4f8c7) Runtime: go1.21.6 linux/amd64 License: GNU AGPLv3 https://www.gnu.org/licenses/agpl-3.0.html Copyright: 2015-2024 MinIO, Inc.