minio nginx http/https配置代理 超详细线上完整版
minio nginx http/https配置代理 超详细线上完整版,也解决跨域问题
·
server {
# Minio API
listen 80;
listen 443 ssl http2 ;
server_name images.x.com;
#SSL-START SSL相关配置,请勿删除或修改下一行带注释的404规则
#SSL-END
# Allow special characters in headers
ignore_invalid_headers off;
# Allow any size file to be uploaded.
# Set to a value such as 1000m; to restrict file size to a specific value
client_max_body_size 0;
# Disable buffering
proxy_buffering off;
proxy_request_buffering off;
location / {
# 设置允许跨域的域,* 表示允许任何域,也可以设置特定的域
# add_header 'Access-Control-Allow-Origin' '*';
# 允许的方法
add_header 'Access-Control-Allow-Methods' 'GET,POST,OPTIONS,HEAD,PUT';
# 允许的头信息字段
add_header 'Access-Control-Allow-Headers' 'client_id, Authorization, Access-Control-Allow-Headers, Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers';
add_header 'Access-Control-Allow-Credentials' 'true';
# 缓存时间
add_header 'Access-Control-Max-Age' 1728000;
# 预检请求的处理
if ($request_method = 'OPTIONS') {
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Methods' 'GET,POST,OPTIONS,HEAD,PUT';
add_header 'Access-Control-Allow-Headers' 'client_id, Authorization, Access-Control-Allow-Headers, Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers';
add_header 'Access-Control-Max-Age' 1728000;
add_header 'Content-Type' 'text/plain charset=UTF-8';
add_header 'Content-Length' 0;
add_header 'Access-Control-Allow-Credentials' 'true';
return 204;
}
proxy_pass http://172.17.0.4:9000;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_connect_timeout 300;
# Default is HTTP/1, keepalive is only enabled in HTTP/1.1
proxy_http_version 1.1;
proxy_set_header Connection "";
chunked_transfer_encoding off;
}
access_log /www/wwwlogs/api19000.tupowx.com.log;
error_log /www/wwwlogs/api19000.tupowx.com.error.log;
}
server {
# Minio Console
#listen 9331;
listen 9331 ssl http2;
server_name images.tx.com;
#SSL-START SSL相关配置,请勿删除或修改下一行带注释的404规则
#SSL-END
# Allow special characters in headers
ignore_invalid_headers off;
# Allow any size file to be uploaded.
# Set to a value such as 1000m; to restrict file size to a specific value
client_max_body_size 0;
# Disable buffering
proxy_buffering off;
proxy_request_buffering off;
location / {
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-NginX-Proxy true;
# This is necessary to pass the correct IP to be hashed
real_ip_header X-Real-IP;
proxy_connect_timeout 300;
# To support websocket
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
chunked_transfer_encoding off;
proxy_pass http://172.17.0.4:9001;
}
} 如果后端用springboot的话,有可能出现证书
PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilder
最简单方式是MinioClient取消检测
client = MinioClient.builder()
.endpoint(buildEndpointURL()) // Endpoint URL
.region(buildRegion()) // Region
.credentials(config.getAccessKey(), config.getAccessSecret()) // 认证密钥
.build();
//加下面的代码,忽略证书
try {
client.ignoreCertCheck();
} catch (KeyManagementException | NoSuchAlgorithmException e) {
throw new RuntimeException("minio证书配置出错");
}
腾讯云面向开发者汇聚海量精品云计算使用和开发经验,营造开放的云计算技术生态圈。
更多推荐
14
0- 0
已为社区贡献5条内容
所有评论(0)