mirror of
https://github.com/minio/minio.git
synced 2025-01-11 23:13:23 -05:00
Set CONSOLE_MINIO_SERVER to 127.0.0.1 by default (#15887)
This commit is contained in:
parent
f6b2e89109
commit
58d776daa0
@ -175,7 +175,9 @@ func minioConfigToConsoleFeatures() {
|
||||
if globalMinioEndpoint != "" {
|
||||
os.Setenv("CONSOLE_MINIO_SERVER", globalMinioEndpoint)
|
||||
} else {
|
||||
os.Setenv("CONSOLE_MINIO_SERVER", getAPIEndpoints()[0])
|
||||
// Explicitly set 127.0.0.1 so Console will automatically bypass TLS verification to the local S3 API.
|
||||
// This will save users from providing a certificate with IP or FQDN SAN that points to the local host.
|
||||
os.Setenv("CONSOLE_MINIO_SERVER", fmt.Sprintf("%s://127.0.0.1:%s", getURLScheme(globalIsTLS), globalMinioPort))
|
||||
}
|
||||
if value := env.Get("MINIO_LOG_QUERY_URL", ""); value != "" {
|
||||
os.Setenv("CONSOLE_LOG_QUERY_URL", value)
|
||||
|
@ -249,7 +249,7 @@ func StartGateway(ctx *cli.Context, gw Gateway) {
|
||||
getCert = globalTLSCerts.GetCertificate
|
||||
}
|
||||
|
||||
httpServer := xhttp.NewServer([]string{globalMinioAddr}).
|
||||
httpServer := xhttp.NewServer(getServerListenAddrs()).
|
||||
UseHandler(setCriticalErrorHandler(corsHandler(router))).
|
||||
UseTLSConfig(newTLSConfig(getCert)).
|
||||
UseShutdownTimeout(ctx.Duration("shutdown-timeout")).
|
||||
|
36
cmd/net.go
36
cmd/net.go
@ -44,9 +44,8 @@ func mustSplitHostPort(hostPort string) (host, port string) {
|
||||
return xh.Name, xh.Port.String()
|
||||
}
|
||||
|
||||
// mustGetLocalIP4 returns IPv4 addresses of localhost. It panics on error.
|
||||
func mustGetLocalIP4() (ipList set.StringSet) {
|
||||
ipList = set.NewStringSet()
|
||||
// mustGetLocalIPs returns IPs of local interface
|
||||
func mustGetLocalIPs() (ipList []net.IP) {
|
||||
ifs, err := net.Interfaces()
|
||||
logger.FatalIf(err, "Unable to get IP addresses of this host")
|
||||
|
||||
@ -68,36 +67,33 @@ func mustGetLocalIP4() (ipList set.StringSet) {
|
||||
ip = v.IP
|
||||
}
|
||||
|
||||
if ip.To4() != nil {
|
||||
ipList.Add(ip.String())
|
||||
}
|
||||
ipList = append(ipList, ip)
|
||||
}
|
||||
}
|
||||
|
||||
return ipList
|
||||
}
|
||||
|
||||
// mustGetLocalIP4 returns IPv4 addresses of localhost. It panics on error.
|
||||
func mustGetLocalIP4() (ipList set.StringSet) {
|
||||
ipList = set.NewStringSet()
|
||||
for _, ip := range mustGetLocalIPs() {
|
||||
if ip.To4() != nil {
|
||||
ipList.Add(ip.String())
|
||||
}
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
// mustGetLocalIP6 returns IPv6 addresses of localhost. It panics on error.
|
||||
func mustGetLocalIP6() (ipList set.StringSet) {
|
||||
ipList = set.NewStringSet()
|
||||
addrs, err := net.InterfaceAddrs()
|
||||
logger.FatalIf(err, "Unable to get IP addresses of this host")
|
||||
|
||||
for _, addr := range addrs {
|
||||
var ip net.IP
|
||||
switch v := addr.(type) {
|
||||
case *net.IPNet:
|
||||
ip = v.IP
|
||||
case *net.IPAddr:
|
||||
ip = v.IP
|
||||
}
|
||||
|
||||
for _, ip := range mustGetLocalIPs() {
|
||||
if ip.To4() == nil {
|
||||
ipList.Add(ip.String())
|
||||
}
|
||||
}
|
||||
|
||||
return ipList
|
||||
return
|
||||
}
|
||||
|
||||
// getHostIP returns IP address of given host.
|
||||
|
@ -25,6 +25,7 @@ import (
|
||||
"io"
|
||||
"log"
|
||||
"math/rand"
|
||||
"net"
|
||||
"os"
|
||||
"os/signal"
|
||||
"runtime"
|
||||
@ -36,6 +37,7 @@ import (
|
||||
"github.com/minio/cli"
|
||||
"github.com/minio/minio-go/v7"
|
||||
"github.com/minio/minio-go/v7/pkg/credentials"
|
||||
"github.com/minio/minio-go/v7/pkg/set"
|
||||
"github.com/minio/minio/internal/auth"
|
||||
"github.com/minio/minio/internal/bucket/bandwidth"
|
||||
"github.com/minio/minio/internal/color"
|
||||
@ -418,6 +420,24 @@ func initConfigSubsystem(ctx context.Context, newObject ObjectLayer) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
// Return the list of address that MinIO server needs to listen on:
|
||||
// - Returning 127.0.0.1 is necessary so Console will be able to send
|
||||
// requests to the local S3 API.
|
||||
// - The returned List needs to be deduplicated as well.
|
||||
func getServerListenAddrs() []string {
|
||||
// Use a string set to avoid duplication
|
||||
addrs := set.NewStringSet()
|
||||
// Listen on local interface to receive requests from Console
|
||||
for _, ip := range mustGetLocalIPs() {
|
||||
if ip != nil && ip.IsLoopback() {
|
||||
addrs.Add(net.JoinHostPort(ip.String(), globalMinioPort))
|
||||
}
|
||||
}
|
||||
// Add the interface specified by the user
|
||||
addrs.Add(globalMinioAddr)
|
||||
return addrs.ToSlice()
|
||||
}
|
||||
|
||||
// serverMain handler called for 'minio server' command.
|
||||
func serverMain(ctx *cli.Context) {
|
||||
signal.Notify(globalOSSignalCh, os.Interrupt, syscall.SIGTERM, syscall.SIGQUIT)
|
||||
@ -500,7 +520,7 @@ func serverMain(ctx *cli.Context) {
|
||||
getCert = globalTLSCerts.GetCertificate
|
||||
}
|
||||
|
||||
httpServer := xhttp.NewServer([]string{globalMinioAddr}).
|
||||
httpServer := xhttp.NewServer(getServerListenAddrs()).
|
||||
UseHandler(setCriticalErrorHandler(corsHandler(handler))).
|
||||
UseTLSConfig(newTLSConfig(getCert)).
|
||||
UseShutdownTimeout(ctx.Duration("shutdown-timeout")).
|
||||
|
@ -75,7 +75,8 @@ func handleSignals() {
|
||||
|
||||
for {
|
||||
select {
|
||||
case <-globalHTTPServerErrorCh:
|
||||
case err := <-globalHTTPServerErrorCh:
|
||||
logger.LogIf(context.Background(), err)
|
||||
exit(stopProcess())
|
||||
case osSignal := <-globalOSSignalCh:
|
||||
if !globalIsGateway {
|
||||
|
Loading…
Reference in New Issue
Block a user