diff --git a/docs/config/README.md b/docs/config/README.md index de2634dd2..22a5dec58 100644 --- a/docs/config/README.md +++ b/docs/config/README.md @@ -1,9 +1,8 @@ -# Minio Server `config.json` (v27) Guide [![Slack](https://slack.minio.io/slack?type=svg)](https://slack.minio.io) [![Go Report Card](https://goreportcard.com/badge/minio/minio)](https://goreportcard.com/report/minio/minio) [![Docker Pulls](https://img.shields.io/docker/pulls/minio/minio.svg?maxAge=604800)](https://hub.docker.com/r/minio/minio/) [![codecov](https://codecov.io/gh/minio/minio/branch/master/graph/badge.svg)](https://codecov.io/gh/minio/minio) - -Minio server stored all its configuration data in `${HOME}/.minio/config.json` file by default.For all releases beyond minio.RELEASE.2017-08-05T00-00-53Z, the configuration data will be migrated to the Minio's backend directory. All configuration changes can be made using [`mc admin config` get/set commands](https://github.com/minio/mc/blob/master/docs/minio-admin-complete-guide.md). Following sections provide detailed explanation of each fields and how to customize them. A complete example of `config.json` is available [here](https://raw.githubusercontent.com/minio/minio/master/docs/config/config.sample.json) +# Minio Server Config Guide [![Slack](https://slack.minio.io/slack?type=svg)](https://slack.minio.io) [![Go Report Card](https://goreportcard.com/badge/minio/minio)](https://goreportcard.com/report/minio/minio) [![Docker Pulls](https://img.shields.io/docker/pulls/minio/minio.svg?maxAge=604800)](https://hub.docker.com/r/minio/minio/) [![codecov](https://codecov.io/gh/minio/minio/branch/master/graph/badge.svg)](https://codecov.io/gh/minio/minio) ## Configuration Directory -The default configuration directory is `${HOME}/.minio`. Till the release `RELEASE.2018-08-02T23-11-36Z` , Minio server configuration file (`config.json`) was stored in the configuration directory. However for releases beyond `RELEASE.2018-08-18T03-49-57Z`, the configuration file (only), has been migrated to the backend storage directory. + +The default configuration directory is `${HOME}/.minio`. Till the release `RELEASE.2018-08-02T23-11-36Z`, Minio server configuration file (`config.json`) was stored in the configuration directory. However for releases beyond `RELEASE.2018-08-18T03-49-57Z`, the configuration file (only), has been migrated to the storage back-end (storage back-end is the directory passed to Minio server while starting the server). You can override the default configuration directory using `--config-dir` command-line option. Please note that this won't have an effect on the `config.json` file as it is always stored on the backend storage, along with data. Minio server generates a new `config.json` with auto-generated access credentials when its started for the first time. @@ -12,6 +11,7 @@ minio server --config-dir /etc/minio /data ``` ### Certificate Directory + TLS certificates are stored under ``${HOME}/.minio/certs`` directory. You need to place certificates here to enable `HTTPS` based access. Read more about [How to secure access to Minio server with TLS](https://docs.minio.io/docs/how-to-secure-access-to-minio-server-with-tls). Following is the directory structure for Minio server with TLS certificates. @@ -25,14 +25,22 @@ $ tree ~/.minio │   └── public.crt ``` -### Configuration Fields -#### Editing Configuration Fields -For releases after minio.RELEASE.2017-08-05T00-00-53Z, configuration changes can be done using [mc]((https://docs.minio.io/docs/minio-client-quickstart-guide)) +### Accessing configuration file + +All configuration changes can be made using [`mc admin config` get/set commands](https://github.com/minio/mc/blob/master/docs/minio-admin-complete-guide.md). Following sections provide brief explanation of fields and how to customize them. A complete example of `config.json` is available [here](https://raw.githubusercontent.com/minio/minio/master/docs/config/config.sample.json) + +#### Editing configuration file fields + +Configuration changes should be done using [mc]((https://docs.minio.io/docs/minio-client-quickstart-guide)) + ##### Get current configuration for Minio deployment + ```sh $ mc admin config get myminio/ > /tmp/myconfig ``` + ##### Set current configuration for Minio deployment + ```sh $ mc admin config set myminio < /tmp/myconfig ``` @@ -40,11 +48,13 @@ $ mc admin config set myminio < /tmp/myconfig The `mc admin` config API will evolve soon to be able to configure specific fields using get/set commands. #### Version + |Field|Type|Description| |:---|:---|:---| -|``version``|_string_| `version` determines the configuration file format. Any older version will be automatically be migrated to the latest version upon startup. [DO NOT EDIT THIS FIELD MANUALLY]| +|``version``|_string_| `version` determines the configuration file format. Any older version will automatically be migrated to the latest version upon startup. [DO NOT EDIT THIS FIELD MANUALLY]| #### Credential + |Field|Type|Description| |:---|:---|:---| |``credential``| | Auth credential for object storage and web access.| @@ -60,6 +70,7 @@ minio server /data ``` #### Region + |Field|Type|Description| |:---|:---|:---| |``region``| _string_ | `region` describes the physical location of the server. By default it is blank. You may override this field with `MINIO_REGION` environment variable. If you are unsure leave it unset.| @@ -72,6 +83,7 @@ minio server /data ``` #### Worm + |Field|Type|Description| |:---|:---|:---| |``worm``| _string_ | Enable this to turn on Write-Once-Read-Many. By default it is set to `off`. You may override this field with ``MINIO_WORM`` environment variable.| @@ -84,6 +96,7 @@ minio server /data ``` ### Storage Class + |Field|Type|Description| |:---|:---|:---| |``storageclass``| | Set storage class for configurable data and parity, as per object basis.| @@ -93,6 +106,7 @@ minio server /data By default, parity for objects with standard storage class is set to `N/2`, and parity for objects with reduced redundancy storage class objects is set to `2`. Read more about storage class support in Minio server [here](https://github.com/minio/minio/blob/master/docs/erasure/storage-class/README.md). ### Cache + |Field|Type|Description| |:---|:---|:---| |``drives``| _[]string_ | List of mounted file system drives with [`atime`](http://kerolasa.github.io/filetimes.html) support enabled| @@ -101,6 +115,7 @@ By default, parity for objects with standard storage class is set to `N/2`, and |``maxuse`` | _int_ | Percentage of disk available to cache | #### Notify + |Field|Type|Description| |:---|:---|:---| |``notify``| |Notify enables bucket notification events for lambda computing via the following targets.| @@ -117,22 +132,28 @@ By default, parity for objects with standard storage class is set to `N/2`, and ## Environment only settings #### Browser + Enable or disable access to web UI. By default it is set to `on`. You may override this field with ``MINIO_BROWSER`` environment variable. Example: + ```sh export MINIO_BROWSER=off minio server /data ``` ### Domain + By default, Minio supports path-style requests which look like http://mydomain.com/bucket/object. MINIO_DOMAIN environmental variable is used to enable virtual-host-style requests. If the request `Host` header matches with `(.+).mydomain.com` then the mattched pattern `$1` is used as bucket and the path is used as object. More information on path-style and virtual-host-style [here](http://docs.aws.amazon.com/AmazonS3/latest/dev/RESTAPI.html) Example: + ```sh export MINIO_DOMAIN=mydomain.com minio server /data ``` ## Explore Further + * [Minio Quickstart Guide](https://docs.minio.io/docs/minio-quickstart-guide) +* [Configure Minio Server with TLS](https://docs.minio.io/docs/how-to-secure-access-to-minio-server-with-tls) diff --git a/docs/config/config.sample.json b/docs/config/config.sample.json index fc80a3203..7da168c98 100644 --- a/docs/config/config.sample.json +++ b/docs/config/config.sample.json @@ -1,158 +1,189 @@ { - "version": "30", - "credential": { - "accessKey": "USWUXHGYZQYFYFFIT3RE", - "secretKey": "MOJRH0mkL1IPauahWITSVvyDrQbEEIwljvmxdq03" - }, - "region": "us-east-1", - "worm": "off", - "storageclass": { - "standard": "", - "rrs": "" - }, - "cache": { - "drives": [], - "expiry": 90, - "exclude": [], - "maxuse": 80 - }, - "usage": { - "interval": "3h" - }, - "notify": { - "amqp": { - "1": { - "enable": true, - "url": "amqp://myuser:mypassword@localhost:5672", - "exchange": "bucketevents", - "routingKey": "bucketlogs", - "exchangeType": "fanout", - "deliveryMode": 0, - "mandatory": false, - "immediate": false, - "durable": false, - "internal": false, - "noWait": false, - "autoDeleted": false - } - }, - "nats": { - "1": { - "enable": true, - "address": "0.0.0.0:4222", - "subject": "bucketevents", - "username": "yourusername", - "password": "yoursecret", - "token": "", - "secure": false, - "pingInterval": 0, - "streaming": { - "enable": false, - "clusterID": "", - "clientID": "", - "async": false, - "maxPubAcksInflight": 0 - } - } - }, - "elasticsearch": { - "1": { - "enable": true, - "format": "namespace", - "url": "http://127.0.0.1:9200", - "index": "bucketevents" - } - }, - "redis": { - "1": { - "enable": true, - "format": "namespace", - "address": "127.0.0.1:6379", - "password": "yoursecret", - "key": "bucketevents" - } - }, - "postgresql": { - "1": { - "enable": true, - "format": "namespace", - "connectionString": "", - "table": "bucketevents", - "host": "127.0.0.1", - "port": "5432", - "user": "postgres", - "password": "mypassword", - "database": "bucketevents_db" - } - }, - "kafka": { - "1": { - "enable": true, - "brokers": ["localhost:9092"], - "topic": "bucketevents", - "tls" : { - "enable" : true, - "skipVerify" : false, - "clientAuth" : 0 - }, - "sasl" : { - "enable" : true, - "username" : "kafka", - "password" : "kafkapasswd" - } - } - }, - "webhook": { - "1": { - "enable": true, - "endpoint": "http://requestb.in/1525x9n1" - } - }, - "mysql": { - "1": { - "enable": true, - "format": "namespace", - "dsnString": "", - "table": "minio_images", - "host": "172.17.0.1", - "port": "3306", - "user": "root", - "password": "password", - "database": "miniodb" - } - }, - "mqtt": { - "1": { - "enable": false, - "broker": "tcp://localhost:1883", - "topic": "minio", - "qos": 1, - "clientId": "minio", - "username": "", - "password": "" - } - } - }, - "logger": { - "console": { - "enabled": true - }, - "http": { - "1": { - "enabled": false, - "endpoint": "" - } - } - }, - "openid": { - "jwks": { - "url": "" - } - }, - "policy": { - "opa": { - "url": "", - "authToken": "" - } - } + "version": "31", + "credential": { + "accessKey": "36J9X8EZI4KEV1G7EHXA", + "secretKey": "ECk2uqOoNqvtJIMQ3WYugvmNPL_-zm3WcRqP5vUM", + "expiration": "1970-01-01T00:00:00Z", + "status": "enabled" + }, + "region": "", + "worm": "off", + "storageclass": { + "standard": "", + "rrs": "" + }, + "cache": { + "drives": [], + "expiry": 90, + "maxuse": 80, + "exclude": [] + }, + "kms": { + "vault": { + "endpoint": "", + "auth": { + "type": "", + "approle": { + "id": "", + "secret": "" + } + }, + "key-id": { + "name": "", + "version": 0 + } + } + }, + "notify": { + "amqp": { + "1": { + "enable": false, + "url": "", + "exchange": "", + "routingKey": "", + "exchangeType": "", + "deliveryMode": 0, + "mandatory": false, + "immediate": false, + "durable": false, + "internal": false, + "noWait": false, + "autoDeleted": false + } + }, + "elasticsearch": { + "1": { + "enable": false, + "format": "", + "url": "", + "index": "" + } + }, + "kafka": { + "1": { + "enable": false, + "brokers": null, + "topic": "", + "tls": { + "enable": false, + "skipVerify": false, + "clientAuth": 0 + }, + "sasl": { + "enable": false, + "username": "", + "password": "" + } + } + }, + "mqtt": { + "1": { + "enable": false, + "broker": "", + "topic": "", + "qos": 0, + "clientId": "", + "username": "", + "password": "", + "reconnectInterval": 0, + "keepAliveInterval": 0 + } + }, + "mysql": { + "1": { + "enable": false, + "format": "", + "dsnString": "", + "table": "", + "host": "", + "port": "", + "user": "", + "password": "", + "database": "" + } + }, + "nats": { + "1": { + "enable": false, + "address": "", + "subject": "", + "username": "", + "password": "", + "token": "", + "secure": false, + "pingInterval": 0, + "streaming": { + "enable": false, + "clusterID": "", + "clientID": "", + "async": false, + "maxPubAcksInflight": 0 + } + } + }, + "postgresql": { + "1": { + "enable": false, + "format": "", + "connectionString": "", + "table": "", + "host": "", + "port": "", + "user": "", + "password": "", + "database": "" + } + }, + "redis": { + "1": { + "enable": false, + "format": "", + "address": "", + "password": "", + "key": "" + } + }, + "webhook": { + "1": { + "enable": false, + "endpoint": "" + } + } + }, + "logger": { + "console": { + "enabled": true + }, + "http": { + "target1": { + "enabled": false, + "endpoint": "https://username:password@example.com/api" + } + } + }, + "compress": { + "enabled": false, + "extensions": [ + ".txt", + ".log", + ".csv", + ".json" + ], + "mime-types": [ + "text/csv", + "text/plain", + "application/json" + ] + }, + "openid": { + "jwks": { + "url": null + } + }, + "policy": { + "opa": { + "url": null, + "authToken": "" + } + } }