fix(minio): use HTTP-only nginx config for initial install
Remove SSL configuration from nginx config file. SSL will be added automatically by certbot when running ./install.sh --ssl 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
parent
39db791a30
commit
2256ff69bf
|
|
@ -1,20 +1,17 @@
|
|||
# =============================================================================
|
||||
# MinIO Nginx 配置
|
||||
# MinIO Nginx 配置 (HTTP 版本)
|
||||
# =============================================================================
|
||||
#
|
||||
# 功能:
|
||||
# - MinIO API 反向代理 (S3 兼容)
|
||||
# - MinIO Console 反向代理
|
||||
# - SSL/TLS 终止
|
||||
# - 静态资源 CDN 缓存
|
||||
#
|
||||
# 安装:
|
||||
# sudo cp minio.szaiai.com.conf /etc/nginx/sites-available/
|
||||
# sudo ln -s /etc/nginx/sites-available/minio.szaiai.com.conf /etc/nginx/sites-enabled/
|
||||
# sudo nginx -t && sudo systemctl reload nginx
|
||||
# 安装步骤:
|
||||
# 1. sudo ./install.sh # 安装此配置
|
||||
# 2. sudo ./install.sh --ssl # 使用 certbot 添加 SSL (可选)
|
||||
#
|
||||
# SSL 证书 (使用 certbot):
|
||||
# sudo certbot --nginx -d minio.szaiai.com -d cdn.szaiai.com
|
||||
# 注意: SSL 配置将由 certbot 自动添加到此文件
|
||||
#
|
||||
# =============================================================================
|
||||
|
||||
|
|
@ -37,23 +34,6 @@ server {
|
|||
listen [::]:80;
|
||||
server_name minio.szaiai.com;
|
||||
|
||||
# 强制 HTTPS
|
||||
location / {
|
||||
return 301 https://$host$request_uri;
|
||||
}
|
||||
}
|
||||
|
||||
server {
|
||||
listen 443 ssl http2;
|
||||
listen [::]:443 ssl http2;
|
||||
server_name minio.szaiai.com;
|
||||
|
||||
# SSL 配置 (由 certbot 管理)
|
||||
ssl_certificate /etc/letsencrypt/live/minio.szaiai.com/fullchain.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/live/minio.szaiai.com/privkey.pem;
|
||||
include /etc/letsencrypt/options-ssl-nginx.conf;
|
||||
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
|
||||
|
||||
# 日志
|
||||
access_log /var/log/nginx/minio.szaiai.com.access.log;
|
||||
error_log /var/log/nginx/minio.szaiai.com.error.log;
|
||||
|
|
@ -90,7 +70,7 @@ server {
|
|||
proxy_send_timeout 300s;
|
||||
proxy_read_timeout 300s;
|
||||
|
||||
# WebSocket 支持 (用于控制台实时日志)
|
||||
# WebSocket 支持
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "upgrade";
|
||||
}
|
||||
|
|
@ -104,22 +84,6 @@ server {
|
|||
listen [::]:80;
|
||||
server_name console.minio.szaiai.com;
|
||||
|
||||
location / {
|
||||
return 301 https://$host$request_uri;
|
||||
}
|
||||
}
|
||||
|
||||
server {
|
||||
listen 443 ssl http2;
|
||||
listen [::]:443 ssl http2;
|
||||
server_name console.minio.szaiai.com;
|
||||
|
||||
# SSL 配置
|
||||
ssl_certificate /etc/letsencrypt/live/minio.szaiai.com/fullchain.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/live/minio.szaiai.com/privkey.pem;
|
||||
include /etc/letsencrypt/options-ssl-nginx.conf;
|
||||
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
|
||||
|
||||
# 日志
|
||||
access_log /var/log/nginx/console.minio.access.log;
|
||||
error_log /var/log/nginx/console.minio.error.log;
|
||||
|
|
@ -155,44 +119,17 @@ server {
|
|||
listen [::]:80;
|
||||
server_name cdn.szaiai.com;
|
||||
|
||||
location / {
|
||||
return 301 https://$host$request_uri;
|
||||
}
|
||||
}
|
||||
|
||||
server {
|
||||
listen 443 ssl http2;
|
||||
listen [::]:443 ssl http2;
|
||||
server_name cdn.szaiai.com;
|
||||
|
||||
# SSL 配置
|
||||
ssl_certificate /etc/letsencrypt/live/cdn.szaiai.com/fullchain.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/live/cdn.szaiai.com/privkey.pem;
|
||||
include /etc/letsencrypt/options-ssl-nginx.conf;
|
||||
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
|
||||
|
||||
# 日志
|
||||
access_log /var/log/nginx/cdn.szaiai.com.access.log;
|
||||
error_log /var/log/nginx/cdn.szaiai.com.error.log;
|
||||
|
||||
# 缓存配置
|
||||
proxy_cache_path /var/cache/nginx/minio levels=1:2 keys_zone=minio_cache:100m max_size=10g inactive=7d use_temp_path=off;
|
||||
|
||||
# 公开存储桶 - avatars
|
||||
location /avatars/ {
|
||||
proxy_pass http://minio_api/avatars/;
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Connection "";
|
||||
|
||||
# 缓存配置
|
||||
proxy_cache minio_cache;
|
||||
proxy_cache_valid 200 7d;
|
||||
proxy_cache_valid 404 1m;
|
||||
proxy_cache_use_stale error timeout updating http_500 http_502 http_503 http_504;
|
||||
proxy_cache_lock on;
|
||||
|
||||
# 缓存头部
|
||||
add_header X-Cache-Status $upstream_cache_status;
|
||||
add_header Cache-Control "public, max-age=604800";
|
||||
|
||||
# CORS 配置
|
||||
|
|
@ -206,15 +143,7 @@ server {
|
|||
proxy_http_version 1.1;
|
||||
proxy_set_header Connection "";
|
||||
|
||||
# 缓存配置
|
||||
proxy_cache minio_cache;
|
||||
proxy_cache_valid 200 7d;
|
||||
proxy_cache_valid 404 1m;
|
||||
proxy_cache_use_stale error timeout updating http_500 http_502 http_503 http_504;
|
||||
proxy_cache_lock on;
|
||||
|
||||
# 缓存头部
|
||||
add_header X-Cache-Status $upstream_cache_status;
|
||||
add_header Cache-Control "public, max-age=604800";
|
||||
|
||||
# CORS 配置
|
||||
|
|
|
|||
Loading…
Reference in New Issue