Sure, here’s a step-by-step guide to set up a single MinIO server on Ubuntu 22.04 with a custom domain and Let’s Encrypt SSL:
1. Update and Install Dependencies:
Update your package repositories and install necessary software:
sudo apt update && sudo apt upgrade -y
sudo apt install curl software-properties-common -y
2. Download and Install MinIO:
wget https://dl.min.io/server/minio/release/linux-amd64/minio
chmod +x minio
sudo mv minio /usr/local/bin/
3. Create a MinIO User (Optional but Recommended):
For added security, create a user specifically for running MinIO:
sudo useradd -r minio-user -s /sbin/nologin
sudo mkdir /usr/local/share/minio
sudo chown minio-user:minio-user /usr/local/share/minio
4. Set Up Systemd Service:
Create a systemd service file for MinIO:
sudo nano /etc/systemd/system/minio.service
Add the following content:
[Unit]
Description=MinIO
Documentation=https://docs.min.io
Wants=network-online.target
After=network-online.target
AssertFileIsExecutable=/usr/local/bin/minio
[Service]
WorkingDirectory=/usr/local/
User=minio-user
Group=minio-user
ExecStart=/usr/local/bin/minio server /usr/local/share/minio
Restart=always
LimitNOFILE=65536
TimeoutStopSec=0
SendSIGKILL=no
[Install]
WantedBy=multi-user.target
Then:
sudo systemctl daemon-reload
sudo systemctl enable minio
sudo systemctl start minio
5. Set Up Domain:
Ensure your domain/subdomain (e.g., minio.yourdomain.com
) points to your server’s IP address.
6. Install Certbot:
Certbot is the software we’ll use to obtain a Let’s Encrypt certificate:
sudo apt install certbot -y
7. Obtain SSL Certificate:
sudo certbot certonly --standalone -d minio.yourdomain.com
This command obtains a certificate for minio.yourdomain.com
using the standalone mode of Certbot.
8. Configure MinIO to Use SSL:
Link the certs to MinIO’s default certs directory:
sudo mkdir -p /etc/minio/certs/
sudo ln -s /etc/letsencrypt/live/minio.yourdomain.com/fullchain.pem /etc/minio/certs/public.crt
sudo ln -s /etc/letsencrypt/live/minio.yourdomain.com/privkey.pem /etc/minio/certs/private.key
Restart the MinIO service:
sudo systemctl restart minio
9. Access MinIO:
Now, you should be able to access MinIO via your domain with HTTPS:
https://minio.yourdomain.com
10. Setup Let’s Encrypt Auto Renewal:
Edit the crontab:
sudo crontab -e
Add this line to automatically renew the SSL certificate every day at 2 am:
0 2 * * * /usr/bin/certbot renew --quiet
That’s it! You have set up a MinIO server on Ubuntu 22.04 with a custom domain and SSL encryption from Let’s Encrypt.