Is it possible do run MinIO not on default path on nginx?
I have a backend that generate presigned url with this code:
MinioClient minioClient = new MinioClient("http://x.x.x.x:9000", "key", "key");
String url = minioClient.presignedGetObject("bucket", "name", 60 * 60 * 24);
where http://x.x.x.x:9000 is the local minio.
It return:
http://x.x.x.x:9000/bucket/name?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=admin%2F20181122%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20181122T072255Z&X-Amz-Expires=184&X-Amz-SignedHeaders=host&X-Amz-Signature=460b9b46f5fac13f29de4372dd7c1e8d6d6c747510761695a40d6b9ff08ba7d8
This link work under VPN as expected, but when i rewrite the url as https://example.com/bucket/name?... to be reached to all users I get signature error.
I have a nginx as reverse proxy and a frontend on default location:
location / {
proxy_pass http://x.x.x.x:8080;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
location /bucket/ {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-Host $http_host;
proxy_connect_timeout 300;
# Default is HTTP/1, keepalive is only enabled in HTTP/1.1
proxy_http_version 1.1;
proxy_set_header Connection "";
chunked_transfer_encoding off;
proxy_pass http://x.x.x.x:9000;
}
The problem is when i rewrite the url it invalidate the signature. Probably if i run minio for example in https://example.com/minio and then use this link as endpoint to generate the presigned url I will not have problem of signature.