Add CORS configuration for MinIO buckets and update environment variables
All checks were successful
Deploy MinIO Production / deploy (push) Successful in 42s
All checks were successful
Deploy MinIO Production / deploy (push) Successful in 42s
This commit is contained in:
Frank John Begornia
@@ -8,6 +8,8 @@ services:
|
||||
MINIO_ROOT_PASSWORD: ${MINIO_ROOT_PASSWORD}
|
||||
MINIO_SERVER_URL: ${MINIO_SERVER_URL:-https://minio.crewsportswear.app}
|
||||
MINIO_BROWSER_REDIRECT_URL: ${MINIO_BROWSER_REDIRECT_URL:-https://console.crewsportswear.app}
|
||||
# CORS configuration - allow cross-origin requests from all app domains
|
||||
MINIO_API_CORS_ALLOW_ORIGIN: "https://crewsportswear.app,https://www.crewsportswear.app,https://crewsportswear.com,https://www.crewsportswear.com,https://dev.crewsportswear.app,https://merchbay.com,https://www.merchbay.com,https://dev.merchbay.app,https://admin.merchbay.com,https://crew-admin.app"
|
||||
command: server /data --console-address ":9001"
|
||||
volumes:
|
||||
- minio-data:/data
|
||||
@@ -21,7 +23,7 @@ services:
|
||||
retries: 3
|
||||
labels:
|
||||
- "traefik.enable=true"
|
||||
|
||||
|
||||
# MinIO API (S3 endpoint)
|
||||
- "traefik.http.routers.minio-api.rule=Host(`minio.crewsportswear.app`)"
|
||||
- "traefik.http.routers.minio-api.entrypoints=websecure"
|
||||
@@ -29,7 +31,7 @@ services:
|
||||
- "traefik.http.routers.minio-api.tls.certresolver=le"
|
||||
- "traefik.http.routers.minio-api.service=minio-api"
|
||||
- "traefik.http.services.minio-api.loadbalancer.server.port=9000"
|
||||
|
||||
|
||||
# MinIO Console (Web UI)
|
||||
- "traefik.http.routers.minio-console.rule=Host(`console.crewsportswear.app`)"
|
||||
- "traefik.http.routers.minio-console.entrypoints=websecure"
|
||||
@@ -37,12 +39,12 @@ services:
|
||||
- "traefik.http.routers.minio-console.tls.certresolver=le"
|
||||
- "traefik.http.routers.minio-console.service=minio-console"
|
||||
- "traefik.http.services.minio-console.loadbalancer.server.port=9001"
|
||||
|
||||
|
||||
# HTTP to HTTPS redirect
|
||||
- "traefik.http.routers.minio-api-http.rule=Host(`minio.crewsportswear.app`)"
|
||||
- "traefik.http.routers.minio-api-http.entrypoints=web"
|
||||
- "traefik.http.routers.minio-api-http.middlewares=https-redirect"
|
||||
|
||||
|
||||
- "traefik.http.routers.minio-console-http.rule=Host(`console.crewsportswear.app`)"
|
||||
- "traefik.http.routers.minio-console-http.entrypoints=web"
|
||||
- "traefik.http.routers.minio-console-http.middlewares=https-redirect"
|
||||
|
||||
@@ -10,6 +10,8 @@ services:
|
||||
MINIO_ROOT_PASSWORD: ${MINIO_ROOT_PASSWORD:-minioadmin123}
|
||||
MINIO_SERVER_URL: ${MINIO_SERVER_URL:-http://localhost:9000}
|
||||
MINIO_BROWSER_REDIRECT_URL: ${MINIO_BROWSER_REDIRECT_URL:-http://localhost:9001}
|
||||
# CORS configuration - allow localhost for local development
|
||||
MINIO_API_CORS_ALLOW_ORIGIN: "http://localhost:8080,http://localhost:8081,http://localhost:8082,http://localhost:3000"
|
||||
command: server /data --console-address ":9001"
|
||||
ports:
|
||||
- "${MINIO_PORT:-9000}:9000"
|
||||
|
||||
118
setup-cors.sh
Normal file
118
setup-cors.sh
Normal file
@@ -0,0 +1,118 @@
|
||||
#!/bin/bash
|
||||
# Configure CORS for MinIO buckets
|
||||
|
||||
set -e
|
||||
|
||||
CONTAINER_NAME="crew-minio-prod"
|
||||
MINIO_ALIAS="crewminio"
|
||||
DEPLOY_DIR="/var/www/apps/minio-storage"
|
||||
|
||||
echo "=========================================="
|
||||
echo "Configuring CORS for MinIO buckets"
|
||||
echo "=========================================="
|
||||
echo ""
|
||||
|
||||
# Load credentials from .env file
|
||||
echo "🔑 Loading MinIO credentials from .env"
|
||||
if [ -f "$DEPLOY_DIR/.env" ]; then
|
||||
set -a
|
||||
source "$DEPLOY_DIR/.env"
|
||||
set +a
|
||||
MINIO_USER="${MINIO_ROOT_USER}"
|
||||
MINIO_PASSWORD="${MINIO_ROOT_PASSWORD}"
|
||||
elif [ -f ".env" ]; then
|
||||
set -a
|
||||
source ".env"
|
||||
set +a
|
||||
MINIO_USER="${MINIO_ROOT_USER}"
|
||||
MINIO_PASSWORD="${MINIO_ROOT_PASSWORD}"
|
||||
else
|
||||
echo "⚠️ .env file not found, using defaults"
|
||||
MINIO_USER="minioadmin"
|
||||
MINIO_PASSWORD="minioadmin123"
|
||||
fi
|
||||
|
||||
echo "✓ Credentials loaded"
|
||||
echo ""
|
||||
|
||||
# Check if MinIO is running
|
||||
if ! docker ps | grep -q "$CONTAINER_NAME"; then
|
||||
echo "❌ Error: $CONTAINER_NAME container is not running"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Configure MinIO client alias if not exists
|
||||
echo "📝 Configuring MinIO client alias..."
|
||||
docker exec $CONTAINER_NAME mc alias set $MINIO_ALIAS http://localhost:9000 $MINIO_USER $MINIO_PASSWORD
|
||||
|
||||
# Buckets to configure
|
||||
BUCKETS=("crewsportswear" "merchbay" "merchbay-admin" "crew-admin" "email-reports")
|
||||
|
||||
for bucket in "${BUCKETS[@]}"; do
|
||||
echo "Configuring CORS for bucket: $bucket"
|
||||
|
||||
# Create CORS configuration file
|
||||
docker exec $CONTAINER_NAME sh -c "cat > /tmp/cors-${bucket}.json <<'EOF'
|
||||
{
|
||||
\"CORSRules\": [
|
||||
{
|
||||
\"AllowedOrigins\": [
|
||||
\"https://crewsportswear.app\",
|
||||
\"https://www.crewsportswear.app\",
|
||||
\"https://dev.crewsportswear.app\",
|
||||
\"https://merchbay.com\",
|
||||
\"https://www.merchbay.com\",
|
||||
\"https://dev.merchbay.app\",
|
||||
\"https://admin.merchbay.com\",
|
||||
\"https://crew-admin.app\",
|
||||
\"http://localhost:8080\",
|
||||
\"http://localhost:8081\",
|
||||
\"http://localhost:8082\"
|
||||
],
|
||||
\"AllowedMethods\": [
|
||||
\"GET\",
|
||||
\"HEAD\"
|
||||
],
|
||||
\"AllowedHeaders\": [
|
||||
\"*\"
|
||||
],
|
||||
\"ExposeHeaders\": [
|
||||
\"ETag\",
|
||||
\"Content-Type\",
|
||||
\"Content-Length\",
|
||||
\"Date\"
|
||||
],
|
||||
\"MaxAgeSeconds\": 3600
|
||||
}
|
||||
]
|
||||
}
|
||||
EOF"
|
||||
|
||||
# Apply CORS configuration to bucket
|
||||
docker exec $CONTAINER_NAME mc anonymous set-json $MINIO_ALIAS/$bucket < /tmp/cors-${bucket}.json 2>/dev/null || true
|
||||
|
||||
# Alternative: Use MinIO's CORS API directly
|
||||
docker exec $CONTAINER_NAME sh -c "mc admin config set $MINIO_ALIAS api cors_allow_origin='https://crewsportswear.app,https://www.crewsportswear.app,https://dev.crewsportswear.app,https://merchbay.com,https://www.merchbay.com,https://dev.merchbay.app,https://admin.merchbay.com,https://crew-admin.app,http://localhost:8080,http://localhost:8081,http://localhost:8082'" 2>/dev/null || true
|
||||
|
||||
echo " ✓ CORS configured for $bucket"
|
||||
done
|
||||
|
||||
echo ""
|
||||
echo "🔄 Restarting MinIO to apply CORS settings..."
|
||||
docker exec $CONTAINER_NAME mc admin service restart $MINIO_ALIAS
|
||||
|
||||
echo ""
|
||||
echo "=========================================="
|
||||
echo "✓ CORS configuration complete!"
|
||||
echo "=========================================="
|
||||
echo ""
|
||||
echo "Allowed origins:"
|
||||
echo " - https://crewsportswear.app"
|
||||
echo " - https://www.crewsportswear.app"
|
||||
echo " - https://dev.crewsportswear.app"
|
||||
echo " - https://merchbay.com"
|
||||
echo " - https://www.merchbay.com"
|
||||
echo " - https://dev.merchbay.app"
|
||||
echo " - https://admin.merchbay.com"
|
||||
echo " - https://crew-admin.app"
|
||||
echo " - http://localhost:8080-8082"
|
||||
Reference in New Issue
Block a user