目前很多oss提供商提供的oss都是收费的,并且数据保存到人家服务器上,不够安全,所以要搭建一个属于自己的oss对象存储服务,经过查阅资料,minio相比fastdfs更有优势,很多开源系统都集成了它,本站博客 halo 就选择了它。
参考地址 https://blog.csdn.net/JingLisen/article/details/125352673
https访问
这里遇到很多问题,使用的自签证书没有用,后面去阿里云申请的免费的就可以使用了
version: '3'
services:
minio:
image: minio/minio
container_name: minio
ports:
# api 端口
- "9000:9000"
# 控制台端口
- "9001:9001"
environment:
# 时区上海
TZ: Asia/Shanghai
# 管理后台用户名
MINIO_ACCESS_KEY: admin
# 管理后台密码,最小8个字符
MINIO_SECRET_KEY: 123456
# https需要指定域名,不需要https时以下两项空着
MINIO_SERVER_URL: "https://www.xxx.com:9000"
MINIO_BROWSER_REDIRECT_URL: "https://www.xxx.com:9001"
# 开启压缩 on 开启 off 关闭
MINIO_COMPRESS: "off"
# 扩展名 .pdf,.doc 为空 所有类型均压缩
MINIO_COMPRESS_EXTENSIONS: ""
# mime 类型 application/pdf 为空 所有类型均压缩
MINIO_COMPRESS_MIME_TYPES: ""
volumes:
# 映射当前目录下的data目录至容器内/data目录
- /docker/minio/data:/data
# 映射配置目录
- /docker/minio/config:/root/.minio/
command: server --address ':9000' --console-address ':9001' /data # 指定容器中的目录 /data
privileged: true
restart: always
需要注意,9001是登录地址,9000是api地址
centos7 访问https错误
curl: (60) Peer's Certificate issuer is not recognized.
More details here: http://curl.haxx.se/docs/sslcerts.html
curl performs SSL certificate verification by default, using a "bundle"
of Certificate Authority (CA) public keys (CA certs). If the default
bundle file isn't adequate, you can specify an alternate file
using the --cacert option.
If this HTTPS server uses a certificate signed by a CA represented in
the bundle, the certificate verification probably failed due to a
problem with the certificate (it might be expired, or the name might
not match the domain name in the URL).
If you'd like to turn off curl's verification of the certificate, use
the -k (or --insecure) option.
error: https://packages.microsoft.com/keys/microsoft.asc: import read failed(2)
https://www.cnblogs.com/mtactor/p/16521109.html
这里导出自己网站证书一定要证书链,否则无效
#将pem文件放到对应文件夹,并更新后缀为crt
mv jd-com-chain.pem /etc/pki/ca-trust/source/anchors/jd-com-chain.crt
#更新本地CA库
update-ca-trust extract