ac72345962
Closes #898 - Adds a short section on synchronous vs asynchronous bucket notifications - Adds a note on specific configs which now return redacted data on `mc admin config get` - Found a few new webhook lambda envvars to add
102 KiB
MinIO Server
minio
Table of Contents
minio
MinIO Server
The minio server
command starts the MinIO server process:
minio server /mnt/disk{1...4}For examples of deploying minio server on a bare metal environment, see minio-installation.
For examples of deploying minio server on a Kubernetes environment, see Deploying a MinIO Tenant <minio-k8s-deploy-minio-tenant>.
AGPLv3
minio server is
AGPLv3 <minio/blob/master/LICENSE>
licensed Free and Open Source (FOSS) software.
Applications integrating mc may trigger AGPLv3 compliance requirements. MinIO Commercial Licensing is the best
option for applications which trigger AGPLv3 obligations where
open-sourcing the application is not an option.
Configuration Settings
The minio server
process stores its configuration in the storage backend directory <minio server DIRECTORIES>. You can
modify configuration options using the mc admin config command.
Syntax
minio server
Starts the minio server process.
The command has the following syntax:
minio server [FLAGS] HOSTNAME/DIRECTORIES [HOSTNAME/DIRECTORIES..]The command accepts the following arguments:
HOSTNAME
The hostname of a minio server process.
For standalone deployments, this field is optional. You can
start a standalone ~minio server process with only the ~minio server DIRECTORIES
argument.
For distributed deployments, specify the hostname of each minio server in the
deployment. The group of minio server processes represent a single Server Pool <minio-intro-server-pool>.
~minio server HOSTNAME supports MinIO expansion
notation {x...y} to denote a sequential series of
hostnames. MinIO requires sequential hostnames to identify each
minio server process in
the set.
For example, https://minio{1...4}.example.net expands
to:
https://minio1.example.nethttps://minio2.example.nethttps://minio3.example.nethttps://minio4.example.net
You must run the minio server command with the same combination
of ~minio server HOSTNAME and ~minio server DIRECTORIES
on each host in the Server Pool.
Each additional HOSTNAME/DIRECTORIES pair denotes an
additional Server Set for the purpose of horizontal expansion of the
MinIO deployment. For more information on Server Pools, see Server Pool <minio-intro-server-pool>.
DIRECTORIES
The directories or drives the minio server process uses as the storage backend.
~minio server DIRECTORIES supports MinIO expansion
notation {x...y} to denote a sequential series of folders
or drives. For example, /mnt/disk{1...4} expands to:
/mnt/disk1/mnt/disk2/mnt/disk3/mnt/disk4
The ~minio server DIRECTORIES path(s) must be
empty when first starting the minio <minio server> process.
The minio server
process requires at least 4 drives or directories to enable
erasure coding <minio-erasure-coding>.
Important
MinIO recommends locally-attached drives, where the ~minio server DIRECTORIES
path points to each drive on the host machine. MinIO recommends
against using network-attached storage, as network latency
reduces performance of those drives compared to locally-attached
storage.
For development or evaluation, you can specify multiple logical directories or partitions on a single physical volume to enable erasure coding on the deployment.
For production environments, MinIO does not recommend using multiple logical directories or partitions on a single physical disk. While MinIO supports those configurations, the potential cost savings come at the risk of decreased reliability.
--address
Binds the minio <minio server> server process to a specific
network address and port number. Specify the address and port as
ADDRESS:PORT, where ADDRESS is an IP address
or hostname and PORT is a valid and open port on the host
system.
To change the port number for all IP addresses or hostnames
configured on the host machine, specify :PORT where
PORT is a valid and open port on the host.
RELEASE.2023-01-02T09-40-09Z
You can configure your hosts file to have MinIO only listen on specific IPs. For example, if the machine's /etc/hosts file contains the following:
127.0.1.1 minioip
127.0.1.2 minioipA command like the following would listen for API calls on port
9000 on both configured IP addresses.
minio server --address "minioip:9000" ~/miniodirectoryIf omitted, minio <minio server> binds to port
9000 on all configured IP addresses or hostnames on the
host machine.
--console-address
Specifies a static port for the embedded MinIO Console.
Omit to direct MinIO to generate a dynamic port at server startup. The MinIO server outputs the port to the system log.
--ftp
Enable and configure a File Transfer Protocol (FTP) or
File Transfer Protocol over SSL/TLS (FTPS) server. Use this
flag multiple times to specify an address port, a passive port range of
addresses, or a TLS certificate and key as key-value pairs.
Valid keys:
address, which takes a single port to use for the server, typically8021_(Optional)_
passive-port-range, which restricts the range of potential ports the server can use to transfer data, such as when tight firewall rules limit the port the FTP server can request for the connection_(Optional)_
tls-private-key, which takes the path to the user's private key for accessing the MinIO deployment by TLSUse with
tls-public-cert._(Optional)_
tls-public-cert, which takes the path to the certificate for accessing the MinIO deployment by TLSUse with
tls-private-key.
For MinIO deployments with TLS enabled, omit
tls-private-key and tls-public-key to direct
MinIO to use the default TLS keys for the MinIO deployment. See minio-tls for more
information. You only need to specify a certificate and private key to a
different set of TLS certificate and key than the MinIO default (for
example, to use a different domain).
For example:
minio server http://server{1...4}/disk{1...4} \
--ftp="address=:8021" \
--ftp="passive-port-range=30000-40000" \
--ftp="tls-private-key=path/to/private.key" \
--ftp="tls-public-cert=path/to/public.crt" \
...--sftp
Enable and configure a SSH File Transfer Protocol (SFTP)
server. Use multiple times to specify an address port and the path to
the ssh private key to use as key-value pairs.
Valid keys:
address, which takes a single port to use for the server, typically8022ssh-private-key, which takes the path to the user's private key file
For example:
minio server http://server{1...4}/disk{1...4} \
--sftp="address=:8022" --sftp="ssh-private-key=/home/miniouser/.ssh/id_rsa" \
...--certs-dir, -S
Specifies the path to the folder containing certificates the minio process uses for
configuring TLS/SSL connectivity.
Omit to use the default directory paths:
- Linux/OSX:
${HOME}/.minio/certs - Windows:
%%USERPROFILE%%\.minio\certs.
See minio-TLS for
more information on TLS/SSL connectivity.
--quiet
Disables startup information.
--anonymous
Hides sensitive information from logging.
--json
Outputs server logs and startup information in JSON
format.
Environment Variables
The minio server
processes uses the following environment variables during startup to set
configuration settings.
Core Configuration
MINIO_VOLUMES
The directories or drives the minio server process uses as the storage backend.
Functionally equivalent to setting minio server DIRECTORIES. Use this value when
configuring MinIO to run using an environment file.
MINIO_CONFIG_ENV_FILE
Specifies the full path to the file the MinIO server process uses for loading environment variables.
For systemd-managed files, setting this value to the
environment file allows MinIO to reload changes to that file on using
mc admin service restart to restart the
deployment.
MINIO_ILM_EXPIRY_WORKERS
Specifies the number of workers to make available to expire objects configured with ILM rules for expiration. When not set, MinIO defaults to using up to half of the available processing cores available.
MINIO_DOMAIN
Set to the Fully Qualified Domain Name (FQDN) MinIO accepts Bucket DNS (Virtual Host)-style requests on.
For example, setting MINIO_DOMAIN=minio.example.net
directs MinIO to accept an incoming connection request the
data bucket at data.minio.example.net.
If this setting is omitted, the default is to only accept path-style
requests. For example, minio.example.net/data.
Root Credentials
MINIO_ROOT_USER
The access key for the root <minio-users-root> user.
Warning
If MINIO_ROOT_USER is unset, minio defaults to
minioadmin.
NEVER use the default credentials in production
environments. MinIO strongly recommends specifying a unique, long, and
random MINIO_ROOT_USER value for all environments.
MINIO_ROOT_PASSWORD
The secret key for the root <minio-users-root> user.
Warning
If MINIO_ROOT_PASSWORD is unset, minio defaults to
minioadmin.
NEVER use the default credentials in production
environments. MinIO strongly recommends specifying a unique, long, and
random MINIO_ROOT_PASSWORD value for all environments.
MINIO_API_ROOT_ACCESS
This variable corresponds to the api root_access <api.root_access>
configuration setting. You can use this variable to temporarily override
the configuration setting and re-enable root access to the
deployment.
MINIO_ACCESS_KEY
RELEASE.2021-04-22T15-44-28Z
The access key for the root <minio-users-root> user.
This environment variable is deprecated in favor of the
MINIO_ROOT_USER
environment variable.
Warning
If MINIO_ACCESS_KEY is unset, minio defaults to
minioadmin.
NEVER use the default credentials in production
environments. MinIO strongly recommends specifying a unique, long, and
random MINIO_ACCESS_KEY value for all environments.
MINIO_SECRET_KEY
RELEASE.2021-04-22T15-44-28Z
The secret key for the root <minio-users-root> user.
This environment variable is deprecated in favor of the
MINIO_ROOT_PASSWORD
environment variable.
Warning
If MINIO_SECRET_KEY is unset, minio defaults to
minioadmin.
NEVER use the default credentials in production
environments. MinIO strongly recommends specifying a unique, long, and
random MINIO_ACCESS_KEY value for all environments.
MINIO_ACCESS_KEY_OLD
RELEASE.2021-04-22T15-44-28Z
To perform root credential rotation, modify the MINIO_ROOT_USER and MINIO_ROOT_PASSWORD environment variables.
MINIO_SECRET_KEY_OLD
RELEASE.2021-04-22T15-44-28Z
To perform root credential rotation, modify the MINIO_ROOT_USER and MINIO_ROOT_PASSWORD environment variables.
MinIO Console
The following environment variables control behavior for the embedded MinIO Console:
MINIO_PROMETHEUS_URL
Optional
Specify the URL for a Prometheus service configured to scrape MinIO metrics <minio-metrics-collect-using-prometheus>.
The MinIO Console populates the Dashboard with cluster metrics using the
minio-job Prometheus scraping job.
If you are using a standalone MinIO Console process, this variable
corresponds to CONSOLE_PROMETHEUS_URL.
MINIO_PROMETHEUS_JOB_ID
Optional
Specify the custom Prometheus job ID used for scraping MinIO metrics <minio-metrics-collect-using-prometheus>.
MinIO defaults to minio-job.
If you are using a standalone MinIO Console process, this variable
corresponds to CONSOLE_PROMETHEUS_JOB_ID.
MINIO_LOG_QUERY_URL
Optional
Specify the URL of a PostgreSQL service to which MinIO writes Audit logs <minio-logging-publish-audit-logs>.
The embedded MinIO Console provides a Log Search tool that allows
querying the PostgreSQL service for collected logs.
MINIO_BROWSER
Optional
Specify off to disable the embedded MinIO Console.
MINIO_BROWSER_LOGIN_ANIMATION
Optional
MinIO Server RELEASE.2023-05-04T21-44-30Z
Specify off to disable the animated login screen for the
MinIO Console. Defaults to on.
MINIO_BROWSER_REDIRECT_URL
Optional
Specify the Fully Qualified Domain Name (FQDN) the MinIO Console listens for incoming connections on.
If you want to host the MinIO Console exclusively from a reverse-proxy service, you must specify the hostname managed by that service.
For example, consider a reverse proxy configured to route
https://example.net/minio/ to the MinIO Console. You must
set this environment variable to match that hostname for the Console to
both listen and respond to requests using that hostname.
If you omit this variable, the Console listens and responds to all IP addresses or hostnames associated to the host machine on which the MinIO Server runs.
MINIO_SERVER_URL
Optional
Specify the Fully Qualified Domain Name (FQDN) the MinIO Console must use for connecting to the MinIO Server. The Console also uses this value for setting the root hostname when generating presigned URLs.
This setting may be required if:
- The MinIO Server uses a TLS certificate that does not include the host local IP(s) in the certificate Subject Alternative Name (SAN) or
- The Console must use a specific hostname to connect or reference the MinIO Server, e.g. due to a reverse proxy or similar configuration.
Key Management Service and Encryption
MINIO_KMS_KES_ENDPOINT
The endpoint for the MinIO Key Encryption Service (KES) process to use for supporting SSE-S3 and MinIO backend encryption operations.
MINIO_KMS_KES_KEY_FILE
The private key associated to the the MINIO_KMS_KES_CERT_FILE x.509 certificate to use
when authenticating to the KES server. The KES server requires clients
to present their certificate for performing mutual TLS (mTLS).
See the KES wiki <kes/wiki/Configuration#policy-configuration>
for more complete documentation on KES access control.
MINIO_KMS_KES_CERT_FILE
The x.509 certificate to present to the KES server. The KES server requires clients to present their certificate for performing mutual TLS (mTLS).
The KES server computes an identity <kes/wiki/Configuration#policy-configuration>
from the certificate and compares it to its configured policies. The KES
server grants the minio
server access to only those operations explicitly granted by the
policy.
See the KES wiki <kes/wiki/Configuration#policy-configuration>
for more complete documentation on KES access control.
MINIO_KMS_KES_KEY_NAME
The name of an external key on the Key Management system (KMS) configured on the KES server and used for performing en/decryption operations. MinIO uses this key for the following:
- Encrypting backend data (
IAM <minio-authentication-and-identity-management>, server configuration). - The default encryption key for Server-Side Encryption with
SSE-KMS <minio-encryption-sse-kms>. - The encryption key for Server-Side Encryption with
SSE-S3 <minio-encryption-sse-s3>.
MINIO_KMS_KES_ENCLAVE
Use this optional environment variable to define the name of a KES enclave. A KES enclave provides an isolated space for its associated keys separate from other enclaves on a stateful KES server.
If not set, MinIO does not send enclave information. For a stateful KES server, this results in using the default enclave.
Storage Class
These environment variables configure the parity <minio-ec-parity> to use for objects
written to the MinIO cluster.
MinIO Storage Classes are distinct from AWS Storage Classes, where the latter refers to the specific storage tier on which to store a given object.
MINIO_STORAGE_CLASS_STANDARD
The parity level <minio-ec-parity> for the
deployment. MinIO shards objects written with the default
STANDARD storage class using this parity value.
MinIO references the x-amz-storage-class header in
request metadata for determining which storage class to assign an
object. The specific syntax or method for setting headers depends on
your preferred method for interfacing with the MinIO server.
Specify the value using EC:M notation, where
M refers to the number of parity blocks to create for the
object.
The following table lists the default values based on the erasure set size <minio-ec-erasure-set> of the
initial server pool in the deployment:
| Erasure Set Size | Default Parity (EC:N) |
|---|---|
| 4-5 | EC:2 |
| 6 - 7 | EC:3 |
| 8 - 16 | EC:4 |
The minimum supported value is 0, which indicates no
erasure coding protections. These deployments rely entirely on the
storage controller or resource for availability / resiliency.
The maximum value depends on the erasure set size of the initial server pool in the deployment, where the upper bound is $\frac{\text{ERASURE_SET_SIZE}}{\text{2}}$. For example, a deployment with erasure set stripe size of 16 has a maximum standard parity of 8.
You can change this value after startup to any value between
0 and the upper bound for the erasure set size. MinIO only
applies the changed parity to newly written objects. Existing objects
retain the parity value in place at the time of their creation.
MINIO_STORAGE_CLASS_RRS
The parity level <minio-ec-parity> for objects
written with the REDUCED storage class.
MinIO references the x-amz-storage-class header in
request metadata for determining which storage class to assign an
object. The specific syntax or method for setting headers depends on
your preferred method for interfacing with the MinIO server.
Specify the value using EC:M notation, where
M refers to the number of parity blocks to create for the
object.
This value must be less than or equal to MINIO_STORAGE_CLASS_STANDARD.
You cannot set this value for deployments with an erasure set size
less than 5. Defaults to EC:2.
MINIO_STORAGE_CLASS_COMMENT
Adds a comment to the storage class settings.
Metrics and Logging
These environment variables control behavior related to MinIO metrics
and logging. See minio-metrics-and-alerts for more information.
MINIO_PROMETHEUS_AUTH_TYPE
Specifies the authentication mode for the Prometheus scraping endpoints <minio-metrics-and-alerts>.
jwt- Default MinIO requires that the scraping client specify a JWT token for authenticating requests. Usemc admin prometheus generateto generate the necessary JWT bearer tokens.publicMinIO does not require that scraping clients authenticate their requests.
Logging
These environment variables configure publishing regular minio server logs and audit
logs to an HTTP webhook. See minio-logging for more complete documentation.
minio-sever-envvar-logging-regularminio-sever-envvar-logging-auditminio-sever-envvar-logging-audit-kafka
Server Logs
The following section documents environment variables for configuring
MinIO to publish minio server logs to an HTTP webhook endpoint. See
minio-logging-publish-server-logs for more complete
documentation and tutorials on using these environment variables.
You can specify multiple webhook endpoints as log targets by
appending a unique identifier _ID for each set of related
logging environment variables. For example, the following command set
two distinct server logs webhook endpoints:
export MINIO_LOGGER_WEBHOOK_ENABLE_PRIMARY="on"
export MINIO_LOGGER_WEBHOOK_AUTH_TOKEN_PRIMARY="TOKEN"
export MINIO_LOGGER_WEBHOOK_ENDPOINT_PRIMARY="http://webhook-1.example.net"
export MINIO_LOGGER_WEBHOOK_ENABLE_SECONDARY="on"
export MINIO_LOGGER_WEBHOOK_AUTH_TOKEN_SECONDARY="TOKEN"
export MINIO_LOGGER_WEBHOOK_ENDPOINT_SECONDARY="http://webhook-2.example.net"MINIO_LOGGER_WEBHOOK_ENABLE
Specify "on" to enable publishing minio server logs to the HTTP
webhook endpoint.
Requires specifying MINIO_LOGGER_WEBHOOK_ENDPOINT.
This variable corresponds to setting the top-level logger_webhook
configuration setting.
MINIO_LOGGER_WEBHOOK_ENDPOINT
The HTTP endpoint of the webhook.
This variable corresponds to the logger_webhook endpoint
<logger_webhook.endpoint> configuration setting.
MINIO_LOGGER_WEBHOOK_AUTH_TOKEN
Optional
The JSON Web Token (JWT) to use for authenticating to the HTTP webhook. Omit for webhooks which do not enforce authentication.
This variable corresponds to the logger_webhook auth_token
<logger_webhook.auth_token> configuration setting.
MINIO_LOGGER_WEBHOOK_CLIENT_CERT
Optional
The path to the mTLS certificate to use for authenticating to the webhook logger.
Requires specifying MINIO_LOGGER_WEBHOOK_CLIENT_KEY.
This variable corresponds to the logger_webhook client_cert
<logger_webhook.client_cert> configuration setting.
MINIO_LOGGER_WEBHOOK_CLIENT_KEY
Optional
The path to the mTLS certificate key to use to authenticate with the webhook logger service.
Requires specifying MINIO_LOGGER_WEBHOOK_CLIENT_CERT.
This variable corresponds to the logger_webhook client_key
<logger_webhook.client_key> configuration setting.
MINIO_LOGGER_WEBHOOK_PROXY
Optional
Define a proxy to use for the webhook logger when communicating from MinIO to external webhooks.
This variable corresponds to the logger_webhook proxy
<logger_webhook.proxy> configuration setting.
MINIO_LOGGER_WEBHOOK_QUEUE_DIR
RELEASE.2023-05-18T00-05-36Z
Optional
Specify the directory path, such as /opt/minio/events,
to enable MinIO's persistent event store for undelivered messages. The
MinIO process must have read, write, and list access on the specified
directory.
MinIO stores undelivered events in the specified store while the webhook service is offline and replays the stored events when connectivity resumes.
This variable corresponds to the logger_webhook queue_dir <logger_webhook.queue_dir>
configuration setting.
MINIO_LOGGER_WEBHOOK_QUEUE_SIZE
Optional
An integer value to use for the queue size for logger webhook targets.
This variable corresponds to the logger_webhook queue_size
<logger_webhook.queue_size> configuration setting.
Webhook Audit Logs
The following section documents environment variables for configuring
MinIO to publish audit logs to an HTTP webhook endpoint. See minio-logging-publish-audit-logs for more complete
documentation and tutorials on using these environment variables.
You can specify multiple webhook endpoints as audit log targets by
appending a unique identifier _ID for each set of related
logging environment variables. For example, the following command set
two distinct audit log webhook endpoints:
export MINIO_AUDIT_WEBHOOK_ENABLE_PRIMARY="on"
export MINIO_AUDIT_WEBHOOK_AUTH_TOKEN_PRIMARY="TOKEN"
export MINIO_AUDIT_WEBHOOK_ENDPOINT_PRIMARY="http://webhook-1.example.net"
export MINIO_AUDIT_WEBHOOK_CLIENT_CERT_SECONDARY="/tmp/cert.pem"
export MINIO_AUDIT_WEBHOOK_CLIENT_KEY_SECONDARY="/tmp/key.pem"
export MINIO_AUDIT_WEBHOOK_ENABLE_SECONDARY="on"
export MINIO_AUDIT_WEBHOOK_AUTH_TOKEN_SECONDARY="TOKEN"
export MINIO_AUDIT_WEBHOOK_ENDPOINT_SECONDARY="http://webhook-1.example.net"
export MINIO_AUDIT_WEBHOOK_CLIENT_CERT_SECONDARY="/tmp/cert.pem"
export MINIO_AUDIT_WEBHOOK_CLIENT_KEY_SECONDARY="/tmp/key.pem"MINIO_AUDIT_WEBHOOK_ENABLE
Specify "on" to enable publishing audit logs to the HTTP
webhook endpoint.
Requires specifying MINIO_AUDIT_WEBHOOK_ENDPOINT.
This variable corresponds to setting the top-level audit_webhook
configuration setting.
MINIO_AUDIT_WEBHOOK_ENDPOINT
The HTTP endpoint of the webhook.
This variable corresponds to the audit_webhook endpoint
<audit_webhook.endpoint> configuration setting.
MINIO_AUDIT_WEBHOOK_AUTH_TOKEN
Optional
The JSON Web Token (JWT) to use for authenticating to the HTTP webhook. Omit for webhooks which do not enforce authentication.
This variable corresponds to the audit_webhook auth_token
<audit_webhook.auth_token> configuration setting.
MINIO_AUDIT_WEBHOOK_CLIENT_CERT
Optional
The x.509 client certificate to present to the HTTP webhook. Omit for webhooks which do not require clients to present a known TLS certificate.
Requires specifying MINIO_AUDIT_WEBHOOK_CLIENT_KEY.
This variable corresponds to the audit_webhook client_cert
<audit_webhook.client_cert> configuration setting.
MINIO_AUDIT_WEBHOOK_CLIENT_KEY
Optional
The x.509 private key to present to the HTTP webhook. Omit for webhooks which do not require clients to present a known TLS certificate.
Requires specifying MINIO_AUDIT_WEBHOOK_CLIENT_CERT.
This variable corresponds to the audit_webhook client_key
<audit_webhook.client_key> configuration setting.
MINIO_AUDIT_WEBHOOK_QUEUE_DIR
RELEASE.2023-05-18T00-05-36Z
Optional
Specify the directory path, such as /opt/minio/events,
to enable MinIO's persistent event store for undelivered messages. The
MinIO process must have read, write, and list access on the specified
directory.
MinIO stores undelivered events in the specified store while the webhook service is offline and replays the stored events when connectivity resumes.
This variable corresponds to the audit_webhook queue_dir <audit_webhook.queue_dir>
configuration setting.
MINIO_AUDIT_WEBHOOK_QUEUE_SIZE
Optional
An integer value to use for the queue size for audit webhook targets.
This variable corresponds to the audit_webhook queue_size <audit_webhook.queue_size>
configuration setting.
Kafka Audit Logs
The following section documents environment variables for configuring MinIO to publish audit logs to a Kafka broker.
MINIO_AUDIT_KAFKA_ENABLE
Set to "on" to enable the target.
Set to "off" to disable the target.
MINIO_AUDIT_KAFKA_BROKERS
This environment variable corresponds to the audit_kafka.brokers
configuration setting.
MINIO_AUDIT_KAFKA_TOPIC
This environment variable corresponds to the audit_kafka.topic
configuration setting.
MINIO_AUDIT_KAFKA_TLS
This environment variable corresponds to the audit_kafka.tls
configuration setting.
MINIO_AUDIT_KAFKA_TLS_SKIP_VERIFY
This environment variable corresponds to the audit_kafka.tls_skip_verify configuration
setting.
MINIO_AUDIT_KAFKA_SASL
Requires specifying MINIO_AUDIT_KAFKA_SASL_USERNAME and MINIO_AUDIT_KAFKA_SASL_PASSWORD.
This environment variable corresponds to the audit_kafka.sasl
configuration setting.
MINIO_AUDIT_KAFKA_SASL_USERNAME
This environment variable corresponds to the audit_kafka.sasl_username
configuration setting.
MINIO_AUDIT_KAFKA_SASL_PASSWORD
This environment variable corresponds to the audit_kafka.sasl_password
configuration setting.
MINIO_AUDIT_KAFKA_SASL_MECHANISM
Important
The PLAIN authentication mechanism sends credentials in
plain text over the network. Use MINIO_AUDIT_KAFKA_TLS to enable TLS connectivity to
the Kafka brokers and ensure secure transmission of SASL
credentials.
This environment variable corresponds to the audit_kafka.sasl_mechanism configuration
setting.
MINIO_AUDIT_KAFKA_TLS_CLIENT_AUTH
Requires specifying MINIO_AUDIT_KAFKA_CLIENT_TLS_CERT and MINIO_AUDIT_KAFKA_CLIENT_TLS_KEY.
This environment variable corresponds to the audit_kafka.tls_client_auth configuration
setting.
MINIO_AUDIT_KAFKA_CLIENT_TLS_CERT
This environment variable corresponds to the audit_kafka.client_tls_cert configuration
setting.
MINIO_AUDIT_KAFKA_CLIENT_TLS_KEY
This environment variable corresponds to the audit_kafka.client_tls_key configuration
setting.
MINIO_AUDIT_KAFKA_VERSION
This environment variable corresponds to the audit_kafka.version
configuration setting.
MINIO_AUDIT_KAFKA_COMMENT
This environment variable corresponds to the audit_kafka.comment
configuration setting.
MINIO_AUDIT_KAFKA_QUEUE_DIR
This environment variable corresponds to the audit_kafka.queue_dir
configuration setting.
MINIO_AUDIT_KAFKA_QUEUE_SIZE
This environment variable corresponds to the audit_kafka.queue_size
configuration setting.
Bucket Notifications
These environment variables configure notification targets for use
with MinIO Bucket Notifications <minio-bucket-notifications>:
minio-server-envvar-bucket-notification-amqpminio-server-envvar-bucket-notification-mqttminio-server-envvar-bucket-notification-elasticsearchminio-server-envvar-bucket-notification-nsqminio-server-envvar-bucket-notification-redisminio-server-envvar-bucket-notification-natsminio-server-envvar-bucket-notification-postgresqlminio-server-envvar-bucket-notification-mysqlminio-server-envvar-bucket-notification-kafkaminio-server-envvar-bucket-notification-webhook
MINIO_API_SYNC_EVENTS
Corresponds with the ~api.sync_events configuration setting.
AMQP Service for Bucket Notifications
The following section documents environment variables for configuring
an AMQP service as a target for Bucket Nofitications <minio-bucket-notifications>.
See minio-bucket-notifications-publish-amqp for a tutorial
on using these environment variables.
You can specify multiple AMQP service endpoints by appending a unique
identifier _ID for each set of related AMQP environment
variables: the top level key. For example, the following commands set
two distinct AMQP service endpoints as PRIMARY and
SECONDARY respectively:
set MINIO_NOTIFY_AMQP_ENABLE_PRIMARY="on"
set MINIO_NOTIFY_AMQP_URL_PRIMARY="amqp://user:password@amqp-endpoint.example.net:5672"
set MINIO_NOTIFY_AMQP_ENABLE_SECONDARY="on"
set MINIO_NOTIFY_AMQP_URL_SECONDARY="amqp://user:password@amqp-endpoint.example.net:5672"For example, MINIO_NOTIFY_AMQP_ENABLE_PRIMARY
<MINIO_NOTIFY_AMQP_ENABLE> indicates the environment
variable is associated to an AMQP service endpoint with ID of
PRIMARY.
MINIO_NOTIFY_AMQP_ENABLE
Requires specifying MINIO_NOTIFY_AMQP_URL if set to
on.
MINIO_NOTIFY_AMQP_URL
This field is required if MINIO_NOTIFY_AMQP_ENABLE is on. All
other AMQP-related variables are optional.
This variable corresponds to the notify_amqp url <notify_amqp.url>
configuration setting.
MINIO_NOTIFY_AMQP_EXCHANGE
This variable corresponds to the notify_amqp exchange
<notify_amqp.exchange> configuration setting.
MINIO_NOTIFY_AMQP_EXCHANGE_TYPE
This variable corresponds to the notify_amqp exchange_type
<notify_amqp.exchange_type> configuration setting.
MINIO_NOTIFY_AMQP_ROUTING_KEY
This variable corresponds to the notify_amqp routing_key
<notify_amqp.routing_key> configuration setting.
MINIO_NOTIFY_AMQP_MANDATORY
This variable corresponds to the notify_amqp mandatory
<notify_amqp.mandatory> configuration setting.
MINIO_NOTIFY_AMQP_DURABLE
This variable corresponds to the notify_amqp durable
<notify_amqp.durable> configuration setting.
MINIO_NOTIFY_AMQP_NO_WAIT
This variable corresponds to the notify_amqp no_wait
<notify_amqp.no_wait> configuration setting.
MINIO_NOTIFY_AMQP_INTERNAL
This variable corresponds to the notify_amqp internal
<notify_amqp.internal> configuration setting.
MINIO_NOTIFY_AMQP_AUTO_DELETED
This variable corresponds to the notify_amqp auto_deleted
<notify_amqp.auto_deleted> configuration setting.
MINIO_NOTIFY_AMQP_DELIVERY_MODE
This variable corresponds to the notify_amqp delivery_mode
<notify_amqp.delivery_mode> configuration setting.
MINIO_NOTIFY_AMQP_QUEUE_DIR
This variable corresponds to the notify_amqp queue_dir
<notify_amqp.queue_dir> configuration setting.
MINIO_NOTIFY_AMQP_QUEUE_LIMIT
This variable corresponds to the notify_amqp queue_limit
<notify_amqp.queue_limit> configuration setting.
MINIO_NOTIFY_AMQP_COMMENT
This variable corresponds to the notify_amqp comment
<notify_amqp.comment> configuration setting.
MQTT Service for Bucket Notifications
The following section documents environment variables for configuring
an MQTT service as a target for Bucket Nofitications <minio-bucket-notifications>.
See minio-bucket-notifications-publish-mqtt for a tutorial
on using these environment variables.
You can specify multiple MQTT service endpoints by appending a unique
identifier _ID for each set of related MQTT environment
variables: the top level key. For example, the following commands set
two distinct MQTT service endpoints as PRIMARY and
SECONDARY respectively:
set MINIO_NOTIFY_MQTT_ENABLE_PRIMARY="on"
set MINIO_NOTIFY_MQTT_BROKER_PRIMARY="tcp://user:password@mqtt-endpoint.example.net:1883"
set MINIO_NOTIFY_MQTT_ENABLE_SECONDARY="on"
set MINIO_NOTIFY_MQTT_BROKER_SECONDARY="tcp://user:password@mqtt-endpoint.example.net:1883"For example, MINIO_NOTIFY_MQTT_ENABLE_PRIMARY
<MINIO_NOTIFY_MQTT_ENABLE> indicates the environment
variable is associated to an MQTT service endpoint with ID of
PRIMARY.
MINIO_NOTIFY_MQTT_ENABLE
This variable corresponds to the notify_mqtt <notify_mqtt> configuration
setting.
MINIO_NOTIFY_MQTT_BROKER
Required
This variable corresponds to the notify_mqtt broker <notify_mqtt.broker>
configuration setting.
MINIO_NOTIFY_MQTT_TOPIC
Required
This variable corresponds to the notify_mqtt topic <notify_mqtt.topic>
configuration setting.
MINIO_NOTIFY_MQTT_USERNAME
Required if the MQTT server/broker enforces authentication/authorization
This variable corresponds to the notify_mqtt username <notify_mqtt.username>
configuration setting.
MINIO_NOTIFY_MQTT_PASSWORD
Required if the MQTT server/broker enforces authentication/authorization
This variable corresponds to the notify_mqtt password <notify_mqtt.password>
configuration setting.
MINIO_NOTIFY_MQTT_QOS
This variable corresponds to the notify_mqtt qos <notify_mqtt.qos>
configuration setting.
MINIO_NOTIFY_MQTT_KEEP_ALIVE_INTERVAL
This variable corresponds to the notify_mqtt keep_alive_interval <notify_mqtt.keep_alive_interval>
configuration setting.
MINIO_NOTIFY_MQTT_RECONNECT_INTERVAL
This variable corresponds to the notify_mqtt reconnect_interval <notify_mqtt.reconnect_interval>
configuration setting.
MINIO_NOTIFY_MQTT_QUEUE_DIR
This variable corresponds to the notify_mqtt queue_dir <notify_mqtt.queue_dir>
configuration setting.
MINIO_NOTIFY_MQTT_QUEUE_LIMIT
This variable corresponds to the notify_mqtt queue_limit <notify_mqtt.queue_limit>
configuration setting.
MINIO_NOTIFY_MQTT_COMMENT
This variable corresponds to the notify_mqtt comment <notify_mqtt.comment>
configuration setting.
Elasticsearch Service for Bucket Notifications
The following section documents environment variables for configuring
an Elasticsearch service as a target for Bucket Nofitications <minio-bucket-notifications>.
See minio-bucket-notifications-publish-elasticsearch for a
tutorial on using these environment variables.
You can specify multiple Elasticsearch service endpoints by appending
a unique identifier _ID for each set of related
Elasticsearch environment variables: the top level key. For example, the
following commands set two distinct Elasticsearch service endpoints as
PRIMARY and SECONDARY respectively:
set MINIO_NOTIFY_ELASTICSEARCH_ENABLE_PRIMARY="on"
set MINIO_NOTIFY_ELASTICSEARCH_URL_PRIMARY="https://user:password@elasticsearch-endpoint.example.net:9200"
set MINIO_NOTIFY_ELASTICSEARCH_INDEX_PRIMARY="bucketevents"
set MINIO_NOTIFY_ELASTICSEARCH_FORMAT_PRIMARY="namespace"
set MINIO_NOTIFY_ELASTICSEARCH_ENABLE_SECONDARY="on"
set MINIO_NOTIFY_ELASTICSEARCH_URL_SECONDARY="https://user:password@elasticsearch-endpoint.example.net:9200"
set MINIO_NOTIFY_ELASTICSEARCH_INDEX_SECONDARY="bucketevents"
set MINIO_NOTIFY_ELASTICSEARCH_FORMAT_SECONDARY="namespace"MINIO_NOTIFY_ELASTICSEARCH_ENABLE
Requires specifying the following additional environment variables if
set to on:
MINIO_NOTIFY_ELASTICSEARCH_URLMINIO_NOTIFY_ELASTICSEARCH_INDEXMINIO_NOTIFY_ELASTICSEARCH_FORMAT
This variable corresponds to the notify_elasticsearch configuration setting.
MINIO_NOTIFY_ELASTICSEARCH_URL
Required
This variable corresponds to the notify_elasticsearch url <notify_elasticsearch.url>
configuration setting.
MINIO_NOTIFY_ELASTICSEARCH_INDEX
Required
This variable corresponds to the notify_elasticsearch index <notify_elasticsearch.index>
configuration setting.
MINIO_NOTIFY_ELASTICSEARCH_FORMAT
Required
This variable corresponds to the notify_elasticsearch format <notify_elasticsearch.format>
configuration setting.
MINIO_NOTIFY_ELASTICSEARCH_USERNAME
Optional
This variable corresponds to the notify_elasticsearch username <notify_elasticsearch.username>
configuration setting.
MINIO_NOTIFY_ELASTICSEARCH_PASSWORD
Optional
This variable corresponds to the notify_elasticsearch password <notify_elasticsearch.password>
configuration setting.
MINIO_NOTIFY_ELASTICSEARCH_QUEUE_DIR
Optional
This variable corresponds to the notify_elasticsearch queue_dir <notify_elasticsearch.queue_dir>
configuration setting.
MINIO_NOTIFY_ELASTICSEARCH_QUEUE_LIMIT
Optional
This variable corresponds to the notify_elasticsearch queue_limit <notify_elasticsearch.queue_limit>
configuration setting.
MINIO_NOTIFY_ELASTICSEARCH_COMMENT
Optional
This variable corresponds to the notify_elasticsearch comment <notify_elasticsearch.comment>
configuration setting.
NSQ Service for Bucket Notifications
The following section documents environment variables for configuring
an NSQ service as a target for Bucket Nofitications <minio-bucket-notifications>.
See minio-bucket-notifications-publish-nsq for a tutorial
on using these environment variables.
You can specify multiple NSQ service endpoints by appending a unique
identifier _ID for each set of related NSQ environment
variables: the top level key. For example, the following commands set
two distinct NSQ service endpoints as PRIMARY and
SECONDARY respectively:
set MINIO_NOTIFY_NSQ_ENABLE_PRIMARY="on"
set MINIO_NOTIFY_NSQ_NSQD_ADDRESS_PRIMARY="https://user:password@nsq-endpoint.example.net:9200"
set MINIO_NOTIFY_NSQ_TOPIC_PRIMARY="bucketevents"
set MINIO_NOTIFY_NSQ_ENABLE_SECONDARY="on"
set MINIO_NOTIFY_NSQ_NSQD_ADDRESS_SECONDARY="https://user:password@nsq-endpoint.example.net:9200"
set MINIO_NOTIFY_NSQ_TOPIC_SECONDARY="bucketevents"MINIO_NOTIFY_NSQ_ENABLE
This variable corresponds to the notify_nsq <notify_nsq> configuration
setting.
MINIO_NOTIFY_NSQ_NSQD_ADDRESS
Required
This variable corresponds to the notify_nsq nsqd_address <notify_nsq.nsqd_address>
configuration setting.
MINIO_NOTIFY_NSQ_TOPIC
Required
This variable corresponds to the notify_nsq topic <notify_nsq.topic>
configuration setting.
MINIO_NOTIFY_NSQ_TLS
Optional
This variable corresponds to the notify_nsq tls <notify_nsq.tls>
configuration setting.
MINIO_NOTIFY_NSQ_TLS_SKIP_VERIFY
Optional
This variable corresponds to the notify_nsq tls_skip_verify <notify_nsq.tls_skip_verify>
configuration setting.
MINIO_NOTIFY_NSQ_QUEUE_DIR
Optional
This variable corresponds to the notify_nsq queue_dir <notify_nsq.queue_dir>
configuration setting.
MINIO_NOTIFY_NSQ_QUEUE_LIMIT
Optional
This variable corresponds to the notify_nsq queue_limit <notify_nsq.queue_limit>
configuration setting.
MINIO_NOTIFY_NSQ_COMMENT
Optional
This variable corresponds to the notify_nsq comment <notify_nsq.comment>
configuration setting.
Redis Service for Bucket Notifications
The following section documents environment variables for configuring
an Redis service as a target for Bucket Nofitications <minio-bucket-notifications>.
See minio-bucket-notifications-publish-redis for a
tutorial on using these environment variables.
You can specify multiple Redis service endpoints by appending a
unique identifier _ID for each set of related Redis
environment variables: the top level key. For example, the following
commands set two distinct Redis service endpoints as
PRIMARY and SECONDARY respectively:
set MINIO_NOTIFY_REDIS_ENABLE_PRIMARY="on"
set MINIO_NOTIFY_REDIS_REDIS_ADDRESS_PRIMARY="https://user:password@redis-endpoint.example.net:9200"
set MINIO_NOTIFY_REDIS_KEY_PRIMARY="bucketevents"
set MINIO_NOTIFY_REDIS_FORMAT_PRIMARY="namespace"
set MINIO_NOTIFY_REDIS_ENABLE_SECONDARY="on"
set MINIO_NOTIFY_REDIS_REDIS_ADDRESS_SECONDARY="https://user:password@redis-endpoint.example.net:9200"
set MINIO_NOTIFY_REDIS_KEY_SECONDARY="bucketevents"
set MINIO_NOTIFY_REDIS_FORMAT_SECONDARY="namespace"MINIO_NOTIFY_REDIS_ENABLE
Required
Requires specifying the following additional environment variables if
set to on:
MINIO_NOTIFY_REDIS_ADDRESSMINIO_NOTIFY_REDIS_KEYMINIO_NOTIFY_REDIS_FORMAT
This variable corresponds to the notify_redis <notify_redis> configuration
setting.
MINIO_NOTIFY_REDIS_ADDRESS
Required
This variable corresponds to the notify_redis address <notify_redis.address>
configuration setting.
MINIO_NOTIFY_REDIS_KEY
Required
This variable corresponds to the notify_redis key <notify_redis.key>
configuration setting.
MINIO_NOTIFY_REDIS_FORMAT
Required
This variable corresponds to the notify_redis format <notify_redis.format>
configuration setting.
MINIO_NOTIFY_REDIS_PASSWORD
Optional
This variable corresponds to the notify_redis password <notify_redis.password>
configuration setting.
MINIO_NOTIFY_REDIS_QUEUE_DIR
Optional
This variable corresponds to the notify_redis queue_dir <notify_redis.queue_dir>
configuration setting.
MINIO_NOTIFY_REDIS_QUEUE_LIMIT
Optional
This variable corresponds to the notify_redis queue_limit <notify_redis.queue_limit>
configuration setting.
MINIO_NOTIFY_REDIS_COMMENT
Optional
This variable corresponds to the notify_redis comment <notify_redis.comment>
configuration setting.
NATS Service for Bucket Notifications
NATS Streaming Deprecated
NATS Streaming is deprecated. Migrate to JetStream instead.
The related MinIO configuration options and environment variables are deprecated.
The following section documents environment variables for configuring
an NATS service as a target for Bucket Nofitications <minio-bucket-notifications>.
See minio-bucket-notifications-publish-nats for a tutorial
on using these environment variables.
You can specify multiple NATS service endpoints by appending a unique
identifier _ID for each set of related NATS environment
variables no to the top level key. For example, the following commands
set two distinct NATS service endpoints as PRIMARY and
SECONDARY respectively:
set MINIO_NOTIFY_NATS_ENABLE_PRIMARY="on"
set MINIO_NOTIFY_NATS_ADDRESS_PRIMARY="https://nats-endpoint.example.net:4222"
set MINIO_NOTIFY_NATS_ENABLE_SECONDARY="on"
set MINIO_NOTIFY_NATS_ADDRESS_SECONDARY="https://nats-endpoint.example.net:4222"For example, MINIO_NOTIFY_NATS_ENABLE_PRIMARY <MINIO_NOTIFY_NATS_ENABLE>
indicates the environment variable is associated to an NATS service
endpoint with ID of PRIMARY.
MINIO_NOTIFY_NATS_ENABLE
Required
This environment variable corresponds with the notify_nats <notify_nats> configuration
setting.
MINIO_NOTIFY_NATS_ADDRESS
Required
This environment variable corresponds with the notify_nats address <notify_nats.address>
configuration setting.
MINIO_NOTIFY_NATS_SUBJECT
Required
This environment variable corresponds with the notify_nats subject <notify_nats.subject>
configuration setting.
MINIO_NOTIFY_NATS_USERNAME
Optional
This environment variable corresponds with the notify_nats username <notify_nats.username>
configuration setting.
MINIO_NOTIFY_NATS_PASSWORD
Optional
This environment variable corresponds with the notify_nats password <notify_nats.password>
configuration setting.
MINIO_NOTIFY_NATS_TOKEN
Optional
This environment variable corresponds with the notify_nats token <notify_nats.token>
configuration setting.
MINIO_NOTIFY_NATS_TLS
Optional
This environment variable corresponds with the notify_nats tls <notify_nats.tls>
configuration setting.
MINIO_NOTIFY_NATS_TLS_SKIP_VERIFY
Optional
This environment variable corresponds with the notify_nats tls_skip_verify <notify_nats.tls_skip_verify>
configuration setting.
MINIO_NOTIFY_NATS_PING_INTERVAL
Optional
This environment variable corresponds with the notify_nats ping_interval <notify_nats.ping_interval>
configuration setting.
MINIO_NOTIFY_NATS_JETSTREAM
Optional
This environment variable corresponds with the notify_nats jetstream <notify_nats.jetstream>
configuration setting.
MINIO_NOTIFY_NATS_STREAMING
Deprecated
Optional
This environment variable corresponds with the notify_nats streaming <notify_nats.streaming>
configuration setting.
MINIO_NOTIFY_NATS_STREAMING_ASYNC
Deprecated
Optional
This environment variable corresponds with the notify_nats streaming_async <notify_nats.streaming_async>
configuration setting.
MINIO_NOTIFY_NATS_STREAMING_MAX_PUB_ACKS_IN_FLIGHT
Deprecated
Optional
This environment variable corresponds with the notify_nats streaming_max_pub_acks_in_flight
<notify_nats.streaming_max_pub_acks_in_flight>
configuration setting.
MINIO_NOTIFY_NATS_STREAMING_CLUSTER_ID
Deprecated
Optional
This environment variable corresponds with the notify_nats streaming_cluster_id
<notify_nats.streaming_cluster_id> configuration
setting.
MINIO_NOTIFY_NATS_CERT_AUTHORITY
Optional
This environment variable corresponds with the notify_nats cert_authority <notify_nats.cert_authority>
configuration setting.
MINIO_NOTIFY_NATS_CLIENT_CERT
Optional
This environment variable corresponds with the notify_nats client_cert <notify_nats.client_cert>
configuration setting.
MINIO_NOTIFY_NATS_CLIENT_KEY
Optional
This environment variable corresponds with the notify_nats client_key <notify_nats.client_key>
configuration setting.
MINIO_NOTIFY_NATS_QUEUE_DIR
Optional
This environment variable corresponds with the notify_nats queue_dir <notify_nats.queue_dir>
configuration setting.
MINIO_NOTIFY_NATS_QUEUE_LIMIT
Optional
This environment variable corresponds with the notify_nats queue_limit <notify_nats.queue_limit>
configuration setting.
MINIO_NOTIFY_NATS_COMMENT
Optional
This environment variable corresponds with the notify_nats comment <notify_nats.comment>
configuration setting.
PostgreSQL Service for Bucket Notifications
The following section documents environment variables for configuring
an POSTGRES service as a target for Bucket Nofitications <minio-bucket-notifications>.
See minio-bucket-notifications-publish-postgresql for a
tutorial on using these environment variables.
You can specify multiple PostgreSQL service endpoints by appending a
unique identifier _ID for each set of related PostgreSQL
environment variables: the top level key. For example, the following
commands set two distinct PostgreSQL service endpoints as
PRIMARY and SECONDARY respectively:
set MINIO_NOTIFY_POSTGRES_ENABLE_PRIMARY="on"
set MINIO_NOTIFY_POSTGRES_CONNECTION_STRING_PRIMARY="host=postgresql-endpoint.example.net port=4222..."
set MINIO_NOTIFY_POSTGRES_TABLE_PRIMARY="minioevents"
set MINIO_NOTIFY_POSTGRES_FORMAT_PRIMARY="namespace"
set MINIO_NOTIFY_POSTGRES_ENABLE_SECONDARY="on"
set MINIO_NOTIFY_POSTGRES_CONNECTION_STRING_SECONDARY="host=postgresql-endpoint.example.net port=4222..."
set MINIO_NOTIFY_POSTGRES_TABLE_SECONDARY="minioevents"
set MINIO_NOTIFY_POSTGRES_FORMAT_SECONDARY="namespace"For example, MINIO_NOTIFY_POSTGRES_ENABLE_PRIMARY
<MINIO_NOTIFY_POSTGRES_ENABLE> indicates the environment
variable is associated to an PostgreSQL service endpoint with ID of
PRIMARY.
MINIO_NOTIFY_POSTGRES_ENABLE
Required
Requires specifying the following additional environment variables if
set to on:
MINIO_NOTIFY_POSTGRES_CONNECTION_STRINGMINIO_NOTIFY_POSTGRES_TABLEMINIO_NOTIFY_POSTGRES_FORMAT
This environment variable corresponds with the notify_postgres <notify_postgres>
configuration setting.
MINIO_NOTIFY_POSTGRES_CONNECTION_STRING
Required
This environment variable corresponds with the notify_postgres connection_string <notify_postgres.connection_string>
configuration setting.
MINIO_NOTIFY_POSTGRES_TABLE
Required
This environment variable corresponds with the notify_postgres table <notify_postgres.table>
configuration setting.
MINIO_NOTIFY_POSTGRES_FORMAT
Required
This environment variable corresponds with the notify_postgres format <notify_postgres.format>
configuration setting.
MINIO_NOTIFY_POSTGRES_MAX_OPEN_CONNECTIONS
Optional
This environment variable corresponds with the notify_postgres max_open_connections
<notify_postgres.max_open_connections> configuration
setting.
MINIO_NOTIFY_POSTGRES_QUEUE_DIR
Optional
This environment variable corresponds with the notify_postgres queue_dir <notify_postgres.queue_dir>
configuration setting.
MINIO_NOTIFY_POSTGRES_QUEUE_LIMIT
Optional
This environment variable corresponds with the notify_postgres queue_limit <notify_postgres.queue_limit>
configuration setting.
MINIO_NOTIFY_POSTGRES_COMMENT
Optional
This environment variable corresponds with the notify_postgres comment <notify_postgres.comment>
configuration setting.
MySQL Service for Bucket Notifications
The following section documents environment variables for configuring
an MYSQL service as a target for Bucket Nofitications <minio-bucket-notifications>.
See minio-bucket-notifications-publish-mysql for a
tutorial on using these environment variables.
You can specify multiple MySQL service endpoints by appending a
unique identifier _ID for each set of related MySQL
environment variables: the top level key. For example, the following
commands set two distinct MySQL service endpoints as
PRIMARY and SECONDARY respectively:
set MINIO_NOTIFY_MYSQL_ENABLE_PRIMARY="on"
set MINIO_NOTIFY_MYSQL_DSN_STRING_PRIMARY="username:password@tcp(mysql.example.com:3306)/miniodb"
set MINIO_NOTIFY_MYSQL_TABLE_PRIMARY="minioevents"
set MINIO_NOTIFY_MYSQL_FORMAT_PRIMARY="namespace"
set MINIO_NOTIFY_MYSQL_ENABLE_SECONDARY="on"
set MINIO_NOTIFY_MYSQL_DSN_STRING_SECONDARY="username:password@tcp(mysql.example.com:3306)/miniodb"
set MINIO_NOTIFY_MYSQL_TABLE_SECONDARY="minioevents"
set MINIO_NOTIFY_MYSQL_FORMAT_SECONDARY="namespace"For example, MINIO_NOTIFY_MYSQL_ENABLE_PRIMARY
<MINIO_NOTIFY_MYSQL_ENABLE> indicates the environment
variable is associated to an MySQL service endpoint with ID of
PRIMARY.
MINIO_NOTIFY_MYSQL_ENABLE
Required
Requires specifying the following additional environment variables if
set to on:
MINIO_NOTIFY_MYSQL_DSN_STRINGMINIO_NOTIFY_MYSQL_TABLEMINIO_NOTIFY_MYSQL_FORMAT
This environment variable corresponds with the notify_mysql <notify_mysql> configuration
setting.
MINIO_NOTIFY_MYSQL_DSN_STRING
Required
This environment variable corresponds with the notify_mysql dsn_string <notify_mysql.dsn_string>
configuration setting.
MINIO_NOTIFY_MYSQL_TABLE
Required
This environment variable corresponds with the notify_mysql table <notify_mysql.table>
configuration setting.
MINIO_NOTIFY_MYSQL_FORMAT
Required
This environment variable corresponds with the notify_mysql format <notify_mysql.format>
configuration setting.
MINIO_NOTIFY_MYSQL_MAX_OPEN_CONNECTIONS
Optional
This environment variable corresponds with the notify_mysql max_open_connections
<notify_mysql.max_open_connections> configuration
setting.
MINIO_NOTIFY_MYSQL_QUEUE_DIR
Optional
This environment variable corresponds with the notify_mysql queue_dir <notify_mysql.queue_dir>
configuration setting.
MINIO_NOTIFY_MYSQL_QUEUE_LIMIT
Optional
This environment variable corresponds with the notify_mysql queue_limit <notify_mysql.queue_limit>
configuration setting.
MINIO_NOTIFY_MYSQL_COMMENT
Optional
This environment variable corresponds with the notify_mysql comment <notify_mysql.comment>
configuration setting.
Kafka Service for Bucket Notifications
The following section documents environment variables for configuring
an Kafka service as a target for Bucket Nofitications <minio-bucket-notifications>.
See minio-bucket-notifications-publish-kafka for a
tutorial on using these environment variables.
You can specify multiple Kafka service endpoints by appending a
unique identifier _ID for each set of related Kafka
environment variables: the top level key. For example, the following
commands set two distinct Kafka service endpoints as
PRIMARY and SECONDARY respectively:
set MINIO_NOTIFY_KAFKA_ENABLE_PRIMARY="on"
set MINIO_NOTIFY_KAFKA_BROKERS_PRIMARY="https://kafka1.example.net:9200, https://kafka2.example.net:9200"
set MINIO_NOTIFY_KAFKA_ENABLE_SECONDARY="on"
set MINIO_NOTIFY_KAFKA_BROKERS_SECONDARY="https://kafka1.example.net:9200, https://kafka2.example.net:9200"MINIO_NOTIFY_KAFKA_ENABLE
Required
MINIO_NOTIFY_KAFKA_BROKERS
Required
This environment variable corresponds to the notify_kafka brokers <notify_kafka.brokers>
configuration setting.
MINIO_NOTIFY_KAFKA_TOPIC
Optional
This environment variable corresponds to the notify_kafka topic <notify_kafka.topic>
configuration setting.
MINIO_NOTIFY_KAFKA_SASL
Optional
This environment variable corresponds to the notify_kafka sasl <notify_kafka.sasl>
configuration setting.
MINIO_NOTIFY_KAFKA_SASL_USERNAME
Optional
This environment variable corresponds to the notify_kafka sasl_username <notify_kafka.sasl_username>
configuration setting.
MINIO_NOTIFY_KAFKA_SASL_PASSWORD
Optional
This environment variable corresponds to the notify_kafka sasl_password <notify_kafka.sasl_password>
configuration setting.
MINIO_NOTIFY_KAFKA_SASL_MECHANISM
Optional
This environment variable corresponds to the notify_kafka sasl_mechanism <notify_kafka.sasl_mechanism>
configuration setting.
MINIO_NOTIFY_KAFKA_TLS_CLIENT_AUTH
Optional
This environment variable corresponds to the notify_kafka tls_client_auth <notify_kafka.tls_client_auth>
configuration setting.
MINIO_NOTIFY_KAFKA_TLS
Optional
This environment variable corresponds to the notify_kafka tls <notify_kafka.tls>
configuration setting.
MINIO_NOTIFY_KAFKA_TLS_SKIP_VERIFY
Optional
This environment variable corresponds to the notify_kafka tls_skip_verify <notify_kafka.tls_skip_verify>
configuration setting.
MINIO_NOTIFY_KAFKA_CLIENT_TLS_CERT
Optional
This environment variable corresponds to the notify_kafka client_tls_cert <notify_kafka.client_tls_cert>
configuration setting.
MINIO_NOTIFY_KAFKA_CLIENT_TLS_KEY
Optional
This environment variable corresponds to the notify_kafka client_tls_key <notify_kafka.client_tls_key>
configuration setting.
MINIO_NOTIFY_KAFKA_VERSION
Optional
This environment variable corresponds to the notify_kafka version <notify_kafka.version>
configuration setting.
MINIO_NOTIFY_KAFKA_QUEUE_DIR
Optional
This environment variable corresponds to the notify_kafka queue_dir <notify_kafka.queue_dir>
configuration setting.
MINIO_NOTIFY_KAFKA_QUEUE_LIMIT
Optional
This environment variable corresponds to the notify_kafka queue_limit <notify_kafka.queue_limit>
configuration setting.
MINIO_NOTIFY_KAFKA_COMMENT
Optional
This environment variable corresponds to the notify_kafka comment <notify_kafka.comment>
configuration setting.
Webhook Service for Bucket Notifications
The following section documents environment variables for configuring
an Webhook service as a target for Bucket Nofitications <minio-bucket-notifications>.
See minio-bucket-notifications-publish-webhook for a
tutorial on using these environment variables.
You can specify multiple Webhook service endpoints by appending a
unique identifier _ID for each set of related Webhook
environment variables: the top level key. For example, the following
commands set two distinct Webhook service endpoints as
PRIMARY and SECONDARY respectively:
set MINIO_NOTIFY_WEBHOOK_ENABLE_PRIMARY="on"
set MINIO_NOTIFY_WEBHOOK_ENDPOINT_PRIMARY="https://webhook1.example.net"
set MINIO_NOTIFY_WEBHOOK_ENABLE_SECONDARY="on"
set MINIO_NOTIFY_WEBHOOK_ENDPOINT_SECONDARY="https://webhook1.example.net"MINIO_NOTIFY_WEBHOOK_ENABLE
Required
MINIO_NOTIFY_WEBHOOK_ENDPOINT
Required
This environment variable corresponds with the notify_webhook endpoint <notify_webhook.endpoint>
configuration setting.
MINIO_NOTIFY_WEBHOOK_AUTH_TOKEN
Required
This environment variable corresponds with the notify_webhook auth_token <notify_webhook.auth_token>
configuration setting.
MINIO_NOTIFY_WEBHOOK_QUEUE_DIR
Optional
This environment variable corresponds with the notify_webhook queue_dir <notify_webhook.queue_dir>
configuration setting.
MINIO_NOTIFY_WEBHOOK_QUEUE_LIMIT
Optional
This environment variable corresponds with the notify_webhook queue_limit <notify_webhook.queue_limit>
configuration setting.
MINIO_NOTIFY_WEBHOOK_CLIENT_CERT
Optional
This environment variable corresponds with the notify_webhook client_cert <notify_webhook.client_cert>
configuration setting.
MINIO_NOTIFY_WEBHOOK_CLIENT_KEY
Optional
This environment variable corresponds with the notify_webhook client_key <notify_webhook.client_key>
configuration setting.
MINIO_NOTIFY_WEBHOOK_COMMENT
Optional
This environment variable corresponds with the notify_webhook comment <notify_webhook.comment>
configuration setting.
Object Lambda
The following section documents environment variables for configuring
MinIO to publish data to an HTTP webhook endpoint and trigger an Object
Lambda function. See developers-object-lambda for more complete
documentation and tutorials on using these environment variables.
You can specify multiple webhook endpoints as Lambda targets by
appending a unique identifier _FUNCTIONNAME for each Object
Lambda function. For example, the following command sets two distinct
Object Lambda webhook endpoints:
export MINIO_LAMBDA_WEBHOOK_ENABLE_myfunction="on"
export MINIO_LAMBDA_WEBHOOK_ENDPOINT_myfunction="http://webhook-1.example.net"
export MINIO_LAMBDA_WEBHOOK_ENABLE_yourfunction="on"
export MINIO_LAMBDA_WEBHOOK_ENDPOINT_yourfunction="http://webhook-2.example.net"MINIO_LAMBDA_WEBHOOK_ENABLE
Specify "on" to enable the Object Lambda webhook
endpoint for a handler function.
Requires specifying MINIO_LAMBDA_WEBHOOK_ENDPOINT.
MINIO_LAMBDA_WEBHOOK_ENDPOINT
The HTTP endpoint of the lambda webhook for the handler function.
MINIO_LAMBDA_WEBHOOK_AUTH_TOKEN
Specify the opaque string or JWT authorization token to use for authenticating to the lambda webhook service.
RELEASE.2023-06-23T20-26-00Z
MinIO redacts this value when returned as part of mc admin config get.
MINIO_LAMBDA_WEBHOOK_CLIENT_CERT
Specify the path to the client certificate to use for performing mTLS authentication to the lambda webhook service.
MINIO_LAMBDA_WEBHOOK_CLIENT_KEY
Specify the path to the private key to use for performing mTLS authentication to the lambda webhook service.
Active Directory / LDAP Identity Management
The following section documents environment variables for enabling
external identity management using an Active Directory or LDAP service.
See minio-authenticate-using-ad-ldap-generic for a
tutorial on using these variables.
MINIO_IDENTITY_LDAP_SERVER_ADDR
Required
This environment variable corresponds with the mc idp ldap add server_addr command.
MINIO_IDENTITY_LDAP_LOOKUP_BIND_DN
Required
This environment variable corresponds with the mc idp ldap add lookup_bind_dn command.
MINIO_IDENTITY_LDAP_LOOKUP_BIND_PASSWORD
Optional
This environment variable corresponds with the mc idp ldap add lookup_bind_password command.
MINIO_IDENTITY_LDAP_USER_DN_SEARCH_BASE_DN
Optional
This environment variable corresponds with the mc idp ldap add user_dn_search_base_dn command.
MINIO_IDENTITY_LDAP_USER_DN_SEARCH_FILTER
Optional
This environment variable corresponds with the mc idp ldap add user_dn_search_filter command.
MINIO_IDENTITY_LDAP_GROUP_SEARCH_FILTER
Optional
This environment variable corresponds with the mc idp ldap add group_search_filter command.
MINIO_IDENTITY_LDAP_GROUP_SEARCH_BASE_DN
Optional
This environment variable corresponds with the mc idp ldap add group_search_base_dn command.
MINIO_IDENTITY_LDAP_TLS_SKIP_VERIFY
Optional
This environment variable corresponds with the mc idp ldap add tls_skip_verify command.
MINIO_IDENTITY_LDAP_SERVER_INSECURE
Optional
This environment variable corresponds with the mc idp ldap add server_insecure command.
MINIO_IDENTITY_LDAP_SERVER_STARTTLS
Optional
This environment variable corresponds with the mc idp ldap add server_starttls command.
MINIO_IDENTITY_LDAP_SRV_RECORD_NAME
RELEASE.2022-12-12T19-27-27Z
Optional
This environment variable corresponds with the mc idp ldap add srv_record_name command.
MINIO_IDENTITY_LDAP_COMMENT
Optional
This environment variable corresponds with the mc idp ldap add comment
command.
OpenID Identity Management
The following section documents environment variables for enabling
external identity management using an OpenID Connect (OIDC)-compatible
provider. See minio-external-identity-management-openid for a
tutorial on using these variables.
MINIO_IDENTITY_OPENID_CONFIG_URL
Required
This environment variable corresponds with the identity_openid config_url
<identity_openid.config_url> setting.
MINIO_IDENTITY_OPENID_CLIENT_ID
Optional
This environment variable corresponds with the identity_openid client_id
<identity_openid.client_id> setting.
MINIO_IDENTITY_OPENID_CLIENT_SECRET
Optional
This environment variable corresponds with the identity_openid client_secret
<identity_openid.client_secret> setting.
MINIO_IDENTITY_OPENID_CLAIM_NAME
Optional
This environment variable corresponds with the identity_openid claim_name
<identity_openid.claim_name> setting.
MINIO_IDENTITY_OPENID_CLAIM_PREFIX
Optional
This environment variable corresponds with the identity_openid claim_prefix
<identity_openid.claim_prefix> setting.
MINIO_IDENTITY_OPENID_DISPLAY_NAME
Optional
MINIO_IDENTITY_OPENID_SCOPES
Optional
This environment variable corresponds with the identity_openid scopes
<identity_openid.scopes> setting.
MINIO_IDENTITY_OPENID_REDIRECT_URI
Optional
This environment variable corresponds with the identity_openid redirect_uri
<identity_openid.redirect_uri> setting.
MINIO_IDENTITY_OPENID_REDIRECT_URI_DYNAMIC
Optional
This environment variable corresponds with the identity_openid redirect_uri_dynamic <identity_openid.redirect_uri_dynamic>
setting.
MINIO_IDENTITY_OPENID_CLAIM_USERINFO
Optional
This environment variable corresponds with the identity_openid claim_userinfo <identity_openid.claim_userinfo>
setting.
MINIO_IDENTITY_OPENID_VENDOR
Optional
This environment variable corresponds with the identity_openid vendor <identity_openid.vendor>
setting.
MINIO_IDENTITY_OPENID_KEYCLOAK_REALM
Optional
This environment variable corresponds with the identity_openid keycloak_realm <identity_openid.keycloak_realm>
setting.
Requires MINIO_IDENTITY_OPENID_VENDOR set to
keycloak.
MINIO_IDENTITY_OPENID_KEYCLOAK_ADMIN_URL
Optional
This environment variable corresponds with the identity_openid keycloak_admin_url <identity_openid.keycloak_admin_url>
setting.
Requires MINIO_IDENTITY_OPENID_VENDOR set to
keycloak.
MINIO_IDENTITY_OPENID_COMMENT
Optional
This environment variable corresponds with the identity_openid comment
<identity_openid.comment> setting.
MinIO Identity Management Plugin
MINIO_IDENTITY_PLUGIN_URL
Required
MINIO_IDENTITY_PLUGIN_ROLE_POLICY
Required
MINIO_IDENTITY_PLUGIN_TOKEN
Optional
MINIO_IDENTITY_PLUGIN_ROLE_ID
Optional
MINIO_IDENTITY_PLUGIN_COMMENT
Optional
Batch Replication
MINIO_BATCH_REPLICATION_WORKERS
Optional
Enable parallel workers by specifying the maximum number of processes to use when performing the batch application job.
Data Compression
The following section documents settings for enabling data
compression for objects. See minio-data-compression for tutorials on using these
configuration settings.
MINIO_COMPRESSION_ALLOW_ENCRYPTION
Optional
This environment variable corresponds with the compression allow_encryption <compression.allow_encryption>
setting.
MINIO_COMPRESSION_ENABLE
Optional
This environment variable corresponds with the compression enable <compression.enable>
setting.
MINIO_COMPRESSION_EXTENSIONS
Optional
This environment variable corresponds with the compression extensions <compression.extensions>
setting.
MINIO_COMPRESSION_MIME_TYPES
Optional
This environment variable corresponds with the compression mime_types <compression.mime_types>
setting.