Product
Overview
What is AIStor?
Features
Replication Replication Console Console Cache Cache Encryption Encryption Versioning Versioning Observability Observability Object Immutability Object Immutability Key Management Server Key Management Server S3 Compatibility S3 Compatibility Identity + Access Mgt Identity + Access Mgt Catalog Catalog Object Prompt Object Prompt Lifecycle Lifecycle Firewall Firewall AIHub AIHub
Tools
Erasure Code Calculator Erasure Code Calculator Determine your raw and usable capacity across a range of erasure coding settings. Reference Hardware Reference Hardware MinIO’s recommended Configuration and reference hardware for building large scale data infrastructure.
Solutions
AI Storage Learn how MinIO is leading the AI storage market from its exclusive features to performance at scale. HDFS Migration Modernize and simplify your big data storage infrastructure with cloud native storage with AIStor. Snowflake Learn how to leverage Snowflake external tables to query data without having to move it.
Integrations Integrations with MinIO Browse our expansive list of
integrations with links to the relevant
documentation.
Veeam Learn how MinIO and Veeam have partnered deliver superior RTO and RPO. Modern Datalakes Learn how modern, multi-engine data lakeshouses depend on MinIO's AIStor. Equinix Repatriate your data onto the cloud you control with MinIO and Equinix. SQL Server Learn how to leverage SQL Server 2022 with MinIO to run queries on your data without having to move it. Commvault Learn how Commvault and MinIO are partnered to deliver performance at scale for mission critical backup and restore workloads. Hybrid Cloud Learn how enterprises use MinIO to build AI data infrastructure that runs on any cloud - public, private or colo. Splunk Find out how MinIO is delivering performance at scale for Splunk SmartStores. VMware Discover how MinIO integrates with VMware across the portfolio from the Persistent Data platform to TKG and how we support their Kubernetes ambitions.
Open Source
Github Community Explore, experiment, ask questions and contribute. Docs Development guides. Slack Channel Open Forum for discussing topics related to MinIO.
Download MinIO Object Store Get MinIO's open source server, client, and SDK.
Resources
Resources Home Browse our library of white papers, solution briefs, benchmarks and videos. Blog Product updates, company news, and educational content. Training Learn the MinIO Way and Become a Data Infrastructure Expert.
Events Join us to take advantage to meet with MinIO partners, employees, and subject-matter experts.
Partner Pricing Login Download

Documentation

MinIO Object Storage for Linux

MinIO Console Settings

This page covers settings that manage access and behavior for the MinIO Console.

You can establish or modify settings by defining:

  • an environment variable on the host system prior to starting or restarting the MinIO Server. Refer to your operating system’s documentation for how to define an environment variable.

  • a configuration setting using mc admin config set.

  • a configuration setting using the MinIO Console’s Administrator > Settings pages.

If you define both an environment variable and the similar configuration setting, MinIO uses the environment variable value.

Some settings have only an environment variable or a configuration setting, but not both.

Important

Each configuration setting controls fundamental MinIO behavior and functionality. MinIO strongly recommends testing configuration changes in a lower environment, such as DEV or QA, before applying to production.

Browser Settings

The following settings control behavior for the embedded MinIO Console.

MinIO Console

Optional

MINIO_BROWSER

Specify off to disable the embedded MinIO Console.

This setting does not have a configuration variable setting. Use the Environment Variable instead.

Animation

Optional

MINIO_BROWSER_LOGIN_ANIMATION

New in version MinIO: Server RELEASE.2023-05-04T21-44-30Z

Specify off to disable the animated login screen for the MinIO Console. Defaults to on.

This setting does not have a configuration variable setting. Use the Environment Variable instead.

Browser Redirect

Optional

MINIO_BROWSER_REDIRECT

New in version MinIO: Server RELEASE.2023-09-16T01-01-47Z

Specify whether requests from a web browser automatically redirect to the Console address. Defaults to true.

This setting does not have a configuration variable setting. Use the Environment Variable instead.

Browser Redirect URL

Optional

MINIO_BROWSER_REDIRECT_URL

Specify the Fully Qualified Domain Name (FQDN) the MinIO Console listens for incoming connections on.

If you want to host the MinIO Console exclusively from a reverse-proxy service, you must specify the hostname managed by that service.

For example, consider a reverse proxy configured to route https://example.net/minio/ to the MinIO Console. You must set this environment variable to match that hostname for the Console to both listen and respond to requests using that hostname.

If you omit this variable, the Console listens and responds to all IP addresses or hostnames associated to the host machine on which the MinIO Server runs.

This setting does not have a configuration variable setting. Use the Environment Variable instead.

Session Duration

Optional

MINIO_BROWSER_SESSION_DURATION

New in version MinIO: Server RELEASE.2023-08-23T10-07-06Z

Specify the duration of a browser session for working with the MinIO Console.

MinIO supports the following units of time measurement:

  • s - seconds, “60s”

  • m - minutes, “60m”

  • h - hours, “24h”

  • d - days, “7d”

Defaults to 12h.

This setting does not have a configuration variable setting. Use the Environment Variable instead.

Log Query URL

Optional

MINIO_LOG_QUERY_URL

Specify the URL of a PostgreSQL service to which MinIO writes Audit logs. The embedded MinIO Console provides a Log Search tool that allows querying the PostgreSQL service for collected logs.

This setting does not have a configuration variable setting. Use the Environment Variable instead.

Content Security Policy

Optional

Configure MinIO Console to generate a Content-Security-Policy header in HTTP responses. Defaults to default-src 'self' 'unsafe-eval' 'unsafe-inline';

MINIO_BROWSER_CONTENT_SECURITY_POLICY
set MINIO_BROWSER_CONTENT_SECURITY_POLICY="default-src 'self' 'unsafe-eval' 'unsafe-inline';"
browser csp_policy
mc admin config set browser \
   csp_policy="default-src 'self' 'unsafe-eval' 'unsafe-inline';" \
   [ARGUMENT=VALUE ...]

Strict Transport Security

Optional

Configure MinIO console to generate a Strict-Transport-Security header in HTTP responses.

To generate the header, you must set a duration using either MINIO_BROWSER_HSTS_SECONDS or hsts_seconds. Other HSTS settings are optional.

MINIO_BROWSER_HSTS_SECONDS

The max_age the configured policy remains in effect, in seconds. Defaults to 0, disabled. You must configure a non-zero duration to enable the Strict-Transport-Security header.

set MINIO_BROWSER_HSTS_SECONDS=31536000
MINIO_BROWSER_HSTS_INCLUDE_SUB_DOMAINS

Set to on to also apply the configured HSTS policy to all MinIO Console subdomains. Defaults to off.

set MINIO_BROWSER_HSTS_INCLUDE_SUB_DOMAINS="on"
MINIO_BROWSER_HSTS_PRELOAD

Set to on to direct the client browser to add the MinIO Console domain to its HSTS preload list. Defaults to off.

set MINIO_BROWSER_HSTS_INCLUDE_SUB_DOMAINS="on"

The following configuration settings require a service restart to take effect. To restart the service, use mc admin service restart.

browser hsts_seconds

The max_age the configured policy remains in effect, in seconds. Defaults to 0, disabled. You must configure a non-zero duration to enable the Strict-Transport-Security header.

mc admin config set browser \
   hsts_seconds="31536000" \
   [ARGUMENT=VALUE ...]
browser hsts_include_subdomains

Set to on to also apply the configured HSTS policy to all MinIO Console subdomains. Defaults to off.

mc admin config set browser \
   hsts_include_subdomains="on" \
   hsts_seconds="31536000" \
   [ARGUMENT=VALUE ...]
browser hsts_preload

Set to on to direct the client browser to add the MinIO Console domain to its HSTS preload list. Defaults to off.

mc admin config set browser \
   hsts_preload="on" \
   hsts_seconds="31536000" \
   [ARGUMENT=VALUE ...]

Examples

The following examples show the rendered header for the given configuration settings. The equivalent environment variables generate the same result. All examples use a value of 31536000, which is the number of seconds in a calendar year (365 days).

hsts_seconds

mc admin config set ALIAS browser hsts_seconds=31536000

Strict-Transport-Security: max-age=31536000

hsts_include_subdomains

mc admin config set ALIAS browser hsts_seconds=31536000 hsts_include_subdomains=on

Strict-Transport-Security: max-age=31536000; includeSubDomains

hsts_preload

mc admin config set ALIAS browser hsts_seconds=31536000 hsts_include_subdomains=on hsts_preload=on

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload

Referrer Policy

Optional

Configure MinIO Console to generate a Referrer-Policy header in HTTP responses. Defaults to strict-origin-when-cross-origin.

MINIO_BROWSER_REFERRER_POLICY
set MINIO_BROWSER_REFERRER_POLICY="strict-origin-when-cross-origin"
browser referrer_policy
mc admin config set browser \
   referrer_policy="strict-origin-when-cross-origin" \
   [ARGUMENT=VALUE ...]

Prometheus Settings

The following settings manage how MinIO interacts with your Prometheus service.

Prometheus URL

Optional

MINIO_PROMETHEUS_URL

Specify the URL for a Prometheus service configured to scrape MinIO metrics.

The MinIO Console populates the Dashboard with cluster metrics using the minio-job Prometheus scraping job.

If you are using a standalone MinIO Console process, this variable corresponds with CONSOLE_PROMETHEUS_URL.

This setting does not have a configuration variable setting. Use the Environment Variable instead.

Prometheus Job ID

Optional

MINIO_PROMETHEUS_JOB_ID

Specify the custom Prometheus job ID used for scraping MinIO metrics.

MinIO defaults to minio-job.

If you are using a standalone MinIO Console process, this variable corresponds with CONSOLE_PROMETHEUS_JOB_ID.

This setting does not have a configuration variable setting. Use the Environment Variable instead.

Prometheus Auth Token

Optional

MINIO_PROMETHEUS_AUTH_TOKEN

Specify the basic auth token the Console should use to connect to a Prometheus service.

For example, a basic auth token you might use could resemble the following:

eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJwcm9tZXRoZXVzIiwic3ViIjoibWluaW8iLCJleHAiOjQ4NTAwMzg0MDJ9.GZCKR3d0FH2TCvNHSd39HaVfSuQVVV0s8glICBDmhT51V6CQ_hw8gTYlKHJmcpR8aHkqiJwCqcYJhaMmqwe00XY

If you are using a standalone MinIO Console process, this variable corresponds with CONSOLE_PROMETHEUS_AUTH_TOKEN.

This setting does not have a configuration variable setting. Use the Environment Variable instead.

This work is licensed under a Creative Commons Attribution 4.0 International License. 2020-Present, MinIO, Inc. Creative Commons License