MinIO Server Documentation
Customer Login
Product
MinIO Enterprise Object Store
Overview Architecture
Features
MinIO for Public Cloud
AWS GCS Azure
MinIO for Private Cloud
OpenShift SUSE Rancher Tanzu
MinIO for Baremetal
Linux and Windows
Determine your raw and usable capacity Erasure Code Calculator MinIO's Recommended Hardware Configuration Reference Hardware
Solutions
AI Storage Object storage is powering the AI revolution. Learn how MinIO is leading the AI storage market through performance at scale. Modern Datalakes Modern, multi-engine datalakes depend on object stores that deliver performance at scale. Learn more about this core MinIO use case. Hybrid Cloud Effective multi-cloud storage strategies rely on utilizing architecture and tools that can function seamlessly across diverse environments. Equinix Repatriate your data onto the cloud you control with MinIO on Equinix to lower costs while maintaining public cloud adjacency. Splunk Find out how MinIO is delivering performance at scale for Splunk SmartStores. Snowflake Query and analyze multiple data sources, including streaming data, residing on MinIO with the Snowflake Data Cloud. No need to move the data, just query using SnowSQL. SQL Server Discover how to pair SQL Server 2022 with MinIO to run queries on your data on any cloud - without having to move it. HDFS Migration Modernize and simplify your big data storage infrastructure with high-performance, Kubernetes-native object storage from MinIO. VMware Discover how MinIO integrates with VMware across the portfolio from the Persistent Data platform to TKG and how we support their Kubernetes ambitions. Veeam Learn how MinIO and Veeam have partnered to drive performance and scalability for a variety of backup use cases. Commvault Learn how Commvault and MinIO are partnered to deliver performance at scale for mission critical backup and restore workloads. Integrations Browse our vast portfolio of integrations.
Community
GitHub Join our GitHub open source community: explore, experiment, ask questions, and contribute. Slack Channel The MinIO Community Slack provides an open forum for discussing topics related to MinIO. All support is provided on a best-effort basis.
Docs Blog Resources Training Partner Pricing Download

Documentation

MinIO Object Storage for Linux

MinIO Console Settings

This page covers settings that manage access and behavior for the MinIO Console.

You can establish or modify settings by defining:

  • an environment variable on the host system prior to starting or restarting the MinIO Server. Refer to your operating system’s documentation for how to define an environment variable.

  • a configuration setting using mc admin config set.

  • a configuration setting using the MinIO Console’s Administrator > Settings pages.

If you define both an environment variable and the similar configuration setting, MinIO uses the environment variable value.

Some settings have only an environment variable or a configuration setting, but not both.

Important

Each configuration setting controls fundamental MinIO behavior and functionality. MinIO strongly recommends testing configuration changes in a lower environment, such as DEV or QA, before applying to production.

Browser Settings

The following settings control behavior for the embedded MinIO Console.

MinIO Console

Optional

MINIO_BROWSER

Specify off to disable the embedded MinIO Console.

This setting does not have a configuration variable setting. Use the Environment Variable instead.

Animation

Optional

MINIO_BROWSER_LOGIN_ANIMATION

New in version MinIO: Server RELEASE.2023-05-04T21-44-30Z

Specify off to disable the animated login screen for the MinIO Console. Defaults to on.

This setting does not have a configuration variable setting. Use the Environment Variable instead.

Browser Redirect

Optional

MINIO_BROWSER_REDIRECT

New in version MinIO: Server RELEASE.2023-09-16T01-01-47Z

Specify whether requests from a web browser automatically redirect to the Console address. Defaults to true.

This setting does not have a configuration variable setting. Use the Environment Variable instead.

Browser Redirect URL

Optional

MINIO_BROWSER_REDIRECT_URL

Specify the Fully Qualified Domain Name (FQDN) the MinIO Console listens for incoming connections on.

If you want to host the MinIO Console exclusively from a reverse-proxy service, you must specify the hostname managed by that service.

For example, consider a reverse proxy configured to route https://example.net/minio/ to the MinIO Console. You must set this environment variable to match that hostname for the Console to both listen and respond to requests using that hostname.

If you omit this variable, the Console listens and responds to all IP addresses or hostnames associated to the host machine on which the MinIO Server runs.

This setting does not have a configuration variable setting. Use the Environment Variable instead.

Session Duration

Optional

MINIO_BROWSER_SESSION_DURATION

New in version MinIO: Server RELEASE.2023-08-23T10-07-06Z

Specify the duration of a browser session for working with the MinIO Console.

MinIO supports the following units of time measurement:

  • s - seconds, “60s”

  • m - minutes, “60m”

  • h - hours, “24h”

  • d - days, “7d”

Defaults to 12h.

This setting does not have a configuration variable setting. Use the Environment Variable instead.

Server URL

Optional

MINIO_SERVER_URL

Specify the Fully Qualified Domain Name (FQDN) the MinIO Console must use for connecting to the MinIO Server. The Console also uses this value for setting the root hostname when generating presigned URLs.

This setting may be required if:

  • The MinIO Server uses a TLS certificate that does not include the host local IP(s) in the certificate Subject Alternative Name (SAN) or

  • The Console must use a specific hostname to connect or reference the MinIO Server, e.g. due to a reverse proxy or similar configuration.

This setting does not have a configuration variable setting. Use the Environment Variable instead.

Log Query URL

Optional

MINIO_LOG_QUERY_URL

Specify the URL of a PostgreSQL service to which MinIO writes Audit logs. The embedded MinIO Console provides a Log Search tool that allows querying the PostgreSQL service for collected logs.

This setting does not have a configuration variable setting. Use the Environment Variable instead.

Content Security Policy

Optional

Configure MinIO Console to generate a Content-Security-Policy header in HTTP responses. Defaults to default-src 'self' 'unsafe-eval' 'unsafe-inline';

MINIO_BROWSER_CONTENT_SECURITY_POLICY
set MINIO_BROWSER_CONTENT_SECURITY_POLICY="default-src 'self' 'unsafe-eval' 'unsafe-inline';"
browser csp_policy
mc admin config set browser \
   csp_policy="default-src 'self' 'unsafe-eval' 'unsafe-inline';" \
   [ARGUMENT=VALUE ...]

Strict Transport Security

Optional

Configure MinIO console to generate a Strict-Transport-Security header in HTTP responses.

To generate the header, you must set a duration using either MINIO_BROWSER_HSTS_SECONDS or hsts_seconds. Other HSTS settings are optional.

MINIO_BROWSER_HSTS_SECONDS

The max_age the configured policy remains in effect, in seconds. Defaults to 0, disabled. You must configure a non-zero duration to enable the Strict-Transport-Security header.

set MINIO_BROWSER_HSTS_SECONDS=31536000
MINIO_BROWSER_HSTS_INCLUDE_SUB_DOMAINS

Set to on to also apply the configured HSTS policy to all MinIO Console subdomains. Defaults to off.

set MINIO_BROWSER_HSTS_INCLUDE_SUB_DOMAINS="on"
MINIO_BROWSER_HSTS_PRELOAD

Set to on to direct the client browser to add the MinIO Console domain to its HSTS preload list. Defaults to off.

set MINIO_BROWSER_HSTS_INCLUDE_SUB_DOMAINS="on"

The following configuration settings require a service restart to take effect. To restart the service, use mc admin service restart.

browser hsts_seconds

The max_age the configured policy remains in effect, in seconds. Defaults to 0, disabled. You must configure a non-zero duration to enable the Strict-Transport-Security header.

mc admin config set browser \
   hsts_seconds="31536000" \
   [ARGUMENT=VALUE ...]
browser hsts_include_subdomains

Set to on to also apply the configured HSTS policy to all MinIO Console subdomains. Defaults to off.

mc admin config set browser \
   hsts_include_subdomains="on" \
   hsts_seconds="31536000" \
   [ARGUMENT=VALUE ...]
browser hsts_preload

Set to on to direct the client browser to add the MinIO Console domain to its HSTS preload list. Defaults to off.

mc admin config set browser \
   hsts_preload="on" \
   hsts_seconds="31536000" \
   [ARGUMENT=VALUE ...]

Examples

The following examples show the rendered header for the given configuration settings. The equivalent environment variables generate the same result. All examples use a value of 31536000, which is the number of seconds in a calendar year (365 days).

hsts_seconds

mc admin config set ALIAS browser hsts_seconds=31536000

Strict-Transport-Security: max-age=31536000

hsts_include_subdomains

mc admin config set ALIAS browser hsts_seconds=31536000 hsts_include_subdomains=on

Strict-Transport-Security: max-age=31536000; includeSubDomains

hsts_preload

mc admin config set ALIAS browser hsts_seconds=31536000 hsts_include_subdomains=on hsts_preload=on

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload

Referrer Policy

Optional

Configure MinIO Console to generate a Referrer-Policy header in HTTP responses. Defaults to strict-origin-when-cross-origin.

MINIO_BROWSER_REFERRER_POLICY
set MINIO_BROWSER_REFERRER_POLICY="strict-origin-when-cross-origin"
browser referrer_policy
mc admin config set browser \
   referrer_policy="strict-origin-when-cross-origin" \
   [ARGUMENT=VALUE ...]

Prometheus Settings

The following settings manage how MinIO interacts with your Prometheus service.

Prometheus URL

Optional

MINIO_PROMETHEUS_URL

Specify the URL for a Prometheus service configured to scrape MinIO metrics.

The MinIO Console populates the Dashboard with cluster metrics using the minio-job Prometheus scraping job.

If you are using a standalone MinIO Console process, this variable corresponds with CONSOLE_PROMETHEUS_URL.

This setting does not have a configuration variable setting. Use the Environment Variable instead.

Prometheus Job ID

Optional

MINIO_PROMETHEUS_JOB_ID

Specify the custom Prometheus job ID used for scraping MinIO metrics.

MinIO defaults to minio-job.

If you are using a standalone MinIO Console process, this variable corresponds with CONSOLE_PROMETHEUS_JOB_ID.

This setting does not have a configuration variable setting. Use the Environment Variable instead.

Prometheus Auth Token

Optional

MINIO_PROMETHEUS_AUTH_TOKEN

Specify the basic auth token the Console should use to connect to a Prometheus service.

For example, a basic auth token you might use could resemble the following:

eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJwcm9tZXRoZXVzIiwic3ViIjoibWluaW8iLCJleHAiOjQ4NTAwMzg0MDJ9.GZCKR3d0FH2TCvNHSd39HaVfSuQVVV0s8glICBDmhT51V6CQ_hw8gTYlKHJmcpR8aHkqiJwCqcYJhaMmqwe00XY

If you are using a standalone MinIO Console process, this variable corresponds with CONSOLE_PROMETHEUS_AUTH_TOKEN.

This setting does not have a configuration variable setting. Use the Environment Variable instead.

This work is licensed under a Creative Commons Attribution 4.0 International License. 2020-Present, MinIO, Inc. Creative Commons License