MinIO AppKata - Best way to connect to Web based Admin on non-standard port

I followed the MinIO AppKata (Appkata: MinIO - S3 Compatible Storage · Fly) to set up a S3 compatible bucket.

Looks like MinIO has evolved a bit since the guide was written. Specifically, they now offer the web admin panel on a non-standard port. See the --console-address parameter from this guide: MinIO | The MinIO Quickstart Guide

The recommended setup is to run the API on port 443 in Fly, but expose an additional port for the admin panel.

I tried setting a allowed_public_ports parameter, but it looks like that no longer works.

What’s the best way to set up a secure way to connect to a non-standard port on this VM?

I have a Wireguard tunnel set up to my Organization. I tried to SSH into the MinIO docker image, but it doesn’t run SSH. Is there another way to set up a tunnel over Wireguard so I can access the non-standard port? I just need this for administration - not public consumption.

My Fly.toml

# fly.toml file generated for hrmfitclub-storage on 2021-07-16T09:38:34-05:00

app = "hrmfitclub-storage"

kill_signal = "SIGINT"
kill_timeout = 5


  allowed_public_ports = [12001]
  auto_rollback = true


  http_checks = []
  internal_port = 9000
  protocol = "tcp"
  script_checks = []

    hard_limit = 25
    soft_limit = 20
    type = "connections"

    handlers = ["http"]
    port = 80

    handlers = ["tls", "http"]
    port = 443

    grace_period = "1s"
    interval = "15s"
    restart_limit = 6
    timeout = "2s"

Solved my own problem … when you’re connected to your organization via a Private Wiregurd Tunnel (IPv6 WireGuard Peering · Fly) you can then resolve internal Fly app’s.


worked like a charm!

1 Like

Wow we really need a better minio guide, that one’s old. If you get to a better config and want to do a PR we’d totally merge it.

My pleasure