I followed the MinIO AppKata (Appkata: MinIO - S3 Compatible Storage · Fly) to set up a S3 compatible bucket.
Looks like MinIO has evolved a bit since the guide was written. Specifically, they now offer the web admin panel on a non-standard port. See the --console-address parameter from this guide: MinIO | The MinIO Quickstart Guide
The recommended setup is to run the API on port 443 in Fly, but expose an additional port for the admin panel.
I tried setting a allowed_public_ports parameter, but it looks like that no longer works.
What’s the best way to set up a secure way to connect to a non-standard port on this VM?
I have a Wireguard tunnel set up to my Organization. I tried to SSH into the MinIO docker image, but it doesn’t run SSH. Is there another way to set up a tunnel over Wireguard so I can access the non-standard port? I just need this for administration - not public consumption.
My Fly.toml
# fly.toml file generated for hrmfitclub-storage on 2021-07-16T09:38:34-05:00
app = "hrmfitclub-storage"
kill_signal = "SIGINT"
kill_timeout = 5
[env]
[experimental]
allowed_public_ports = [12001]
auto_rollback = true
[mounts]
source="hrmstorage"
destination="/data"
[[services]]
http_checks = []
internal_port = 9000
protocol = "tcp"
script_checks = []
[services.concurrency]
hard_limit = 25
soft_limit = 20
type = "connections"
[[services.ports]]
handlers = ["http"]
port = 80
[[services.ports]]
handlers = ["tls", "http"]
port = 443
[[services.tcp_checks]]
grace_period = "1s"
interval = "15s"
restart_limit = 6
timeout = "2s"