Currently we run TrueNAS Scale with the built in S3 Server.
And as many of you noticed if you updated to the latest version, this is going away in future updates.
The S3 Server built into TrueNAS Scale is old, and needs to be replaced with a Minio App / Docker.
Right so deploy the app and you’re done right well no.
You need to either deploy an older version and upgrade your S3 dataset and hope it goes well.
Or build it again.
So we want to build it again and migrate all the 160 Buckets Yea that’s fun…
Right, we are already fighting this for 2-3 days now… And do have some issues.
Be Aware this is all internal!
- The Build in TrueNAS Charts version of MinIo
Works, without HTTP no issues…
But all things that use S3 like our Veeam Server need a Valid Certificate for S3
1.1 So you want to load the Certs into Minio you can do that by linking some Dirs in the docker container. Tried this many different ways. With a WildCard Cert that we already had and a new requested cert from a CA. And both times the App will not start and spit errors.
- The Build in TrueNAS Enterprise version of Minio.
Right problem solved then we define the MINIO_SERVER_URL and fixed right.
No Same issue with the certiticates.
- Someone on the Forums of TrueNAS suggested running NGINX as a Reverse Proxy.
Nice… Got that working, but now of course all traffic is flowing from through the NGINX Proxy server.
Using NGINX Proxy Manager but can also be Plain NGINX.
This is of course not what we want since it will cost performance.
Hereby a Flow Diagram to Visualize.
How can we;
- Make the real S3 data not flow trough NGINX Proxy Manger but Direct from VEEAM to Minio
- Even better do not use NGINX Proxy Manager at all and get the certificates working in MinIo.
Really cannot seem to find a good writeup on this, and now tried so many times on a test system its not even funny anymore.
Hoping that someone here will have the answer.
For reference the load on NGINX Proxy Manager when running a job;