Skip to content
Bots!
Bots!
  • About
    • Myself
    • আমার দোয়া
  • Bookmarks
    • Bookmarks
    • My OCI Bookmarks
    • Useful Proxmox Commands & Links
    • Learning Nano
    • Useful Sites
    • Useful Virtualbox Command
    • Useful MySQL Command
    • Useful Linux Command
    • BTT-CAS
  • Resources
    • Webinar on Cloud Adoption for Project Managers
  • Photos
  • Videos
  • Downloads
Bots!

MinIO with Let’s Encrypt SSL on Debian 12 – Step-by-Step Configuration

Rumi, August 1, 2025

Prerequisites

  • Debian 12 server with root access
  • Domain name pointing to your server’s public IP
  • Basic familiarity with Linux command line

Step 1: System Update and Dependencies

sudo apt update && sudo apt upgrade -y
sudo apt install -y wget curl gnupg2 software-properties-common

Step 2: Install MinIO

Download and install MinIO binary

wget https://dl.min.io/server/minio/release/linux-amd64/minio -O /usr/local/bin/minio
chmod +x /usr/local/bin/minio

Create MinIO user and directories

sudo useradd -r minio -s /bin/false
sudo mkdir -p /opt/minio/{bin,etc,data}
sudo mv /usr/local/bin/minio /opt/minio/bin/

Create environment file

sudo tee /opt/minio/etc/minio.env > /dev/null <<EOF
MINIO_ROOT_USER=admin
MINIO_ROOT_PASSWORD=your-strong-password
MINIO_VOLUMES="/opt/minio/data"
MINIO_OPTS="--console-address :9001"
EOF

Create systemd service

sudo tee /etc/systemd/system/minio.service > /dev/null <<EOF
[Unit]
Description=MinIO
Documentation=https://min.io/docs/minio/linux/index.html
Wants=network-online.target
After=network-online.target
AssertFileIsExecutable=/opt/minio/bin/minio

[Service]
WorkingDirectory=/opt/minio
User=minio
Group=minio
EnvironmentFile=/opt/minio/etc/minio.env
ExecStart=/opt/minio/bin/minio server \$MINIO_OPTS \$MINIO_VOLUMES

Restart=always
LimitNOFILE=65536
TimeoutStopSec=infinity
SendSIGKILL=no

[Install]
WantedBy=multi-user.target
EOF

Set permissions and start MinIO

sudo chown -R minio:minio /opt/minio
sudo systemctl daemon-reload
sudo systemctl enable --now minio
sudo systemctl status minio

Step 3: Install Nginx as Reverse Proxy

Install Nginx

sudo apt install -y nginx

Configure Nginx for MinIO

sudo tee /etc/nginx/sites-available/minio > /dev/null <<EOF
server {
listen 443 ssl;
server_name s3-bmd-1.servermart.net;

ssl_certificate /etc/letsencrypt/live/s3-bmd-1.servermart.net/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/s3-bmd-1.servermart.net/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;

# Important proxy settings
proxy_buffering off;
proxy_request_buffering off;
client_max_body_size 5000M; # Adjust based on your needs

location / {
proxy_pass http://localhost:9000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;

# Required for SSE-C encryption
proxy_set_header X-Forwarded-Host $host:$server_port;
proxy_set_header X-Forwarded-Port $server_port;

# WebSocket support
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";

# Timeout settings
proxy_connect_timeout 300;
proxy_send_timeout 300;
proxy_read_timeout 300;
send_timeout 300;
}

location /console/ {
proxy_pass http://localhost:9001/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_http_version 1.1;

# WebSocket support for console
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";

# Buffer settings
proxy_buffering off;
proxy_request_buffering off;
}
}

server {
if ($host = s3-bmd-1.servermart.net) {
return 301 https://$host$request_uri;
}
listen 80;
server_name s3-bmd-1.servermart.net;
return 404;
}

Step 4: Install Certbot and Obtain SSL Certificate

sudo apt install -y certbot python3-certbot-nginx

Obtain SSL certificate

sudo certbot --nginx -d minio.yourdomain.com

Configure automatic renewal

sudo certbot renew --dry-run

Step 5: Enable the configuration

sudo ln -s /etc/nginx/sites-available/minio /etc/nginx/sites-enabled/
sudo nginx -t
sudo systemctl restart nginx

Step 6: Restart MinIO

sudo systemctl restart minio

Step 7: Access MinIO Web Console

Open your browser and go to: https://minio.yourdomain.com/console
Login with the credentials you set in the minio.env file (admin/your-strong-password)

Step 8: (Optional) Firewall Configuration

If you have a firewall enabled, allow the necessary ports:

sudo ufw allow 80/tcp
sudo ufw allow 443/tcp
sudo ufw enable
Troubleshooting
Check MinIO logs: journalctl -u minio -f
Check Nginx logs: tail -f /var/log/nginx/error.log
Verify MinIO is running: systemctl status minio
Verify Nginx is running: systemctl status nginx

Maintenance
SSL certificates will auto-renew, but you can manually renew with: sudo certbot renew
To update MinIO, download the new binary and replace /opt/minio/bin/minio, then restart the service

tail -f /var/log/nginx/error.log

If you’re still experiencing issues, you may need to adjust the timeout values further or investigate potential network-level limitations.

Administrations Application Debian 12MinIO

Post navigation

Previous post

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Myself…

Hi, I am Hasan T. Emdad Rumi, an IT Project Manager & Consultant, Virtualization & Cloud Savvyfrom Dhaka, Bangladesh. I have prior experience in managing numerous local and international projects in the area of Telco VAS & NMC, National Data Center & PKI Naitonal Root and CA Infrastructure. Also engaged with several Offshore Software Development Team.

Worked with Orascom Telecom-Banglalink, Network Elites as VAS partner, BTRC, BTT (Turkey) , Mango Teleservices Limited and Access to Informaiton (A2I-UNDP)

Currently working at Oracle Corporation as Principal Technology Solution and Cloud Architect.

You can reach me [h.t.emdad at gmail.com] and I will be delighted to exchange my views.

Tags

Apache Bind Cacti CentOS CentOS 6 CentOS 7 Debain Debian Debian 10 Debian 11 Debian 12 DKIM Docker endian icinga iptables Jitsi LAMP Letsencrypt Linux Munin MySQL Nagios Nextcloud NFS nginx pfsense php Postfix powerdns Proxmox RDP SSH SSL Ubuntu Ubuntu 16 Ubuntu 18 Ubuntu 20 Varnish virtualbox vpn Webmin Windows 10 XCP-NG zimbra

Topics

Recent Posts

  • MinIO with Let’s Encrypt SSL on Debian 12 – Step-by-Step Configuration August 1, 2025
  • How to Set Windows File Associations to Open .JNLP Files July 28, 2025
  • Removing CEPH from Proxmox Cluster July 23, 2025
  • Install Jitsi on Ubuntu 22.04 / 22.10 April 30, 2025
  • Key Lessons in life April 26, 2025
  • Create Proxmox Backup Server (PBS) on Debian 12 April 19, 2025
  • Add Physical Drive in Proxmox VM Guest April 19, 2025
  • Mount a drive permanently with fstab in Linux April 16, 2025
  • Proxmox 1:1 NAT routing March 30, 2025
  • Installation steps of WSL – Windows Subsystem for Linux March 8, 2025

Archives

Top Posts & Pages

  • MinIO with Let's Encrypt SSL on Debian 12 - Step-by-Step Configuration
©2025 Bots! | WordPress Theme by SuperbThemes