How to create a single minio server on Ubuntu 22.04 server and also set the domain with lets encrypt ssl

Aiko · January 9, 2025, 7:50am

Sure, here’s a step-by-step guide to set up a single MinIO server on Ubuntu 22.04 with a custom domain and Let’s Encrypt SSL:

1. Update and Install Dependencies:

Update your package repositories and install necessary software:

sudo apt update && sudo apt upgrade -y
sudo apt install curl software-properties-common -y

2. Download and Install MinIO:

wget https://dl.min.io/server/minio/release/linux-amd64/minio
chmod +x minio
sudo mv minio /usr/local/bin/

3. Create a MinIO User (Optional but Recommended):

For added security, create a user specifically for running MinIO:

sudo useradd -r minio-user -s /sbin/nologin
sudo mkdir /usr/local/share/minio
sudo chown minio-user:minio-user /usr/local/share/minio

4. Set Up Systemd Service:

Create a systemd service file for MinIO:

sudo nano /etc/systemd/system/minio.service

Add the following content:

[Unit]
Description=MinIO
Documentation=https://docs.min.io
Wants=network-online.target
After=network-online.target
AssertFileIsExecutable=/usr/local/bin/minio

[Service]
WorkingDirectory=/usr/local/

User=minio-user
Group=minio-user

ExecStart=/usr/local/bin/minio server /usr/local/share/minio

Restart=always
LimitNOFILE=65536
TimeoutStopSec=0
SendSIGKILL=no

[Install]
WantedBy=multi-user.target

Then:

sudo systemctl daemon-reload
sudo systemctl enable minio
sudo systemctl start minio

5. Set Up Domain:

Ensure your domain/subdomain (e.g., minio.yourdomain.com) points to your server’s IP address.

6. Install Certbot:

Certbot is the software we’ll use to obtain a Let’s Encrypt certificate:

sudo apt install certbot -y

7. Obtain SSL Certificate:

sudo certbot certonly --standalone -d minio.yourdomain.com

This command obtains a certificate for minio.yourdomain.com using the standalone mode of Certbot.

8. Configure MinIO to Use SSL:

Link the certs to MinIO’s default certs directory:

sudo mkdir -p /etc/minio/certs/
sudo ln -s /etc/letsencrypt/live/minio.yourdomain.com/fullchain.pem /etc/minio/certs/public.crt
sudo ln -s /etc/letsencrypt/live/minio.yourdomain.com/privkey.pem /etc/minio/certs/private.key

Restart the MinIO service:

sudo systemctl restart minio

9. Access MinIO:

Now, you should be able to access MinIO via your domain with HTTPS:

https://minio.yourdomain.com

10. Setup Let’s Encrypt Auto Renewal:

Edit the crontab:

sudo crontab -e

Add this line to automatically renew the SSL certificate every day at 2 am:

0 2 * * * /usr/bin/certbot renew --quiet

That’s it! You have set up a MinIO server on Ubuntu 22.04 with a custom domain and SSL encryption from Let’s Encrypt.