This PR adds support to connect MCS to minio instances running TLS with
self-signed certificates or certificates signed by custom
Certificate Authorities
```
export MCS_MINIO_SERVER_TLS_ROOT_CAS=file1,file2,file3
```
Note: TLS Skip Verification is not supported unless there's a clear need
for it
This commit changes the authentication mechanism between mcs and minio to an sts
(security token service) schema using the user provided credentials, previously
mcs was using master credentials. With that said in order for you to
login to MCS as an admin your user must exists first on minio and have enough
privileges to do administrative operations.
```
./mc admin user add myminio alevsk alevsk12345
```
```
cat admin.json
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"admin:*",
"s3:*"
],
"Resource": [
"arn:aws:s3:::*"
]
}
]
}
./mc admin policy add myminio admin admin.json
```
```
./mc admin policy set myminio admin user=alevsk
```
When certificates are provided to mcs, tls direct will be
enabled by default (http://localhost -> https:localhost), you
can change this behavior by providing the `MCS_SECURE_SSL_REDIRECT=off`
env variable
adding secure middleware to enforce security headers, most
of the options can be configured via env variables
adding prefix for mcs env variables
adding http redirect to https, adding csp report only, etc
solving conflicts
passing tls port configured by cli to secure middleware
update go.sum
adding default port, tlsport, host and tlshostname
fix tlsport bug
