mirrors/object-browser
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
245 Commits 11 Branches 205 Tags
c0ee7396249874896c6f067ab55dde0e4a74db81
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Lenin Alevski c0ee739624 IV generation for ChaCha20 poly auth scheme (#283) 
Generate 16 bytes IV instead of an IV of 32 bytes (and then use half of it) when using ChaCha20 to
encrypt tokens, this is to prevent tokens to become malleable.
2020-09-22 10:49:34 -07:00
.github/workflows
Rename MCS to Console in codebase (#205)
2020-07-26 00:34:17 -07:00
cluster
TLS with user provided certificates and KES support for MinIO (#213)
2020-07-30 17:49:56 -07:00
cmd/console
rename SSL to TLS in labels, env variables and normal variables/constants (#242)
2020-08-09 16:08:58 -07:00
docs
Rename MCS to Console in codebase (#205)
2020-07-26 00:34:17 -07:00
hack
Rename MCS to Console in codebase (#205)
2020-07-26 00:34:17 -07:00
images
Landing images (#134)
2020-05-21 12:55:30 -07:00
k8s
update v0.3.25
2020-09-21 22:07:11 -07:00
models
Set annotations and labels at Tenant level (#279)
2020-09-17 06:44:16 -07:00
pkg
IV generation for ChaCha20 poly auth scheme (#283)
2020-09-22 10:49:34 -07:00
portal-ui
fix regression when calculating token using chacha20 (#281)
2020-09-17 18:21:54 -07:00
restapi
update v0.3.25
2020-09-21 22:07:11 -07:00
.dockerignore
Rename MCS to Console in codebase (#205)
2020-07-26 00:34:17 -07:00
.gitignore
Rename MCS to Console in codebase (#205)
2020-07-26 00:34:17 -07:00
.golangci.yml
update CREDITS with new deps (#222)
2020-08-02 12:29:58 -07:00
.goreleaser.yml
upgrade to v0.3.5
2020-08-03 09:24:57 -07:00
bindata_assetfs.go
Intial Commit Migrating from github.com/minio/m3
2020-04-01 18:18:57 -07:00
code_of_conduct.md
add code of conduct, contributing and security guidelines (#61)
2020-04-09 12:04:15 -07:00
CONTRIBUTING.md
Rename MCS to Console in codebase (#205)
2020-07-26 00:34:17 -07:00
CREDITS
update CREDITS with new deps (#222)
2020-08-02 12:29:58 -07:00
DEVELOPMENT.md
Rename MCS to Console in codebase (#205)
2020-07-26 00:34:17 -07:00
Dockerfile
Update Dockerfile entrypoint (#210)
2020-07-27 17:18:46 -07:00
Dockerfile.release
Bumps the version of Console when using Operator APIs (#219)
2020-07-30 15:41:20 -07:00
go.mod
Use operator port variables (#282)
2020-09-21 21:31:30 -07:00
go.sum
Use operator port variables (#282)
2020-09-21 21:31:30 -07:00
LICENSE
Add license file
2020-04-01 21:56:04 -07:00
Makefile
update CREDITS with new deps (#222)
2020-08-02 12:29:58 -07:00
NOTICE
Rename NOTICE and generate as mcs
2020-04-01 21:54:57 -07:00
package-lock.json
Users List & Creation (#4)
2020-04-02 11:36:37 -07:00
README.md
Rename MCS to Console in codebase (#205)
2020-07-26 00:34:17 -07:00
SECURITY.md
Rename MCS to Console in codebase (#205)
2020-07-26 00:34:17 -07:00
swagger.yml
Set annotations and labels at Tenant level (#279)
2020-09-17 06:44:16 -07:00
yarn.lock
Users List & Creation (#4)
2020-04-02 11:36:37 -07:00

README.md

MinIO Console

A graphical user interface for MinIO

Dashboard Adding A User
Dashboard Dashboard

Setup

All console needs is a MinIO user with admin privileges and URL pointing to your MinIO deployment.

Note: We don't recommend using MinIO's Operator Credentials

  1. Create a user for console using mc.
$ set +o history
$ mc admin user add myminio console YOURCONSOLESECRET
$ set -o history
  1. Create a policy for console with access to everything (for testing and debugging)
$ cat > consoleAdmin.json << EOF
{
	"Version": "2012-10-17",
	"Statement": [{
			"Action": [
				"admin:*"
			],
			"Effect": "Allow",
			"Sid": ""
		},
		{
			"Action": [
                "s3:*"
			],
			"Effect": "Allow",
			"Resource": [
				"arn:aws:s3:::*"
			],
			"Sid": ""
		}
	]
}
EOF
$ mc admin policy add myminio consoleAdmin consoleAdmin.json
  1. Set the policy for the new console user
$ mc admin policy set myminio consoleAdmin user=console

Note

Additionally, you can create policies to limit the privileges for console users, for example, if you want the user to only have access to dashboard, buckets, notifications and watch page, the policy should look like this:

{
	"Version": "2012-10-17",
	"Statement": [{
			"Action": [
				"admin:ServerInfo"
			],
			"Effect": "Allow",
			"Sid": ""
		},
		{
			"Action": [
				"s3:ListenBucketNotification",
				"s3:PutBucketNotification",
				"s3:GetBucketNotification",
				"s3:ListMultipartUploadParts",
				"s3:ListBucketMultipartUploads",
				"s3:ListBucket",
				"s3:HeadBucket",
				"s3:GetObject",
				"s3:GetBucketLocation",
				"s3:AbortMultipartUpload",
				"s3:CreateBucket",
				"s3:PutObject",
				"s3:DeleteObject",
				"s3:DeleteBucket",
				"s3:PutBucketPolicy",
				"s3:DeleteBucketPolicy",
				"s3:GetBucketPolicy"
			],
			"Effect": "Allow",
			"Resource": [
				"arn:aws:s3:::*"
			],
			"Sid": ""
		}
	]
}

Run Console server

To run the server:

export CONSOLE_HMAC_JWT_SECRET=YOURJWTSIGNINGSECRET

#required to encrypt jwet payload
export CONSOLE_PBKDF_PASSPHRASE=SECRET

#required to encrypt jwet payload
export CONSOLE_PBKDF_SALT=SECRET

export CONSOLE_ACCESS_KEY=console
export CONSOLE_SECRET_KEY=YOURCONSOLESECRET
export CONSOLE_MINIO_SERVER=http://localhost:9000
./console server

Connect Console to a Minio using TLS and a self-signed certificate

...
export CONSOLE_MINIO_SERVER_TLS_ROOT_CAS=<certificate_file_name>
export CONSOLE_MINIO_SERVER=https://localhost:9000
./console server

You can verify that the apis work by doing the request on localhost:9090/api/v1/...

Contribute to console Project

Please follow console Contributor's Guide

Description
No description provided
Readme AGPL-3.0 790 MiB
Languages
JavaScript 84.7%
TypeScript 7.7%
Go 7.1%
Shell 0.3%
Makefile 0.1%