Skip to content

harshavardhana/console

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

205 Commits
.github/workflows
.github/workflows
 
 
cluster
cluster
 
 
cmd/console
cmd/console
 
 
docs
docs
 
 
hack
hack
 
 
images
images
 
 
k8s
k8s
 
 
models
models
 
 
pkg
pkg
 
 
portal-ui
portal-ui
 
 
restapi
restapi
 
 
.dockerignore
.dockerignore
 
 
.gitignore
.gitignore
 
 
.golangci.yml
.golangci.yml
 
 
.goreleaser.yml
.goreleaser.yml
 
 
CONTRIBUTING.md
CONTRIBUTING.md
 
 
CREDITS
CREDITS
 
 
DEVELOPMENT.md
DEVELOPMENT.md
 
 
Dockerfile
Dockerfile
 
 
Dockerfile.release
Dockerfile.release
 
 
LICENSE
LICENSE
 
 
Makefile
Makefile
 
 
NOTICE
NOTICE
 
 
README.md
README.md
 
 
SECURITY.md
SECURITY.md
 
 
bindata_assetfs.go
bindata_assetfs.go
 
 
code_of_conduct.md
code_of_conduct.md
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
package-lock.json
package-lock.json
 
 
swagger.yml
swagger.yml
 
 
yarn.lock
yarn.lock
 
 

Repository files navigation

MinIO Console

A graphical user interface for MinIO

Dashboard Adding A User
Dashboard Dashboard

Setup

All console needs is a MinIO user with admin privileges and URL pointing to your MinIO deployment.

Note: We don't recommend using MinIO's Operator Credentials

  1. Create a user for console using mc.
$ set +o history
$ mc admin user add myminio console YOURCONSOLESECRET
$ set -o history
  1. Create a policy for console with access to everything (for testing and debugging)
$ cat > consoleAdmin.json << EOF
{
	"Version": "2012-10-17",
	"Statement": [{
			"Action": [
				"admin:*"
			],
			"Effect": "Allow",
			"Sid": ""
		},
		{
			"Action": [
                "s3:*"
			],
			"Effect": "Allow",
			"Resource": [
				"arn:aws:s3:::*"
			],
			"Sid": ""
		}
	]
}
EOF
$ mc admin policy add myminio consoleAdmin consoleAdmin.json
  1. Set the policy for the new console user
$ mc admin policy set myminio consoleAdmin user=console

Note

Additionally, you can create policies to limit the privileges for console users, for example, if you want the user to only have access to dashboard, buckets, notifications and watch page, the policy should look like this:

{
	"Version": "2012-10-17",
	"Statement": [{
			"Action": [
				"admin:ServerInfo"
			],
			"Effect": "Allow",
			"Sid": ""
		},
		{
			"Action": [
				"s3:ListenBucketNotification",
				"s3:PutBucketNotification",
				"s3:GetBucketNotification",
				"s3:ListMultipartUploadParts",
				"s3:ListBucketMultipartUploads",
				"s3:ListBucket",
				"s3:HeadBucket",
				"s3:GetObject",
				"s3:GetBucketLocation",
				"s3:AbortMultipartUpload",
				"s3:CreateBucket",
				"s3:PutObject",
				"s3:DeleteObject",
				"s3:DeleteBucket",
				"s3:PutBucketPolicy",
				"s3:DeleteBucketPolicy",
				"s3:GetBucketPolicy"
			],
			"Effect": "Allow",
			"Resource": [
				"arn:aws:s3:::*"
			],
			"Sid": ""
		}
	]
}

Run Console server

To run the server:

export CONSOLE_HMAC_JWT_SECRET=YOURJWTSIGNINGSECRET

#required to encrypt jwet payload
export CONSOLE_PBKDF_PASSPHRASE=SECRET

#required to encrypt jwet payload
export CONSOLE_PBKDF_SALT=SECRET

export CONSOLE_ACCESS_KEY=console
export CONSOLE_SECRET_KEY=YOURCONSOLESECRET
export CONSOLE_MINIO_SERVER=http://localhost:9000
./console server

Connect Console to a Minio using TLS and a self-signed certificate

...
export CONSOLE_MINIO_SERVER_TLS_ROOT_CAS=<certificate_file_name>
export CONSOLE_MINIO_SERVER=https://localhost:9000
./console server

You can verify that the apis work by doing the request on localhost:9090/api/v1/...

Contribute to console Project

Please follow console Contributor's Guide

About

MinIO Console UI

Resources

Readme

License

AGPL-3.0 license

Code of conduct

Code of conduct

Security policy

Security policy
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

24 tags

Packages

No packages published

Languages

  • Go 96.2%
  • TypeScript 3.8%
  • Shell 0.0%
  • Makefile 0.0%
  • HTML 0.0%
  • Dockerfile 0.0%