upstream minio_s3 { least_conn; server 10.0.75.55:9000; server 10.0.75.56:9000; server 10.0.75.57:9000; server 10.0.75.58:9000; } upstream minio_console { least_conn; server 10.0.75.55:9001; server 10.0.75.56:9001; server 10.0.75.57:9001; server 10.0.75.58:9001; } server { listen 80; listen [::]:80; listen *:443 ssl; server_name s3.example.local www.s3.example.local; ssl_certificate /etc/ssl/private/minio.crt; ssl_certificate_key /etc/ssl/private/private.key; server_tokens off; # Allow special characters in headers ignore_invalid_headers off; # Allow any size file to be uploaded. # Set to a value such as 1000m; to restrict file size to a specific value client_max_body_size 0; # Disable buffering proxy_buffering off; proxy_request_buffering off; location / { proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_connect_timeout 300; # Default is HTTP/1, keepalive is only enabled in HTTP/1.1 proxy_http_version 1.1; proxy_set_header Connection ""; chunked_transfer_encoding off; proxy_pass http://minio_s3; # This uses the upstream directive definition to load balance } location /minio/ui/ { rewrite ^/minio/ui/(.*) /$1 break; proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-NginX-Proxy true; # This is necessary to pass the correct IP to be hashed real_ip_header X-Real-IP; proxy_connect_timeout 300; # To support websockets in MinIO versions released after January 2023 proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; chunked_transfer_encoding off; proxy_pass http://minio_console; # This uses the upstream directive definition to load balance } }