使用NGINX + MINIO + IMAGEPROXY 搭建私有图床
0
801
2021年1月15日
MinIO 是一个基于Apache License v2.0开源协议的对象存储服务。它兼容亚马逊S3云存储服务接口,非常适合于存储大容量非结构化的数据,例如图片、视频、日志文件、备份数据和容器/虚拟机镜像等,而一个对象文件可以是任意大小,从几kb到最大5T不等。
图床的基础是Minio, 但minio并不提供图片缩略和裁剪功能,所以还需要用到Imageproxy和Nginx。
基于Docker安装更方便,但是不是很想用Docker,所以采用了编译安装。
编译安装nginx
安装第三方依赖:
yum -y install gcc gcc-c++ automake pcre pcre-devel zlib zlib-devel openssl openssl-devel创建nginx用户:
groupadd nginx
useradd nginx -g nginx -s /sbin/nologin -M从官方下载nginx源码包并解压:
wget https://nginx.org/download/nginx-1.17.0.tar.gz
tar -zxvf nginx-1.17.0.tar.gz
cd nginx-1.17.0配置nginx
./configure --prefix=/usr/local/nginx --conf-path=/usr/local/nginx/conf/nginx.conf --error-log-path=/var/log/nginx/error.log --modules-path=/usr/lib64/nginx/modules --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --user=nginx --group=nginx --with-http_ssl_module --with-http_v2_module --with-http_dav_module --with-http_stub_status_module --with-threads --with-file-aio --with-http_gzip_static_module安装
make && make install配置管理,这里是centos7:
vim /usr/lib/systemd/system/nginx.service输入以下
[Unit]
Description=The NGINX HTTP and reverse proxy server
After=syslog.target network.target remote-fs.target nss-lookup.target
[Service]
Type=forking
PIDFile=/var/run/nginx.pid
ExecStartPre=/usr/local/nginx/sbin/nginx -t
ExecStart=/usr/local/nginx/sbin/nginx
ExecReload=/usr/local/nginx/sbin/nginx -s reload
ExecStop=/bin/kill -s QUIT $MAINPID
PrivateTmp=true
[Install]
WantedBy=multi-user.target启用nginx服务并设置为开机启动:
systemctl daemon-reload
systemctl start nginx.service
systemctl enable nginx.service安装minio
直接下载minio的二进制包就可以直接使用:
cd /usr/local/bin
wget https://dl.min.io/server/minio/release/linux-amd64/minio
chmod +x minio为minio创建本地存储位置:
mkdir -p /storage编辑minio服务器配置,其中9159是服务端口,MINIO_ACCESS_KEY是访问秘钥,MINIO_SECRET_KEY是加密秘钥:
cat <<EOT >> /etc/default/minio
\# miinio存储名
MINIO_REGION_NAME=xman
\# minio存储卷.
MINIO_VOLUMES=/storage
\# 自定义MinIo管理.
MINIO_OPTS="--address :9159"
\# 服务器Access Key.
MINIO_ACCESS_KEY=admin
\# 服务器Secret key.
MINIO_SECRET_KEY=123456789
EOT创建minio管理:
cd /etc/systemd/system/
curl -O https://raw.githubusercontent.com/minio/minio-service/master/linux-systemd/distributed/minio.service注意修改其中的用户及群组
启用minio服务并设置开机启动
systemctl daemon-reload
systemctl start minio.service
systemctl enable minio.service安装imageproxy
安装go
imageproxy是go编写的一款图片缩放裁剪代理程序,所以要先安装golang环境:
下载go并解压
wget https://golang.google.cn/dl/go1.15.6.linux-amd64.tar.gz
tar -zxvf go1.15.6.linux-amd64.tar.gz将go加入系统环境:
vim /etc/profile在文件尾部输入:
#golang env config
export GO111MODULE=on
export GOROOT=/usr/local/go
export GOPATH=/home/gopath
export PATH=$PATH:$GOROOT/bin:$GOPATH/bin执行:
source /etc/profile立即启用go
安装Aws cli
imageproxy需要 aws s3的支持,所以需要安装 aws cli
使用pip安装最新版本
yum -y install epel-release
yum -y install python-pip
pip install awscli安装完成需要进行配置
aws configure按照提示输入
AWS Access Key ID [None]: Q3AM3UQ867SPQQA43P2F # 输入刚才设置的MINIO_ACCESS_KEY
AWS Secret Access Key [None]: zuf+tfteSlswRu7BJ86wekitnifILbZam1KYY3TG # 输入刚才设置的MINIO_SECRET_KEY
Default region name [None]: us-east-1 #输入这个就可以
Default output format [None]: 回车默认就介意
aws configure set default.s3.signature_version s3v4配置成功后,使用aws创建存储桶以验证配置是否正确,也未下一步做准备:
创建存储桶:
aws --endpoint-url http://127.0.0.1:9159 s3 mb s3:/imageproxy安装imageproxy
直接通过go安装:
go get willnorris.com/go/imageproxy/cmd/imageproxy安装完成后配置管理
vim /etc/systemd/system/imageproxy.service输入以下内容:
[Unit]
Description=ImageProxy
Documentation=https://github.com/willnorris/imageproxy
Wants=network-online.target
After=network-online.target
AssertFileIsExecutable=/usr/local/bin/minio
[Service]
WorkingDirectory=/usr/local
User=root
Group=root
EnvironmentFile=-/etc/default/minio
ExecStartPre=/bin/bash -c "if [ -z \"${MINIO_ACCESS_KEY}\" ]; then echo \"Variable MINIO_ACCESS_KEY not set in /etc/default/minio\"; exit 1; fi"
ExecStartPre=/bin/bash -c "if [ -z \"${MINIO_SECRET_KEY}\" ]; then echo \"Variable MINIO_SECRET_KEY not set in /etc/default/minio\"; exit 1; fi"
ExecStart=/home/gopath/imageproxy -cache "s3://us-east-1/imageproxy/thumbnail?endpoint=127.0.0.1:9159&disableSSL=1&s3ForcePathStyle=1" -addr 0.0.0.0:8001
# Let systemd restart this service always
Restart=always
# Specifies the maximum file descriptor number that can be opened by this process
LimitNOFILE=65536
# Disable timeout logic and wait until process is stopped
TimeoutStopSec=infinity
SendSIGKILL=no
[Install]
WantedBy=multi-user.target
# Built for ${project.name}-${project.version} (${project.name})启用imageproxy并设置开机启动:
systemctl daemon-reload
systemctl start imageproxy.service
systemctl enable imageproxy.service配置nginx反代
imageproxy和minio都提供对外的web服务,但要将二者结合就最好使用nginx反代。
服务器配置如下
server {
listen 80;
server_name youdomian.com;
location ~ /thumb/ {
rewrite ^/(?i)thumb(.*) $1 break;
add_header Access-Control-Allow-Origin *;
add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS";
proxy_set_header Host $proxy_host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://127.0.0.1:8001;
}
location ~ /ImageView/ {
rewrite ^(.*)/(?i)ImageView/(.*) /$2/http://127.0.0.1:9159$1 break;
add_header Access-Control-Allow-Origin *;
add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS";
proxy_set_header Host $proxy_host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://127.0.0.1:8001;
}
location / {
proxy_set_header Host $http_host;
proxy_pass http://127.0.0.1:9159;
}
}使用
访问
http://youdomain.com/test/2.jpeg
这是直接反代到minio的
访问
http://youdomian.com/test/2.jpeg/ImageView/100
这是先反代到imageproxy, 再缩略缓存至minio的方式
访问
http://youdomian.com/thumb/100/http://youdomain.com/test/2.jpeg
这是先反代到imageproxy, 再缩略缓存至minio的方式, 和上面的方式的区别在于这是imageproxy原反代方式, 而且可以反代非minio外部站点的url
在线咨询
这个主题简介啊