bento-platform · v-rocheleau · Dec 20, 2024 · Dec 17, 2024 · Dec 17, 2024 · Dec 17, 2024
diff --git a/conf/minio.conf.tpl b/conf/minio.conf.tpl
@@ -0,0 +1,75 @@
+server {
+    # tpl__tls_yes__start
+    listen 444 ssl;
+    # tpl__tls_yes__end
+
+    # tpl__tls_no__start
+    listen 80;
+    # tpl__tls_no__end
+
+    server_name ${BENTO_MINIO_DOMAIN};
+
+    # tpl__tls_yes__start
+    ssl_certificate ${BENTOV2_GATEWAY_INTERNAL_CERTS_DIR}${BENTO_GATEWAY_INTERNAL_MINIO_FULLCHAIN_RELATIVE_PATH};
+    ssl_certificate_key ${BENTOV2_GATEWAY_INTERNAL_CERTS_DIR}${BENTO_GATEWAY_INTERNAL_MINIO_PRIVKEY_RELATIVE_PATH};
+    # tpl__tls_yes__end
+
+    # Allow special characters in headers
+    ignore_invalid_headers off;
+
+    # Allow any size file to be uploaded.
+    # Set to a value such as 1000m; to restrict file size to a specific value
+    client_max_body_size 0;
+
+    # Disable buffering
+    proxy_buffering off;
+    proxy_request_buffering off;
+
+    location / {
+        # Reverse proxy settings
+        include /gateway/conf/proxy.conf;
+        include /gateway/conf/proxy_extra.conf;
+        proxy_connect_timeout 300;
+        # Default is HTTP/1, keepalive is only enabled in HTTP/1.1
+        proxy_set_header Connection "";
+        chunked_transfer_encoding off;
+
+        proxy_pass http://${BENTO_MINIO_CONTAINER_NAME}:${BENTO_MINIO_INTERNAL_PORT};
+
+        # Errors
+        error_log /var/log/bentov2_minio_errors.log;
+    }
+
+    location /minio/ui { return 302  https://${BENTOV2_DOMAIN}/minio/ui/; }
+    location /minio/ui/ {
+        # General reverse proxy settings
+        include /gateway/conf/proxy.conf;
+        include /gateway/conf/proxy_extra.conf;
+
+        # This is necessary to pass the correct IP to be hashed
+        proxy_set_header X-NginX-Proxy true;
+        real_ip_header X-Real-IP;
+
+        proxy_connect_timeout 300;
+
+        # Some environments may encounter CORS errors (Kubernetes + Nginx Ingress)
+        # Uncomment the following line to set the Origin request to an empty string
+        proxy_set_header Origin '';
+
+        chunked_transfer_encoding off;
+
+        rewrite ^ $request_uri;
+        rewrite ^/minio/ui/(.*) /$1 break;
+        proxy_pass http://${BENTO_MINIO_CONTAINER_NAME}:${BENTO_MINIO_CONSOLE_PORT}$uri;
+
+        # Add sub_filter directives to rewrite base href
+        sub_filter '<base href="/"' '<base href="/minio/ui/"';
+        sub_filter_once on;
+
+        # Ensure sub_filter module is enabled
+        proxy_set_header Accept-Encoding "";    
+
+        # Errors
+        error_log /var/log/bentov2_minio_errors.log;
+   }
+}
diff --git a/conf/nginx.conf.tpl b/conf/nginx.conf.tpl
@@ -266,4 +266,8 @@ http {
     }
     # tpl__redirect_yes__end
 
+    # tpl__use_minio__start
+    include minio.conf;
+    # tpl__use_minio__end
+
 }
diff --git a/entrypoint.bash b/entrypoint.bash
@@ -72,6 +72,10 @@ envsubst "$(cat ./VARIABLES)" \
   < ./conf/nginx.conf.tpl \
   > ./nginx.conf.pre
 
+echo "[bento_gateway] [entrypoint] creating minio.conf.pre"
+envsubst "$(cat ./VARIABLES)" \
+  < ./conf/minio.conf.tpl \
+  > ./minio.conf.pre
 # ----------------------------------------------------------------------------------------------------------------------
 
 # Run "fine-tuning", i.e., processing the configuration files to *remove* chunks that aren't relevant to the environment
@@ -92,6 +96,19 @@ else
       ./cbioportal.conf.pre
 fi
 
+# Run fine-tuning on minio.conf.pre
+if [[ "${use_tls}" == 0 ]]; then
+  echo "[bento_gateway] [entrypoint] Fine-tuning minio.conf to not use TLS"
+  sed -i.bak \
+      '/tpl__tls_yes__start/,/tpl__tls_yes__end/d' \
+      ./minio.conf.pre
+else
+  echo "[bento_gateway] [entrypoint] Fine-tuning minio.conf to use TLS"
+  sed -i.bak \
+      '/tpl__tls_no__start/,/tpl__tls_no__end/d' \
+      ./minio.conf.pre
+fi
+
 # Run fine-tuning on nginx.conf.pre
 if [[ "${use_tls}" == 0 ]]; then
   echo "[bento_gateway] [entrypoint] Fine-tuning nginx.conf to not use TLS"
@@ -139,11 +156,22 @@ else
       '/tpl__redirect_yes__start/,/tpl__redirect_yes__end/d' \
       ./nginx.conf.pre
 fi
+if [[ "$(true_values_to_1 $BENTO_MINIO_ENABLED)" == 1 ]]; then
+  echo "[bento_gateway] [entrypoint] Fine-tuning nginx.conf to use Minio"
+else
+  echo "[bento_gateway] [entrypoint] Fine-tuning nginx.conf to disable Minio"
+  sed -i.bak \
+      '/tpl__use_minio__start/,/tpl__use_minio__end/d' \
+      ./nginx.conf.pre
+fi
+
 # ----------------------------------------------------------------------------------------------------------------------
 
 # Generate final configuration files / locations -----------------------------------------------------------------------
 #  - Move cbioportal.conf into position
 cp ./cbioportal.conf.pre "${BENTO_GATEWAY_CONF_DIR}/cbioportal.conf"
+#  - Move minio.conf into position
+cp ./minio.conf.pre "${BENTO_GATEWAY_CONF_DIR}/minio.conf"
 #  - Move nginx.conf into position
 cp ./nginx.conf.pre "${BENTO_GATEWAY_CONF_DIR}/nginx.conf"
 #  - Remove pre-final configuration files + any backups