use environment variables to set and override access and secret keys at server startup

master
Olivier Sallou 9 years ago committed by Harshavardhana
parent bd6850e79f
commit 678585c513
  1. 6
      api-auth-utils.go
  2. 21
      server-main.go

@ -38,6 +38,12 @@ func isValidAccessKey(accessKeyID string) bool {
return regex.MatchString(accessKeyID) return regex.MatchString(accessKeyID)
} }
// isValidSecretKey - validate secret key
func isValidSecretKey(secretKeyID string) bool {
regex := regexp.MustCompile("^[a-zA-Z0-9\\-\\.\\_\\~]{40}$")
return regex.MatchString(secretKeyID)
}
// generateAccessKeyID - generate random alpha numeric value using only uppercase characters // generateAccessKeyID - generate random alpha numeric value using only uppercase characters
// takes input as size in integer // takes input as size in integer
func generateAccessKeyID() ([]byte, *probe.Error) { func generateAccessKeyID() ([]byte, *probe.Error) {

@ -52,6 +52,10 @@ USAGE:
OPTIONS: OPTIONS:
{{range .Flags}}{{.}} {{range .Flags}}{{.}}
{{end}} {{end}}
ENVIRONMENT VARIABLES:
MINIO_ACCESS_KEY, MINIO_SECRET_KEY: Access and secret key to use.
EXAMPLES: EXAMPLES:
1. Start minio server on Linux. 1. Start minio server on Linux.
$ minio {{.Name}} /home/shared $ minio {{.Name}} /home/shared
@ -259,6 +263,23 @@ func serverMain(c *cli.Context) {
fatalIf(probe.NewError(errInvalidArgument), "Both certificate and key are required to enable https.", nil) fatalIf(probe.NewError(errInvalidArgument), "Both certificate and key are required to enable https.", nil)
} }
accessKey := os.Getenv("MINIO_ACCESS_KEY")
secretKey := os.Getenv("MINIO_SECRET_KEY")
if accessKey != "" && secretKey != "" {
if !isValidAccessKey(accessKey) {
fatalIf(probe.NewError(errInvalidArgument), "Access key does not have required length", nil)
}
if !isValidSecretKey(secretKey) {
fatalIf(probe.NewError(errInvalidArgument), "Secret key does not have required length", nil)
}
conf.Credentials.AccessKeyID = accessKey
conf.Credentials.SecretAccessKey = secretKey
err = saveConfig(conf)
fatalIf(err.Trace(), "Unable to save credentials to config.", nil)
}
minFreeDisk, err := parsePercentToInt(c.String("min-free-disk"), 64) minFreeDisk, err := parsePercentToInt(c.String("min-free-disk"), 64)
fatalIf(err.Trace(c.String("min-free-disk")), "Invalid minium free disk size "+c.String("min-free-disk")+" passed.", nil) fatalIf(err.Trace(c.String("min-free-disk")), "Invalid minium free disk size "+c.String("min-free-disk")+" passed.", nil)

Loading…
Cancel
Save