MinIO/S3-backed static hosting using Traefik reverse proxy + nginx-s3-gateway

The following docker-compose.yml uses nginx-s3-gateway to proxy HTTP requests to a configured S3-compatible storage backend (in this case, MinIO). This provides production-ready performance supported by Nginx, Inc., plus high configurability since internally, nginx-s3-gateway is using nginx, so it can flexibly be configured.

See Simple Traefik docker-compose setup with Lets Encrypt Cloudflare DNS-01 & TLS-ALPN-01 & HTTP-01 challenges for details on how we setup Traefik to work with these container labels.

services:
  s3-gateway:
    image: nginxinc/nginx-s3-gateway:latest
    environment:
      # Required (see repo docs)
      S3_BUCKET_NAME: "mydomain-app"
      AWS_ACCESS_KEY_ID: "mydomain-app-reader"
      AWS_SECRET_ACCESS_KEY: "Ooch7rooD8yo8ooW6ohghahNgaeshu"
      S3_SERVER: "minio.mydomain.com"
      S3_REGION: "eu-central-1"
      S3_STYLE: "path"
      S3_SERVER_PORT: "443"
      S3_SERVER_PROTO: "https"
      AWS_SIGS_VERSION: "4"
      PROVIDE_INDEX_PAGE: true
      ALLOW_DIRECTORY_LIST: "false"
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.app-mydomain.rule=Host(`app.mydomain.com`)"
      - "traefik.http.routers.app-mydomain.entrypoints=websecure"
      - "traefik.http.routers.app-mydomain.tls.certresolver=cloudflare-ec384"
      - "traefik.http.routers.app-mydomain.tls.domains[0].main=mydomain.com"
      - "traefik.http.routers.app-mydomain.tls.domains[0].sans=*.mydomain.com"

If this post helped you, please consider buying me a coffee or donating via PayPal to support research & publishing of new posts on TechOverflow

Buy me a coffee