Great : so I guess you would recommend hardcoding a minio version to be sure the installation won’t fail because of an updated minio ?
Second question : where is the “canonic” place to put minio executable ? /usr/local/bin ?
Yes, it is better to put a specific version number so that we keep the hand on the app, in case of they introduce breaking changes on their side.
I would say to put it in /opt/yunohost/$app/ and its data in /home/yunohost.app/$app/. One could imagine multiple minio servers (why, though…), and forcing it in /usr/local/bin would bring unwanted side effects when upgrading. In /opt you can disallow any other user to execute it too.
Thanks for your advise !
1 Like
Hi, I did a few updates yesterday on my package, on “Minio” branch.
Minio server is now installing and running correctly.
Unfortunately Outline requires https to connect to S3 storage, so I still have to figure out how to install a self-signed certificate to have minio working on https://localhost:__MINIO_PORT__
Once it will be done, Outline will start to get pretty much usable. I’ll then polish a few details like the upgrade or restore scripts before diving into the next big part, which will be to get rid of Slack authentification process !
1 Like
I think I don’t need more than an auto-generated ssl certificate, since it’s only localhost.
But looks like when I generate ssl certificates with openssl, they will have an expiration date.
How should I manage that expiration date ? Shall I build in the installation a cron job to renew it periodically ?
I’m still battling with the https certificate, it’s a nightmare !
I was able to have minio server listening at https://127.0.0.1:9000 with a self-signed certificate, but outline doesn’t seem to want to communicate with it. I have installed minio client for testing, and when I try to communicate with minio server I had to add the -insecure option since I had an error saying the certificate was signed by an unknown authority.
I’m changing strategy now, and will try to go through nginx and use the let’s encrypt certificate of the domain used for outline installation. I would like to have :
- Outline on the path “/”
- Minio server on the path “/minio”
- Minio console on the path “/minio-console”
Is this possible ? I have tried the below nginx configuration but it doesn’t seem to work (I get error 400)
location / {
# Force usage of https
if ($scheme = http) {
rewrite ^ https://$server_name$request_uri? permanent;
}
proxy_pass http://127.0.0.1:2410;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
location /minio/ {
# Force usage of https
if ($scheme = http) {
rewrite ^ https://$server_name$request_uri? permanent;
}
proxy_pass http://127.0.0.1:9000;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
location /minio-console/ {
# Force usage of https
if ($scheme = http) {
rewrite ^ https://$server_name$request_uri? permanent;
}
proxy_pass http://127.0.0.1:36669;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
Do you have any hint to help me ?
Shall I expect performance issue with minio if outline has to go through url then DNS to finally reach the same server it’s installed on ? (Instead of just going to localhost:9000 ?)
Thanks for your help !
Well, I changed strategy and decided to have minio and outline as two different apps.
It somehow looks cleaner and easier, and - who knows ? - someone may need to install MinIO for something else.
@tituspijean @ericg did a PR here First draft for MinIO app by Limezy · Pull Request #1 · YunoHost-Apps/minio_ynh · GitHub
Would you mind having a quick look ? The installation works but only if the app is installed at the root of domain. I would need some help on my nginx config… Thanks in advance !
Nice job, great! Regarding path installation, it is stated several times in the doc and their GitHub issues that we should not attempt to do that. So let’s stay on the safe side and prevent it. 
2 Likes
Hi !
I now managed to have Outline fully running, including upload of pictures on a minio instance 
I was blocked for a very long time by a few minor things, including the fact that I had to configure Nginx to increase the upload file size and that I wasn’t compiling the right production packages for Outline… I guess that’s the everyday life of Yunohost packagers 
'm now polishing a few things, and would need some help on a few things !
- Is there any helper or any way to automatically get the smtp settings from the server ? I would like to avoid having to request it from the user in the manifest.json
- Is there a way to do a conditional manifest ? I would like first to test if Minio is installed. If yes, then I can recover all information directly form the app. If not, I can ask the user for information about minio and then directly trigger the double minio+ outline installation, which would be more elegant than aborting if I don’t find minio installed
Thanks for your help !
1 Like
These should be enough:
SMTP_HOST=localhost
SMTP_PORT=25
SMTP_USERNAME=
SMTP_PASSWORD=
SMTP_FROM_EMAIL=__APP__@__DOMAIN__
SMTP_REPLY_EMAIL=webmaster@__DOMAIN__
SMTP_TLS_CIPHERS=
SMTP_SECURE=true
Unfortunately, no (not yet?). What you can do is make it a string field asking “Do you need Minio installed? If not, input its address” (or whatever you need to retrieve its information). Then in the install script you can parse the answer. If it’s Y (or 1, I cannot remember), or starts by https, then you know what to do. 
1 Like
Congrats for your project!
This looks promising and I can’t wait to see it more
If you need beta-testers at some point, I’ll be your man!
1 Like
No luck for the moment.
I’ve tried with SMTP_PORT=465 and SMTP_TLS_CIPHERS=SSLv3 but no luck either !
Good idea and workaround. I’ll do something like this
Many thanks for your offer !
I’ll polish one or two last things and then make a quick TODO for anybody who would be willing to beta try my first package 
.Needless to say it’ll be at your own risks (I didn’t dare install my package on my production server yet 
)
1 Like
First usable version is now ready 
You can go to that url 
and follow the Readme
Please don’t install this on a productiion server !
Don’t hesitate to fill in issues on Github or make some feedback here, I’ll be very interested.
Emails are still not working, but otherwise you’ll end up with a pretty usable version.
Release v.0.60.0 of Outline was just released !
Now I’ll have to work on the upgrade script
1 Like
After fighting with Outline’s logs and digging into the community issues, I found out that Outline doesn’t accept sending emails without SSL/TLS. I had to use. :
SMTP_HOST=main.domain.tld
SMTP_PORT=587
SMTP_USERNAME=username
SMTP_PASSWORD=password
SMTP_FROM_EMAIL=outline@outline.domain.tld
SMTP_REPLY_EMAIL=webmaster@outline.domain.tld
SMTP_TLS_CIPHERS=TLSv1.2
SMTP_SECURE=false
So I won’t have any other choice than creating a dedicated “Outline” Yunohost user, and create an email alias outline@outline.domain.tld during the installation process.
I have another problem, which is that because of my incorporated MinIO package installation, the current version of my package fails on Yunorunner…
This what happens when, after having installed MinIO on sub.domain.tld, I try to access it with mc (minio client), to create a new bucket :
126210 INFO DEBUG - DEBUG - + sudo -u minio ./mc alias set minio https://sub.domain.tld minio **********
126211 INFO DEBUG - DEBUG - mc: Configuration written to `/opt/yunohost/minio/.mc/config.json`. Please update your access credentials.
126211 INFO DEBUG - DEBUG - mc: Successfully created `/opt/yunohost/minio/.mc/share`.
126211 INFO DEBUG - DEBUG - mc: Initialized share uploads `/opt/yunohost/minio/.mc/share/uploads.json` file.
126212 INFO DEBUG - DEBUG - mc: Initialized share downloads `/opt/yunohost/minio/.mc/share/downloads.json` file.
126212 INFO DEBUG - DEBUG - mc: <ERROR> Unable to initialize new alias from the provided credentials. Get "https://sub.domain.tld/probe-bucket-sign-ykdtvebbjjy6/?location=": dial tcp 10.171.8.5:443: i/o timeout.
Full test logs are here
Is there a way to tweak the Yunorunner to make it work ?
My current version of the package starts to get quite polished : Installation, backup, restore, remove all work very well !
After a little thinking, that solution doesn’t look good. For example, if the admin changes the password of Outline user, then the emails from Outline would be broken…
It looks like I won’t have other choice than patching the mailer.js file here : https://github.com/outline/outline/blob/v0.60.1/server/mailer.js to add an option ignoreTLS as True.
Outline is definitely a real pain to install…!
For those who are interested by my progress
- Success ! I managed to patch the mailer.js file from the source and have Outline sending emails through localhost without TLS. Good news !
- I’ve improved the backup mechanism, so that it dumps the
outlinestorageminio bucket into Outline’s $final_path before backup. That way, I can recreate an identical MinIO bucket at restore and you won’t be loosing any picture - I’m starting to work on the upgrade
- Next I’ll be working on url_change and path_url
The app should be pretty usable very soon.
3 Likes