Hello,
after reading that napp-it supports S3 I wanted to access a newly created filesystem via S3 protocol as a backup target in veeam.
I installed S3 support and activated S3 in the napp-it "free 22.03" gui.
Then I accessed the webgui of minio, created the bucket and the access-key.
Both steps were easily done and good documented.
Inside veeam I now try to create the backup-repo and failed because veeam insists on encryption.
The error message is always "failed to retrieve certificate from "IP:9000"
OK, minio needs to have a certificate....that makes sense!!
Inside the cloudsync.pdf 6.1 "encrypted transfer with https" I read that I need 2 files
- private.key
- public.crt
inside /var/web-gui/_log/minio/
elsewhere in the this forum and in the hints inside the napp-it gui gea writes that these 2 files need to be in /var/web-gui/_log/minio/certs???
I create with:
openssl req -x509 -newkey rsa:4096 -sha256 -days 3650 -nodes -keyout private.key -out public.crt -subj "/CN=napp-s3.xxxxx.local" -addext "subjectAltName=DNS:napp.xxxxx.local,IP:192.168.210.4"
both files and placed them in both mentioned directories.
But it did not work, reboot napp....no change, finally I figured out, that I need to unshare s3 the filesystem and reshare it again.
So I got finally encrytion of both the website on port 8000 and the s3 service on port9000 running.
Now I could access the S3 bucket inside with the veeam gui and also add a folder for the backups.
But then I got another problem:
When I created the bucket I configured a retention time of 7 days inside minio, but that does veeam not accept.
When I create a bucket without any file locking, veeam accepts only when I do not configure any retention inside veeam....
But for obvious security reasons one will have a retention time, so the final solution was to activate inside minio only "object locking" but no retention.
Then I could set the retention time inside veeam, when we create the backup-repository.
Hope this will help someone
Kind regards
Maddin
after reading that napp-it supports S3 I wanted to access a newly created filesystem via S3 protocol as a backup target in veeam.
I installed S3 support and activated S3 in the napp-it "free 22.03" gui.
Then I accessed the webgui of minio, created the bucket and the access-key.
Both steps were easily done and good documented.
Inside veeam I now try to create the backup-repo and failed because veeam insists on encryption.
The error message is always "failed to retrieve certificate from "IP:9000"
OK, minio needs to have a certificate....that makes sense!!
Inside the cloudsync.pdf 6.1 "encrypted transfer with https" I read that I need 2 files
- private.key
- public.crt
inside /var/web-gui/_log/minio/
elsewhere in the this forum and in the hints inside the napp-it gui gea writes that these 2 files need to be in /var/web-gui/_log/minio/certs???
I create with:
openssl req -x509 -newkey rsa:4096 -sha256 -days 3650 -nodes -keyout private.key -out public.crt -subj "/CN=napp-s3.xxxxx.local" -addext "subjectAltName=DNS:napp.xxxxx.local,IP:192.168.210.4"
both files and placed them in both mentioned directories.
But it did not work, reboot napp....no change, finally I figured out, that I need to unshare s3 the filesystem and reshare it again.
So I got finally encrytion of both the website on port 8000 and the s3 service on port9000 running.
Now I could access the S3 bucket inside with the veeam gui and also add a folder for the backups.
But then I got another problem:
When I created the bucket I configured a retention time of 7 days inside minio, but that does veeam not accept.
When I create a bucket without any file locking, veeam accepts only when I do not configure any retention inside veeam....
But for obvious security reasons one will have a retention time, so the final solution was to activate inside minio only "object locking" but no retention.
Then I could set the retention time inside veeam, when we create the backup-repository.
Hope this will help someone
Kind regards
Maddin
