Skip to content

Installing RustFS

This page provides an overview of how to install a RustFS S3 compatible storage server on Linux. Generally you will not need to install a RustFS server yourself because an instance is pre-installed on the SIP development VM (SIPVM).

Download and Deploy RustFS

RustFS is downloaded and configured via a shell scrupt that is downloaded from the Internet and then executed:

sudo curl -O https://rustfs.com/install_rustfs.sh && sudo bash install_rustfs.sh

When you execute this command you will see output like this:

[INFO] All required commands are present.
[INFO] OS and architecture check passed: x86_64.
[INFO] Defaulting to MUSL build for maximum compatibility.
Please choose an option:
1. Install RustFS
2. Uninstall RustFS
3. Upgrade RustFS
Enter your choice [1-3]:

Enter option 1 and press ENTER to install RustFS. You will then be prompted to enter the port to run the S3 server on:

[INFO] Starting RustFS installation...
Please enter RustFS service port (default: 9000):

Press ENTER to select the default port. You will then be prompted to enter the port to run the S3 servers admin UI:

[INFO] Port 9000 is available.
Please enter RustFS console port (default: 9001):

Press ENTER to select the default port. You will then be prompted to enter the directory in which you want the S3 server to store its data:

[INFO] Port 9001 is available.
Tip: You can use TAB for path completion.
Please enter data storage directory (default: /data/rustfs0):

Enter /rustfs/data or another directory of your choosing and press ENTER. You will the see information similar to that below as the installation completes:

[INFO] Data directory ready: /rustfs/data.
[INFO] Log directory ready: /var/logs/rustfs.
[INFO] Starting download and installation of RustFS binary...
[INFO] Using MUSL build.
[INFO] Downloading RustFS package from https://dl.rustfs.com/artifacts/rustfs/release/rustfs-linux-x86_64-musl-latest.zip...
--2026-01-08 13:22:44--  https://dl.rustfs.com/artifacts/rustfs/release/rustfs-linux-x86_64-musl-latest.zip
Resolving dl.rustfs.com (dl.rustfs.com)... 155.102.54.146, 155.102.54.141, 155.102.54.142, ...
Connecting to dl.rustfs.com (dl.rustfs.com)|155.102.54.146|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 69891327 (67M) [application/zip]
Saving to: ‘rustfs.zip’

rustfs.zip                                           100%[=====================================================================================================================>]  66.65M  24.3MB/s    in 2.7s

2026-01-08 13:22:47 (24.3 MB/s) - ‘rustfs.zip’ saved [69891327/69891327]

Archive:  rustfs.zip
  inflating: rustfs
[INFO] RustFS binary installed successfully.
[INFO] systemd service file created at /usr/lib/systemd/system/rustfs.service.
[INFO] RustFS config file created at /etc/default/rustfs.
Created symlink /etc/systemd/system/multi-user.target.wants/rustfs.service → /usr/lib/systemd/system/rustfs.service.
[INFO] RustFS service enabled and started.
RustFS has been installed and started successfully!
Service port: 9000,  Console port: 9001,  Data directory: /rustfs/data

Change the Admin User and Password

Use your favorit text editor to edit the RustFS configuration file:

sudo vi /etc/default/rustfs

Then change the values of RUSTFS_ACCESS_KEY and RUSTFS_SECRET:

RUSTFS_ACCESS_KEY=admin
RUSTFS_SECRET_KEY=p@ssw0rd
RUSTFS_VOLUMES="/rustfs/data"
RUSTFS_ADDRESS=":9000"
RUSTFS_CONSOLE_ADDRESS=":9001"
RUSTFS_CONSOLE_ENABLE=true
RUSTFS_OBS_LOGGER_LEVEL=error
RUSTFS_OBS_LOG_DIRECTORY="/var/logs/rustfs/"
RUSTFS_TLS_PATH="/etc/rustfs/certs"

Restart the RustFS Service

sudo systemctl restart rustfs

Create a User Account for Client Access

  • Log in to the admin UI at port 9001, select Users and Add User.
  • Enter values for the username and password.
  • Set Policy to readwrite.
  • Click submit.

Configuring MinIO for TLS

If you wish to secure the communications between client systems and the RustFS server with HTTPS when you need to obtain or create a TLS certificate and configure RustFS to use that certificate

Make a Certificate Configuration File

Move to the directory that contains your certification authority (local-ca) and then Use your favorite text editor to create an OpenSSL configuration file for issuing a server certificate for the RustFS server:

sudo vi rustfs.cnf

Then add the following content:

# rustfs.cnf
[req]
prompt              = no
distinguished_name  = dn
default_md          = sha256
req_extensions      = v3_req

[dn]
CN = sipvm # Primary name (doesn't have to include IP)

[v3_req]
# Key usage for a TLS server cert (RSA)
keyUsage = critical, digitalSignature, keyAgreement
extendedKeyUsage = serverAuth
subjectAltName = @alt_names

[alt_names]
DNS.1 = sipvm
DNS.2 = localhost
IP.1  = 192.168.200.2
IP.2  = 127.0.0.1

Before closing the file, alter the values of CN, DNS.1 and IP.1 to be correct for the RustFS server. If the host system is referred to by other DNS names or IP addresses then you can add additional entries (e.g. DNS.3, DNS.4, IP.3, etc.)

Generate a Private Key for the Server

openssl ecparam -genkey -name prime256v1 -noout -out rustfs.key

Make a Certificate Signing Request

openssl req -new -key rustfs.key -out rustfs.csr -config rustfs.cnf

Create and Sign the Server Certificate

openssl ca -config local-ca.cnf -in rustfs.csr -out rustfs.crt -batch

Verify the Server Certificate

openssl verify -CAfile local-ca.crt rustfs.crt

Install the Certificate into RustFS and Set Permissions

MinIO requires:

  • The TLS certificate and private key to be located in RUSTFS_TLS_PATH
  • The TLS certificate to be named rustfs_cert.pem
  • The private key to be named rustfs_key.pem
sudo mkdir -p /etc/rustfs/certs
sudo chown -R root:root /etc/rustfs/certs
sudo chmod 700 /etc/rustfs/certs

# Copy and protect the certificate
sudo cp rustfs.crt /etc/rustfs/certs/rustfs_cert.pem
sudo chown root:root /etc/rustfs/certs/rustfs_cert.pem
sudo chmod 644 /etc/rustfs/certs/rustfs_cert.pem

# Copy and protect the private key
sudo cp rustfs.key /etc/rustfs/certs/rustfs_key.pem
sudo chown root:root /etc/rustfs/certs/rustfs_key.pem
sudo chmod 600 /etc/rustfs/certs/rustfs_key.pem

Edit the RustFS Configuration File

Use your favorite text editor to edit the MinIO configuration file:

sudo vi /etc/default/rustfs

And append this to end of the file:

RUSTFS_TLS_PATH="/etc/rustfs/certs"

Restart RustFS

sudo systemctl restart rustfs

Test HTTPS Access

Assuming that you have already established trust of your CA on the client system, go to that system and attempt to access the RustFS admin UI using the HTTPS protocol:

https://sipvm:9001

If all is well you should see the RustFS web admin UI, and the browser application should be reporting the connection to the site as secure.