shpaq/auricom-home-cluster
1
0
Fork 0
mirror of https://github.com/auricom/home-cluster.git synced 2025-09-17 18:24:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

♻️ minio custom jail

Browse Source
This commit is contained in:
auricom
2024-01-09 16:52:29 +01:00
parent 9fe75c2b3c
commit badd042d50
15 changed files with 129 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
ansible/inventory/host_vars/minio.sops.yaml Normal file
View File

@@ -0,0 +1,23 @@
kind: Secret
minio_access_key: ENC[AES256_GCM,data:4MC50gc06VvP9BViitovlw==,iv:Bu8c986MyeHrMioPYlBG/zSzFv4EOytxTHkXZzI6Iow=,tag:EbRlKgdx63M8CDNa/8RrWQ==,type:str]
minio_secret_key: ENC[AES256_GCM,data:zd7bC1c3pam4xqcsaZOf3A==,iv:8K8x9dcsByZ60pytIPl9ESUbZeu+7S8Z+faQEewDZB8=,tag:3/5b8ZzAIqrVtf37eziwjg==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1hhurqwmfvl9m3vh3hk8urulfzcdsrep2ax2neazqt435yhpamu3qj20asg
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBPVy9DRjhqOW05Wm4rNXZo
bFJxem9UZjNSQW5UaTRZaWQ1clZQSHJrNHpVCmo3Y0RPd1BRRC9ZZHJ0SndSUXJv
UkpPWTNOUWFPL1hCUGJrTFBPZml5QncKLS0tIGI5UUJKMXR0d1d3ZzRDSURuWVFl
ZFlyQ1lGbnVPaSs4cytQYzNwRnJabmcKP0ogZqsaoD6heCqmObwttBgE039aLqe2
R55NPkQJJyFSbDbdDmPApE4IwtXay54QGw2RR4AxOZW4G2dWhdzP3w==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-01-09T13:25:29Z"
mac: ENC[AES256_GCM,data:ro+P8PAr0YDuer3CBf7XBIBz+YlnHGCDGIkKFw1TRvEeJNgNFF6mv+voPyiTFIHRh/541MNlzEyRpc0As1PHU/7O2SLBqKA3GnzaLM4s/5Euu7pXTFl3jtIXtTe1DMGTWmyvyqSNXEoEhPmjFn0bMXKhrINuVWxYkDspZxnnOe4=,iv:MZjiTvWIPacX55RZfVh8qUmVsNPMJaZcJIc8JmxuUag=,tag:Q6MnDbByAno9pwH0xWTKMA==,type:str]
pgp: []
unencrypted_regex: ^(kind)$
version: 3.8.1

3
ansible/inventory/hosts.yml
View File

@@ -7,6 +7,9 @@ all:
coreelec:
ansible_host: coreelec.{{ secret_domain }}
ansible_user: root
minio:
ansible_host: 192.168.9.14
ansible_user: minio
children:
truenas-instances:
hosts:

1
ansible/playbooks/bootstrap_ansible.yml
View File

@@ -3,6 +3,7 @@
hosts: all
become: true
become_user: root
gather_facts: false
vars:
python_pwd: /usr/bin/python
python_package: python3

7
ansible/playbooks/minio.yml Normal file
View File

@@ -0,0 +1,7 @@
---
- hosts: minio
become: true
gather_facts: true
any_errors_fatal: true
roles:
- role: minio

42
ansible/roles/minio/tasks/main.yml Normal file
View File

@@ -0,0 +1,42 @@
---
- name: Install MinIO
ansible.builtin.pkgng:
name:
- minio
- curl
state: latest
register: installation
- name: Create MinIO configuration in /etc/rc.conf
ansible.builtin.blockinfile:
path: /etc/rc.conf
state: present
block: |
# MINIO
minio_enable="YES"
minio_disks="/mnt/data"
minio_env="MINIO_ACCESS_KEY={{ minio_access_key }} MINIO_SECRET_KEY={{ minio_secret_key }} MINIO_CONSOLE_ADDRESS=192.168.9.14:9001"
no_log: false
register: configuration
- name: Restart MinIO Service
ansible.builtin.service:
name: minio
state: restarted
enabled: true
when: configuration.changed == true or installation.changed == true
- name: Wait for 5 seconds
ansible.builtin.pause:
seconds: 5
- name: Check MinIO Service
ansible.builtin.command: curl -s localhost:9000/minio/health/live
register: curl_result
ignore_errors: true
changed_when: false
- name: Fail if curl command failed
ansible.builtin.fail:
msg: 'Curl command failed'
when: curl_result.rc != 0