shpaq/auricom-home-cluster
1
0
Fork 0
mirror of https://github.com/auricom/home-cluster.git synced 2025-09-17 18:24:14 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
cc75daeb6085f417aa5c400fce2327e63d160514
auricom-home-cluster/kubernetes/apps/default/opnsense
History
feisar-bot 90be307a26 ⬆️ Update image ghcr.io/auricom/kubectl to 1.28.3 
| datasource | package                 | from   | to     |
| ---------- | ----------------------- | ------ | ------ |
| docker     | ghcr.io/auricom/kubectl | 1.28.2 | 1.28.3 |
2023-11-08 08:54:26 +01:00
..
app
⬆️ Update image ghcr.io/auricom/kubectl to 1.28.3
2023-11-08 08:54:26 +01:00
ks.yaml
🔥 kustomization healthChecks
2023-11-01 18:13:18 +01:00
readme.md

readme.md

Opnsense

S3 Configuration

  1. Create ~/.mc/config.json

    {
  "version": "10",
  "aliases": {
    "minio": {
      "url": "https://s3.<domain>",
      "accessKey": "<access-key>",
      "secretKey": "<secret-key>",
      "api": "S3v4",
      "path": "auto"
    }
  }
}

  2. Create the opnsense user and password

    mc admin user add minio opnsense <super-secret-password>

  3. Create the opnsense bucket

    mc mb minio/opnsense

  4. Create opnsense-user-policy.json

    {
  "Version": "2012-10-17",
  "Statement": [
    {
      "Action": [
        "s3:ListBucket",
        "s3:PutObject",
        "s3:GetObject",
        "s3:DeleteObject"
      ],
      "Effect": "Allow",
      "Resource": ["arn:aws:s3:::opnsense/*", "arn:aws:s3:::opnsense"],
      "Sid": ""
    }
  ]
}

  5. Apply the bucket policies

    mc admin policy add minio opnsense-private opnsense-user-policy.json

  6. Associate private policy with the user

    mc admin policy set minio opnsense-private user=opnsense

  7. Create a retention policy

    mc ilm add minio/opnsense --expire-days "90"