From d0a2aa14d77c6d2628d5579a9afe9d41382b3052 Mon Sep 17 00:00:00 2001 From: Jakob Meier Date: Wed, 27 Dec 2023 10:48:47 +0100 Subject: [PATCH] containers/s3: added minio object storage --- roles/containers/s3/defaults/main.yml | 15 +++++++++++++ roles/containers/s3/tasks/caddy.yml | 26 +++++++++++++++++++++++ roles/containers/s3/tasks/main.yml | 5 +++++ roles/containers/s3/tasks/setup.yml | 23 ++++++++++++++++++++ roles/containers/s3/templates/minio.caddy | 6 ++++++ 5 files changed, 75 insertions(+) create mode 100644 roles/containers/s3/defaults/main.yml create mode 100644 roles/containers/s3/tasks/caddy.yml create mode 100644 roles/containers/s3/tasks/main.yml create mode 100644 roles/containers/s3/tasks/setup.yml create mode 100644 roles/containers/s3/templates/minio.caddy diff --git a/roles/containers/s3/defaults/main.yml b/roles/containers/s3/defaults/main.yml new file mode 100644 index 0000000..d30b8bc --- /dev/null +++ b/roles/containers/s3/defaults/main.yml @@ -0,0 +1,15 @@ +--- +# minio folder +minio_project_dir: "s3" +# subdomain on which files are served +minio_domain: "{{ minio_project_dir }}.{{ domain }}" +minio_port: "9000" +# subdomain on which the admin panel is exposed +minio_console_domain: "console.{{ minio_project_dir }}.{{ domain }}" +minio_console_port: "9001" +# admin user +# used to log into admin panel +minio_root_user: "minioadmin" +# admin password +# used to log into admin panel +minio_root_password: "minioadmin" diff --git a/roles/containers/s3/tasks/caddy.yml b/roles/containers/s3/tasks/caddy.yml new file mode 100644 index 0000000..16f0001 --- /dev/null +++ b/roles/containers/s3/tasks/caddy.yml @@ -0,0 +1,26 @@ +--- +- name: Make sure minio caddy reverse proxy config exists + become: true + ansible.builtin.template: + src: minio.caddy + dest: /etc/caddy/s3 + mode: "0644" + validate: caddy validate --adapter caddyfile --config %s + register: projectconfig + +- name: Make sure caddy links to the minio config + become: true + ansible.builtin.lineinfile: + path: /etc/caddy/Caddyfile + mode: "0644" + search_string: ^import /etc/caddy/s3 + line: import /etc/caddy/s3 + validate: caddy validate --adapter caddyfile --config %s + register: caddyconfig + +- name: Restart caddy + become: true + ansible.builtin.service: + name: caddy + state: restarted + when: caddyconfig.changed or projectconfig.changed diff --git a/roles/containers/s3/tasks/main.yml b/roles/containers/s3/tasks/main.yml new file mode 100644 index 0000000..3dc7f27 --- /dev/null +++ b/roles/containers/s3/tasks/main.yml @@ -0,0 +1,5 @@ +--- +- name: Setup s3 docker images + ansible.builtin.include_tasks: setup.yml +- name: Setup s3 reverse proxy + ansible.builtin.include_tasks: caddy.yml diff --git a/roles/containers/s3/tasks/setup.yml b/roles/containers/s3/tasks/setup.yml new file mode 100644 index 0000000..94f75c6 --- /dev/null +++ b/roles/containers/s3/tasks/setup.yml @@ -0,0 +1,23 @@ +--- +- name: Ensure minio-project-dir exists + ansible.builtin.file: + path: "{{ container_dir }}/{{ minio_project_dir }}" + state: directory + recurse: true + +- name: Create minio docker container + community.docker.docker_container: + name: s3 + image: quay.io/minio/minio + restart_policy: unless-stopped + volumes: + - "{{ container_dir }}/{{ minio_project_dir }}:/data" + ports: + - "{{ minio_port }}:9000" + - "{{ minio_console_port }}:9001" + env: + MINIO_ROOT_USER: "{{ minio_root_user }}" + MINIO_ROOT_PASSWORD: "{{ minio_root_password }}" + MINIO_SERVER_URL: "https://{{ minio_domain }}" + MINIO_BROWSER_REDIRECT_URL: "https://{{ minio_console_domain }}" + command: server /data --console-address ":9001" diff --git a/roles/containers/s3/templates/minio.caddy b/roles/containers/s3/templates/minio.caddy new file mode 100644 index 0000000..24dc625 --- /dev/null +++ b/roles/containers/s3/templates/minio.caddy @@ -0,0 +1,6 @@ +{{ minio_domain }} { + reverse_proxy :{{ minio_port }} +} +{{ minio_console_domain }} { + reverse_proxy :{{ minio_console_port }} +} -- 2.38.5