setup minio automation #229
5 changed files with 21 additions and 13 deletions
|
@ -26,8 +26,10 @@ minio_users:
|
|||
|
||||
# Anzulegende Buckets, pro Bucket wird eine RW + RO Policy erstellt
|
||||
minio_buckets:
|
||||
- testbucket1
|
||||
- testbucket3
|
||||
- name: testbucket1
|
||||
state: present
|
||||
- name: testbucket3
|
||||
state: present
|
||||
|
||||
|
||||
# auf docker10 aufraumen
|
||||
|
|
|
@ -1,11 +1,11 @@
|
|||
---
|
||||
- name: Ensure buckets exists
|
||||
dubzland.minio.minio_bucket:
|
||||
name: "{{ item }}"
|
||||
name: "{{ item.name }}"
|
||||
auth:
|
||||
access_key: "{{ minio_root_access_key }}"
|
||||
secret_key: "{{ minio_root_secret_key }}"
|
||||
url: "{{ minio_url }}"
|
||||
state: present
|
||||
state: "{{ item.state | default('present') }}"
|
||||
loop: "{{ minio_buckets }}"
|
||||
# state mit default
|
||||
|
|
|
@ -10,7 +10,7 @@
|
|||
|
||||
- name: "prep: template policy files (ro)"
|
||||
ansible.builtin.template:
|
||||
dest: "{{ minio_config_dir }}/{{ item }}_ro"
|
||||
dest: "{{ minio_config_dir }}/{{ item.name }}_ro"
|
||||
src: policy_ro.j2
|
||||
owner: root
|
||||
group: root
|
||||
|
@ -19,7 +19,7 @@
|
|||
|
||||
- name: "prep: template policy files (rw)"
|
||||
ansible.builtin.template:
|
||||
dest: "{{ minio_config_dir }}/{{ item }}_rw"
|
||||
dest: "{{ minio_config_dir }}/{{ item.name }}_rw"
|
||||
src: policy_rw.j2
|
||||
owner: root
|
||||
group: root
|
||||
|
@ -27,13 +27,19 @@
|
|||
loop: "{{ minio_buckets }}"
|
||||
|
||||
- name: "setup policies (ro)"
|
||||
ansible.builtin.command: "{{ minio_client_bin }} --dp admin policy create {{ minio_root_alias }} {{ item }}_ro {{ minio_config_dir }}/{{ item }}_ro"
|
||||
ansible.builtin.command: "{{ minio_client_bin }} --dp admin policy create {{ minio_root_alias }} {{ item.name }}_ro {{ minio_config_dir }}/{{ item.name }}_ro"
|
||||
loop: "{{ minio_buckets }}"
|
||||
|
||||
- name: "setup policies (rw)"
|
||||
ansible.builtin.command: "{{ minio_client_bin }} --dp admin policy create {{ minio_root_alias }} {{ item }}_rw {{ minio_config_dir }}/{{ item }}_rw"
|
||||
ansible.builtin.command: "{{ minio_client_bin }} --dp admin policy create {{ minio_root_alias }} {{ item.name }}_rw {{ minio_config_dir }}/{{ item.name }}_rw"
|
||||
loop: "{{ minio_buckets }}"
|
||||
|
||||
# ensure absent files are removed
|
||||
- name: "remove old policies"
|
||||
ansible.builtin.file:
|
||||
path: "{{ minio_config_dir }}/{{ item.name }}_ro"
|
||||
state: absent
|
||||
loop: "{{ minio_buckets }}"
|
||||
when: '"absent" in item.state'
|
||||
|
||||
# deletata to localhost
|
||||
# changed when überall
|
||||
|
|
|
@ -14,7 +14,7 @@
|
|||
"s3:ListBucketMultipartUploads"
|
||||
],
|
||||
"Resource": [
|
||||
"arn:aws:s3:::{{ item }}"
|
||||
"arn:aws:s3:::{{ item.name }}"
|
||||
]
|
||||
},
|
||||
{
|
||||
|
@ -30,7 +30,7 @@
|
|||
"s3:ListMultipartUploadParts"
|
||||
],
|
||||
"Resource": [
|
||||
"arn:aws:s3:::{{ item }}/*"
|
||||
"arn:aws:s3:::{{ item.name }}/*"
|
||||
]
|
||||
}
|
||||
]
|
||||
|
|
|
@ -14,7 +14,7 @@
|
|||
"s3:ListBucketMultipartUploads"
|
||||
],
|
||||
"Resource": [
|
||||
"arn:aws:s3:::{{ item }}"
|
||||
"arn:aws:s3:::{{ item.name }}"
|
||||
]
|
||||
},
|
||||
{
|
||||
|
@ -32,7 +32,7 @@
|
|||
"s3:PutObject"
|
||||
],
|
||||
"Resource": [
|
||||
"arn:aws:s3:::{{ item }}/*"
|
||||
"arn:aws:s3:::{{ item.name }}/*"
|
||||
]
|
||||
}
|
||||
]
|
||||
|
|
Loading…
Reference in a new issue