setup minio automation #229

Merged
mg merged 114 commits from minio_automation into master 2024-11-09 22:00:58 +01:00
5 changed files with 21 additions and 13 deletions
Showing only changes of commit 0c3b390d3a - Show all commits

View file

@ -26,8 +26,10 @@ minio_users:
# Anzulegende Buckets, pro Bucket wird eine RW + RO Policy erstellt
minio_buckets:
- testbucket1
- testbucket3
- name: testbucket1
state: present
- name: testbucket3
state: present
# auf docker10 aufraumen

View file

@ -1,11 +1,11 @@
---
- name: Ensure buckets exists
dubzland.minio.minio_bucket:
name: "{{ item }}"
name: "{{ item.name }}"
auth:
access_key: "{{ minio_root_access_key }}"
secret_key: "{{ minio_root_secret_key }}"
url: "{{ minio_url }}"
state: present
state: "{{ item.state | default('present') }}"
loop: "{{ minio_buckets }}"
# state mit default

View file

@ -10,7 +10,7 @@
- name: "prep: template policy files (ro)"
ansible.builtin.template:
dest: "{{ minio_config_dir }}/{{ item }}_ro"
dest: "{{ minio_config_dir }}/{{ item.name }}_ro"
src: policy_ro.j2
owner: root
group: root
@ -19,7 +19,7 @@
- name: "prep: template policy files (rw)"
ansible.builtin.template:
dest: "{{ minio_config_dir }}/{{ item }}_rw"
dest: "{{ minio_config_dir }}/{{ item.name }}_rw"
src: policy_rw.j2
owner: root
group: root
@ -27,13 +27,19 @@
loop: "{{ minio_buckets }}"
- name: "setup policies (ro)"
ansible.builtin.command: "{{ minio_client_bin }} --dp admin policy create {{ minio_root_alias }} {{ item }}_ro {{ minio_config_dir }}/{{ item }}_ro"
ansible.builtin.command: "{{ minio_client_bin }} --dp admin policy create {{ minio_root_alias }} {{ item.name }}_ro {{ minio_config_dir }}/{{ item.name }}_ro"
loop: "{{ minio_buckets }}"
- name: "setup policies (rw)"
ansible.builtin.command: "{{ minio_client_bin }} --dp admin policy create {{ minio_root_alias }} {{ item }}_rw {{ minio_config_dir }}/{{ item }}_rw"
ansible.builtin.command: "{{ minio_client_bin }} --dp admin policy create {{ minio_root_alias }} {{ item.name }}_rw {{ minio_config_dir }}/{{ item.name }}_rw"
loop: "{{ minio_buckets }}"
# ensure absent files are removed
- name: "remove old policies"
ansible.builtin.file:
path: "{{ minio_config_dir }}/{{ item.name }}_ro"
state: absent
loop: "{{ minio_buckets }}"
when: '"absent" in item.state'
# deletata to localhost
# changed when überall

View file

@ -14,7 +14,7 @@
"s3:ListBucketMultipartUploads"
],
"Resource": [
"arn:aws:s3:::{{ item }}"
"arn:aws:s3:::{{ item.name }}"
]
},
{
@ -30,7 +30,7 @@
"s3:ListMultipartUploadParts"
],
"Resource": [
"arn:aws:s3:::{{ item }}/*"
"arn:aws:s3:::{{ item.name }}/*"
]
}
]

View file

@ -14,7 +14,7 @@
"s3:ListBucketMultipartUploads"
],
"Resource": [
"arn:aws:s3:::{{ item }}"
"arn:aws:s3:::{{ item.name }}"
]
},
{
@ -32,7 +32,7 @@
"s3:PutObject"
],
"Resource": [
"arn:aws:s3:::{{ item }}/*"
"arn:aws:s3:::{{ item.name }}/*"
]
}
]