59 lines
2.0 KiB
YAML
59 lines
2.0 KiB
YAML
---
|
|
# tasks file for minio
|
|
- name: Deploy MinIO
|
|
kubernetes.core.helm:
|
|
name: minio
|
|
chart_ref: bitnami/minio
|
|
release_namespace: minio
|
|
create_namespace: true
|
|
values:
|
|
metrics:
|
|
enabled: true
|
|
disableWebUI: true
|
|
auth:
|
|
rootUser: minio_admin
|
|
rootPassword: "{{ minio_admin_password }}"
|
|
defaultBuckets: default
|
|
volumePermissions:
|
|
enabled: true
|
|
mode: standalone
|
|
persistence:
|
|
size: 8Ti
|
|
extraEnvVars:
|
|
- name: MINIO_ROOT_USER
|
|
value: minio_admin
|
|
- name: MINIO_ROOT_PASSWORD
|
|
value: "{{ minio_admin_password }}"
|
|
- name: MINIO_SERVER_URL
|
|
value: https://minio.eom.dev/
|
|
- name: MINIO_IDENTITY_LDAP_SERVER_ADDR
|
|
value: openldap.openldap.svc.cluster.local:389
|
|
- name: MINIO_IDENTITY_LDAP_LOOKUP_BIND_DN
|
|
value: cn=readonly,dc=eom,dc=dev
|
|
- name: MINIO_IDENTITY_LDAP_LOOKUP_BIND_PASSWORD
|
|
value: "{{ openldap_readonly_password }}"
|
|
- name: MINIO_IDENTITY_LDAP_USER_DN_SEARCH_BASE_DN
|
|
value: dc=eom,dc=dev
|
|
- name: MINIO_IDENTITY_LDAP_USER_DN_SEARCH_FILTER
|
|
value: (&(objectClass=posixAccount)(uid=%s)(memberOf=cn=Minio Users,ou=Minio,ou=Services,dc=eom,dc=dev))
|
|
- name: MINIO_IDENTITY_LDAP_USER_DN_ATTRIBUTES
|
|
value: uid,cn,mail,sshPublicKey
|
|
- name: MINIO_IDENTITY_LDAP_GROUP_SEARCH_FILTER
|
|
value: (&(objectclass=groupOfUniqueNames)(uniqueMember=%d))
|
|
- name: MINIO_IDENTITY_LDAP_GROUP_SEARCH_BASE_DN
|
|
value: dc=eom,dc=dev
|
|
- name: MINIO_IDENTITY_LDAP_COMMENT
|
|
value: OpenLDAP
|
|
- name: MINIO_IDENTITY_LDAP_SERVER_INSECURE
|
|
value: "on"
|
|
apiIngress:
|
|
enabled: true
|
|
hostname: minio.eom.dev
|
|
ingressClassName: nginx
|
|
annotations:
|
|
cert-manager.io/cluster-issuer: ca-issuer
|
|
tls:
|
|
- hosts:
|
|
- minio.eom.dev
|
|
secretName: minio-tls
|