diff --git a/templates/template11-minio-storage-server/Readme.md b/templates/template11-minio-storage-server/Readme.md index f46f00b..ef6ed80 100644 --- a/templates/template11-minio-storage-server/Readme.md +++ b/templates/template11-minio-storage-server/Readme.md @@ -10,7 +10,8 @@ | minio | Minio Server's binary file - Downloadable from https://dl.min.io/server/minio/release/linux-amd64/minio | | minio.service | Minio Server unit file - Base file is https://raw.githubusercontent.com/minio/minio-service/master/linux-systemd/minio.service | | minio.conf |Minio Server configuration file | - +| `rootCA.pem` | The rootCA previously created in your host machine | +| `rootCA-key.pem` | The rootCA key previously created in your host machine | * Create folder `log` diff --git a/templates/template11-minio-storage-server/Vagrantfile b/templates/template11-minio-storage-server/Vagrantfile index f9f348e..87c9832 100644 --- a/templates/template11-minio-storage-server/Vagrantfile +++ b/templates/template11-minio-storage-server/Vagrantfile @@ -4,26 +4,23 @@ Vagrant.configure("2") do |config| - config.vm.box = "hibox/focal64" + config.vm.box = "isc/lxc-ubuntu-22.04" config.vm.box_check_update = false - - ## This is the latest box version as of 17/06/2021 - config.vm.box_version = "1.0.1619509541" config.vm.provider 'lxd' do |lxd| lxd.api_endpoint = 'https://127.0.0.1:8443' lxd.timeout = 10 - lxd.name = 'minio-storage-server-test' + lxd.name = 'your-container-name' + lxd.profiles = ['default'] + lxd.project = 'default' # lxd.nesting = nil # lxd.privileged = nil # lxd.ephemeral = false - # lxd.profiles = ['default'] # lxd.environment = {} # lxd.config = {} end - - config.vm.provision :shell, path: "provision.sh" - -end + config.vm.provision :shell, path: "provision.sh" + +end diff --git a/templates/template11-minio-storage-server/artifacts/minio.conf b/templates/template11-minio-storage-server/artifacts/minio.conf index de5cd27..c50e828 100644 --- a/templates/template11-minio-storage-server/artifacts/minio.conf +++ b/templates/template11-minio-storage-server/artifacts/minio.conf @@ -1,4 +1,5 @@ -MINIO_ACCESS_KEY="minio" MINIO_VOLUMES="#MINIO_STORAGE_FOLDER#" -MINIO_OPTS="-C /etc/minio --address #IP_ADDRESS#:9000" -MINIO_SECRET_KEY="miniostorage" +MINIO_OPTS="-C /etc/minio --address #MACHINE_HOSTNAME#:9000" +MINIO_ROOT_USER="admin" +# Minimum 8 characters required for the password +MINIO_ROOT_PASSWORD="admin123" diff --git a/templates/template11-minio-storage-server/artifacts/minio.service b/templates/template11-minio-storage-server/artifacts/minio.service index d5f559a..adb6d58 100644 --- a/templates/template11-minio-storage-server/artifacts/minio.service +++ b/templates/template11-minio-storage-server/artifacts/minio.service @@ -8,8 +8,8 @@ [Service] WorkingDirectory=/usr/local/ -User=#SYSTEM_USER# -Group=#SYSTEM_USER# +User=root +Group=root ProtectProc=invisible EnvironmentFile=/etc/minio/minio.conf diff --git a/templates/template11-minio-storage-server/provision.sh b/templates/template11-minio-storage-server/provision.sh index 0e5fdcb..5da9bfc 100644 --- a/templates/template11-minio-storage-server/provision.sh +++ b/templates/template11-minio-storage-server/provision.sh @@ -6,12 +6,16 @@ echo "provisioning started: ${start_time}" -MACHINE_HOSTNAME=minio-storage-server-test.localenv.com +#### The user must fill these variables - START + +# Fully Qualified Name: ex. "nc.localenv.com" +MACHINE_HOSTNAME= + +#### The user must fill these variables - END + MINIO_STORAGE_FOLDER=/usr/local/share/minio/ -SYSTEM_USER=usrv - NETWORK_INTERFACE=eth0 hostnamectl set-hostname ${MACHINE_HOSTNAME} @@ -23,18 +27,6 @@ timedatectl ##################################################################### -## Get the IP address into an environment variable. This command outputs -## an empty variable if the network interface name is not ${NETWORK_INTERFACE} -##################################################################### -ip_address=`ip -4 addr show ${NETWORK_INTERFACE} | grep -oP '(?<=inet\s)\d+(\.\d+){3}'` - -adduser --disabled-password --gecos GECOS ${SYSTEM_USER} - -usermod -p "`openssl passwd -1 -salt 5RPVAd ${SYSTEM_USER}`" ${SYSTEM_USER} - -adduser ${SYSTEM_USER} sudo - -##################################################################### ## Script inspired by https://www.digitalocean.com/community/tutorials/how-to-set-up-an-object-storage-server-using-minio-on-ubuntu-18-04 ##################################################################### cp /vagrant/artifacts/minio /usr/local/bin @@ -47,19 +39,23 @@ cp /vagrant/artifacts/minio.conf /etc/minio -sed -i "s|#IP_ADDRESS#|${IP_ADDRESS}|g" /etc/minio/minio.conf +sed -i "s|#MACHINE_HOSTNAME#|${MACHINE_HOSTNAME}|g" /etc/minio/minio.conf sed -i "s|#MINIO_STORAGE_FOLDER#|${MINIO_STORAGE_FOLDER}|g" /etc/minio/minio.conf -chown -R ${SYSTEM_USER}:${SYSTEM_USER} /etc/minio - cp /vagrant/artifacts/minio.service /etc/systemd/system/ -sed -i "s|#SYSTEM_USER#|${SYSTEM_USER}|g" /etc/systemd/system/minio.service - mkdir ${MINIO_STORAGE_FOLDER} -chown -R ${SYSTEM_USER}:${SYSTEM_USER} ${MINIO_STORAGE_FOLDER} +export CAROOT=/vagrant/artifacts/ + +apt install mkcert + +mkcert -install + +mkdir /etc/minio/certs + +mkcert --cert-file /etc/minio/certs/public.crt --key-file /etc/minio/certs/private.key "${MACHINE_HOSTNAME}" systemctl daemon-reload @@ -71,13 +67,7 @@ end_time=`date` -echo "This container has IP (interface: ${NETWORK_INTERFACE}): ${ip_address}" - -echo "If you add this IP to the hostname (${MACHINE_HOSTNAME}) in your hosts file:" - -echo " You can connect with user ${SYSTEM_USER} via ssh (password ${SYSTEM_USER}): ssh ${SYSTEM_USER}@${MACHINE_HOSTNAME}" - -echo " You can connect with user minio (password miniostorage) to te Minio Web Console http://${MACHINE_HOSTNAME}:9000. These are also the connection details to be used in config.php." +echo " You can connect with user admin (password admin123) to te Minio Web Console https://${MACHINE_HOSTNAME}:9000. These are also the connection details to be used in config.php." echo "provisioning started: ${start_time}"