diff --git a/README.md b/README.md
index 613b7b9..2dfd925 100644
--- a/README.md
+++ b/README.md
@@ -1,7 +1,9 @@
Role Name
=========
-A role that installs min.io as a Docker Swarm stack,
+A role that installs min.io, .
+The supported installation mode is *baremetal* and *distributed*.
+minio is not installed from a package, but the binary is downloaded and placed into `/usr/local/bin`.
Role Variables
--------------
@@ -9,48 +11,69 @@ Role Variables
The most important variables are listed below:
``` yaml
-minio_compose_dir: '/srv/minio_stack'
-minio_docker_stack_name: 'minio'
+minio_baremetal: true
+minio_enabled: true
+minio_binary: 'minio'
+minio_binary_download: 'https://dl.min.io/server/minio/release/linux-amd64/{{ minio_binary }}'
+minio_download_validate_certs: true
+minio_work_dir: /usr/local
+minio_install_dir: '{{ minio_work_dir }}/bin'
+minio_executable: '{{ minio_install_dir }}/{{ minio_binary }}'
+minio_username: 'minio-user'
+minio_user_home: '/srv/{{ minio_username }}'
minio_access_key: 'use a vault'
minio_secret_key: 'use a vault'
minio_secrets:
- - { name: minio_access_key, data: '{{ minio_access_key }}' }
- - { name: minio_secret_key, data: '{{ minio_secret_key }}' }
-minio_docker_service_server_name: 'minio'
-minio_docker_server_image: 'quay.io/minio/minio'
-minio_docker_network: 'distributed'
-minio_docker_swarm_dnsrr: True
-minio_server_instances:
+ - {name: minio_access_key, data: '{{ minio_access_key }}'}
+ - {name: minio_secret_key, data: '{{ minio_secret_key }}'}
+minio_server_instances_num: 4
+minio_server_name_prefix: 'minio'
+minio_server_domain_name: 'example.org'
+minio_disk_volumes: 4
+minio_disk_volume_names:
- 1
- 2
- 3
- 4
- - 5
- - 6
- - 7
- - 8
+minio_data_prefix: /storage
+minio_volume_prefix: 'minio'
+minio_volume_subdir: 'data'
+minio_port: 9000
+minio_volumes: 'https://{{ minio_server_name_prefix }}{%raw%}{{%endraw%}1...{{ minio_server_instances_num }}{%raw%}}{%endraw%}.{{ minio_server_domain_name }}:{{ minio_port }}{{ minio_data_prefix }}/{{ minio_volume_prefix }}{%raw%}{{%endraw%}1...{{ minio_disk_volumes }}{%raw%}}{%endraw%}/{{ minio_volume_subdir }}'
+
+minio_dedicated_console: true
+minio_console_port: 9001
+minio_behind_haproxy: true
+minio_server_url: 'https://minio-reverse-proxy.example.org'
+minio_ui_url: 'https://minio-ui-reverse-proxy.example.org'
+minio_over_tls: true
+minio_letsencrypt_certs: true
+minio_tls_certs_dir: /etc/pki/minio
+# The certificate and private key file names
+# must be *exactly* the ones used here.
+minio_tls_cert_file: '{{ minio_tls_certs_dir }}/public.crt'
+minio_tls_key_file: '{{ minio_tls_certs_dir }}/private.key'
+minio_root_user: minio_adm
+# minio_root_password: 'Use a vault'
+minio_storage_class_standard: 4
+minio_storage_class_rrs: 2
#
-minio_data_prefix: /minio
-minio_volume_prefix: /min_io
-minio_disk_volumes:
- - 3
- - 4
-minio_behind_haproxy: True
-minio_haproxy_public_net: 'haproxy-public'
-#
-minio_keylocak_auth_url: http://localhost:8080/auth/
-#minio_keycloak_client_secret: 'use a vault'
-minio_keycloak_realm: 'realm'
-minio_keycloak_client_name: 'minio_client_name'
-minio_keycloak_client_id: 'minio_client_id'
+minio_prometheus_url: 'https://prometheus.localhost'
+minio_prometheus_jobid: 'minio-job'
+minio_prometheus_auth_type: public
+minio_external_oidc: false
+minio_openid_config_url: http://localhost:8080/auth/
+minio_openid_realm: 'realm'
+minio_openid_client_id: 'minio_client_id'
+# minio_openid_client_secret: 'use a vault'
+minio_openid_claim_name: 'policy'
+minio_openid_set_claim_prefix: false
+minio_openid_claim_prefix: 'minio_'
+minio_openid_scopes: ''
+minio_openid_redirect_uri: '{{ minio_ui_url }}/oauth_callback'
```
-Dependencies
-------------
-
-* Docker Swarm
-
License
-------
diff --git a/meta/main.yml b/meta/main.yml
index 83f1706..c43b4eb 100644
--- a/meta/main.yml
+++ b/meta/main.yml
@@ -1,13 +1,14 @@
+---
galaxy_info:
author: Andrea Dell'Amico
description: Systems Architect
company: ISTI-CNR
- issue_tracker_url: https://redmine-s2i2s.isti.cnr.it/projects/provisioning
+ issue_tracker_url: https://support.d4science.org
license: EUPL 1.2+
- min_ansible_version: 2.8
+ min_ansible_version: 2.9
# To view available platforms and versions (or releases), visit:
# https://galaxy.ansible.com/api/v1/platforms/
@@ -16,12 +17,14 @@ galaxy_info:
- name: Ubuntu
versions:
- bionic
+ - focal
+ - jammy
- name: EL
versions:
- - 7
- 8
galaxy_tags:
- - users
+ - s3
+ - storage
dependencies: []
diff --git a/templates/minio-docker-compose.yml.j2 b/templates/minio-docker-compose.yml.j2
deleted file mode 100644
index 1d953dd..0000000
--- a/templates/minio-docker-compose.yml.j2
+++ /dev/null
@@ -1,65 +0,0 @@
-version: '3.7'
-
-networks:
- {{ minio_docker_network }}:
-{% if minio_behind_haproxy %}
- haproxy-public:
- external: true
-{% endif %}
-
-secrets:
- minio_secret_key:
- external: true
- minio_access_key:
- external: true
-
-services:
-{% for i in minio_server_instances %}
- {{ minio_docker_service_server_name }}{{ i }}:
- hostname: {{ minio_docker_service_server_name }}{{ i }}
- image: {{ minio_docker_server_image }}
- command: server --console-address ":9001" http://{{ minio_docker_service_server_name }}{1...8}/{{ minio_data_prefix }}{3...4}
-{% if not minio_docker_swarm_dnsrr %}
- ports:
- - 9000
-{% endif %}
- networks:
- - {{ minio_docker_network }}
-{% if minio_behind_haproxy %}
- - haproxy-public
-{% endif %}
- environment:
- MINIO_ROOT_USER_FILE: {{minio_access_key}}
- MINIO_ROOT_PASSWORD_FILE: {{minio_secret_key}}
- secrets:
- - minio_access_key
- - minio_secret_key
- healthcheck:
- test: ["CMD", "curl", "-f", "http://localhost:9000/minio/health/live"]
- interval: 30s
- timeout: 20s
- retries: 5
- volumes:
- {% for vol in minio_disk_volumes %}
- - {{ minio_volume_prefix }}/{{ vol }}:{{ minio_data_prefix }}{{ vol }}
- {% endfor %}
-
- deploy:
- mode: replicated
- replicas: 1
-{% if minio_docker_swarm_dnsrr %}
- endpoint_mode: dnsrr
-{% endif %}
- placement:
- constraints:
- - node.role == worker
- - node.labels.minio == minio{{ i }}
- restart_policy:
- condition: on-failure
- delay: 5s
- max_attempts: 20
- window: 120s
- logging:
- driver: 'journald'
-{% endfor %}
-