iac/modules/minio/minio.tf

data "docker_registry_image" "minio" {
  name = "quay.io/minio/minio:latest"
}

resource "random_password" "minio_password" {
  length  = 32
  special = false
}

locals {
  SERVER_URL = "http://${var.domain}"
  UI_URL     = "http://${var.domain}/ui/"
}

resource "docker_service" "minio" {
  name = "minio"
  task_spec {
    container_spec {
      image   = "${data.docker_registry_image.minio.name}@${data.docker_registry_image.minio.sha256_digest}"
      command = ["minio", "server", "/data", ]
      env = {
        MINIO_ADDRESS              = "0.0.0.0:9000"
        MINIO_CONSOLE_ADDRESS      = "0.0.0.0:9001"
        MINIO_ROOT_USER            = var.admin_username
        MINIO_ROOT_PASSWORD        = random_password.minio_password.result
        MINIO_SERVER_URL           = local.SERVER_URL
        MINIO_BROWSER_REDIRECT_URL = local.UI_URL
        MINIO_BROWSER_REDIRECT     = true
        MINIO_API_ROOT_ACCESS      = "on"
      }
      mounts {
        target    = "/data"
        source    = var.storage_path
        type      = "bind"
        read_only = false
      }
    }
    networks_advanced {
      name = var.network.id
    }
    placement {
      platforms {
        architecture = "amd64"
        os           = "linux"
      }
    }
  }
  update_config {
    parallelism = 1
    order       = "stop-first"
  }
  dynamic "endpoint_spec" {
    for_each = var.expose_ports ? toset(["aw yis"]) : toset([])
    content {
      ports {
        target_port    = 9000
        published_port = 9000
        publish_mode   = "ingress"
      }
      ports {
        target_port    = 9001
        published_port = 9001
        publish_mode   = "ingress"
      }
    }
  }
}

module "minio_nginx_config" {
  # tflint-ignore: terraform_module_pinned_source
  source   = "git::https://code.techinc.nl/grey/terraform-nginx.git//nginx-site-available"
  hostname = var.domain
  //certificate   = acme_certificate.ooo_grey["s3"]
  service_name  = "minio_s3"
  upstream_host = "${docker_service.minio.name}:9000"
  config_prefix = "nginx"
  extra_upstreams = [
    {
      name    = "minio_ui",
      servers = ["${docker_service.minio.name}:9001"]
    }
  ]
  extra_locations = file("${path.module}/minio_nginx_extra.conf")
  allow_non_ssl   = true
  allow_ssl       = false
}
Minio gubbins 2024-06-21 16:02:42 +00:00			`data "docker_registry_image" "minio" {`
Ubiquity and printers included 2024-06-28 10:43:20 +00:00			`name = "quay.io/minio/minio:latest"`
Minio gubbins 2024-06-21 16:02:42 +00:00			`}`

			`resource "random_password" "minio_password" {`
			`length = 32`
			`special = false`
			`}`

			`locals {`
Fixup 2024-06-23 03:09:02 +00:00			`SERVER_URL = "http://${var.domain}"`
			`UI_URL = "http://${var.domain}/ui/"`
Minio gubbins 2024-06-21 16:02:42 +00:00			`}`

			`resource "docker_service" "minio" {`
Ubiquity and printers included 2024-06-28 10:43:20 +00:00			`name = "minio"`
Minio gubbins 2024-06-21 16:02:42 +00:00			`task_spec {`
			`container_spec {`
			`image = "${data.docker_registry_image.minio.name}@${data.docker_registry_image.minio.sha256_digest}"`
			`command = ["minio", "server", "/data", ]`
			`env = {`
			`MINIO_ADDRESS = "0.0.0.0:9000"`
			`MINIO_CONSOLE_ADDRESS = "0.0.0.0:9001"`
			`MINIO_ROOT_USER = var.admin_username`
			`MINIO_ROOT_PASSWORD = random_password.minio_password.result`
			`MINIO_SERVER_URL = local.SERVER_URL`
			`MINIO_BROWSER_REDIRECT_URL = local.UI_URL`
			`MINIO_BROWSER_REDIRECT = true`
			`MINIO_API_ROOT_ACCESS = "on"`
			`}`
			`mounts {`
			`target = "/data"`
			`source = var.storage_path`
			`type = "bind"`
			`read_only = false`
			`}`
			`}`
			`networks_advanced {`
			`name = var.network.id`
			`}`
			`placement {`
			`platforms {`
			`architecture = "amd64"`
			`os = "linux"`
			`}`
			`}`
			`}`
			`update_config {`
			`parallelism = 1`
			`order = "stop-first"`
			`}`
Expose ports 9000 and 9001 for minio 2024-07-08 15:51:54 +00:00			`dynamic "endpoint_spec" {`
			`for_each = var.expose_ports ? toset(["aw yis"]) : toset([])`
			`content {`
fmt 2024-07-08 15:57:53 +00:00			`ports {`
			`target_port = 9000`
			`published_port = 9000`
			`publish_mode = "ingress"`
			`}`
			`ports {`
			`target_port = 9001`
			`published_port = 9001`
			`publish_mode = "ingress"`
			`}`
Expose ports 9000 and 9001 for minio 2024-07-08 15:51:54 +00:00			`}`
			`}`
Minio gubbins 2024-06-21 16:02:42 +00:00			`}`

			`module "minio_nginx_config" {`
fix linting issues 2024-06-28 18:08:55 +00:00			`# tflint-ignore: terraform_module_pinned_source`
Ubiquity and printers included 2024-06-28 10:43:20 +00:00			`source = "git::https://code.techinc.nl/grey/terraform-nginx.git//nginx-site-available"`
			`hostname = var.domain`
Minio gubbins 2024-06-21 16:02:42 +00:00			`//certificate = acme_certificate.ooo_grey["s3"]`
			`service_name = "minio_s3"`
			`upstream_host = "${docker_service.minio.name}:9000"`
			`config_prefix = "nginx"`
			`extra_upstreams = [`
			`{`
			`name = "minio_ui",`
			`servers = ["${docker_service.minio.name}:9001"]`
			`}`
			`]`
			`extra_locations = file("${path.module}/minio_nginx_extra.conf")`
Ubiquity and printers included 2024-06-28 10:43:20 +00:00			`allow_non_ssl = true`
			`allow_ssl = false`
Minio gubbins 2024-06-21 16:02:42 +00:00			`}`