baschno/buun-stack
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
c122b9b9a8e1844e334226ed163e8d5576ac5dbf
buun-stack/minio/justfile
Masaki Yatsu c122b9b9a8 feat(minio): add MinIO
2025-08-30 15:53:42 +09:00

117 lines
4.0 KiB
Makefile
Raw Blame History

set fallback := true
export MINIO_NAMESPACE := env("MINIO_NAMESPACE", "minio")
export MINIO_CHART_VERSION := env("MINIO_CHART_VERSION", "5.4.0")
export MINIO_OIDC_CLIENT_ID := env("MINIO_OIDC_CLIENT_ID", "minio")
export KEYCLOAK_REALM := env("KEYCLOAK_REALM", "buunstack")
[private]
default:
@just --list --unsorted --list-submodules
# Add Helm repository
add-helm-repo:
# We use charts.min.io instead of operator.min.io because the operator does not support
# standalone mode.
# helm repo add minio https://operator.min.io/
helm repo add minio https://charts.min.io/
helm repo update
# Remove Helm repository
remove-helm-repo:
helm repo remove minio
# Create JupyterHub namespace
create-namespace:
kubectl get namespace ${MINIO_NAMESPACE} &>/dev/null || \
kubectl create namespace ${MINIO_NAMESPACE}
# Delete JupyterHub namespace
delete-namespace:
kubectl delete namespace ${MINIO_NAMESPACE} --ignore-not-found
# Add Keycloak policy and mapper
add-keycloak-minio-policy:
KEYCLOAK_ADMIN_USER=$(just keycloak::admin-username) \
KEYCLOAK_ADMIN_PASSWORD=$(just keycloak::admin-password) \
KEYCLOAK_REALM=${KEYCLOAK_REALM} \
MINIO_OIDC_CLIENT_ID=${MINIO_OIDC_CLIENT_ID} \
dotenvx run -f ../.env.local -- tsx ./scripts/add-minio-policy.ts
# Install MinIO
install:
#!/bin/bash
set -euo pipefail
export MINIO_HOST=${MINIO_HOST:-}
if [ "${MINIO_HOST}" = "" ]; then
MINIO_HOST=$(
gum input --prompt="MinIO host (FQDN): " --width=100 \
--placeholder="e.g., minio.example.com"
)
fi
export MINIO_CONSOLE_HOST=${MINIO_CONSOLE_HOST:-}
if [ "${MINIO_CONSOLE_HOST}" = "" ]; then
MINIO_CONSOLE_HOST=$(
gum input --prompt="MinIO Console host (FQDN): " --width=100 \
--placeholder="e.g., minio-console.example.com"
)
fi
just keycloak::create-client ${KEYCLOAK_REALM} ${MINIO_OIDC_CLIENT_ID} \
"https://${MINIO_HOST}/oauth_callback,https://${MINIO_CONSOLE_HOST}/oauth_callback"
just add-keycloak-minio-policy
just create-namespace
just add-helm-repo
gomplate -f minio-values.gomplate.yaml -o minio-values.yaml
helm upgrade --install minio minio/minio \
--version ${MINIO_CHART_VERSION} -n ${MINIO_NAMESPACE} --create-namespace --wait \
-f minio-values.yaml
# Uninstall MinIO
uninstall:
helm uninstall minio -n ${MINIO_NAMESPACE} --wait --ignore-not-found
kubectl delete namespace ${MINIO_NAMESPACE} --ignore-not-found
# List MinIO internal policies and users (for debugging)
debug-info:
@kubectl -n ${MINIO_NAMESPACE} exec -it deploy/minio -- \
bash -c "mc alias set local http://localhost:9000 $(just root-user) $(just root-password) && \
echo '--- Policies ---' && \
mc admin policy list local && \
echo '--- Users ---' && \
mc admin user list local"
# Print MinIO root user
root-user:
@kubectl -n ${MINIO_NAMESPACE} get secret minio -o jsonpath='{.data.rootUser}' | base64 -d
@echo
# Print MinIO root password
root-password:
@kubectl -n ${MINIO_NAMESPACE} get secret minio -o jsonpath='{.data.rootPassword}' | base64 -d
@echo
# Create a bucket
create-bucket bucket:
#!/bin/bash
set -euo pipefail
ROOT_USER=$(just root-user)
ROOT_PASSWORD=$(just root-password)
kubectl -n ${MINIO_NAMESPACE} exec -it deploy/minio -- \
bash -c "mc alias set local http://localhost:9000 ${ROOT_USER} ${ROOT_PASSWORD} && \
mc mb --ignore-existing local/{{ bucket }}"
# Check if a bucket exists (returns exit code 0 if exists, 1 if not)
[no-exit-message]
bucket-exists bucket:
#!/bin/bash
set -euo pipefail
ROOT_USER=$(just root-user)
ROOT_PASSWORD=$(just root-password)
if kubectl -n ${MINIO_NAMESPACE} exec -it deploy/minio -- \
bash -c "mc alias set local http://localhost:9000 ${ROOT_USER} ${ROOT_PASSWORD} >/dev/null 2>&1 && \
mc ls local/{{ bucket }} >/dev/null 2>&1"; then
exit 0 # Bucket exists
else
exit 1 # Bucket does not exist
fi
Reference in New Issue View Git Blame Copy Permalink