diff --git a/repos/stable/minio/Chart.yaml b/repos/stable/minio/Chart.yaml index dcdea2ad..0a956432 100755 --- a/repos/stable/minio/Chart.yaml +++ b/repos/stable/minio/Chart.yaml @@ -6,7 +6,7 @@ maintainers: email: spteam@metacenter.no home: https://minio.io/ icon: https://secure.gravatar.com/avatar/2a5ff6e3cc19dfd93b2e9e5c790449d3.jpg -version: 1.1.0 +version: 1.2.0 keywords: - File sharing - Cloud storage diff --git a/repos/stable/minio/README.md b/repos/stable/minio/README.md index d35e3fcd..17a9de2d 100644 --- a/repos/stable/minio/README.md +++ b/repos/stable/minio/README.md @@ -14,10 +14,10 @@ access minio's web interface through a web browser. ### Advanced This application uses the following Dockerfile: -- [minio](https://github.com/minio/minio/tree/d5aa2f9/Dockerfile) +- [minio](https://github.com/UNINETTSigma2/helm-charts-dockerfiles/blob/3a2e4f52837e4abdc772a3bc62cb7987acaac40a/minio/Dockerfile) #### Values | Value name | Description | | ------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| advanced.accessKey | The key / username to use when logging in. | -| advanced.secretKey | The token / password to use when logging in. | +| advanced.rootUser | The username to use for logging in. | +| advanced.rootPassword | The password to use for logging in. | diff --git a/repos/stable/minio/schema.yaml b/repos/stable/minio/schema.yaml index cacd6926..0690385a 100644 --- a/repos/stable/minio/schema.yaml +++ b/repos/stable/minio/schema.yaml @@ -3,16 +3,16 @@ properties: advanced: type: object properties: - accessKey: + rootUser: type: string - description: "The username to use when accessing minio." + description: "The username to use for accessing minio." examples: - - accesskeyexample - secretKey: + - rootuserexample + rootPassword: type: string - description: "The password to use when accessing minio." + description: "The password to use for accessing minio." examples: - - secretkeyexample + - rootpasswordexample appstore_generated_data: type: object properties: @@ -22,7 +22,7 @@ properties: contact_email: type: string examples: - - example@uninett.no + - example@sigma2.no dataporten: type: object properties: diff --git a/repos/stable/minio/templates/NOTES.txt b/repos/stable/minio/templates/NOTES.txt index c05fae0f..1114da49 100644 --- a/repos/stable/minio/templates/NOTES.txt +++ b/repos/stable/minio/templates/NOTES.txt @@ -2,9 +2,9 @@ You can use the follow credentials to login to this Minio instance - Access Key: {{ .Values.advanced.accessKey }} - Secret Key: {{ .Values.advanced.secretKey }} -{{ if eq .Values.advanced.accessKey "exampleaccesskey" }} -Note: Please change the default access and secret keys by going + Access Key: {{ .Values.advanced.rootUser }} + Secret Key: {{ .Values.advanced.rootPassword }} +{{ if eq .Values.advanced.rootUser "rootuserexample" }} +Note: Please change the default root username and password by going to Reconfigure menu on the right side and under Advanced options. {{ end }} diff --git a/repos/stable/minio/templates/_helpers.tpl b/repos/stable/minio/templates/_helpers.tpl index 391a73be..170dadca 100644 --- a/repos/stable/minio/templates/_helpers.tpl +++ b/repos/stable/minio/templates/_helpers.tpl @@ -31,7 +31,7 @@ gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/usr/sbin/nologi nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin _apt:x:100:65534::/nonexistent:/usr/sbin/nologin jovyan:x:1000:100::/home/jovyan:/bin/bash -{{ .Values.username }}:x:{{ .Values.uid }}:{{ .Values.gid }}::/home/notebook:/bin/bash +{{ .Values.username }}:x:{{ .Values.uid }}:{{ .Values.gid }}::/home/{{ .Values.username }}:/bin/bash {{- end -}} diff --git a/repos/stable/minio/templates/deployment.yaml b/repos/stable/minio/templates/deployment.yaml index 8da8ebbf..9008ddfb 100644 --- a/repos/stable/minio/templates/deployment.yaml +++ b/repos/stable/minio/templates/deployment.yaml @@ -57,7 +57,7 @@ spec: - /bin/sh - -c - -x - - "mkdir -p /mnt/{{ .Values.persistentStorage.existingClaimName }}/.tools/{{ template "fullname" . }} && chmod g+w /mnt/{{ .Values.persistentStorage.existingClaimName }}/.tools" + - "mkdir -p /mnt/{{ .Values.persistentStorage.existingClaimName }}/.tools/{{ template "fullname" . }} /mnt/{{ .Values.persistentStorage.existingClaimName }}/.minio.sys && chmod g+w /mnt/{{ .Values.persistentStorage.existingClaimName }}/.tools /mnt/{{ .Values.persistentStorage.existingClaimName }}/.minio.sys && printf '{\"version\":\"1\",\"format\":\"fs\",\"id\":\"avoid-going-into-snsd-mode-legacy-is-fine-with-me\",\"fs\":{\"version\":\"2\"}}' | cat > /mnt/{{ .Values.persistentStorage.existingClaimName }}/.minio.sys/format.json" volumeMounts: - name: {{ .Values.persistentStorage.existingClaimName }} mountPath: /mnt/{{ .Values.persistentStorage.existingClaimName }} @@ -80,16 +80,24 @@ spec: containers: - name: minio env: - - name: MINIO_ACCESS_KEY + - name: MINIO_ROOT_USER valueFrom: secretKeyRef: name: {{ template "fullname" . }} - key: MINIO_ACCESS_KEY - - name: MINIO_SECRET_KEY + key: MINIO_ROOT_USER + - name: MINIO_ROOT_PASSWORD valueFrom: secretKeyRef: name: {{ template "fullname" . }} - key: MINIO_SECRET_KEY + key: MINIO_ROOT_PASSWORD + - name: MINIO_ADDRESS + value: "0.0.0.0:9000" + - name: MINIO_CONSOLE_ADDRESS + value: "0.0.0.0:9001" + - name: MINIO_BROWSER_REDIRECT_URL + value: "https://{{ .Values.ingress.host }}" + - name: MINIO_SERVER_URL + value: "https://server-{{ .Values.ingress.host }}" - name: TZ value: Europe/Oslo image: {{ .Values.advanced.dockerImage }} @@ -102,6 +110,7 @@ spec: {{ toYaml .Values.resources | indent 10 }} ports: - containerPort: 9000 + - containerPort: 9001 securityContext: runAsUser: {{ .Values.uid }} runAsGroup: {{ .Values.gid }} diff --git a/repos/stable/minio/templates/ingress.yaml b/repos/stable/minio/templates/ingress.yaml index 533b8c02..ed95d063 100644 --- a/repos/stable/minio/templates/ingress.yaml +++ b/repos/stable/minio/templates/ingress.yaml @@ -9,11 +9,43 @@ metadata: heritage: "{{ .Release.Service }}" annotations: appstore.uninett.no/contact_email: {{ .Values.appstore_generated_data.appstore_meta_data.contact_email }} - kubernetes.io/ingress.class: nginx nginx.ingress.kubernetes.io/proxy-body-size: "0" nginx.ingress.kubernetes.io/proxy-send-timeout: "3600" nginx.ingress.kubernetes.io/proxy-read-timeout: "3600" spec: + ingressClassName: nginx + tls: + - secretName: wildcard-tls + hosts: + - server-{{ .Values.ingress.host }} + rules: + - host: server-{{ .Values.ingress.host }} + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: {{ template "fullname" . }} + port: + number: 9000 +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: {{ template "fullname" . }}-console + labels: + app: {{ template "fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + annotations: + appstore.uninett.no/contact_email: {{ .Values.appstore_generated_data.appstore_meta_data.contact_email }} + nginx.ingress.kubernetes.io/proxy-body-size: "0" + nginx.ingress.kubernetes.io/proxy-send-timeout: "3600" + nginx.ingress.kubernetes.io/proxy-read-timeout: "3600" +spec: + ingressClassName: nginx tls: - secretName: wildcard-tls hosts: @@ -27,5 +59,5 @@ spec: backend: service: name: {{ template "fullname" . }} - port: - number: 9000 + port: + number: 9001 diff --git a/repos/stable/minio/templates/network-policy.yaml b/repos/stable/minio/templates/network-policy.yaml index 44d6b394..e189b0ef 100644 --- a/repos/stable/minio/templates/network-policy.yaml +++ b/repos/stable/minio/templates/network-policy.yaml @@ -18,6 +18,11 @@ spec: - namespaceSelector: matchLabels: name: kube-ingress + - namespaceSelector: + matchLabels: + name: ingress-nginx ports: - protocol: TCP port: 9000 + - protocol: TCP + port: 9001 diff --git a/repos/stable/minio/templates/secret.yaml b/repos/stable/minio/templates/secret.yaml index 5f0dfe40..f0821af9 100644 --- a/repos/stable/minio/templates/secret.yaml +++ b/repos/stable/minio/templates/secret.yaml @@ -11,5 +11,5 @@ metadata: heritage: "{{ .Release.Service }}" type: Opaque data: - MINIO_ACCESS_KEY: {{ .Values.advanced.accessKey | b64enc }} - MINIO_SECRET_KEY: {{ .Values.advanced.secretKey | b64enc }} + MINIO_ROOT_USER: {{ .Values.advanced.rootUser | b64enc }} + MINIO_ROOT_PASSWORD: {{ .Values.advanced.rootPassword | b64enc }} diff --git a/repos/stable/minio/templates/service.yaml b/repos/stable/minio/templates/service.yaml index f65f7532..6a1ddc68 100644 --- a/repos/stable/minio/templates/service.yaml +++ b/repos/stable/minio/templates/service.yaml @@ -15,5 +15,9 @@ spec: targetPort: 9000 protocol: TCP name: {{ template "fullname" . }}-service + - port: 9001 + targetPort: 9001 + protocol: TCP + name: {{ template "fullname" . }}-console-service selector: app: {{ template "fullname" . }} diff --git a/repos/stable/minio/values.yaml b/repos/stable/minio/values.yaml index c3fb21a2..2674a3a2 100755 --- a/repos/stable/minio/values.yaml +++ b/repos/stable/minio/values.yaml @@ -20,7 +20,7 @@ supplementalGroups: gid: "" appstore_generated_data: appstore_meta_data: - contact_email: "example@uninett.no" + contact_email: "example@sigma2.no" dataporten: scopes: - "" @@ -42,6 +42,6 @@ appstore_generated_data: token_url: provided-by-toolkit auth_url: provided-by-toolkit advanced: - accessKey: "accesskeyexample" - secretKey: "secretkeyexample" - dockerImage: quay.io/uninett/minio:20210215-96996ea + rootUser: "rootuserexample" + rootPassword: "rootpasswordexample" + dockerImage: sigma2as/minio:20240306-3a2e4f5