tea/browsertrix
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
f1fd11c031
browsertrix/chart/templates/minio.yaml
Ilya Kreymer f1fd11c031
storage: use s3v4 signature for presigning urls (#2611) 
Use V4 ('s3v4') signature version for for all presigning URLs to support
backblaze, fixes #2472
- add 'access_addressing_style' to be able to choose virtual/path
addressing for access endpoint (default to 'virtual' as before)
- fix minio presigning with v4 by using 'path' addressing style for
minio
- if path matches '/data/' for internal minio bucket, then always use
'path'
- also make minio access path '/data/' configurable

also simplify running in any namespace with default settings:
- don't hardcode 'local-minio.default'
- in crawlers namespace, add a 'local-minio' externalName service which
maps to the main namespace service.
2025-05-19 15:44:36 -07:00

182 lines
3.7 KiB
YAML
Raw Blame History

{{- if .Values.minio_local }}
---
kind: Secret
apiVersion: v1
metadata:
name: minio-auth
namespace: {{ .Release.Namespace }}
type: Opaque
stringData:
{{- with (first .Values.storages) }}
MINIO_ROOT_USER: "{{ .access_key }}"
MINIO_ROOT_PASSWORD: "{{ .secret_key }}"
MC_HOST: "{{ $.Values.minio_scheme }}://{{ .access_key }}:{{ .secret_key }}@{{ $.Values.minio_host }}"
{{- end }}
---
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: minio-storage-pvc
annotations:
"helm.sh/resource-policy": keep
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 5Gi
{{- if .Values.volume_storage_class }}
storageClassName: {{ .Values.volume_storage_class }}
{{- end }}
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: local-minio
namespace: {{ .Release.Namespace }}
spec:
selector:
matchLabels:
app: local-minio
replicas: 1
template:
metadata:
labels:
app: local-minio
spec:
{{- if .Values.main_node_type }}
nodeSelector:
nodeType: {{ .Values.main_node_type }}
{{- end }}
volumes:
- name: data-minio
persistentVolumeClaim:
claimName: minio-storage-pvc
initContainers:
- name: init-bucket
image: {{ .Values.minio_image }}
imagePullPolicy: {{ .Values.minio_pull_policy }}
command:
- sh
- -c
- |
mkdir -p /data/{{ .Values.minio_local_bucket_name }}
mkdir -p /data/.minio.sys
echo '{"version":"1","format":"fs","id":"btrix-data-fs","fs":{"version":"2"}}' > /data/.minio.sys/format.json
volumeMounts:
- name: data-minio
mountPath: /data
subPath: minio
resources:
limits:
memory: {{ .Values.minio_memory }}
requests:
cpu: {{ .Values.minio_cpu }}
memory: {{ .Values.minio_memory }}
containers:
- name: minio
image: {{ .Values.minio_image }}
imagePullPolicy: {{ .Values.minio_pull_policy }}
args: ["server", "/data", "--console-address", ":9001"]
envFrom:
- secretRef:
name: minio-auth
volumeMounts:
- name: data-minio
mountPath: /data
subPath: minio
resources:
limits:
memory: {{ .Values.minio_memory }}
requests:
cpu: {{ .Values.minio_cpu }}
memory: {{ .Values.minio_memory }}
---
apiVersion: v1
kind: Service
metadata:
namespace: {{ .Release.Namespace }}
name: local-minio
labels:
app: local-minio
spec:
{{- if .Values.minio_local_access_port }}
type: NodePort
{{- end }}
selector:
app: local-minio
ports:
- protocol: TCP
port: 9000
{{- if .Values.minio_local_access_port }}
nodePort: {{ .Values.minio_local_access_port }}
{{- end }}
name: minio
---
apiVersion: v1
kind: Service
metadata:
namespace: {{ .Values.crawler_namespace }}
name: local-minio
labels:
app: local-minio
spec:
type: ExternalName
externalName: "local-minio.{{ .Release.Namespace }}{{ .Values.fqdn_suffix }}"
ports:
- port: 9000
{{- if .Values.minio_local_console_port }}
---
apiVersion: v1
kind: Service
metadata:
namespace: {{ .Release.Namespace }}
name: local-minio-console
labels:
app: local-minio-console
spec:
type: NodePort
selector:
app: local-minio
ports:
- protocol: TCP
port: 9001
nodePort: {{ .Values.minio_local_console_port }}
name: minio-console
{{- end }}
{{- end }}
Reference in New Issue View Git Blame Copy Permalink