chore: added minio configuration dockerfile

2023-09-22 13:49:06 +00:00 · 2023-09-22 13:49:06 +00:00 · d4df2c4717
commit d4df2c4717
parent 6d52e7b5b6
2 changed files with 54 additions and 0 deletions
--- a/minio.sh
+++ b/minio.sh
@ -0,0 +1,47 @@
+#!/bin/bash
+
+AWS_ACCESS_KEY_ID=$1
+AWS_SECRET_ACCESS_KEY=$2
+AWS_S3_BUCKET_NAME=$3
+
+/usr/bin/mc config host add plane-minio http://plane-minio:9000 $AWS_ACCESS_KEY_ID $AWS_SECRET_ACCESS_KEY; 
+
+/usr/bin/mc mb $AWS_S3_BUCKET_NAME; 
+/usr/bin/mc anonymous set download $AWS_S3_BUCKET_NAME;
+
+# Create the policy JSON file
+cat <<EOF > policy.json
+{
+    "Version": "2012-10-17",
+    "Statement": [
+      {
+        "Action": [
+          "s3:ListBucket"
+        ],
+        "Effect": "Deny",
+        "Resource": [
+          "arn:aws:s3:::uploads/*"
+        ]
+      },
+      {
+        "Action": [
+          "s3:GetObject",
+          "s3:PutObject",
+          "s3:DeleteObject"
+        ],
+        "Effect": "Allow",
+        "Resource": [
+          "arn:aws:s3:::uploads/*"
+        ]
+      }
+    ]
+}
+EOF
+
+# Create and apply the policy
+/usr/bin/mc admin policy create plane-minio blocking-file-listing policy.json
+# /usr/bin/mc admin policy attach plane-minio read-only-policy user
+
+/usr/bin/mc admin service restart plane-minio
+
+exit 0;
--- a/minio/Dockerfile.minio
+++ b/minio/Dockerfile.minio
@ -0,0 +1,7 @@
+FROM minio/mc
+
+# Copy the setup script
+COPY minio.sh /usr/local/bin/
+
+# Set the execute permission for the setup script
+RUN chmod +x /usr/local/bin/minio.sh