623a7cb695
We create a separate user for the minio service and use it instead of the main unix-user. This is mainly a security related patch and the commands given by minio in their documentation is used in the implementation; https://min.io/docs/minio/linux/operations/install-deploy-manage/deploy-minio-multi-node-multi-drive.html#create-the-systemd-service-file
34 lines
977 B
Ruby
Executable File
34 lines
977 B
Ruby
Executable File
#!/bin/env ruby
|
|
# frozen_string_literal: true
|
|
|
|
require "json"
|
|
config_json = JSON.parse($stdin.read)
|
|
|
|
unless (minio_config = config_json["minio_config"])
|
|
puts "need minio_config as argument"
|
|
exit 1
|
|
end
|
|
|
|
unless (hosts = config_json["hosts"])
|
|
puts "need hosts as argument"
|
|
exit 1
|
|
end
|
|
|
|
cert = config_json["cert"]
|
|
cert_key = config_json["cert_key"]
|
|
ca_bundle = config_json["ca_bundle"]
|
|
|
|
require_relative "../../common/lib/util"
|
|
|
|
safe_write_to_file("/etc/default/minio", minio_config)
|
|
safe_write_to_file("/etc/hosts", hosts)
|
|
r "sudo chown -R minio-user:minio-user /etc/default/minio"
|
|
|
|
if cert && cert_key && ca_bundle
|
|
r "sudo mkdir -p /home/minio-user/.minio/certs/CAs"
|
|
safe_write_to_file("/home/minio-user/.minio/certs/public.crt", cert)
|
|
safe_write_to_file("/home/minio-user/.minio/certs/private.key", cert_key)
|
|
safe_write_to_file("/home/minio-user/.minio/certs/CAs/public.crt", ca_bundle)
|
|
r "sudo chown -R minio-user:minio-user /home/minio-user/.minio/certs"
|
|
end
|