minio-app/start.sh

47 lines
3.0 KiB
Bash
Raw Normal View History

2017-01-24 06:06:51 +00:00
#!/bin/bash
set -eu
mkdir -p /app/data/data /run/minio/config /run/minio/certs
2017-01-24 06:06:51 +00:00
2020-09-11 19:34:40 +00:00
# minio is used for backups at times and has a large number of files. optimize by checking if files
# are actually in correct chown state
echo "==> Changing ownership"
2020-09-11 19:34:40 +00:00
[[ $(stat --format '%U' /app/data/data) != "cloudron" ]] && chown -R cloudron:cloudron /app/data
2019-01-22 23:29:43 +00:00
if [[ ! -f /app/data/env.sh ]]; then
echo -e "# Add custom minio configuration to this file. Restart the app for changes to take effect.\n\nexport CLOUDRON_MINIO_STARTUP_ARGS='server /app/data/data'" > /app/data/env.sh
# https://github.com/minio/minio#things-to-consider
echo -e "export MINIO_BROWSER_REDIRECT_URI=$(echo $CLOUDRON_APP_ORIGIN)" >> /app/data/env.sh
# ###### ! WARNING ! LDAP IS DISABLED FOR NOW ######
# https://github.com/minio/minio/blob/master/docs/sts/ldap.md
2021-07-11 20:58:41 +00:00
# https://docs.min.io/minio/baremetal/security/ad-ldap-external-identity-management/configure-ad-ldap-external-identity-management.html#minio-authenticate-using-ad-ldap-generic
# (address) AD/LDAP server address e.g. "myldapserver.com:636"
# echo -e "export MINIO_IDENTITY_LDAP_SERVER_ADDR='$(echo $CLOUDRON_LDAP_SERVER):$(echo $CLOUDRON_LDAP_PORT)'" >> /app/data/env.sh
# (string) DN for LDAP read-only service account used to perform DN and group lookups
# echo -e "export MINIO_IDENTITY_LDAP_LOOKUP_BIND_DN='$(echo $CLOUDRON_LDAP_BIND_DN)'" >> /app/data/env.sh
# (string) Password for LDAP read-only service account used to perform DN and group lookups
# echo -e "export MINIO_IDENTITY_LDAP_LOOKUP_BIND_PASSWORD='$(echo $CLOUDRON_LDAP_BIND_PASSWORD)'" >> /app/data/env.sh
# (string) Base LDAP DN to search for user DN
# echo -e "export MINIO_IDENTITY_LDAP_USER_DN_SEARCH_BASE_DN='$(echo $CLOUDRON_LDAP_USERS_BASE_DN)'" >> /app/data/env.sh
# (string) Search filter to lookup user DN
# echo -e "export MINIO_IDENTITY_LDAP_USER_DN_SEARCH_FILTER='(&(objectclass=user)(|(username=%uid)(mail=%uid)))'" >> /app/data/env.sh
# https://docs.min.io/minio/baremetal/reference/minio-server/minio-server.html#envvar.MINIO_IDENTITY_LDAP_TLS_SKIP_VERIFY
# echo -e "export MINIO_IDENTITY_LDAP_TLS_SKIP_VERIFY='on'" >> /app/data/env.sh
# https://docs.min.io/minio/baremetal/reference/minio-server/minio-server.html#envvar.MINIO_IDENTITY_LDAP_TLS_SKIP_VERIFY
# echo -e "export MINIO_IDENTITY_LDAP_SERVER_INSECURE='on'" >> /app/data/env.sh
# ###### ! WARNING ! LDAP IS DISABLED FOR NOW ######
fi
2021-07-11 20:56:59 +00:00
if [[ ! -d /app/data/mc_config ]]; then
echo "==> Set /app/data/mc default config dir"
mkdir -p /app/data/mc_config
/app/code/mc --config-dir /app/data/mc_config &> /dev/null || true
fi
source /app/data/env.sh
# the --config-dir is deprecated and not used. but without it, minio will try to create $HOME/.minio :/ same for --certs-dir
echo "==> Starting minio"
exec /usr/local/bin/gosu cloudron:cloudron /app/code/minio --certs-dir /run/minio/certs --config-dir /run/minio/config --quiet ${CLOUDRON_MINIO_STARTUP_ARGS} --address :$API_PORT --console-address :8000