cloudron
/
minio-app
mirror of https://git.cloudron.io/cloudron/minio-app
1
0
Fork 0
Code Issues Releases Wiki Activity

Added LDAP settings for unsecure internal communication; fixt missing export in env.sh

This commit is contained in:
Elias Hackradt 2021-07-11 23:15:50 +02:00
parent 8713b30b79
commit f814368e12
No known key found for this signature in database
GPG Key ID: 32B038A64E6697B1
1 changed files with 10 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
start.sh
View File

@ -12,19 +12,23 @@ echo "==> Changing ownership"
if [[ ! -f /app/data/env.sh ]]; then if [[ ! -f /app/data/env.sh ]]; then
echo -e "# Add custom minio configuration to this file. Restart the app for changes to take effect.\n\nexport CLOUDRON_MINIO_STARTUP_ARGS='server /app/data/data'" > /app/data/env.sh echo -e "# Add custom minio configuration to this file. Restart the app for changes to take effect.\n\nexport CLOUDRON_MINIO_STARTUP_ARGS='server /app/data/data'" > /app/data/env.sh
# https://github.com/minio/minio#things-to-consider # https://github.com/minio/minio#things-to-consider
echo -e "MINIO_BROWSER_REDIRECT_URI=$(echo $CLOUDRON_APP_ORIGIN)" >> /app/data/env.sh echo -e "export MINIO_BROWSER_REDIRECT_URI=$(echo $CLOUDRON_APP_ORIGIN)" >> /app/data/env.sh
# https://github.com/minio/minio/blob/master/docs/sts/ldap.md # https://github.com/minio/minio/blob/master/docs/sts/ldap.md
# https://docs.min.io/minio/baremetal/security/ad-ldap-external-identity-management/configure-ad-ldap-external-identity-management.html#minio-authenticate-using-ad-ldap-generic # https://docs.min.io/minio/baremetal/security/ad-ldap-external-identity-management/configure-ad-ldap-external-identity-management.html#minio-authenticate-using-ad-ldap-generic
# (address) AD/LDAP server address e.g. "myldapserver.com:636" # (address) AD/LDAP server address e.g. "myldapserver.com:636"
echo -e "MINIO_IDENTITY_LDAP_SERVER_ADDR='$(echo $CLOUDRON_LDAP_URL)'" >> /app/data/env.sh echo -e "export MINIO_IDENTITY_LDAP_SERVER_ADDR='$(echo $CLOUDRON_LDAP_SERVER):$(echo $CLOUDRON_LDAP_PORT)'" >> /app/data/env.sh
# (string) DN for LDAP read-only service account used to perform DN and group lookups # (string) DN for LDAP read-only service account used to perform DN and group lookups
echo -e "MINIO_IDENTITY_LDAP_LOOKUP_BIND_DN='$(echo $CLOUDRON_LDAP_BIND_DN)'" >> /app/data/env.sh echo -e "export MINIO_IDENTITY_LDAP_LOOKUP_BIND_DN='$(echo $CLOUDRON_LDAP_BIND_DN)'" >> /app/data/env.sh
# (string) Password for LDAP read-only service account used to perform DN and group lookups # (string) Password for LDAP read-only service account used to perform DN and group lookups
echo -e "MINIO_IDENTITY_LDAP_LOOKUP_BIND_PASSWORD='$(echo $CLOUDRON_LDAP_BIND_PASSWORD)'" >> /app/data/env.sh echo -e "export MINIO_IDENTITY_LDAP_LOOKUP_BIND_PASSWORD='$(echo $CLOUDRON_LDAP_BIND_PASSWORD)'" >> /app/data/env.sh
# (string) Base LDAP DN to search for user DN # (string) Base LDAP DN to search for user DN
echo -e "MINIO_IDENTITY_LDAP_USER_DN_SEARCH_BASE_DN='$(echo $CLOUDRON_LDAP_USERS_BASE_DN)'" >> /app/data/env.sh echo -e "export MINIO_IDENTITY_LDAP_USER_DN_SEARCH_BASE_DN='$(echo $CLOUDRON_LDAP_USERS_BASE_DN)'" >> /app/data/env.sh
# (string) Search filter to lookup user DN # (string) Search filter to lookup user DN
echo -e "MINIO_IDENTITY_LDAP_USER_DN_SEARCH_FILTER='(&(objectclass=user)(|(username=%uid)(mail=%uid)))'" >> /app/data/env.sh echo -e "export MINIO_IDENTITY_LDAP_USER_DN_SEARCH_FILTER='(&(objectclass=user)(|(username=%uid)(mail=%uid)))'" >> /app/data/env.sh
# https://docs.min.io/minio/baremetal/reference/minio-server/minio-server.html#envvar.MINIO_IDENTITY_LDAP_TLS_SKIP_VERIFY
echo -e "export MINIO_IDENTITY_LDAP_TLS_SKIP_VERIFY='on'" >> /app/data/env.sh
# https://docs.min.io/minio/baremetal/reference/minio-server/minio-server.html#envvar.MINIO_IDENTITY_LDAP_TLS_SKIP_VERIFY
echo -e "export MINIO_IDENTITY_LDAP_SERVER_INSECURE='on'" >> /app/data/env.sh
fi fi
if [[ ! -d /app/data/mc_config ]]; then if [[ ! -d /app/data/mc_config ]]; then