40 lines
1.7 KiB
Bash
Executable File
40 lines
1.7 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
set -eu
|
|
|
|
mkdir -p /app/data/data /run/minio/config /run/minio/certs
|
|
|
|
# env vars take precedence over config.yaml (https://github.com/minio/minio/blob/master/docs/distributed/CONFIG.md#things-to-know)
|
|
[[ ! -f /app/data/env.sh ]] && cp /app/code/env.sh /app/data/env.sh
|
|
source /app/data/env.sh
|
|
|
|
# https://docs.min.io/minio/baremetal/reference/minio-server/minio-server.html#envvar.MINIO_SERVER_URL
|
|
export MINIO_SERVER_URL="https://${API_SERVER_DOMAIN}"
|
|
export MINIO_BROWSER_REDIRECT_URL="https://${CLOUDRON_APP_DOMAIN}"
|
|
|
|
if [[ ! -d /app/data/mc_config ]]; then
|
|
mkdir -p /app/data/mc_config
|
|
/app/code/mc --config-dir /app/data/mc_config &> /dev/null || true
|
|
fi
|
|
|
|
if [[ -n "${CLOUDRON_OIDC_ISSUER:-}" ]]; then
|
|
export MINIO_IDENTITY_OPENID_DISPLAY_NAME="Cloudron"
|
|
export MINIO_IDENTITY_OPENID_CONFIG_URL="${CLOUDRON_OIDC_DISCOVERY_URL}"
|
|
export MINIO_IDENTITY_OPENID_CLIENT_ID="${CLOUDRON_OIDC_CLIENT_ID}"
|
|
export MINIO_IDENTITY_OPENID_CLIENT_SECRET="${CLOUDRON_OIDC_CLIENT_SECRET}"
|
|
export MINIO_IDENTITY_OPENID_SCOPES="openid profile email"
|
|
if [[ -z "${MINIO_IDENTITY_OPENID_ROLE_POLICY:-}" ]]; then
|
|
export MINIO_IDENTITY_OPENID_ROLE_POLICY="readwrite"
|
|
fi
|
|
|
|
export MINIO_IDENTITY_OPENID_COMMENT="Cloudron OIDC"
|
|
fi
|
|
|
|
# minio is used for backups at times and has a large number of files. optimize by checking if files are actually in correct chown state
|
|
echo "==> Changing ownership"
|
|
[[ $(stat --format '%U' /app/data/data) != "cloudron" ]] && chown -R cloudron:cloudron /app/data
|
|
|
|
echo "==> Starting minio"
|
|
exec /usr/local/bin/gosu cloudron:cloudron /app/code/minio --quiet ${CLOUDRON_MINIO_STARTUP_ARGS} --address :9000 --console-address :8000
|
|
|