Tobias Reisinger
4104057771
roles/ and inventory/ are now in playbooks/ also fixed issues reported by ansible-lint
41 lines
1.1 KiB
YAML
41 lines
1.1 KiB
YAML
---
|
|
minio_svc:
|
|
domain: s3.serguzim.me
|
|
port: 9000
|
|
caddy_extra: |
|
|
@nocache {
|
|
query nocache=*
|
|
}
|
|
header @nocache "Cache-Control" "no-store, no-cache"
|
|
extra_svcs:
|
|
- domain: console.s3.serguzim.me
|
|
docker_host: minio
|
|
port: 9001
|
|
|
|
minio_env:
|
|
MINIO_SERVER_URL: https://{{ svc.domain }}/
|
|
MINIO_BROWSER_REDIRECT_URL: https://console.{{ svc.domain }}
|
|
MINIO_VOLUMES: /data
|
|
|
|
MINIO_ROOT_USER: "{{ vault_minio.user }}"
|
|
MINIO_ROOT_PASSWORD: "{{ vault_minio.pass }}"
|
|
|
|
MINIO_IDENTITY_OPENID_CONFIG_URL: "{{ (opentofu.authentik_data.minio.base_url, '.well-known/openid-configuration') | path_join }}"
|
|
MINIO_IDENTITY_OPENID_CLIENT_ID: "{{ opentofu.authentik_data.minio.client_id }}"
|
|
MINIO_IDENTITY_OPENID_CLIENT_SECRET: "{{ opentofu.authentik_data.minio.client_secret }}"
|
|
MINIO_IDENTITY_OPENID_CLAIM_NAME: minio_policy
|
|
MINIO_IDENTITY_OPENID_DISPLAY_NAME: auth.serguzim.me
|
|
MINIO_IDENTITY_OPENID_SCOPES: openid,email,profile,minio
|
|
|
|
|
|
minio_compose:
|
|
watchtower: true
|
|
image: minio/minio
|
|
volumes:
|
|
- data:/data
|
|
file:
|
|
services:
|
|
app:
|
|
command: server --console-address ":9001"
|
|
volumes:
|
|
data:
|