From cbb5c3f10df73cd448b42ee37476b0a56c26eb8c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=AD=99=E5=B0=8F=E4=BA=91?= Date: Wed, 28 May 2025 17:53:55 +0800 Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E6=95=B0=E6=8D=AE=E5=BA=93?= =?UTF-8?q?=E9=85=8D=E7=BD=AE?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- init/8.minio.sh | 78 +++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 78 insertions(+) diff --git a/init/8.minio.sh b/init/8.minio.sh index edb3e74..85265e6 100755 --- a/init/8.minio.sh +++ b/init/8.minio.sh @@ -36,6 +36,14 @@ if [ -z "$MINIO_ROOT_PASSWORD" ]; then echo "错误: 未找到 MINIO_ROOT_PASSWORD 环境变量" exit 1 fi +if [ -z "$MINIO_ACCESS_KEY" ]; then +echo "错误: 未找到 MINIO_ACCESS_KEY 环境变量" +exit 1 +fi +if [ -z "$MINIO_SECRET_KEY" ]; then +echo "错误: 未找到 MINIO_SECRET_KEY 环境变量" +exit 1 +fi if docker ps -a | grep -q ${MINIO_NAME}; then echo "停止并删除已存在的 MinIO 容器..." @@ -55,3 +63,73 @@ docker run -d \ -e MINIO_ROOT_PASSWORD=${MINIO_ROOT_PASSWORD} \ -v "${MINIO_DATA}:/data" \ $MINIO_IMAGE server /data --console-address ":9001" + +# 等待 MinIO 服务启动 +echo "等待 MinIO 服务启动..." +sleep 10 + +# 创建 MinIO 服务账号配置目录 +mkdir -p $(pwd)/volumes/minio/policies + +# 创建 MinIO 服务账号配置文件 +cat > $(pwd)/volumes/minio/policies/mqtt-policy.json << EOF +{ + "Version": "2012-10-17", + "Statement": [ + { + "Effect": "Allow", + "Action": [ + "admin:*" + ] + }, + { + "Effect": "Allow", + "Action": [ + "kms:*" + ] + }, + { + "Effect": "Allow", + "Action": [ + "s3:*" + ], + "Resource": [ + "arn:aws:s3:::*" + ] + } + ] +} +EOF + +# 创建 MinIO 服务账号 +echo "创建 MinIO 服务账号..." +docker exec ${MINIO_NAME} mc alias set myminio http://localhost:9000 ${MINIO_ROOT_USER} ${MINIO_ROOT_PASSWORD} +docker exec ${MINIO_NAME} mc admin user add myminio ${MINIO_ACCESS_KEY} ${MINIO_SECRET_KEY} + +# 将策略文件复制到容器内 +docker cp $(pwd)/volumes/minio/policies/mqtt-policy.json ${MINIO_NAME}:/tmp/mqtt-policy.json + +# 创建和附加策略 +docker exec ${MINIO_NAME} mc admin policy create myminio mqtt-policy /tmp/mqtt-policy.json +docker exec ${MINIO_NAME} mc admin policy attach myminio mqtt-policy --user ${MINIO_ACCESS_KEY} + +# 清理临时文件 +docker exec ${MINIO_NAME} rm /tmp/mqtt-policy.json + +# 创建所需的 bucket +echo "创建所需的 bucket..." +for bucket in default image ta-tech-image th-airport th-dsp video; do + echo "处理 bucket: $bucket" + # 检查 bucket 是否存在 + if ! docker exec ${MINIO_NAME} mc ls myminio/$bucket >/dev/null 2>&1; then + echo "创建 bucket: $bucket" + docker exec ${MINIO_NAME} mc mb myminio/$bucket + else + echo "bucket $bucket 已存在" + fi + # 设置 bucket 为 public + echo "设置 bucket $bucket 为 public" + docker exec ${MINIO_NAME} mc anonymous set public myminio/$bucket +done + +echo "MinIO 服务账号和 bucket 创建完成"