136 lines
3.5 KiB
Bash
Executable File
136 lines
3.5 KiB
Bash
Executable File
source ../environment.sh
|
|
|
|
if [ -z "$NETWORK" ]; then
|
|
echo "错误: 未找到 NETWORK 环境变量"
|
|
exit 1
|
|
fi
|
|
if [ -z "$MINIO_NAME" ]; then
|
|
echo "错误: 未找到 MINIO_NAME 环境变量"
|
|
exit 1
|
|
fi
|
|
if [ -z "$MINIO_IMAGE" ]; then
|
|
echo "错误: 未找到 MINIO_IMAGE 环境变量"
|
|
exit 1
|
|
fi
|
|
if [ -z "$MINIO_MEMORY" ]; then
|
|
echo "错误: 未找到 MINIO_MEMORY 环境变量"
|
|
exit 1
|
|
fi
|
|
if [ -z "$MINIO_API_PORT" ]; then
|
|
echo "错误: 未找到 MINIO_API_PORT 环境变量"
|
|
exit 1
|
|
fi
|
|
if [ -z "$MINIO_CONSOLE_PORT" ]; then
|
|
echo "错误: 未找到 MINIO_CONSOLE_PORT 环境变量"
|
|
exit 1
|
|
fi
|
|
if [ -z "$MINIO_DATA" ]; then
|
|
echo "错误: 未找到 MINIO_DATA 环境变量"
|
|
exit 1
|
|
fi
|
|
if [ -z "$MINIO_ROOT_USER" ]; then
|
|
echo "错误: 未找到 MINIO_ROOT_USER 环境变量"
|
|
exit 1
|
|
fi
|
|
if [ -z "$MINIO_ROOT_PASSWORD" ]; then
|
|
echo "错误: 未找到 MINIO_ROOT_PASSWORD 环境变量"
|
|
exit 1
|
|
fi
|
|
if [ -z "$MINIO_ACCESS_KEY" ]; then
|
|
echo "错误: 未找到 MINIO_ACCESS_KEY 环境变量"
|
|
exit 1
|
|
fi
|
|
if [ -z "$MINIO_SECRET_KEY" ]; then
|
|
echo "错误: 未找到 MINIO_SECRET_KEY 环境变量"
|
|
exit 1
|
|
fi
|
|
|
|
if docker ps -a | grep -q ${MINIO_NAME}; then
|
|
echo "停止并删除已存在的 MinIO 容器..."
|
|
docker stop ${MINIO_NAME} >/dev/null 2>&1
|
|
docker rm ${MINIO_NAME} >/dev/null 2>&1
|
|
fi
|
|
|
|
# 启动MinIO容器
|
|
docker run -d \
|
|
--name ${MINIO_NAME} \
|
|
--network $NETWORK \
|
|
--memory $MINIO_MEMORY \
|
|
--restart unless-stopped \
|
|
-p ${MINIO_API_PORT}:9000 \
|
|
-p ${MINIO_CONSOLE_PORT}:9001 \
|
|
-e MINIO_ROOT_USER=${MINIO_ROOT_USER} \
|
|
-e MINIO_ROOT_PASSWORD=${MINIO_ROOT_PASSWORD} \
|
|
-v "${MINIO_DATA}:/data" \
|
|
$MINIO_IMAGE server /data --console-address ":9001"
|
|
|
|
# 等待 MinIO 服务启动
|
|
echo "等待 MinIO 服务启动..."
|
|
sleep 10
|
|
|
|
# 创建 MinIO 服务账号配置目录
|
|
mkdir -p $(pwd)/volumes/minio/policies
|
|
|
|
# 创建 MinIO 服务账号配置文件
|
|
cat > $(pwd)/volumes/minio/policies/mqtt-policy.json << EOF
|
|
{
|
|
"Version": "2012-10-17",
|
|
"Statement": [
|
|
{
|
|
"Effect": "Allow",
|
|
"Action": [
|
|
"admin:*"
|
|
]
|
|
},
|
|
{
|
|
"Effect": "Allow",
|
|
"Action": [
|
|
"kms:*"
|
|
]
|
|
},
|
|
{
|
|
"Effect": "Allow",
|
|
"Action": [
|
|
"s3:*"
|
|
],
|
|
"Resource": [
|
|
"arn:aws:s3:::*"
|
|
]
|
|
}
|
|
]
|
|
}
|
|
EOF
|
|
|
|
# 创建 MinIO 服务账号
|
|
echo "创建 MinIO 服务账号..."
|
|
docker exec ${MINIO_NAME} mc alias set myminio http://localhost:9000 ${MINIO_ROOT_USER} ${MINIO_ROOT_PASSWORD}
|
|
docker exec ${MINIO_NAME} mc admin user add myminio ${MINIO_ACCESS_KEY} ${MINIO_SECRET_KEY}
|
|
|
|
# 将策略文件复制到容器内
|
|
docker cp $(pwd)/volumes/minio/policies/mqtt-policy.json ${MINIO_NAME}:/tmp/mqtt-policy.json
|
|
|
|
# 创建和附加策略
|
|
docker exec ${MINIO_NAME} mc admin policy create myminio mqtt-policy /tmp/mqtt-policy.json
|
|
docker exec ${MINIO_NAME} mc admin policy attach myminio mqtt-policy --user ${MINIO_ACCESS_KEY}
|
|
|
|
# 清理临时文件
|
|
docker exec ${MINIO_NAME} rm /tmp/mqtt-policy.json
|
|
|
|
# 创建所需的 bucket
|
|
echo "创建所需的 bucket..."
|
|
for bucket in default image ta-tech-image th-airport th-dsp video th-hhz; do
|
|
echo "处理 bucket: $bucket"
|
|
# 检查 bucket 是否存在
|
|
if ! docker exec ${MINIO_NAME} mc ls myminio/$bucket >/dev/null 2>&1; then
|
|
echo "创建 bucket: $bucket"
|
|
docker exec ${MINIO_NAME} mc mb myminio/$bucket
|
|
else
|
|
echo "bucket $bucket 已存在"
|
|
fi
|
|
# 设置 bucket 为 public
|
|
echo "设置 bucket $bucket 为 public"
|
|
docker exec ${MINIO_NAME} mc anonymous set public myminio/$bucket
|
|
done
|
|
|
|
echo "MinIO 服务账号和 bucket 创建完成"
|