infrastructure/op_guide/backup_minio/README.md at a68a1e1da77f6f87a1c315d057edc59a31746d1c

Archived

This repository has been archived on 2023-03-15. You can view files and clone it, but cannot push or open issues or pull requests.

Quentin a68a1e1da7 Migrate jitsi + WIP backup doc

2022-01-26 19:09:26 +01:00

1.2 KiB

Raw Blame History

Add the admin account as deuxfleurs to your ~/.mc/config file

You need to choose some names/identifiers:

export BUCKET_NAME=example
export NEW_ACCESS_KEY_ID=hello

export NEW_SECRET_ACCESS_KEY=$(openssl rand -base64 60)
export POLICY_NAME="policy-$BUCKET_NAME"

Create a new bucket:

mc mb deuxfleurs/$BUCKET_NAME

Create a new user:

mc admin user add deuxfleurs $NEW_ACCESS_KEY_ID $NEW_SECRET_ACCESS_KEY

Add this new user to your ~/.mc/config.json file

Create a policy for this bucket and save it as json:

cat > /tmp/policy.json <<EOF
{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "s3:ListBucket"
            ],
            "Resource": [
                "arn:aws:s3:::${BUCKET_NAME}"
            ]
        },
        {
            "Effect": "Allow",
            "Action": [
                "s3:*"
            ],
            "Resource": [
                "arn:aws:s3:::${BUCKET_NAME}/*"
            ]
        }
    ]
}

mc admin policy add deuxfleurs $POLICY_NAME /tmp/policy.json

Set it to your user:

mc admin policy set deuxfleurs $POLICY_NAME user=${NEW_ACCESS_KEY_ID}

1.2 KiB Raw Blame History

1.2 KiB

Raw Blame History