infrastructure/op_guide/backup_minio
2022-01-26 19:09:26 +01:00
..
README.md Migrate jitsi + WIP backup doc 2022-01-26 19:09:26 +01:00

Add the admin account as deuxfleurs to your ~/.mc/config file

You need to choose some names/identifiers:

export BUCKET_NAME=example
export NEW_ACCESS_KEY_ID=hello

export NEW_SECRET_ACCESS_KEY=$(openssl rand -base64 60)
export POLICY_NAME="policy-$BUCKET_NAME"

Create a new bucket:

mc mb deuxfleurs/$BUCKET_NAME

Create a new user:

mc admin user add deuxfleurs $NEW_ACCESS_KEY_ID $NEW_SECRET_ACCESS_KEY

Add this new user to your ~/.mc/config.json file


Create a policy for this bucket and save it as json:

cat > /tmp/policy.json <<EOF
{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "s3:ListBucket"
            ],
            "Resource": [
                "arn:aws:s3:::${BUCKET_NAME}"
            ]
        },
        {
            "Effect": "Allow",
            "Action": [
                "s3:*"
            ],
            "Resource": [
                "arn:aws:s3:::${BUCKET_NAME}/*"
            ]
        }
    ]
}

Register it:

mc admin policy add deuxfleurs $POLICY_NAME /tmp/policy.json

Set it to your user:

mc admin policy set deuxfleurs $POLICY_NAME user=${NEW_ACCESS_KEY_ID}