.
This commit is contained in:
parent
a9f9703eaa
commit
5adbdbdcee
@ -8,7 +8,7 @@ data:
|
|||||||
set -e
|
set -e
|
||||||
|
|
||||||
psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" <<-EOSQL
|
psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" <<-EOSQL
|
||||||
CREATE DATABASE keycloak;
|
CREATE DATABASE {{ .Values.keycloak.database.database }};
|
||||||
CREATE USER keycloaku WITH PASSWORD 'password1';
|
CREATE USER {{ .Values.keycloak.database.username }} WITH PASSWORD '{{ .Values.keycloak.database.password }}';
|
||||||
GRANT ALL PRIVILEGES ON DATABASE keycloak TO keycloaku;
|
GRANT ALL PRIVILEGES ON DATABASE keycloak TO {{ .Values.keycloak.database.username }};
|
||||||
EOSQL
|
EOSQL
|
||||||
|
|||||||
@ -23,38 +23,6 @@ spec:
|
|||||||
done
|
done
|
||||||
echo "MinIO is ready and alias is set."
|
echo "MinIO is ready and alias is set."
|
||||||
|
|
||||||
# Создание пользователя
|
|
||||||
#if ! mc admin user add myminio {{ .Values.minio.customUser }} {{ .Values.minio.customAccessKey }}; then
|
|
||||||
# echo "User {{ .Values.minio.customUser }} already exists or failed to create."
|
|
||||||
#else
|
|
||||||
# echo "User {{ .Values.minio.customUser }} created successfully."
|
|
||||||
#fi
|
|
||||||
|
|
||||||
# Назначение политики для нового пользователя
|
|
||||||
cat <<EOF > /tmp/minio-user-policy.json
|
|
||||||
{
|
|
||||||
"Version": "2012-10-17",
|
|
||||||
"Statement": [
|
|
||||||
{
|
|
||||||
"Sid": "VisualEditor",
|
|
||||||
"Effect": "Allow",
|
|
||||||
"Action": [
|
|
||||||
"s3:DeleteObject",
|
|
||||||
"s3:GetObject",
|
|
||||||
"s3:PutObject"
|
|
||||||
],
|
|
||||||
"Resource": [
|
|
||||||
"arn:aws:s3:::yonote-bucket/*"
|
|
||||||
]
|
|
||||||
}
|
|
||||||
]
|
|
||||||
}
|
|
||||||
EOF
|
|
||||||
echo "User policy JSON file created."
|
|
||||||
|
|
||||||
mc admin policy create myminio yonote-policy /tmp/minio-user-policy.json
|
|
||||||
echo "User policy created and applied."
|
|
||||||
|
|
||||||
# Создание бакета
|
# Создание бакета
|
||||||
if ! mc ls myminio/yonote-bucket; then
|
if ! mc ls myminio/yonote-bucket; then
|
||||||
mc mb myminio/yonote-bucket
|
mc mb myminio/yonote-bucket
|
||||||
@ -104,9 +72,6 @@ spec:
|
|||||||
mc anonymous set-json /tmp/minio-bucket-policy.json myminio/yonote-bucket
|
mc anonymous set-json /tmp/minio-bucket-policy.json myminio/yonote-bucket
|
||||||
echo "Bucket policy applied."
|
echo "Bucket policy applied."
|
||||||
|
|
||||||
mc admin policy attach myminio yonote-policy --user={{ .Values.minio.customUser }}
|
|
||||||
echo "Policy attached to user {{ .Values.minio.customUser }}."
|
|
||||||
|
|
||||||
resources:
|
resources:
|
||||||
requests:
|
requests:
|
||||||
memory: "128Mi"
|
memory: "128Mi"
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user