95 lines
2.0 KiB
YAML
95 lines
2.0 KiB
YAML
|
---
|
||
|
# ------------------------------------------
|
||
|
# -- Istio extenstion. Just because I'm
|
||
|
# -- not using ingress nginx
|
||
|
# ------------------------------------------
|
||
|
istio:
|
||
|
enabled: true
|
||
|
istio:
|
||
|
- name: minio-http
|
||
|
gateway: badhouseplants-net
|
||
|
kind: http
|
||
|
hostname: min.e.badhouseplants.net
|
||
|
service: minio-console
|
||
|
port: 9001
|
||
|
- name: s3-http
|
||
|
gateway: badhouseplants-net
|
||
|
kind: http
|
||
|
hostname: s3.e.badhouseplants.net
|
||
|
service: minio
|
||
|
port: 9000
|
||
|
rootUser: 'overlord'
|
||
|
replicas: 1
|
||
|
mode: standalone
|
||
|
environment:
|
||
|
MINIO_SERVER_URL: "https://s3.e.badhouseplants.net:443"
|
||
|
tls:
|
||
|
enabled: false
|
||
|
certSecret: ''
|
||
|
publicCrt: public.crt
|
||
|
privateKey: private.key
|
||
|
persistence:
|
||
|
enabled: true
|
||
|
accessMode: ReadWriteOnce
|
||
|
size: 30Gi
|
||
|
service:
|
||
|
type: ClusterIP
|
||
|
clusterIP: ~
|
||
|
port: '9000'
|
||
|
consoleService:
|
||
|
type: ClusterIP
|
||
|
clusterIP: ~
|
||
|
port: '9001'
|
||
|
resources:
|
||
|
requests:
|
||
|
memory: 0.7Gi
|
||
|
policies:
|
||
|
- name: badhouseplants:owners
|
||
|
statements:
|
||
|
- resources:
|
||
|
- 'arn:aws:s3:::*'
|
||
|
actions:
|
||
|
- "s3:*"
|
||
|
- resources: []
|
||
|
actions:
|
||
|
- "admin:*"
|
||
|
- resources: []
|
||
|
actions:
|
||
|
- "kms:*"
|
||
|
- name: badhouseplants
|
||
|
statements:
|
||
|
- resources:
|
||
|
- 'arn:aws:s3:::badhouseplants-net'
|
||
|
actions:
|
||
|
- "s3:*"
|
||
|
- resources:
|
||
|
- 'arn:aws:s3:::badhouseplants-net/*'
|
||
|
actions:
|
||
|
- "s3:*"
|
||
|
- name: backup
|
||
|
statements:
|
||
|
- resources:
|
||
|
- 'arn:aws:s3:::longhorn/*'
|
||
|
- 'arn:aws:s3:::longhorn'
|
||
|
- 'arn:aws:s3:::restic/*'
|
||
|
- 'arn:aws:s3:::restic'
|
||
|
actions:
|
||
|
- "s3:DeleteObject"
|
||
|
- "s3:GetObject"
|
||
|
- "s3:ListBucket"
|
||
|
- "s3:PutObject"
|
||
|
buckets:
|
||
|
- name: longhorn
|
||
|
policy: none
|
||
|
purge: false
|
||
|
versioning: false
|
||
|
- name: restic
|
||
|
policy: none
|
||
|
purge: false
|
||
|
versioning: false
|
||
|
metrics:
|
||
|
serviceMonitor:
|
||
|
enabled: false
|
||
|
public: true
|
||
|
additionalLabels: {}
|