3

I have spent all afternoon with ChatGPT and couldn't figure this out, hopefully someone can help me here.

Using Minio in a Docker Stack for local development, everything works fine.
Would love to, though, start it up with:

  • A default access_key/secret_key (coming from my .env file)
  • Aa bucket already created ("screenshots")

Is there an easy way to do that?

  minio:
    image: quay.io/minio/minio
    container_name: pertento_minio
    command: server /data --console-address ":${MINIO_WEB_PORT}" --address ":${MINIO_API_PORT}"
    environment:
      MINIO_ROOT_USER: ${MINIO_ROOT_USER}
      MINIO_ROOT_PASSWORD: ${MINIO_ROOT_PASSWORD}
      MINIO_ROOT_USER_FILE: ""
      MINIO_ROOT_PASSWORD_FILE: ""
    volumes:
      - minio_config:/root/.minio
      - minio_data:/data
    ports:
      - '${MINIO_WEB_PORT}:${MINIO_WEB_PORT}'
      - '${MINIO_API_PORT}:${MINIO_API_PORT}'
    networks:
      - pertento
Improve this question

1 Answer 1

Reset to default
1

You can use a sidecar container dependent on minio to run some mc commands which will create your new bucket, access key and policy. Here's an example:

minio-init:
  image: minio/mc
    environment:
      MINIO_ROOT_USER: ${MINIO_ROOT_USER}
      MINIO_ROOT_PASSWORD: ${MINIO_ROOT_PASSWORD}
      ACCESS_KEY: ${ACCESS_KEY}
      SECRET_KEY: ${ACCESS_SECRET}
    depends_on:
      - minio
    entrypoint: sh /init.sh
    volumes:
      - ./init.sh:/init.sh

You'll also want to add it to your pertento network so they could see eachother. Then your init.sh file will look something along these lines:

#!/bin/bash
set -e

until mc alias set local http://minio:9000 "${MINIO_ROOT_USER}" "${MINIO_ROOT_PASSWORD}" >/dev/null 2>&1; do
  sleep 1
done
echo "Minio alias set."

if mc ls local/mybucket >/dev/null 2>&1; then
  echo "Bucket 'mybucket' already exists — skipping init."
  exit 0
fi

mc mb local/mybucket
echo "Created bucket 'mybucket'."

cat >/tmp/mybucket-rw.json <<'EOF'
{
  "Version": "2012-10-17",
  "Statement": [
    { "Effect": "Allow",
      "Action": ["s3:GetBucketLocation","s3:ListBucket"],
      "Resource": ["arn:aws:s3:::mybucket"]
    },
    { "Effect": "Allow",
      "Action": ["s3:GetObject","s3:PutObject","s3:DeleteObject"],
      "Resource": ["arn:aws:s3:::mybucket/*"]
    }
  ]
}
EOF

mc admin policy create local mybucket-rw /tmp/mybucket-rw.json
echo "Policy created."

mc admin accesskey create local --access-key "$ACCESS_KEY" --secret-key "$SECRET_KEY"
echo "Access key '$ACCESS_KEY' created."

mc admin policy attach local --user "${ACCESS_KEY}" mybucket-rw
echo "Policy attached."

echo "Init complete."

I used a bucket exists check to prevent the init from running more than once, but you might want to check/update policy, etc.

Hope this helps!

Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.