From a3ea838cac41caa4532449151a0e2eede2223e21 Mon Sep 17 00:00:00 2001 From: "Dustin C. Hatch" Date: Thu, 4 May 2023 17:38:02 -0500 Subject: [PATCH] burp-server: Deploy MinIO We're going to run MinIO on the BURP server to provide a backup target for the [Postgres Operator][0]/[WAL-E][1]. Although the Postgres Operator also supports backups via [WAL-G][2], which supports more backup targets like SFTP, the operator does not support restoring from those targets. As such, the best way to get fully-featured backups for the Postgres Operator, including environment cloning, etc., is to use S3. Since I absolutely do not want to store my backups "in the cloud," using MinIO seems a decent alternative. Running it on the BURP server allows the backups to be stored and rotated along with regular system backups. [0]: https://github.com/zalando/postgres-operator/ [1]: https://github.com/wal-e/wal-e [2]: https://github.com/wal-g/wal-g --- certs/minio/burp1.pyrocufflink.blue.cer | 1 + certs/minio/burp1.pyrocufflink.blue.key | 1 + host_vars/burp1.pyrocufflink.blue.yml | 2 ++ hosts | 3 +++ vault/minio/burp1.pyrocufflink.blue | 10 ++++++++++ 5 files changed, 17 insertions(+) create mode 120000 certs/minio/burp1.pyrocufflink.blue.cer create mode 120000 certs/minio/burp1.pyrocufflink.blue.key create mode 100644 vault/minio/burp1.pyrocufflink.blue diff --git a/certs/minio/burp1.pyrocufflink.blue.cer b/certs/minio/burp1.pyrocufflink.blue.cer new file mode 120000 index 0000000..9ebe139 --- /dev/null +++ b/certs/minio/burp1.pyrocufflink.blue.cer @@ -0,0 +1 @@ +../lego/_.pyrocufflink.net.crt \ No newline at end of file diff --git a/certs/minio/burp1.pyrocufflink.blue.key b/certs/minio/burp1.pyrocufflink.blue.key new file mode 120000 index 0000000..3253dd8 --- /dev/null +++ b/certs/minio/burp1.pyrocufflink.blue.key @@ -0,0 +1 @@ +../lego/_.pyrocufflink.net.key \ No newline at end of file diff --git a/host_vars/burp1.pyrocufflink.blue.yml b/host_vars/burp1.pyrocufflink.blue.yml index 3ac3e4a..89a987b 100644 --- a/host_vars/burp1.pyrocufflink.blue.yml +++ b/host_vars/burp1.pyrocufflink.blue.yml @@ -6,3 +6,5 @@ collectd_plugins: # its domain permissive until the problems are identified and resolved # upstream. collectd_selinux_permissive: true + +minio_storage_path: /srv/minio diff --git a/hosts b/hosts index 53886a0..9665bbf 100644 --- a/hosts +++ b/hosts @@ -89,6 +89,9 @@ k8s-node [metricspi] mtrcs0.pyrocufflink.blue +[minio:children] +burp-server + [motioneye] [named-server:children] diff --git a/vault/minio/burp1.pyrocufflink.blue b/vault/minio/burp1.pyrocufflink.blue new file mode 100644 index 0000000..f58772b --- /dev/null +++ b/vault/minio/burp1.pyrocufflink.blue @@ -0,0 +1,10 @@ +$ANSIBLE_VAULT;1.1;AES256 +62313461666639393836343966373038663838396461353539313837616239376565643533393635 +3663336262643538303934633366636266303032393231650a643036363735653634366363393334 +61353835323163656533613662356235373235303735313862656462623333393863646566666163 +3030623963376631660a656465313765623866376633636136303630343161393833623864623337 +63376363333364343766633363306665363433623332303131626338643633653861363765306234 +35306462306364396263383263363933353330633361623532346563376434313534323539326262 +61616361303563316430616166336433393734383433633237383163326661353833373938616638 +39386532313938353932366565663633613966313566613762653938663331636435353339613038 +6236