From b895ef31b0e9a961f45ef2cd75a1c73ff74462fe Mon Sep 17 00:00:00 2001
From: Joakim Saario <saario.joakim@gmail.com>
Date: Thu, 25 Aug 2022 01:10:53 +0200
Subject: [PATCH] Add minio role

---
 roles/minio/defaults/main.yml                 |  7 ++++
 roles/minio/files/systemd-minio-override.conf |  2 +
 roles/minio/handlers/main.yml                 |  6 +++
 roles/minio/molecule/default/converge.yml     | 19 +++++++++
 roles/minio/molecule/default/molecule.yml     | 14 +++++++
 .../molecule/default/tests/test_default.py    | 25 ++++++++++++
 roles/minio/tasks/main.yml                    | 39 +++++++++++++++++++
 roles/minio/templates/minio.conf.j2           |  4 ++
 roles/minio/vars/main.yml                     |  3 ++
 9 files changed, 119 insertions(+)
 create mode 100644 roles/minio/defaults/main.yml
 create mode 100644 roles/minio/files/systemd-minio-override.conf
 create mode 100644 roles/minio/handlers/main.yml
 create mode 100644 roles/minio/molecule/default/converge.yml
 create mode 100644 roles/minio/molecule/default/molecule.yml
 create mode 100644 roles/minio/molecule/default/tests/test_default.py
 create mode 100644 roles/minio/tasks/main.yml
 create mode 100644 roles/minio/templates/minio.conf.j2
 create mode 100644 roles/minio/vars/main.yml

diff --git a/roles/minio/defaults/main.yml b/roles/minio/defaults/main.yml
new file mode 100644
index 000000000..263a0cb71
--- /dev/null
+++ b/roles/minio/defaults/main.yml
@@ -0,0 +1,7 @@
+minio_extra_opts: []
+
+minio_volumes:
+  - /srv/minio/data/
+
+minio_bind_address: :9000
+minio_console_bind_address: :9001
diff --git a/roles/minio/files/systemd-minio-override.conf b/roles/minio/files/systemd-minio-override.conf
new file mode 100644
index 000000000..8a764e347
--- /dev/null
+++ b/roles/minio/files/systemd-minio-override.conf
@@ -0,0 +1,2 @@
+[Service]
+Restart=always
diff --git a/roles/minio/handlers/main.yml b/roles/minio/handlers/main.yml
new file mode 100644
index 000000000..f71335a37
--- /dev/null
+++ b/roles/minio/handlers/main.yml
@@ -0,0 +1,6 @@
+- name: Restart MinIO
+  systemd:
+    name: minio
+    state: restarted
+    daemon_reload: true
+  when: not systemd_minio_started is changed
diff --git a/roles/minio/molecule/default/converge.yml b/roles/minio/molecule/default/converge.yml
new file mode 100644
index 000000000..41671aeec
--- /dev/null
+++ b/roles/minio/molecule/default/converge.yml
@@ -0,0 +1,19 @@
+- name: Converge
+  hosts: all
+  become: true
+  pre_tasks:
+    - name: Upgrade archlinux-keyring
+      pacman:
+        name: archlinux-keyring
+        state: latest
+        update_cache: true
+
+    - name: Upgrade system
+      pacman:
+        upgrade: true
+
+  roles:
+    - role: minio
+      vars:
+        minio_root_user: username
+        minio_root_password: password
diff --git a/roles/minio/molecule/default/molecule.yml b/roles/minio/molecule/default/molecule.yml
new file mode 100644
index 000000000..deaf564d8
--- /dev/null
+++ b/roles/minio/molecule/default/molecule.yml
@@ -0,0 +1,14 @@
+driver:
+  name: vagrant
+
+platforms:
+  - name: instance
+    box: archlinux/archlinux
+    memory: 512
+    cpu: 1
+
+provisioner:
+  name: ansible
+
+verifier:
+  name: testinfra
diff --git a/roles/minio/molecule/default/tests/test_default.py b/roles/minio/molecule/default/tests/test_default.py
new file mode 100644
index 000000000..f061f6ffe
--- /dev/null
+++ b/roles/minio/molecule/default/tests/test_default.py
@@ -0,0 +1,25 @@
+def test_minio_client_installed(host):
+    assert host.exists("mcli")
+
+
+def test_minio_config(host):
+    config = host.file("/etc/minio/minio.conf")
+
+    assert config.exists
+    assert config.user == "minio"
+    assert config.group == "minio"
+    assert config.mode == 0o600
+    with host.sudo():
+        assert config.content == (
+            b"MINIO_VOLUMES=/srv/minio/data/\n"
+            b"MINIO_ROOT_USER=username\n"
+            b"MINIO_ROOT_PASSWORD=password\n"
+            b"MINIO_OPTS=--address=:9000 --console-address=:9001\n"
+        )
+
+
+def test_minio_started_and_enabled(host):
+    minio = host.service("minio")
+    assert minio.is_running
+    assert minio.is_enabled
+    assert minio.systemd_properties["Restart"] == "always"
diff --git a/roles/minio/tasks/main.yml b/roles/minio/tasks/main.yml
new file mode 100644
index 000000000..27fffc24d
--- /dev/null
+++ b/roles/minio/tasks/main.yml
@@ -0,0 +1,39 @@
+- name: Install MinIO
+  pacman:
+    name: "{{ item }}"
+    state: present
+  loop:
+    - minio
+    - minio-client
+
+- name: Configure MinIO
+  template:
+    src: minio.conf.j2
+    dest: /etc/minio/minio.conf
+    owner: minio
+    group: minio
+    mode: "0600"
+  notify:
+    - Restart MinIO
+
+- name: Create systemd minio.service.d directory
+  file:
+    path: /etc/systemd/system/minio.service.d/
+    state: directory
+    recurse: true
+  register: systemd_minio_service_d
+
+- name: Override systemd minio.service
+  copy:
+    src: systemd-minio-override.conf
+    dest: "{{ systemd_minio_service_d.path }}/override.conf"
+  notify:
+    - Restart MinIO
+
+- name: Start and enable MinIO
+  systemd:
+    name: minio
+    state: started
+    enabled: true
+    daemon_reload: true
+  register: systemd_minio_started
diff --git a/roles/minio/templates/minio.conf.j2 b/roles/minio/templates/minio.conf.j2
new file mode 100644
index 000000000..d4df39697
--- /dev/null
+++ b/roles/minio/templates/minio.conf.j2
@@ -0,0 +1,4 @@
+MINIO_VOLUMES={{ minio_volumes | map("quote") | join(" ") }}
+MINIO_ROOT_USER={{ minio_root_user | quote }}
+MINIO_ROOT_PASSWORD={{ minio_root_password | quote }}
+MINIO_OPTS={{ (minio_standard_opts + minio_extra_opts) | map("quote") | join(" ") }}
diff --git a/roles/minio/vars/main.yml b/roles/minio/vars/main.yml
new file mode 100644
index 000000000..dc49c695d
--- /dev/null
+++ b/roles/minio/vars/main.yml
@@ -0,0 +1,3 @@
+minio_standard_opts:
+  - "--address={{ minio_bind_address }}"
+  - "--console-address={{ minio_console_bind_address }}"
-- 
GitLab