mirror of https://github.com/kevinveenbirkenbach/computer-playbook.git synced 2025-09-24 11:06:24 +02:00

Files

Kevin Veen-Birkenbach 75c36a1d71 web-app-minio: manage OIDC policy via containerized mc and fix policy JSON

- Use dockerized mc with MC_HOST_minio (stateless), no temp files/dirs
- Create only RAW policy name with slash to match Keycloak claim
- Split policy: s3:* on S3 ARNs; admin:* on Resource "*"
- Add mc vars (image, MC_HOST components) to vars/main.yml
- Remove unused Ollama dependency block from tasks

Refs: ChatGPT conversation → https://chatgpt.com/share/68d1eab9-a35c-800f-aa81-76fb2101bd93

2025-09-23 02:33:35 +02:00

config

web-app-minio: enable OIDC integration and policy handling

2025-09-23 00:56:11 +02:00

README.md

MinIO

Description

MinIO is an S3-compatible object storage service for files, media, backups, and AI artifacts—self-hosted for performance and control.

Overview

Applications that speak “S3” (Pixelfed, Mastodon, Nextcloud, Flowise, etc.) store and retrieve objects from MinIO buckets using familiar SDKs and CLIs. Admins manage buckets, users, and access policies through a browser console while keeping everything on-prem.

Features

S3-compatible API for broad app compatibility
Buckets, users, access keys, and fine-grained policies
Optional versioning, lifecycle rules, and object lock
Presigned URLs for secure, time-limited uploads/downloads
Ideal for AI stacks: datasets, embeddings, and artifacts

Further Resources

MinIO — https://www.min.io
AWS S3 (API background) — https://aws.amazon.com/s3