- 01-infra/nginx-configs: add MinIO /minio/ and /minio-console/ location blocks (port 9000 S3 API, port 9001 Console UI, path stripping via rewrite) - 03-apiservice: integrate MinIO minio-python SDK for file upload - requirements.txt: add minio==7.2.11 - app/core/config.py: add MINIO_ENDPOINT, ACCESS_KEY, SECRET_KEY, BUCKET_FINANCE, USE_SSL - app/services/minio_client.py: new — upload_file(), get_presigned_url(), delete_file() - app/routes/pages.py: replace local /data/uploads/ write with MinIO upload to finance bucket - docker-compose.yml: pass MinIO env vars to container - .env.example: document MinIO vars - 07-minio/.env.example: add MINIO_SVC_ACCESS_KEY/SECRET_KEY section - 07-minio/README.md: add Python minio SDK and Airflow DAG usage guide - CLAUDE.md: project context (servers, SSH, paths, service distribution) - document-obsidiant/: initial Obsidian docs for all services
64 lines
2.6 KiB
Plaintext
64 lines
2.6 KiB
Plaintext
# MinIO Configuration
|
|
# Copy this file to .env and update with your values
|
|
|
|
# ============================================================================
|
|
# MinIO Credentials
|
|
# ============================================================================
|
|
MINIO_ROOT_USER=minioadmin
|
|
MINIO_ROOT_PASSWORD=minioadmin_secure_password_2026
|
|
|
|
# ============================================================================
|
|
# MinIO Ports
|
|
# ============================================================================
|
|
MINIO_API_PORT=9000
|
|
MINIO_CONSOLE_PORT=9001
|
|
|
|
# ============================================================================
|
|
# MinIO Server URLs (for reverse proxy)
|
|
# ============================================================================
|
|
# API endpoint URL (for S3 API access)
|
|
MINIO_SERVER_URL=https://ai.sriphat.com/minio
|
|
|
|
# Console UI URL (for web interface)
|
|
MINIO_BROWSER_REDIRECT_URL=https://ai.sriphat.com/minio-console
|
|
|
|
# ============================================================================
|
|
# MinIO Region
|
|
# ============================================================================
|
|
MINIO_REGION=ap-southeast-1
|
|
|
|
# ============================================================================
|
|
# Keycloak Integration (OpenID Connect)
|
|
# ============================================================================
|
|
# Keycloak OpenID configuration URL
|
|
# Format: https://{keycloak-domain}/realms/{realm-name}/.well-known/openid-configuration
|
|
MINIO_IDENTITY_OPENID_CONFIG_URL=https://ai.sriphat.com/keycloak/realms/sriphat/.well-known/openid-configuration
|
|
|
|
# MinIO client in Keycloak
|
|
MINIO_IDENTITY_OPENID_CLIENT_ID=minio
|
|
|
|
# Client secret from Keycloak
|
|
MINIO_IDENTITY_OPENID_CLIENT_SECRET=your-minio-client-secret-here
|
|
|
|
# Claim name for policy mapping (default: policy)
|
|
MINIO_IDENTITY_OPENID_CLAIM_NAME=policy
|
|
|
|
# OpenID scopes
|
|
MINIO_IDENTITY_OPENID_SCOPES=openid,profile,email
|
|
|
|
# Redirect URI after authentication
|
|
MINIO_IDENTITY_OPENID_REDIRECT_URI=https://ai.sriphat.com/minio-console/oauth_callback
|
|
|
|
# ============================================================================
|
|
# Service Account — Web Service
|
|
# สร้างหลัง MinIO start แล้วด้วย mc CLI
|
|
# mc admin user svcacct add --access-key <KEY> --secret-key <SECRET> sriphat admin
|
|
# ============================================================================
|
|
MINIO_SVC_ACCESS_KEY=sp_service_ac
|
|
MINIO_SVC_SECRET_KEY=your-service-account-secret-here
|
|
|
|
# ============================================================================
|
|
# Timezone
|
|
# ============================================================================
|
|
TZ=Asia/Bangkok
|