diff options
| author | Trygve Laugstøl <trygvis@inamo.no> | 2018-12-22 09:27:52 +0100 |
|---|---|---|
| committer | Trygve Laugstøl <trygvis@inamo.no> | 2018-12-22 09:27:57 +0100 |
| commit | 5cc58eda41598b00f39b30881e87a41ad704d755 (patch) | |
| tree | a1939d6e724908574ca025452f268c840d3614f0 /ansible/minio/backup-policy.yml | |
| parent | 9325449dbe8c9590d6391bb1603f8f6377c181ae (diff) | |
| download | infra-5cc58eda41598b00f39b30881e87a41ad704d755.tar.gz infra-5cc58eda41598b00f39b30881e87a41ad704d755.tar.bz2 infra-5cc58eda41598b00f39b30881e87a41ad704d755.tar.xz infra-5cc58eda41598b00f39b30881e87a41ad704d755.zip | |
minio.
Diffstat (limited to 'ansible/minio/backup-policy.yml')
| -rw-r--r-- | ansible/minio/backup-policy.yml | 67 |
1 files changed, 67 insertions, 0 deletions
diff --git a/ansible/minio/backup-policy.yml b/ansible/minio/backup-policy.yml new file mode 100644 index 0000000..e0b8376 --- /dev/null +++ b/ansible/minio/backup-policy.yml @@ -0,0 +1,67 @@ +- register: policy + when: host.state == 'present' + local_action: + module: copy + dest: minio/policies/backup-{{ hostname }}.json + content: | + { + "Version": "2012-10-17", + "Statement": [ + { + "Action": [ + "s3:ListBucket" + ], + "Effect": "Allow", + "Resource": [ + "arn:aws:s3:::backup-{{ hostname }}/*" + ], + "Sid": "" + }, + { + "Action": [ + "s3:GetObject", + "s3:DeleteObject", + "s3:PutObject" + ], + "Effect": "Allow", + "Resource": [ + "arn:aws:s3:::backup-{{ hostname }}/*" + ], + "Sid": "" + } + ] + } + +- name: Registering policy + when: policy.changed + command: mc admin policy add {{ minio_config }} backup-{{ hostname }} minio/policies/backup-{{ hostname }}.json + +- name: checking if bucked exists + command: mc ls --json "{{ minio_config }}" + register: cmd_ls + failed_when: false + +#- debug: var=foo +# vars: +# foo: "{{ cmd_ls.stdout_lines | map('from_json') | list }}" + +#- debug: var=foo +# vars: +# foo: "{{ cmd_ls.stdout_lines | map('from_json') | list | json_query('[?key==`backup-' + hostname + '/`]') }}" + +- name: Creating backup bucket + vars: + len: "{{ cmd_ls.stdout_lines | map('from_json') | list | json_query('[?key==`backup-' + hostname + '/`]') | length }}" + when: len == "0" + command: mc mb {{ minio_config }}/backup-{{ hostname }} + +- name: Removing policy file + when: host.state != 'present' + register: removed + file: + path: minio/policies/backup-{{ hostname }}.json + state: absent + +- name: Unregistering policy + when: removed.changed + command: mc admin policy remove {{ minio_config }} backup-{{ hostname }} |