k3s-cluster/cluster/apps/database/minio/helm-release.yaml

apiVersion: helm.toolkit.fluxcd.io/v2beta1
kind: HelmRelease
metadata:
  name: minio
  namespace: database
spec:
  interval: 5m
  chart:
    spec:
      chart: app-template
      version: 1.3.x
      sourceRef:
        kind: HelmRepository
        name: bjws-charts
        namespace: flux-system
        
  values:
    image:
      repository: quay.io/minio/minio
      tag: RELEASE.2023-04-13T03-08-07Z
    env:
      TZ: "America/New_York"
      MINIO_UPDATE: "off"
      MINIO_BROWSER_REDIRECT_URL: "https://minio.${SECRET_NEW_DOMAIN}"
      MINIO_SERVER_URL: "https://s3.${SECRET_NEW_DOMAIN}"
    envFrom:
      - secretRef:
          name: minio-secret
    
    args: ["server", "/data", "--console-address", ":9090"]

    service:
      main:
        enabled: true
        ports:
          http:
            port: &console-port 9090
          api:
            enabled: true
            port: &api-port 9000
            
    probes:
      liveness: &probes
        enabled: true
        custom: true
        spec:
          httpGet:
            path: /minio/health/live
            port: *api-port
          initialDelaySeconds: 0
          periodSeconds: 10
          timeoutSeconds: 1
          failureThreshold: 3
      readiness: *probes
      startup:
        enabled: false

    ingress:
      main:
        enabled: true
        annotations:
          cert-manager.io/cluster-issuer: letsencrypt-production
          traefik.ingress.kubernetes.io/router.entrypoints: websecure
        hosts:
          - host: &console-host minio.${SECRET_NEW_DOMAIN}
            paths:
              - path: /
                pathType: Prefix
                service:
                  port: *console-port
        tls:
          - hosts:
              - *console-host
            secretName: wildcard-main-tls

      s3:
        enabled: true
        annotations:
          cert-manager.io/cluster-issuer: letsencrypt-production
          traefik.ingress.kubernetes.io/router.entrypoints: websecure
        hosts:
          - host: &api-host s3.${SECRET_NEW_DOMAIN}
            paths:
              - path: /
                pathType: Prefix
                service:
                  port: *api-port
          - host: &api-host-wildcard "*.s3.${SECRET_NEW_DOMAIN}"
            paths:
              - path: /
                pathType: Prefix
                service:
                  port: *api-port
        tls:
          - hosts:
              - *api-host
              - *api-host-wildcard
            secretName: wildcard-main-tls

    podSecurityContext:
      runAsUser: 10000
      runAsGroup: 10000
      fsGroup: 100
      fsGroupChangePolicy: "OnRootMismatch"
    
    persistence:
      storage:
        enabled: true
        type: hostPath
        hostPath: /mnt/MainPool/Kubernetes/databases/minio
        mountPath: /data
    
    resources:
      requests:
        memory: 100Mi
        cpu: 10m
      limits:
        memory: 750Mi
Add minio 2023-04-14 19:49:30 -04:00			`apiVersion: helm.toolkit.fluxcd.io/v2beta1`
			`kind: HelmRelease`
			`metadata:`
Change name of minio's helmrelease 2023-04-14 19:51:18 -04:00			`name: minio`
Add minio 2023-04-14 19:49:30 -04:00			`namespace: database`
			`spec:`
			`interval: 5m`
			`chart:`
			`spec:`
Dont use bitnami/minio helm chart 2023-04-14 20:17:25 -04:00			`chart: app-template`
			`version: 1.3.x`
Add minio 2023-04-14 19:49:30 -04:00			`sourceRef:`
			`kind: HelmRepository`
Dont use bitnami/minio helm chart 2023-04-14 20:17:25 -04:00			`name: bjws-charts`
Add minio 2023-04-14 19:49:30 -04:00			`namespace: flux-system`
Dont use bitnami/minio helm chart 2023-04-14 20:17:25 -04:00
Add minio 2023-04-14 19:49:30 -04:00			`values:`
Dont use bitnami/minio helm chart 2023-04-14 20:17:25 -04:00			`image:`
			`repository: quay.io/minio/minio`
			`tag: RELEASE.2023-04-13T03-08-07Z`
			`env:`
			`TZ: "America/New_York"`
			`MINIO_UPDATE: "off"`
Use default console address, use correct domain 2023-04-14 22:40:29 -04:00			`MINIO_BROWSER_REDIRECT_URL: "https://minio.${SECRET_NEW_DOMAIN}"`
			`MINIO_SERVER_URL: "https://s3.${SECRET_NEW_DOMAIN}"`
Dont use bitnami/minio helm chart 2023-04-14 20:17:25 -04:00			`envFrom:`
			`- secretRef:`
			`name: minio-secret`

Use default console address, use correct domain 2023-04-14 22:40:29 -04:00			`args: ["server", "/data", "--console-address", ":9090"]`
Add minio 2023-04-14 19:49:30 -04:00
Dont use bitnami/minio helm chart 2023-04-14 20:17:25 -04:00			`service:`
			`main:`
			`enabled: true`
			`ports:`
			`http:`
Use default console address, use correct domain 2023-04-14 22:40:29 -04:00			`port: &console-port 9090`
Dont use bitnami/minio helm chart 2023-04-14 20:17:25 -04:00			`api:`
			`enabled: true`
			`port: &api-port 9000`

			`probes:`
			`liveness: &probes`
			`enabled: true`
			`custom: true`
			`spec:`
			`httpGet:`
			`path: /minio/health/live`
			`port: *api-port`
			`initialDelaySeconds: 0`
			`periodSeconds: 10`
			`timeoutSeconds: 1`
			`failureThreshold: 3`
			`readiness: *probes`
			`startup:`
			`enabled: false`
Add minio 2023-04-14 19:49:30 -04:00
Dont use bitnami/minio helm chart 2023-04-14 20:17:25 -04:00			`ingress:`
			`main:`
			`enabled: true`
			`annotations:`
			`cert-manager.io/cluster-issuer: letsencrypt-production`
			`traefik.ingress.kubernetes.io/router.entrypoints: websecure`
			`hosts:`
			`- host: &console-host minio.${SECRET_NEW_DOMAIN}`
			`paths:`
			`- path: /`
			`pathType: Prefix`
			`service:`
			`port: *console-port`
			`tls:`
			`- hosts:`
			`- *console-host`
			`secretName: wildcard-main-tls`
Change minio mount 2023-04-14 20:20:34 -04:00
Dont use bitnami/minio helm chart 2023-04-14 20:17:25 -04:00			`s3:`
			`enabled: true`
			`annotations:`
			`cert-manager.io/cluster-issuer: letsencrypt-production`
			`traefik.ingress.kubernetes.io/router.entrypoints: websecure`
			`hosts:`
			`- host: &api-host s3.${SECRET_NEW_DOMAIN}`
			`paths:`
			`- path: /`
			`pathType: Prefix`
			`service:`
			`port: *api-port`
Get transfersh working with s3 backend 2023-04-25 20:07:10 -04:00			`- host: &api-host-wildcard "*.s3.${SECRET_NEW_DOMAIN}"`
			`paths:`
			`- path: /`
			`pathType: Prefix`
			`service:`
			`port: *api-port`
Dont use bitnami/minio helm chart 2023-04-14 20:17:25 -04:00			`tls:`
			`- hosts:`
			`- *api-host`
Get transfersh working with s3 backend 2023-04-25 20:07:10 -04:00			`- *api-host-wildcard`
Dont use bitnami/minio helm chart 2023-04-14 20:17:25 -04:00			`secretName: wildcard-main-tls`
Add minio 2023-04-14 19:49:30 -04:00
Dont use bitnami/minio helm chart 2023-04-14 20:17:25 -04:00			`podSecurityContext:`
set database pods to run as a specific group 2023-06-01 22:14:27 -04:00			`runAsUser: 10000`
			`runAsGroup: 10000`
Dont use bitnami/minio helm chart 2023-04-14 20:17:25 -04:00			`fsGroup: 100`
			`fsGroupChangePolicy: "OnRootMismatch"`

Add minio 2023-04-14 19:49:30 -04:00			`persistence:`
Dont use bitnami/minio helm chart 2023-04-14 20:17:25 -04:00			`storage:`
			`enabled: true`
			`type: hostPath`
Change minio mount 2023-04-14 20:20:34 -04:00			`hostPath: /mnt/MainPool/Kubernetes/databases/minio`
Dont use bitnami/minio helm chart 2023-04-14 20:17:25 -04:00			`mountPath: /data`
Add minio 2023-04-14 19:49:30 -04:00
Dont use bitnami/minio helm chart 2023-04-14 20:17:25 -04:00			`resources:`
			`requests:`
			`memory: 100Mi`
			`cpu: 10m`
			`limits:`
			`memory: 750Mi`