Parameter

MinIO is a S3 compatible object storage service. Which is used as an optional central backup storage repo for PostgreSQL.

You may also use it for other purposes, such as storing large files, documents, pictures & videos.

Parameters

There are 20 related parameters in MinIO module:

Parameter	Type	Level	Comment
`minio_seq`	int	I	minio instance identifier, REQUIRED
`minio_cluster`	string	C	minio cluster name, minio by default
`minio_clean`	bool	G/C/A	cleanup minio during init?, false by default
`minio_user`	username	C	minio os user, `minio` by default
`minio_https`	bool	G	use https for minio, true by default
`minio_node`	string	C	minio node name pattern
`minio_data`	path	C	minio data dir(s), use `{x...y}` to specify multi drivers
`minio_volumes`	string	C	minio core parameter, specify nodes and disks, auto-gen by default
`minio_domain`	string	G	minio external domain name, `sss.pigsty` by default
`minio_port`	port	C	minio service port, 9000 by default
`minio_admin_port`	port	C	minio console port, 9001 by default
`minio_access_key`	username	C	root access key, `minioadmin` by default
`minio_secret_key`	password	C	root secret key, `minioadmin` by default
`minio_extra_vars`	string	C	extra environment variables for minio server
`minio_provision`	bool	G/C	run minio provisioning tasks?
`minio_alias`	string	G	alias name for local minio deployment
`minio_endpoint`	string	C	corresponding host:port for above minio alias
`minio_buckets`	bucket[]	C	list of minio bucket to be created
`minio_users`	user[]	C	list of minio user to be created

The minio_volumes and minio_endpoint are auto-generated parameters, but you can explicitly override these two parameters.

Defaults

The default parameters of MinIO is defined in roles/minio/defaults/main.yml

#-----------------------------------------------------------------
# MINIO
#-----------------------------------------------------------------
#minio_seq: 1                     # minio instance identifier, REQUIRED
minio_cluster: minio              # minio cluster identifier, REQUIRED
minio_clean: false                # cleanup minio during init?, false by default
minio_user: minio                 # minio os user, `minio` by default
minio_https: true                 # use https for minio, true by default
minio_node: '${minio_cluster}-${minio_seq}.pigsty' # minio node name pattern
minio_data: '/data/minio'         # minio data dir(s), use {x...y} to specify multi drivers
#minio_volumes:                   # minio data volumes, override defaults if specified
minio_domain: sss.pigsty          # minio external domain name, `sss.pigsty` by default
minio_port: 9000                  # minio service port, 9000 by default
minio_admin_port: 9001            # minio console port, 9001 by default
minio_access_key: minioadmin      # root access key, `minioadmin` by default
minio_secret_key: minioadmin      # root secret key, `minioadmin` by default
minio_extra_vars: ''              # extra environment variables
minio_provision: true             # run minio provisioning tasks?
minio_alias: sss                  # alias name for local minio deployment
#minio_endpoint: https://sss.pigsty:9000 # if not specified, overwritten by defaults
minio_buckets:                    # list of minio bucket to be created
  - { name: pgsql ,lock: true }
  - { name: meta  ,lock: true ,versioning: true }
  - { name: data }
minio_users:                      # list of minio user to be created
  - { access_key: pgbackrest  ,secret_key: S3User.Backup ,policy: pgsql }
  - { access_key: s3user_meta ,secret_key: S3User.Meta   ,policy: meta  }
  - { access_key: s3user_data ,secret_key: S3User.Data   ,policy: data  }

`minio_seq`

minio instance identifier, REQUIRED identity parameters. no default value, you have to assign it manually

`minio_cluster`

minio cluster name, minio by default. This is useful when deploying multiple MinIO clusters

`minio_clean`

cleanup minio during init?, false by default

`minio_user`

minio os user name, minio by default

`minio_https`

Use HTTPS or HTTP for MinIO service, true by default, means using HTTPS.

Beware that pgbackrest requires MinIO HTTPS to work properly, but if you don't use minio for that, and don't want to use HTTPS for MinIO, you can set this to false.

`minio_node`

minio node name pattern, this is used for multi-node deployment

default values: ${minio_cluster}-${minio_seq}.pigsty

`minio_data`

minio data dir(s)

default values: /data/minio, which is a common dir for single-node deployment.

For a multi-drive deployment, you can use {x...y} notion to specify multi drivers.

`minio_volumes`

The only core parameter of MinIO, if not specified, it will be auto-generated by the following rule:

minio_volumes: "{% if minio_cluster_size|int > 1 %}https://{{ minio_node|replace('${minio_cluster}', minio_cluster)|replace('${minio_seq}',minio_seq_range) }}:{{ minio_port|default(9000) }}{% endif %}{{ minio_data }}"

In case of SNSD or SNMD deployment, minio_volumes directly uses the value of minio_data
In case of MNMD deployment, minio_volumes uses the values of minio_node, minio_port, minio_data to generate this param:
In case of multiple storage pool, you have to override minio_volumes to specify multiple node pools explicitly.

It user’s responsibility to make sure the parameters used in minio_volumes are consistent with minio_node, minio_port, minio_data.

`minio_domain`

minio service domain name, sss.pigsty by default.

The client can access minio S3 service via this domain name. This name will be registered to local DNSMASQ and included in SSL certs.

`minio_port`

minio service port, 9000 by default

`minio_admin_port`

minio console port, 9001 by default

`minio_access_key`

root access key, minioadmin by default

`minio_secret_key`

root secret key, minioadmin by default

default values: minioadmin

Change PASSWORDS!

It's very important to change this password in your deployment!

`minio_extra_vars`

extra environment variables for minio server. Check Minio Server for the complete list.

default value is empty string, you can use multiline string to passing multiple environment variables.

`minio_alias`

MinIO alias name for the local MinIO cluster

default values: sss, which will be written to infra nodes’ / admin users’ client alias profile.

`minio_endpoint`

The corresponding host:port for the above MinIO alias. This parameter is not defined by default.

If not defined, it will be overwritten by the following default value:

mcli alias set {{ minio_alias }} {% if minio_endpoint is defined and minio_endpoint != '' %}{{ minio_endpoint }}{% else %}https://{{ minio_domain }}:{{ minio_port }}{% endif %} {{ minio_access_key }} {{ minio_secret_key }}

This alias & endpoint will be added to the admin user on the admin node.

`minio_buckets`

list of minio bucket to be created by default:

minio_buckets:                    # list of minio bucket to be created
  - { name: pgsql ,lock: true }
  - { name: meta  ,lock: true ,versioning: true }
  - { name: data }

Three default buckets are created by default, with different policies.

The pgsql bucket is used for PostgreSQL backups by default. while meta and data are open buckets for other purposes. For example, the supabase template may use the data bucket to store business data. And if you have important metadata that requires versioning & deletion protection (lock), you can use the meta bucket out-of-the-box.

Each bucket will have a default policy, policy names same as the bucket name. e.g., the pgsql policy have all the privileges on the pgsql bucket, and so on.

`minio_users`

list of minio users to be created, default value:

minio_users:                      # list of minio user to be created
  - { access_key: pgbackrest  ,secret_key: S3User.Backup ,policy: pgsql }
  - { access_key: s3user_meta ,secret_key: S3User.Meta   ,policy: meta  }
  - { access_key: s3user_data ,secret_key: S3User.Data   ,policy: data  }

Two default users are created for PostgreSQL DBA and pgBackREST.

Change PASSWORDS!

Please change these passwords in serious production deployments.

Parameter

目录