First commit

.gitignore

@@ -0,0 +1,9 @@
+.molecule/
+.vagrant/
+.cache/
+
+# TestInfra tests
+tests/__pycache__/
+*.pyc
+
+*.retry

.travis.yml

@@ -0,0 +1,27 @@
+---
+
+language: python
+python: "2.7"
+
+# Use the new container infrastructure
+sudo: required
+
+# Enable the docker service
+services:
+  - docker
+
+# Ensure docker is updated
+before_install:
+  - sudo apt-get -qq update
+  - sudo apt-get install -o Dpkg::Options::="--force-confold" --force-yes -y docker-engine
+
+# Install molecule
+install:
+  - pip install -r test-requirements.txt
+
+# Execute the tests using the molecule docker driver
+script:
+  - molecule test --driver docker
+
+notifications:
+  webhooks: https://galaxy.ansible.com/api/v1/notifications/

LICENSE.md

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2017 Andrea Tosatto
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

README.md

@@ -0,0 +1,79 @@
+Ansible Role: Minio
+===================
+
+[![Build Status](https://travis-ci.org/atosatto/ansible-minio.svg?branch=master)](https://travis-ci.org/atosatto/ansible-minio)
+
+Install and configure [Minio](https://minio.io/) on RHEL/CentOS and Debian/Ubuntu.
+
+Requirements
+------------
+
+None.
+
+Role Variables
+--------------
+
+Available variables are listed below, along with default values (see `defaults/main.yml`):
+
+    minio_server_bin: /usr/local/bin/minio
+    minio_client_bin: /usr/local/bin/mc
+
+Installation path of the Minio server and client binaries.
+
+    minio_user: minio
+    minio_group: minio
+
+Name and group of the user running the minio server.
+**NB**: This role automatically creates the minio user and/or group if these does not exist in the system.
+
+    minio_server_envfile: /etc/default/minio
+
+Path to the file containing the minio server configuration ENV variables.
+
+    minio_server_addr: ":9091"
+
+The Minio server listen address.
+
+    minio_server_datadirs: [ ]
+
+Directories of the folder containing the minio server data
+**NB**: This variable must always be set by the role, otherwise the minio service will not start.
+
+    minio_server_opts: ""
+
+Additional CLI options that must be appended to the minio server start command.
+
+    minio_access_key: ""
+    minio_secret_key: ""
+
+Minio access and secret keys.
+
+    skip_server: False
+    skip_client: False
+
+Switches to disable minio server and/or minio client installation.
+
+Dependencies
+------------
+
+None.
+
+Example Playbook
+----------------
+
+    $ cat playbook.yml
+    - name: "Install Minio"
+      hosts: all
+      roles:
+         - { role: atosatto.minio,
+             minio_server_datadirs: [ "/tmp" ] }
+
+License
+-------
+
+MIT
+
+Author Information
+------------------
+
+Andrea Tosatto ([@\_hilbert\_](https://twitter.com/_hilbert_))

defaults/main.yml

@@ -0,0 +1,29 @@
+---
+
+# Minio binaries path
+minio_server_bin: /usr/local/bin/minio
+minio_client_bin: /usr/local/bin/mc
+
+# Runtime user and group for the minio server service
+minio_user: minio
+minio_group: minio
+
+# Path to the file containing the ENV variables for the minio server
+minio_server_envfile: /etc/default/minio
+
+# Minio server listen address
+minio_server_addr: ":9091"
+
+# Minio server data directories
+minio_server_datadirs: [ ]
+
+# Additional minio server CLI options
+minio_server_opts: ""
+
+# Minio access and secret keys
+minio_access_key: ""
+minio_secret_key: ""
+
+# Switches to disable minio server and/or minio client installation
+skip_server: False
+skip_client: False

handlers/main.yml

@@ -0,0 +1,6 @@
+---
+
+- name: restart minio
+  service:
+    name: minio
+    state: restarted

meta/main.yml

@@ -0,0 +1,194 @@
+galaxy_info:
+  author: your name
+  description: your description
+  company: your company (optional)
+
+  # If the issue tracker for your role is not on github, uncomment the
+  # next line and provide a value
+  # issue_tracker_url: http://example.com/issue/tracker
+
+  # Some suggested licenses:
+  # - BSD (default)
+  # - MIT
+  # - GPLv2
+  # - GPLv3
+  # - Apache
+  # - CC-BY
+  license: license (GPLv2, CC-BY, etc)
+
+  min_ansible_version: 1.2
+
+  # Optionally specify the branch Galaxy will use when accessing the GitHub
+  # repo for this role. During role install, if no tags are available,
+  # Galaxy will use this branch. During import Galaxy will access files on
+  # this branch. If travis integration is cofigured, only notification for this
+  # branch will be accepted. Otherwise, in all cases, the repo's default branch
+  # (usually master) will be used.
+  #github_branch:
+
+  #
+  # Below are all platforms currently available. Just uncomment
+  # the ones that apply to your role. If you don't see your
+  # platform on this list, let us know and we'll get it added!
+  #
+  #platforms:
+  #- name: EL
+  #  versions:
+  #  - all
+  #  - 5
+  #  - 6
+  #  - 7
+  #- name: GenericUNIX
+  #  versions:
+  #  - all
+  #  - any
+  #- name: OpenBSD
+  #  versions:
+  #  - all
+  #  - 5.6
+  #  - 5.7
+  #  - 5.8
+  #  - 5.9
+  #  - 6.0
+  #- name: Fedora
+  #  versions:
+  #  - all
+  #  - 16
+  #  - 17
+  #  - 18
+  #  - 19
+  #  - 20
+  #  - 21
+  #  - 22
+  #  - 23
+  #- name: opensuse
+  #  versions:
+  #  - all
+  #  - 12.1
+  #  - 12.2
+  #  - 12.3
+  #  - 13.1
+  #  - 13.2
+  #- name: MacOSX
+  #  versions:
+  #  - all
+  #  - 10.10
+  #  - 10.11
+  #  - 10.12
+  #  - 10.7
+  #  - 10.8
+  #  - 10.9
+  #- name: IOS
+  #  versions:
+  #  - all
+  #  - any
+  #- name: Solaris
+  #  versions:
+  #  - all
+  #  - 10
+  #  - 11.0
+  #  - 11.1
+  #  - 11.2
+  #  - 11.3
+  #- name: SmartOS
+  #  versions:
+  #  - all
+  #  - any
+  #- name: eos
+  #  versions:
+  #  - all
+  #  - Any
+  #- name: Windows
+  #  versions:
+  #  - all
+  #  - 2012R2
+  #- name: Amazon
+  #  versions:
+  #  - all
+  #  - 2013.03
+  #  - 2013.09
+  #- name: GenericBSD
+  #  versions:
+  #  - all
+  #  - any
+  #- name: Junos
+  #  versions:
+  #  - all
+  #  - any
+  #- name: FreeBSD
+  #  versions:
+  #  - all
+  #  - 10.0
+  #  - 10.1
+  #  - 10.2
+  #  - 10.3
+  #  - 8.0
+  #  - 8.1
+  #  - 8.2
+  #  - 8.3
+  #  - 8.4
+  #  - 9.0
+  #  - 9.1
+  #  - 9.1
+  #  - 9.2
+  #  - 9.3
+  #- name: Ubuntu
+  #  versions:
+  #  - all
+  #  - lucid
+  #  - maverick
+  #  - natty
+  #  - oneiric
+  #  - precise
+  #  - quantal
+  #  - raring
+  #  - saucy
+  #  - trusty
+  #  - utopic
+  #  - vivid
+  #  - wily
+  #  - xenial
+  #- name: SLES
+  #  versions:
+  #  - all
+  #  - 10SP3
+  #  - 10SP4
+  #  - 11
+  #  - 11SP1
+  #  - 11SP2
+  #  - 11SP3
+  #  - 11SP4
+  #  - 12
+  #  - 12SP1
+  #- name: GenericLinux
+  #  versions:
+  #  - all
+  #  - any
+  #- name: NXOS
+  #  versions:
+  #  - all
+  #  - any
+  #- name: Debian
+  #  versions:
+  #  - all
+  #  - etch
+  #  - jessie
+  #  - lenny
+  #  - sid
+  #  - squeeze
+  #  - stretch
+  #  - wheezy
+
+  galaxy_tags: []
+    # List tags for your role here, one per line. A tag is
+    # a keyword that describes and categorizes the role.
+    # Users find roles by searching for tags. Be sure to
+    # remove the '[]' above if you add tags to this list.
+    #
+    # NOTE: A tag is limited to a single word comprised of
+    # alphanumeric characters. Maximum 20 tags per role.
+
+dependencies: []
+  # List your role dependencies here, one per line.
+  # Be sure to remove the '[]' above if you add dependencies
+  # to this list.

molecule.yml

@@ -0,0 +1,38 @@
+---
+
+# docker driver configuration (CI)
+docker:
+  containers:
+    - name: minio-centos-7
+      image: atosatto/centos
+      image_version: 7-systemd
+      privileged: True
+    # - name: minio-ubuntu-16.04
+    #   image: atosatto/ubuntu
+    #   image_version: 16.04
+    #   privileged: True
+    # Unfortunately, upstart does not run in Docker containers,
+    # so no Ubuntu 14.04 docker tests :/
+
+# vagrant driver configuration (development)
+vagrant:
+  platforms:
+    - name: centos-7
+      box: centos/7
+    - name: ubuntu-16.04
+      box: bento/ubuntu-16.04
+    - name: ubuntu-14.04
+      box: bento/ubuntu-14.04
+  providers:
+    - name: virtualbox
+      type: virtualbox
+      options:
+        memory: 2048
+        cpus: 2
+  instances:
+    - name: ansible-minio-01
+      options:
+        append_platform_to_hostname: yes
+
+verifier:
+  name: testinfra

playbook.yml

@@ -0,0 +1,6 @@
+---
+
+- hosts: all
+  roles:
+    - { role: ansible-minio,
+        minio_server_datadirs: [ "/tmp" ] }

tasks/client.yml

@@ -0,0 +1,9 @@
+---
+
+- name: download minio client
+  get_url:
+    url: "{{ minio_client_download_url }}"
+    dest: "{{ minio_client_bin }}"
+    owner: "{{ minio_user }}"
+    group: "{{ minio_group }}"
+    mode: 0755

tasks/main.yml

@@ -0,0 +1,21 @@
+---
+
+- name: include os-specific variables
+  include_vars: "{{ ansible_os_family }}.yml"
+
+- name: create minio group
+  group:
+    name: "{{ minio_group }}"
+    state: present
+
+- name: create minio user
+  user:
+    name: "{{ minio_user }}"
+    group: "{{ minio_group }}"
+    shell: /bin/bash
+
+- include: server.yml
+  when: not skip_server
+
+- include: client.yml
+  when: not skip_client

tasks/server.yml

@@ -0,0 +1,33 @@
+---
+
+- name: download minio server
+  get_url:
+    url: "{{ minio_server_download_url }}"
+    dest: "{{ minio_server_bin }}"
+    owner: "{{ minio_user }}"
+    group: "{{ minio_group }}"
+    mode: 0755
+
+- name: generate the minio server envfile
+  template:
+    src: minio_env.j2
+    dest: "{{ minio_server_envfile }}"
+  notify: restart minio
+
+- name: create the minio server systemd config
+  template:
+    src: minio.service.j2
+    dest: "{{ systemd_units_dir }}/minio.service"
+  when: ansible_service_mgr == "systemd"
+
+- name: create the minio server upstart config
+  template:
+    src: minio.upstart.j2
+    dest: "{{ upstart_conf_dir }}/minio.conf"
+  when: ansible_service_mgr == "upstart"
+
+- name: enable and start the minio service
+  service:
+    name: minio
+    state: started
+    enabled: yes

templates/minio.service.j2

@@ -0,0 +1,37 @@
+[Unit]
+Description=Minio
+Documentation=https://docs.minio.io
+Wants=network-online.target
+After=network-online.target
+AssertFileIsExecutable={{ minio_server_bin }}
+
+[Service]
+WorkingDirectory=/usr/local/
+
+User={{ minio_user }}
+Group={{ minio_group }}
+
+PermissionsStartOnly=true
+
+EnvironmentFile={{ minio_server_envfile }}
+ExecStartPre=/bin/bash -c "[ -n \"${MINIO_VOLUMES}\" ] || echo \"Variable MINIO_VOLUMES not set in {{ minio_server_envfile }}\""
+ExecStart={{ minio_server_bin }} server $MINIO_OPTS $MINIO_VOLUMES
+
+StandardOutput=journal
+StandardError=inherit
+
+# Specifies the maximum file descriptor number that can be opened by this process
+LimitNOFILE=65536
+
+# Disable timeout logic and wait until process is stopped
+TimeoutStopSec=0
+
+# SIGTERM signal is used to stop Minio
+KillSignal=SIGTERM
+
+SendSIGKILL=no
+
+SuccessExitStatus=0
+
+[Install]
+WantedBy=multi-user.target

templates/minio.upstart.j2

@@ -0,0 +1,36 @@
+description "minio"
+
+start on (local-filesystems and net-device-up IFACE!=lo)
+stop on shutdown
+
+# Maximum file descriptor number that can be opened
+limit nofile 65536 65536
+
+# Set the kill signal and timeout
+kill signal SIGTERM
+
+pre-start script
+    # enable the dash allexport feature
+    set -a
+
+    # stop job from continuing if no config file found for daemon
+    [ ! -f {{ minio_server_envfile }} ] && { stop; exit 0; }
+
+    # source the config file
+    . {{ minio_server_envfile }}
+
+    # stop job from continuing if MINIO_VOLUMES not set
+    [ -n "$MINIO_VOLUMES" ] || { echo "Variable MINIO_VOLUMES not set in {{ minio_server_envfile }}"; stop; exit 0; }
+
+end script
+
+script
+    # enable the dash allexport feature
+    set -a
+
+    # source the environment config file
+     . {{ minio_server_envfile }}
+
+    # start the minio server
+    exec sudo -u {{ minio_user }} {{ minio_server_bin }} server $MINIO_OPTS $MINIO_VOLUMES
+end script

templates/minio_env.j2

@@ -0,0 +1,15 @@
+# {{ ansible_managed }}
+
+# Minio local/remote volumes.
+MINIO_VOLUMES="{{ minio_server_datadirs | join(' ') }}"
+# Minio cli options.
+MINIO_OPTS="--address {{ minio_server_addr }} {{ minio_server_opts }}"
+
+{% if minio_access_key %}
+# Access Key of the server.
+MINIO_ACCESS_KEY="{{ minio_access_key }}"
+{% endif %}
+{% if minio_secret_key %}
+# Secret key of the server.
+MINIO_SECRET_KEY="{{ minio_secret_key }}"
+{% endif %}

test-requirements.txt

@@ -0,0 +1,3 @@
+molecule==1.17.3
+docker-py==1.10.6
+PyYAML==3.12

tests/test_minio.py

@@ -0,0 +1,32 @@
+import yaml
+import pytest
+import testinfra.utils.ansible_runner
+
+testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
+    '.molecule/ansible_inventory').get_hosts('all')
+
+
+@pytest.fixture()
+def AnsibleDefaults(Ansible):
+    with open("./defaults/main.yml", 'r') as stream:
+        return yaml.load(stream)
+
+
+@pytest.mark.parametrize('minio_bin_var', [
+    'minio_server_bin',
+    'minio_client_bin',
+])
+def test_minio_installed(File, AnsibleDefaults, minio_bin_var):
+
+    f = File(AnsibleDefaults[minio_bin_var])
+    assert f.exists
+    assert f.user == AnsibleDefaults['minio_user']
+    assert f.group == AnsibleDefaults['minio_group']
+    assert oct(f.mode) == '0755'
+
+
+def test_minio_service(Service):
+
+    s = Service('minio')
+    assert s.is_running
+    assert s.is_enabled

vars/Debian.yml

@@ -0,0 +1,4 @@
+---
+
+systemd_units_dir: /lib/systemd/system
+upstart_conf_dir: /etc/init

vars/RedHat.yml

@@ -0,0 +1,3 @@
+---
+
+systemd_units_dir: /etc/systemd/system

vars/main.yml

@@ -0,0 +1,5 @@
+---
+
+# Minio and MC download urls
+minio_server_download_url: https://dl.minio.io/server/minio/release/linux-amd64/minio
+minio_client_download_url: https://dl.minio.io/client/mc/release/linux-amd64/mc