[sso-avatars] Also use env var for minio container
From minio's documentation: - MINIO_ACCESS_KEY and MINIO_SECRET_KEY are deprecated in lieu of MINIO_ROOT_USER and MINIO_ROOT_PASSWORD respectively - In order to rotate secrets we only need to change MINIO_ROOT_{USER,PASSWORD} Using this commit and the previous one affecting keycloak we can use per-instance keys as opposed to the current state. In order to achieve this, AVATARS_ACCESS_KEY and AVATARS_SECRET_KEY must be set to the desired values. The only guidelines as to how to generate ACCESS_KEY and SECRET_KEY are: > Specify a unique, random, and long string for both the ACCESSKEY and > SECRETKEY. Your organization may have specific internal or regulatory > requirements around generating values for use with access or secret keys. See: - https://docs.min.io/minio/baremetal/reference/minio-server/minio-server.html#envvar.MINIO_ACCESS_KEY - https://docs.min.io/minio/baremetal/security/minio-identity-management/user-management.htmlmejoras_instalacion
parent
1ba5e51c41
commit
8309771a1c
|
@ -28,11 +28,9 @@ services:
|
||||||
- ${DATA_FOLDER}/avatars:/data
|
- ${DATA_FOLDER}/avatars:/data
|
||||||
- ${SRC_FOLDER}/avatars:/root/.minio
|
- ${SRC_FOLDER}/avatars:/root/.minio
|
||||||
environment:
|
environment:
|
||||||
- MINIO_ACCESS_KEY=AKIAIOSFODNN7EXAMPLE
|
- MINIO_ROOT_USER=${AVATARS_ACCESS_KEY:-AKIAIOSFODNN7EXAMPLE}
|
||||||
- MINIO_SECRET_KEY=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
|
- MINIO_ROOT_PASSWORD=${AVATARS_SECRET_KEY:-wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY}
|
||||||
restart: unless-stopped
|
restart: unless-stopped
|
||||||
# depends_on:
|
|
||||||
# - ${KEYCLOAK_DB_ADDR}
|
|
||||||
command: "server /data"
|
command: "server /data"
|
||||||
networks:
|
networks:
|
||||||
- dd_net
|
- dd_net
|
||||||
|
|
Loading…
Reference in New Issue