Minio setup Raspberry Pi

minio_rpi.txt

#!/bin/bash

# ==============================================================
# MinIO Setup Script with SSL, Access Key, and Secret Key
# ==============================================================
# Prerequisites:
# - Ensure ports 80 is open temporarily for certbot to ping you back and 443 are open HTTPS traffic.
# - You need a domain name pointing to your Raspberry Pi (or server).
# - Ensure you have sufficient permissions to run the script.
#
# Usage Example:
#   ./setup_minio.sh <domain_name> <path_to_storage> <access_key> <secret_key>
# 
# Example:
#   ./setup_minio.sh "my.domain.com" "/media/myuser/TOSHIBAHDD/miniodir" "my-access-key" "my-secret-key"
# ==============================================================

# Check if the correct number of arguments are passed
if [ "$#" -ne 4 ]; then
    echo "Usage: $0 <domain_name> <storage_path> <access_key> <secret_key>"
    exit 1
fi

# Assign passed arguments to variables
DOMAIN_NAME=$1
STORAGE_PATH=$2
ACCESS_KEY=$3
SECRET_KEY=$4

# Update the system
echo "Updating system packages..."
sudo apt update -y
sudo apt upgrade -y

# Install MinIO (if not installed)
echo "Installing MinIO..."
wget https://dl.min.io/server/minio/release/linux-arm64/minio -O minio
chmod +x minio
sudo mv minio /usr/local/bin/

# Install Certbot for SSL
echo "Installing Certbot..."
sudo apt install certbot -y

# Generate SSL certificates using Certbot
echo "Generating SSL certificates for $DOMAIN_NAME..."
sudo certbot certonly --standalone -d $DOMAIN_NAME

# Check if Certbot was successful
if [ ! -f /etc/letsencrypt/live/$DOMAIN_NAME/fullchain.pem ]; then
    echo "Error: Failed to generate SSL certificates."
    exit 1
fi

# Create MinIO certs directory
echo "Setting up MinIO SSL certificates..."
mkdir -p ~/.minio/certs
sudo cp /etc/letsencrypt/live/$DOMAIN_NAME/fullchain.pem ~/.minio/certs/public.crt
sudo cp /etc/letsencrypt/live/$DOMAIN_name/privkey.pem ~/.minio/certs/private.key

# Ensure the storage path exists
if [ ! -d "$STORAGE_PATH" ]; then
    echo "Error: Storage path '$STORAGE_PATH' does not exist."
    exit 1
fi

# Set permissions for the storage path
echo "Setting ownership and permissions for $STORAGE_PATH..."
sudo chown -R $(whoami): "$STORAGE_PATH"
sudo chmod -R u+rwX "$STORAGE_PATH"

# Set the necessary permissions for MinIO to use port 443
echo "Setting permissions for MinIO to use port 443..."
sudo setcap cap_net_bind_service=+ep /usr/local/bin/minio

# Export MinIO credentials as environment variables
echo "Setting MinIO access and secret keys..."
export MINIO_ROOT_USER=$ACCESS_KEY
export MINIO_ROOT_PASSWORD=$SECRET_KEY

# Add the access and secret keys to ~/.bashrc for persistence
echo "Making environment variables persistent..."
echo "export MINIO_ROOT_USER=$ACCESS_KEY" >> ~/.bashrc
echo "export MINIO_ROOT_PASSWORD=$SECRET_KEY" >> ~/.bashrc
source ~/.bashrc

# Set up Certbot automatic renewal using a cron job
echo "Setting up Certbot automatic renewal..."
(crontab -l 2>/dev/null; echo "0 3 1 * * certbot renew --quiet --deploy-hook 'systemctl restart minio'") | crontab -

# Start MinIO server
echo "Starting MinIO server on $DOMAIN_NAME with storage at $STORAGE_PATH..."
sudo minio server "$STORAGE_PATH" --address ":443"

# Notify the user of success
echo "MinIO server started successfully at https://$DOMAIN_NAME"