159 lines
4.6 KiB (Stored with Git LFS)
Bash
159 lines
4.6 KiB (Stored with Git LFS)
Bash
#!/bin/bash
|
|
export PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:$PATH
|
|
|
|
: '
|
|
Copyright (C) 2022 - now HaoZi Technology Co., Ltd.
|
|
|
|
This program is free software: you can redistribute it and/or modify
|
|
it under the terms of the GNU Affero General Public License as published
|
|
by the Free Software Foundation, either version 3 of the License, or
|
|
(at your option) any later version.
|
|
|
|
This program is distributed in the hope that it will be useful,
|
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
GNU Affero General Public License for more details.
|
|
|
|
You should have received a copy of the GNU Affero General Public License
|
|
along with this program. If not, see <https://www.gnu.org/licenses/>.
|
|
'
|
|
|
|
source <(curl -f -s --connect-timeout 10 --retry 3 https://dl.cdn.haozi.net/panel/public.sh)
|
|
if [ $? -ne 0 ]; then
|
|
echo "下载 public.sh 失败,请检查网络或稍后重试。"
|
|
echo "Download public.sh failed, please check the network or try again later."
|
|
exit 1
|
|
fi
|
|
|
|
channel=${1}
|
|
version=${2}
|
|
minio_path="${setup_path}/server/minio"
|
|
|
|
if [ ! -d "${minio_path}" ]; then
|
|
mkdir -p ${minio_path}
|
|
fi
|
|
|
|
minio_user_check=$(cat /etc/passwd | grep minio)
|
|
if [ "${minio_user_check}" == "" ]; then
|
|
groupadd minio
|
|
useradd -s /sbin/nologin -g minio minio
|
|
fi
|
|
|
|
# 架构判断
|
|
if [ ${ARCH} == "x86_64" ]; then
|
|
minio_file="minio-${version}-amd64.7z"
|
|
elif [ ${ARCH} == "aarch64" ]; then
|
|
minio_file="minio-${version}-arm64.7z"
|
|
else
|
|
error "不支持的架构"
|
|
fi
|
|
|
|
# 下载
|
|
cd ${minio_path}
|
|
wget --retry-connrefused --retry-on-host-error --retry-on-http-error=429,500,502,503,504 -t 10 -T 120 -O ${minio_path}/${minio_file} ${download_url}/minio/${minio_file}
|
|
wget --retry-connrefused --retry-on-host-error --retry-on-http-error=429,500,502,503,504 -t 10 -T 120 -O ${minio_path}/${minio_file}.sha256 ${download_url}/minio/${minio_file}.sha256
|
|
if ! sha256sum --status -c ${minio_path}/${minio_file}.sha256; then
|
|
rm -rf ${minio_path}
|
|
error "minio 校验失败"
|
|
fi
|
|
|
|
# 解压
|
|
cd ${minio_path}
|
|
7z x ${minio_file}
|
|
rm -f ${minio_file} ${minio_file}.sha256
|
|
mv minio-${version}-* minio
|
|
if [ ! -f "${minio_path}/minio" ]; then
|
|
rm -rf ${minio_path}
|
|
error "minio 解压失败"
|
|
fi
|
|
|
|
# 初始化目录
|
|
mkdir -p ${minio_path}/data
|
|
chown -R minio:minio ${minio_path}
|
|
chmod -R 700 ${minio_path}
|
|
ln -sf ${minio_path}/minio /usr/local/bin/minio
|
|
|
|
# 配置systemd
|
|
cat >/etc/systemd/system/minio.service <<EOF
|
|
[Unit]
|
|
Description=MinIO
|
|
Documentation=https://docs.min.io
|
|
Wants=network-online.target
|
|
After=network-online.target
|
|
AssertFileIsExecutable=/usr/local/bin/minio
|
|
AssertFileNotEmpty=/etc/default/minio
|
|
|
|
[Service]
|
|
Type=notify
|
|
|
|
WorkingDirectory=${minio_path}/
|
|
|
|
User=minio
|
|
Group=minio
|
|
ProtectProc=invisible
|
|
|
|
EnvironmentFile=/etc/default/minio
|
|
ExecStart=/usr/local/bin/minio server \$MINIO_OPTS \$MINIO_VOLUMES
|
|
|
|
# Let systemd restart this service always
|
|
Restart=always
|
|
|
|
# Specifies the maximum file descriptor number that can be opened by this process
|
|
LimitNOFILE=1048576
|
|
|
|
# Specifies the maximum number of threads this process can create
|
|
TasksMax=infinity
|
|
|
|
# Disable timeout logic and wait until process is stopped
|
|
TimeoutSec=infinity
|
|
|
|
# Disable killing of MinIO by the kernel's OOM killer
|
|
OOMScoreAdjust=-1000
|
|
|
|
SendSIGKILL=no
|
|
|
|
[Install]
|
|
WantedBy=multi-user.target
|
|
EOF
|
|
|
|
# 环境变量
|
|
root_user=$(cat /dev/urandom | head -n 16 | md5sum | head -c 8)
|
|
root_password=$(cat /dev/urandom | head -n 16 | md5sum | head -c 16)
|
|
cat >/etc/default/minio <<EOF
|
|
# MINIO_ROOT_USER and MINIO_ROOT_PASSWORD sets the root account for the MinIO server.
|
|
# This user has unrestricted permissions to perform S3 and administrative API operations on any resource in the deployment.
|
|
# Omit to use the default values 'minioadmin:minioadmin'.
|
|
# MinIO recommends setting non-default values as a best practice, regardless of environment
|
|
|
|
MINIO_ROOT_USER=${root_user}
|
|
MINIO_ROOT_PASSWORD=${root_password}
|
|
|
|
# MINIO_VOLUMES sets the storage volume or path to use for the MinIO server.
|
|
|
|
MINIO_VOLUMES="${minio_path}/data"
|
|
|
|
# MINIO_OPTS sets any additional commandline options to pass to the MinIO server.
|
|
# For example, \$(--console-address :9001) sets the MinIO Console listen port
|
|
MINIO_OPTS="--console-address :9001"
|
|
EOF
|
|
|
|
chmod 600 /etc/default/minio
|
|
chown minio:minio /etc/default/minio
|
|
|
|
systemctl daemon-reload
|
|
systemctl enable --now minio
|
|
if [ "$?" != "0" ]; then
|
|
error "启动失败"
|
|
fi
|
|
|
|
# 防火墙
|
|
firewall-cmd --zone=public --add-port=9000/tcp --permanent
|
|
firewall-cmd --zone=public --add-port=9001/tcp --permanent
|
|
firewall-cmd --reload
|
|
|
|
panel-cli app write minio ${channel} ${version}
|
|
|
|
echo -e $HR
|
|
echo "minio 安装完成,默认账号见环境变量"
|
|
echo -e $HR
|