This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
сервис_minio [2024/02/15 12:37] val [Интеграция с Keycloak] |
сервис_minio [2024/02/18 18:07] (current) val [Интеграция с Keycloak] |
||
---|---|---|---|
Line 5: | Line 5: | ||
===== Сервер ===== | ===== Сервер ===== | ||
+ | * [[https://min.io/docs/minio/linux/operations/install-deploy-manage/deploy-minio-single-node-single-drive.html|Deploy MinIO: Single-Node Single-Drive]] | ||
* [[https://dl.min.io/server/minio/release/linux-amd64/]] | * [[https://dl.min.io/server/minio/release/linux-amd64/]] | ||
<code> | <code> | ||
- | # wget https://dl.min.io/server/minio/release/linux-amd64/minio_20240214213602.0.0_amd64.deb | + | # wget https://dl.min.io/server/minio/release/linux-amd64/archive/minio_20240214213602.0.0_amd64.deb -O minio.deb |
- | # dpkg -i minio_*_amd64.deb | + | # dpkg -i minio.deb |
groupadd -r minio-user | groupadd -r minio-user | ||
Line 54: | Line 55: | ||
===== Интеграция с Keycloak ===== | ===== Интеграция с Keycloak ===== | ||
+ | |||
+ | * [[https://min.io/docs/minio/macos/operations/external-iam/configure-keycloak-identity-management.html|Configure MinIO for Authentication using Keycloak]] | ||
+ | |||
+ | * Сервис Keycloak [[Сервис Keycloak#Добавление атрибутов]] | ||
* [[Пакет OpenSSL#Импорт сертификата центра сертификации]] | * [[Пакет OpenSSL#Импорт сертификата центра сертификации]] | ||
- | * [[https://min.io/docs/minio/macos/operations/external-iam/configure-keycloak-identity-management.html|Configure MinIO for Authentication using Keycloak]] | + | <code> |
- | * Параметры как [[Сервис HTTP#Управление доступом к HTTP серверу с использованием OpenID аутентификации]] | + | # service minio restart |
+ | </code> | ||
<code> | <code> | ||
- | Client scopes: Create client scores | + | Administrator |
+ | Identity | ||
+ | OpenID | ||
+ | Create Configuration | ||
+ | Name: corpX | ||
+ | </code> | ||
- | Name: minio-authorization | + | * Остальные параметры как здесь: [[Сервис HTTP#Управление доступом к HTTP серверу с использованием OpenID аутентификации]] |
- | Save | + | |
- | Mappers | ||
- | Configure a new mapper | ||
- | User Attribute | ||
- | Name: minio-policy-mapper | ||
- | User Attribute: policy | ||
- | Token Claim Name: policy | ||
- | Multivalued: On | ||
- | Aggregate attribute values: On | ||
- | Clients | ||
- | any-client | ||
- | Client scopes | ||
- | Add client scopes | ||
- | minio-authorization | ||
- | Add->Default | ||
- | |||
- | Users | ||
- | user2 | ||
- | Attributes | ||
- | Add an attribute | ||
- | Key: policy | ||
- | Value: readwrite | ||
- | | ||
- | </code> | ||