From 427b23ca80fb3dbe1716891b78d7c2e997a749cb Mon Sep 17 00:00:00 2001
From: lebaudantoine <lebaud.antoine131@gmail.com>
Date: Fri, 25 Oct 2024 12:22:41 +0200
Subject: [PATCH] =?UTF-8?q?=E2=9C=A8(backend)=20add=20S3=20objects?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Inspired by Impress and @sampaccoud's work.

We use Indie Hoster’s Kubernetes objects in staging and production.
In the "dev" environment, we install the `bitnami/minio` chart to mimic
Indie Hoster’s MinIO setup.

To access the MinIO admin interface in dev, use port forwarding;
the interface runs on port 9001.
---
 src/helm/env.d/dev/values.meet.yaml.gotmpl      |  4 ++++
 .../env.d/production/values.meet.yaml.gotmpl    | 17 +++++++++++++++++
 src/helm/env.d/staging/values.meet.yaml.gotmpl  | 17 +++++++++++++++++
 src/helm/extra/templates/s3.yaml                |  8 ++++++++
 src/helm/helmfile.yaml                          | 15 +++++++++++++++
 5 files changed, 61 insertions(+)
 create mode 100644 src/helm/extra/templates/s3.yaml

diff --git a/src/helm/env.d/dev/values.meet.yaml.gotmpl b/src/helm/env.d/dev/values.meet.yaml.gotmpl
index ab10c245..93e043ae 100644
--- a/src/helm/env.d/dev/values.meet.yaml.gotmpl
+++ b/src/helm/env.d/dev/values.meet.yaml.gotmpl
@@ -51,6 +51,10 @@ backend:
     ALLOW_UNREGISTERED_ROOMS: False
     FRONTEND_SILENCE_LIVEKIT_DEBUG: False
     FRONTEND_SUPPORT: "{'id': '58ea6697-8eba-4492-bc59-ad6562585041'}"
+    AWS_S3_ENDPOINT_URL: http://minio.meet.svc.cluster.local:9000
+    AWS_S3_ACCESS_KEY_ID: meet
+    AWS_S3_SECRET_ACCESS_KEY: password
+    AWS_STORAGE_BUCKET_NAME: meet-media-storage
 
 
   migrate:
diff --git a/src/helm/env.d/production/values.meet.yaml.gotmpl b/src/helm/env.d/production/values.meet.yaml.gotmpl
index 8844ddbd..7e67ea2d 100644
--- a/src/helm/env.d/production/values.meet.yaml.gotmpl
+++ b/src/helm/env.d/production/values.meet.yaml.gotmpl
@@ -99,6 +99,23 @@ backend:
     FRONTEND_SILENCE_LIVEKIT_DEBUG: False
     FRONTEND_ANALYTICS: "{'id': 'phc_RPYko028Oqtj0c9exLIWwrlrjLxSdxT0ntW0Lam4iom', 'host': 'https://product.visio.numerique.gouv.fr'}"
     FRONTEND_SUPPORT: "{'id': '58ea6697-8eba-4492-bc59-ad6562585041'}"
+    AWS_S3_ENDPOINT_URL:
+      secretKeyRef:
+        name: meet-media-storage.bucket.libre.sh
+        key: url
+    AWS_S3_ACCESS_KEY_ID:
+      secretKeyRef:
+        name: meet-media-storage.bucket.libre.sh
+        key: accessKey
+    AWS_S3_SECRET_ACCESS_KEY:
+      secretKeyRef:
+        name: meet-media-storage.bucket.libre.sh
+        key: secretKey
+    AWS_STORAGE_BUCKET_NAME:
+      secretKeyRef:
+        name: meet-media-storage.bucket.libre.sh
+        key: bucket
+    AWS_S3_REGION_NAME: local
 
   createsuperuser:
     command:
diff --git a/src/helm/env.d/staging/values.meet.yaml.gotmpl b/src/helm/env.d/staging/values.meet.yaml.gotmpl
index fa090c39..675ac35c 100644
--- a/src/helm/env.d/staging/values.meet.yaml.gotmpl
+++ b/src/helm/env.d/staging/values.meet.yaml.gotmpl
@@ -97,6 +97,23 @@ backend:
     ALLOW_UNREGISTERED_ROOMS: False
     FRONTEND_ANALYTICS: "{'id': 'phc_RPYko028Oqtj0c9exLIWwrlrjLxSdxT0ntW0Lam4iom', 'host': 'https://product.visio-staging.beta.numerique.gouv.fr'}"
     FRONTEND_SUPPORT: "{'id': '58ea6697-8eba-4492-bc59-ad6562585041'}"
+    AWS_S3_ENDPOINT_URL:
+      secretKeyRef:
+        name: meet-media-storage.bucket.libre.sh
+        key: url
+    AWS_S3_ACCESS_KEY_ID:
+      secretKeyRef:
+        name: meet-media-storage.bucket.libre.sh
+        key: accessKey
+    AWS_S3_SECRET_ACCESS_KEY:
+      secretKeyRef:
+        name: meet-media-storage.bucket.libre.sh
+        key: secretKey
+    AWS_STORAGE_BUCKET_NAME:
+      secretKeyRef:
+        name: meet-media-storage.bucket.libre.sh
+        key: bucket
+    AWS_S3_REGION_NAME: local
 
   createsuperuser:
     command:
diff --git a/src/helm/extra/templates/s3.yaml b/src/helm/extra/templates/s3.yaml
new file mode 100644
index 00000000..19532e89
--- /dev/null
+++ b/src/helm/extra/templates/s3.yaml
@@ -0,0 +1,8 @@
+apiVersion: core.libre.sh/v1alpha1
+kind: Bucket
+metadata:
+  name: impress-media-storage
+  namespace: {{ .Release.Namespace | quote }}
+spec:
+  provider: data
+  versioned: true
\ No newline at end of file
diff --git a/src/helm/helmfile.yaml b/src/helm/helmfile.yaml
index d6d08ca8..a24e1a54 100644
--- a/src/helm/helmfile.yaml
+++ b/src/helm/helmfile.yaml
@@ -45,6 +45,21 @@ releases:
           enabled: true
           autoGenerated: true
 
+  - name: minio
+    installed: {{ eq .Environment.Name "dev" | toYaml }}
+    namespace: {{ .Namespace }}
+    chart: bitnami/minio
+    version: 12.10.10
+    values:
+      - auth:
+          rootUser: meet
+          rootPassword: password
+      - provisioning:
+          enabled: true
+          buckets:
+            - name: meet-media-storage
+              versioning: true
+
   - name: redis
     installed: {{ eq .Environment.Name "dev" | toYaml }}
     namespace: {{ .Namespace }}