Add authMechanism config, make creds optional, update docs

This commit is contained in:
Vladimir Romashchenko 2025-01-16 21:46:30 -05:00
parent c2922e822e
commit 6c7856b9e8
No known key found for this signature in database
GPG key ID: E5B7EA4A9E1D48F4
4 changed files with 34 additions and 15 deletions

View file

@ -172,12 +172,14 @@ services:
- PUID=1000
- PGID=1000
- TZ=Etc/UTC
- MONGO_USER=unifi
- MONGO_PASS=
- MONGO_HOST=unifi-db
- MONGO_PORT=27017
- MONGO_DBNAME=unifi
- MONGO_AUTHSOURCE=admin
- MONGO_STATDBNAME=unifi_stat #optional
- MONGO_USER=unifi #optional
- MONGO_PASS= #optional
- MONGO_AUTHSOURCE=admin #optional
- MONGO_AUTHMECHANISM=SCRAM-SHA-256 #optional
- MEM_LIMIT=1024 #optional
- MEM_STARTUP=1024 #optional
- MONGO_TLS= #optional
@ -204,12 +206,14 @@ docker run -d \
-e PUID=1000 \
-e PGID=1000 \
-e TZ=Etc/UTC \
-e MONGO_USER=unifi \
-e MONGO_PASS= \
-e MONGO_HOST=unifi-db \
-e MONGO_PORT=27017 \
-e MONGO_DBNAME=unifi \
-e MONGO_AUTHSOURCE=admin \
-e MONGO_STATDBNAME=unifi_stat `#optional` \
-e MONGO_USER=unifi `#optional` \
-e MONGO_PASS= `#optional` \
-e MONGO_AUTHSOURCE=admin `#optional` \
-e MONGO_AUTHMECHANISM=SCRAM-SHA-256 `#optional` \
-e MEM_LIMIT=1024 `#optional` \
-e MEM_STARTUP=1024 `#optional` \
-e MONGO_TLS= `#optional` \
@ -249,7 +253,9 @@ Containers are configured using parameters passed at runtime (such as those abov
| `-e MONGO_PASS=` | Mongodb Password. Only evaluated on first run. **Special characters must be [url encoded](https://en.wikipedia.org/wiki/Percent-encoding)**. |
| `-e MONGO_HOST=unifi-db` | Mongodb Hostname. Only evaluated on first run. |
| `-e MONGO_PORT=27017` | Mongodb Port. Only evaluated on first run. |
| `-e MONGO_DBNAME=unifi` | Mongodb Database Name (stats DB is automatically suffixed with `_stat`). Only evaluated on first run. |
| `-e MONGO_DBNAME=unifi` | Mongodb Database Name. Only evaluated on first run. |
| `-e MONGO_STATDBNAME=unifi_stat` | Mongodb stats Database Name. If not specified will use MONGO_DBNAME with `_stat` suffix. Only evaluated on first run. |
| `-e MONGO_AUTHMECHANISM=SCRAM-SHA-256` | Mongodb [authMechanism](https://www.mongodb.com/docs/drivers/java/sync/current/fundamentals/auth/). For FerretDB with Postgres set to `PLAIN`. Only evaluated on first run. |
| `-e MONGO_AUTHSOURCE=admin` | Mongodb [authSource](https://www.mongodb.com/docs/manual/reference/connection-string/#mongodb-urioption-urioption.authSource). For Atlas set to `admin`. Only evaluated on first run. |
| `-e MEM_LIMIT=1024` | Optionally change the Java memory limit (in Megabytes). Set to `default` to reset to default |
| `-e MEM_STARTUP=1024` | Optionally change the Java initial/minimum memory (in Megabytes). Set to `default` to reset to default |

View file

@ -23,15 +23,17 @@ param_ports:
- {external_port: "8080", internal_port: "8080", port_desc: "Required for device communication"}
param_usage_include_env: true
param_env_vars:
- {env_var: "MONGO_USER", env_value: "unifi", desc: "Mongodb Username. Only evaluated on first run. **Special characters must be [url encoded](https://en.wikipedia.org/wiki/Percent-encoding)**."}
- {env_var: "MONGO_PASS", env_value: "", desc: "Mongodb Password. Only evaluated on first run. **Special characters must be [url encoded](https://en.wikipedia.org/wiki/Percent-encoding)**."}
- {env_var: "MONGO_HOST", env_value: "unifi-db", desc: "Mongodb Hostname. Only evaluated on first run."}
- {env_var: "MONGO_PORT", env_value: "27017", desc: "Mongodb Port. Only evaluated on first run."}
- {env_var: "MONGO_DBNAME", env_value: "unifi", desc: "Mongodb Database Name (stats DB is automatically suffixed with `_stat`). Only evaluated on first run."}
- {env_var: "MONGO_AUTHSOURCE", env_value: "admin", desc: "Mongodb [authSource](https://www.mongodb.com/docs/manual/reference/connection-string/#mongodb-urioption-urioption.authSource). For Atlas set to `admin`. Only evaluated on first run."}
- {env_var: "MONGO_DBNAME", env_value: "unifi", desc: "Mongodb Database Name. Only evaluated on first run."}
# optional container parameters
opt_param_usage_include_env: true
opt_param_env_vars:
- {env_var: "MONGO_USER", env_value: "unifi", desc: "Mongodb Username. Only evaluated on first run. **Special characters must be [url encoded](https://en.wikipedia.org/wiki/Percent-encoding)**."}
- {env_var: "MONGO_PASS", env_value: "", desc: "Mongodb Password. Only evaluated on first run. **Special characters must be [url encoded](https://en.wikipedia.org/wiki/Percent-encoding)**."}
- {env_var: "MONGO_STATDBNAME", env_value: "unifi_stat", desc: "Mongodb stats Database Name. If not specified will use MONGO_DBNAME with `_stat` suffix. Only evaluated on first run."}
- {env_var: "MONGO_AUTHSOURCE", env_value: "admin", desc: "Mongodb [authSource](https://www.mongodb.com/docs/manual/reference/connection-string/#mongodb-urioption-urioption.authSource). For Atlas set to `admin`. Only evaluated on first run."}
- {env_var: "MONGO_AUTHMECHANISM", env_value: "SCRAM-SHA-256", desc: "Mongodb [authMechanism](https://www.mongodb.com/docs/drivers/java/sync/current/fundamentals/auth/). For FerretDB with Postgres set to `PLAIN`. Only evaluated on first run."}
- {env_var: "MEM_LIMIT", env_value: "1024", desc: "Optionally change the Java memory limit (in Megabytes). Set to `default` to reset to default"}
- {env_var: "MEM_STARTUP", env_value: "1024", desc: "Optionally change the Java initial/minimum memory (in Megabytes). Set to `default` to reset to default"}
- {env_var: "MONGO_TLS", env_value: "", desc: "Mongodb enable [TLS](https://www.mongodb.com/docs/manual/reference/connection-string/#mongodb-urioption-urioption.tls). Only evaluated on first run."}

View file

@ -41,6 +41,6 @@
# unifi.throughput.port=6789
#
db.mongo.local=false
db.mongo.uri=mongodb://~MONGO_USER~:~MONGO_PASS~@~MONGO_HOST~:~MONGO_PORT~/~MONGO_DBNAME~?tls=~MONGO_TLS~~MONGO_AUTHSOURCE~
statdb.mongo.uri=mongodb://~MONGO_USER~:~MONGO_PASS~@~MONGO_HOST~:~MONGO_PORT~/~MONGO_DBNAME~_stat?tls=~MONGO_TLS~~MONGO_AUTHSOURCE~
db.mongo.uri=mongodb://~MONGO_CREDS~~MONGO_HOST~:~MONGO_PORT~/~MONGO_DBNAME~?tls=~MONGO_TLS~~MONGO_AUTHSOURCE~~MONGO_AUTHMECHANISM~
statdb.mongo.uri=mongodb://~MONGO_CREDS~~MONGO_HOST~:~MONGO_PORT~/~MONGO_STATDBNAME~?tls=~MONGO_TLS~~MONGO_AUTHSOURCE~~MONGO_AUTHMECHANISM~
unifi.db.name=~MONGO_DBNAME~

View file

@ -1,6 +1,8 @@
#!/usr/bin/with-contenv bash
# shellcheck shell=bash
STATDB_NAME=${MONGO_STATDBNAME:-${MONGO_DBNAME}_stat}
# create our folders
mkdir -p \
/run/unifi/work/ROOT \
@ -45,11 +47,15 @@ if [[ ! -e /config/data/system.properties ]]; then
fi
sleep 5
done
sed -i "s/~MONGO_USER~/${MONGO_USER}/" /defaults/system.properties
if [[ -n "${MONGO_USER}" || -n "${MONGO_PASS}" ]]; then
sed -i "s/~MONGO_CREDS~/${MONGO_USER}:${MONGO_PASS}@/" /defaults/system.properties
else
sed -i "s/~MONGO_CREDS~//" /defaults/system.properties
fi
sed -i "s/~MONGO_HOST~/${MONGO_HOST}/" /defaults/system.properties
sed -i "s/~MONGO_PORT~/${MONGO_PORT}/" /defaults/system.properties
sed -i "s/~MONGO_DBNAME~/${MONGO_DBNAME}/" /defaults/system.properties
sed -i "s/~MONGO_PASS~/${MONGO_PASS}/" /defaults/system.properties
sed -i "s/~MONGO_STATDBNAME~/${STATDB_NAME}/" /defaults/system.properties
if [[ "${MONGO_TLS,,}" = "true" ]]; then
sed -i "s/~MONGO_TLS~/true/" /defaults/system.properties
else
@ -60,6 +66,11 @@ if [[ ! -e /config/data/system.properties ]]; then
else
sed -i "s/~MONGO_AUTHSOURCE~/\&authSource=${MONGO_AUTHSOURCE}/" /defaults/system.properties
fi
if [[ -z "${MONGO_AUTHMECHANISM}" ]]; then
sed -i "s/~MONGO_AUTHMECHANISM~//" /defaults/system.properties
else
sed -i "s/~MONGO_AUTHMECHANISM~/\&authMechanism=${MONGO_AUTHMECHANISM}/" /defaults/system.properties
fi
cp /defaults/system.properties /config/data
fi
fi