Merge remote-tracking branch 'origin/main' into replace-placeholers-in-proeprties

sturman · sturman · commit 0f28c485fdc9 · 2025-06-07T10:25:44.000+03:00
# Conflicts:
#	readme-vars.yml
diff --git a/README.md b/README.md
@@ -88,7 +88,8 @@ db.createUser({
   pwd: "${MONGO_PASS}",
   roles: [
     { db: "${MONGO_DBNAME}", role: "dbOwner" },
-    { db: "${MONGO_DBNAME}_stat", role: "dbOwner" }
+    { db: "${MONGO_DBNAME}_stat", role: "dbOwner" },
+    { db: "${MONGO_DBNAME}_audit", role: "dbOwner" }
   ]
 })
 EOF
@@ -414,6 +415,7 @@ Once registered you can define the dockerfile to use with `-f Dockerfile.aarch64
 
 ## Versions
 
+* **08.05.25:** - Update sample `init-mongo.sh` for compatibility with 9.1.120 (only affects new installs).
 * **13.02.25:** - Revert JRE to 17.
 * **12.02.25:** - Bump JRE to 21.
 * **11.08.24:** - **Important**: The mongodb init instructions have been updated to enable auth ([RBAC](https://www.mongodb.com/docs/manual/core/authorization/#role-based-access-control)). We have been notified that if RBAC is not enabled, the official mongodb container allows remote access to the db contents over port 27017 without credentials. If you set up the mongodb container with the old instructions we provided, you should not map or expose port 27017. If you would like to enable auth, the easiest way is to create new instances of both unifi and mongodb with the new instructions and restore unifi from a backup.
diff --git a/package_versions.txt b/package_versions.txt
@@ -225,7 +225,7 @@ libsemanage-common                        3.5-1build5                        deb
 libsemanage2                              3.5-1build5                        deb                           
 libsepol2                                 3.5-2build1                        deb                           
 libsmartcols1                             2.39.3-9ubuntu6.2                  deb                           
-libsqlite3-0                              3.45.1-1ubuntu2.1                  deb                           
+libsqlite3-0                              3.45.1-1ubuntu2.3                  deb                           
 libss2                                    1.47.0-2.4~exp1ubuntu4.1           deb                           
 libssh-4                                  0.10.6-2build2                     deb                           
 libssl3t64                                3.0.13-0ubuntu3.5                  deb                           
diff --git a/readme-vars.yml b/readme-vars.yml
@@ -75,7 +75,8 @@ app_setup_block: |
     pwd: "${MONGO_PASS}",
     roles: [
       { db: "${MONGO_DBNAME}", role: "dbOwner" },
-      { db: "${MONGO_DBNAME}_stat", role: "dbOwner" }
+      { db: "${MONGO_DBNAME}_stat", role: "dbOwner" },
+      { db: "${MONGO_DBNAME}_audit", role: "dbOwner" }
     ]
   })
   EOF
@@ -155,12 +156,14 @@ init_diagram: |
     init-unifi-network-application-config -> init-config-end
     init-config -> init-crontab-config
     init-mods-end -> init-custom-files
+    init-adduser -> init-device-perms
     base -> init-envfile
     base -> init-migrations
     init-config-end -> init-mods
     init-mods-package-install -> init-mods-end
     init-mods -> init-mods-package-install
     init-adduser -> init-os-end
+    init-device-perms -> init-os-end
     init-envfile -> init-os-end
     init-custom-files -> init-services
     init-config -> init-unifi-network-application-config
@@ -175,7 +178,8 @@ init_diagram: |
   "unifi-network-application:latest" <- Base Images
 # changelog
 changelogs:
-  - {date: "07.05.25:", desc: "Change environment variables" }
+  - {date: "07.06.25:", desc: "Change environment variables"}
+  - {date: "08.05.25:", desc: "Update sample `init-mongo.sh` for compatibility with 9.1.120 (only affects new installs)."}
   - {date: "13.02.25:", desc: "Revert JRE to 17."}
   - {date: "12.02.25:", desc: "Bump JRE to 21."}
   - {date: "11.08.24:", desc: "**Important**: The mongodb init instructions have been updated to enable auth ([RBAC](https://www.mongodb.com/docs/manual/core/authorization/#role-based-access-control)). We have been notified that if RBAC is not enabled, the official mongodb container allows remote access to the db contents over port 27017 without credentials. If you set up the mongodb container with the old instructions we provided, you should not map or expose port 27017. If you would like to enable auth, the easiest way is to create new instances of both unifi and mongodb with the new instructions and restore unifi from a backup."}
