Support authenticated mongo
This commit is contained in:
parent
1b39e2e852
commit
c0a31b8b3a
|
@ -5,10 +5,16 @@ portal.https.port=8843
|
|||
unifi.stun.port={{ env "NOMAD_PORT_stun" }}
|
||||
unifi.db.nojournal=true
|
||||
db.mongo.local=false
|
||||
db.mongo.uri=mongodb://localhost:27017/unifi
|
||||
statdb.mongo.uri=mongodb://localhost:27017/unifi_stats
|
||||
unifi.db.name=unifi
|
||||
debug.device=debug
|
||||
debug.mgmt=debug
|
||||
debug.system=debug
|
||||
[[- $mongo := urlParse .unifi.controller.mongo.address ]]
|
||||
[[- if has .unifi.controller.mongo "user" ]]
|
||||
db.mongo.uri=[[ $mongo.Scheme ]]://[[ .unifi.controller.mongo.user ]]:{{ with secret "[[ .env.suffix ]]kv/service/unifi" }}{{ urlquery .Data.data.mongo_pwd }}{{ end }}@[[ $mongo.Host ]]/[[ .unifi.controller.mongo.db ]]
|
||||
statdb.mongo.uri=[[ $mongo.Scheme ]]://[[ .unifi.controller.mongo.user ]]:{{ with secret "[[ .env.suffix ]]kv/service/unifi" }}{{ urlquery .Data.data.mongo_pwd }}{{ end }}@[[ $mongo.Host ]]/[[ .unifi.controller.mongo.stats_db ]]
|
||||
[[- else ]]
|
||||
db.mongo.uri=[[ $mongo.Scheme ]]://[[ $mongo.Host ]]/[[ .unifi.controller.mongo.db ]]
|
||||
statdb.mongo.uri=[[ $mongo.Scheme ]]://[[ $mongo.Host ]]/[[ .unifi.controller.mongo.stats_db ]]
|
||||
[[- end ]]
|
||||
unifi.db.name=[[ .unifi.controller.mongo.db ]]
|
||||
debug.device=info
|
||||
debug.mgmt=info
|
||||
debug.system=info
|
||||
debug.sdn=warn
|
||||
|
|
|
@ -20,7 +20,7 @@ job "unifi" {
|
|||
|
||||
"[[ .traefik.instance ]].http.routers.unifi-inform[[ .env.suffix ]].rule=Host(`
|
||||
[[- (urlParse .unifi.inform.public_url).Hostname -]]
|
||||
`) && (Path(`/inform`) || PathPrefix(`/dl/firmware-cached`))",
|
||||
`) && ((Path(`/inform`) && Method(`POST`)) || (PathPrefix(`/dl/firmware-cached`) && (Method(`GET`) || Method(`HEAD`))",
|
||||
"[[ .traefik.instance ]].http.routers.unifi-inform[[ .env.suffix ]].entrypoints=[[ join (merge .unifi.inform.traefik .traefik).entrypoints "," ]]",
|
||||
"[[ .traefik.instance ]].http.routers.unifi-inform[[ .env.suffix ]].middlewares=[[ template "common/traefik_middlewares.tpl" merge .unifi.inform.traefik .traefik ]]",
|
||||
|
||||
|
@ -162,6 +162,12 @@ _EOF
|
|||
}
|
||||
}
|
||||
|
||||
vault {
|
||||
policies = ["unifi[[ .env.suffix ]]"]
|
||||
env = false
|
||||
disable_file = true
|
||||
}
|
||||
|
||||
env {
|
||||
JAVA_OPTS = "-Dlogback.configurationFile=/local/logback.xml"
|
||||
[[ template "common/proxy_env.tpl" . ]]
|
||||
|
|
|
@ -31,6 +31,8 @@ unifi:
|
|||
# DB names for unifi and the statistics
|
||||
db: unifi
|
||||
stats_db: unifi_stats
|
||||
# If username is set, the password must be available in vault at [[ .env.suffix ]]/kv/service/unifi in key mongo_pwd
|
||||
# user: unifi
|
||||
|
||||
# Service name of the mongo service. This is used to wait for mongo to be
|
||||
# up before starting the controller
|
||||
|
|
|
@ -0,0 +1,3 @@
|
|||
path "[[ .env.suffix ]]kv/data/service/unifi" {
|
||||
capabilities = ["read"]
|
||||
}
|
Loading…
Reference in New Issue