MongoDB supports non-root users (#1684)

* MongoDB supports non-root users Signed-off-by: skiffer-git <44203734@qq.com> * Update component.go * Update env-template.yaml * Update docker-compose.yml * Update environment.sh * Update openim.yaml * Update mongo-init.sh --------- Signed-off-by: skiffer-git <44203734@qq.com> Co-authored-by: Xinwei Xiong <3293172751@qq.com>
2026-05-08 19:16:35 +08:00 · 2024-01-04 20:50:29 +08:00
parent d3047d73b6
commit 6764fa5e70
7 changed files with 47 additions and 31 deletions
@@ -171,9 +171,14 @@ def "MONGO_URI"                                # MongoDB的URI
 def "MONGO_PORT" "37017"                       # MongoDB的端口
 def "MONGO_ADDRESS" "${DOCKER_BRIDGE_GATEWAY}" # MongoDB的地址
 def "MONGO_DATABASE" "${DATABASE_NAME}"        # MongoDB的数据库名
-def "MONGO_USERNAME" "${OPENIM_USER}"                 # MongoDB的用户名
-# MongoDB的密码
+def "MONGO_USERNAME" "root"		       # MongoDB的管理员身份用户名
+# MongoDB的管理员身份密码
 readonly MONGO_PASSWORD=${MONGO_PASSWORD:-"${PASSWORD}"}
+# Mongo OpenIM 身份用户名
+def "MONGO_OPENIM_USERNAME" "openIM"
+# Mongo OpenIM 身份密码
+readonly MONGO_OPENIM_PASSWORD=${MONGO_OPENIM_PASSWORD:-'openIM123456'}
+
 def "MONGO_MAX_POOL_SIZE" "100"                # 最大连接池大小

 ###################### Object 配置信息 ######################
@@ -12,15 +12,21 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.

-mongo -- "$MONGO_INITDB_DATABASE" <<EOF
-db = db.getSiblingDB('admin')
+set -e
+
+mongosh <<EOF
+use admin
 db.auth('$MONGO_INITDB_ROOT_USERNAME', '$MONGO_INITDB_ROOT_PASSWORD')
+
+
 db = db.getSiblingDB('$MONGO_INITDB_DATABASE')
 db.createUser({
-  user: "$MONGO_USERNAME",
-  pwd: "$MONGO_PASSWORD",
+  user: "$MONGO_OPENIM_USERNAME",
+  pwd: "$MONGO_OPENIM_PASSWORD",
  roles: [
-  { role: 'root', db: '$MONGO_INITDB_DATABASE' }
+    // Assign appropriate roles here
+    { role: 'readWrite', db: '$MONGO_INITDB_DATABASE' }
  ]
-})
+});
 EOF
+