MongoDB supports non-root users

Signed-off-by: skiffer-git <44203734@qq.com>

docker-compose.yml

@@ -10,6 +10,8 @@ networks:
         - subnet: '${DOCKER_BRIDGE_SUBNET:-172.28.0.0/16}'
           gateway: '${DOCKER_BRIDGE_GATEWAY:-172.28.0.1}'
 
+
+
 services:
   mongodb:
     image: mongo:${MONGODB_IMAGE_VERSION-6.0.2}
@@ -21,13 +23,15 @@ services:
       - "${DATA_DIR:-./}/components/mongodb/data/db:/data/db"
       - "${DATA_DIR:-./}/components/mongodb/data/logs:/data/logs"
       - "${DATA_DIR:-./}/components/mongodb/data/conf:/etc/mongo"
-      - ./scripts/mongo-init.sh:/docker-entrypoint-initdb.d/mongo-init.sh:ro
+      - "./scripts/mongo-init.sh:/docker-entrypoint-initdb.d/mongo-init.sh:ro"
     environment:
       - TZ=Asia/Shanghai
       - wiredTigerCacheSizeGB=1
       - MONGO_INITDB_ROOT_USERNAME=${MONGO_USERNAME:-root}
       - MONGO_INITDB_ROOT_PASSWORD=${MONGO_PASSWORD:-openIM123}
       - MONGO_INITDB_DATABASE=${MONGO_DATABASE:-openIM_v3}
+      - MONGO_OPENIM_USERNAME=${MONGO_USERNAMEA:-openIM} # Non-root username
+      - MONGO_OPENIM_PASSWORD=${MONGO_PASSWORDA:-openIM123456} # Non-root password
     restart: always
     networks:
       server:
@@ -122,9 +126,9 @@ services:
       server:
         ipv4_address: ${OPENIM_WEB_NETWORK_ADDRESS:-172.28.0.7}
 
-  ## Uncomment and configure the following services as needed
+  # Uncomment and configure the following services as needed
   # openim-admin:
-  #   image: ${IMAGE_REGISTRY:-ghcr.io/openimsdk}/openim-admin:toc-base-open-docker.35
+  #   image: ${IMAGE_REGISTRY:-ghcr.io/openimsdk}/openim-admin-front:v3.4.0
   #   container_name: openim-admin
   #   restart: always
   #   ports:
@@ -167,12 +171,6 @@ services:
   #   hostname: grafana
   #   user: root
   #   restart: always
-  #   environment:
-  #     - GF_SECURITY_ALLOW_EMBEDDING=true
-  #     - GF_SESSION_COOKIE_SAMESITE=none
-  #     - GF_SESSION_COOKIE_SECURE=true
-  #     - GF_AUTH_ANONYMOUS_ENABLED=true
-  #     - GF_AUTH_ANONYMOUS_ORG_ROLE=Admin
   #   ports:
   #     - "${GRAFANA_PORT:-13000}:3000"
   #   volumes:

pkg/common/db/unrelation/mongo.go

@@ -103,9 +103,9 @@ func buildMongoURI() string {
 		maxPoolSize = fmt.Sprint(config.Config.Mongo.MaxPoolSize)
 	}
 
-	uriFormat := "mongodb://%s/%s?maxPoolSize=%s&authSource=admin"
+	uriFormat := "mongodb://%s/%s?maxPoolSize=%s"
 	if username != "" && password != "" {
-		uriFormat = "mongodb://%s:%s@%s/%s?maxPoolSize=%s&authSource=admin"
+		uriFormat = "mongodb://%s:%s@%s/%s?maxPoolSize=%s"
 		return fmt.Sprintf(uriFormat, username, password, address, database, maxPoolSize)
 	}
 	return fmt.Sprintf(uriFormat, address, database, maxPoolSize)

scripts/mongo-init.sh

@@ -12,15 +12,21 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-mongo -- "$MONGO_INITDB_DATABASE" <<EOF
-db = db.getSiblingDB('admin')
+set -e
+
+mongosh <<EOF
+use admin
 db.auth('$MONGO_INITDB_ROOT_USERNAME', '$MONGO_INITDB_ROOT_PASSWORD')
+
+
 db = db.getSiblingDB('$MONGO_INITDB_DATABASE')
 db.createUser({
-  user: "$MONGO_USERNAME",
-  pwd: "$MONGO_PASSWORD",
+  user: "MONGO_OPENIM_USERNAME",
+  pwd: "MONGO_OPENIM_PASSWORD",
   roles: [
-  { role: 'root', db: '$MONGO_INITDB_DATABASE' }
+    // Assign appropriate roles here
+    { role: 'readWrite', db: '$MONGO_INITDB_DATABASE' }
   ]
-})
+});
 EOF
+

tools/component/component.go

@@ -25,10 +25,6 @@ import (
 	"strings"
 	"time"
 
-	"github.com/minio/minio-go/v7"
-	"github.com/redis/go-redis/v9"
-	"gopkg.in/yaml.v3"
-
 	"github.com/IBM/sarama"
 	"github.com/OpenIMSDK/tools/errs"
 	"github.com/go-zookeeper/zk"
@@ -172,10 +168,10 @@ func buildMongoURI() string {
 	mongodbHosts := strings.Join(config.Config.Mongo.Address, ",")
 
 	if username != "" && password != "" {
-		return fmt.Sprintf("mongodb://%s:%s@%s/%s?maxPoolSize=%d&authSource=admin",
+		return fmt.Sprintf("mongodb://%s:%s@%s/%s?maxPoolSize=%d",
 			username, password, mongodbHosts, database, maxPoolSize)
 	}
-	return fmt.Sprintf("mongodb://%s/%s?maxPoolSize=%d&authSource=admin",
+	return fmt.Sprintf("mongodb://%s/%s?maxPoolSize=%d",
 		mongodbHosts, database, maxPoolSize)
 }