From 7ba7c46cabe36db06963331e08183e327caac0fa Mon Sep 17 00:00:00 2001 From: Jason Klapste Date: Wed, 18 Dec 2024 09:26:19 -0600 Subject: [PATCH 1/7] 869 + Monogo --- Dockerfile | 16 +++++++++++----- docker-build.sh | 47 ++++++++++++++++++++++++----------------------- 2 files changed, 35 insertions(+), 28 deletions(-) diff --git a/Dockerfile b/Dockerfile index 0668fd8..12895b4 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,5 @@ -FROM golang:1.24-bullseye AS permset +# https://hub.docker.com/_/golang/tags?page=1&name=bullseye +FROM golang:1.23.3-bullseye as permset WORKDIR /src RUN git clone https://github.com/jacobalberty/permset.git /src && \ mkdir -p /out && \ @@ -10,7 +11,12 @@ LABEL maintainer="Jacob Alberty " ARG DEBIAN_FRONTEND=noninteractive -ARG PKGURL=https://dl.ui.com/unifi/9.5.21/unifi_sysvinit_all.deb +# https://ui.com/download/software/uxg-lite +# https://community.ui.com/releases +# Unifi Network Application +# Debian/Ubuntu package +#ARG PKGURL=https://dl.ui.com/unifi/8.6.9-0f45j609pu/unifi_sysvinit_all.deb +ARG PKGURL=https://dl.ui.com/unifi/9.0.114/unifi_sysvinit_all.deb ENV BASEDIR=/usr/lib/unifi \ DATADIR=/unifi/data \ @@ -34,9 +40,9 @@ ENV BASEDIR=/usr/lib/unifi \ # This should be integrated with the main run because it duplicates a lot of the steps there # but for now while shoehorning gosu in it is seperate RUN set -eux; \ - apt-get update; \ - apt-get install -y gosu; \ - rm -rf /var/lib/apt/lists/* + apt-get update; \ + apt-get install -y gosu; \ + rm -rf /var/lib/apt/lists/* RUN mkdir -p /usr/unifi \ /usr/local/unifi/init.d \ diff --git a/docker-build.sh b/docker-build.sh index 09e80b5..d64040d 100755 --- a/docker-build.sh +++ b/docker-build.sh @@ -3,27 +3,6 @@ # fail on error set -e -# Retry 5 times with a wait of 10 seconds between each retry -tryfail() { - for i in $(seq 1 5); - do [ $i -gt 1 ] && sleep 10; $* && s=0 && break || s=$?; done; - (exit $s) -} - -# Try multiple keyservers in case of failure -addKey() { - for server in $(shuf -e ha.pool.sks-keyservers.net \ - hkp://p80.pool.sks-keyservers.net:80 \ - keyserver.ubuntu.com \ - hkp://keyserver.ubuntu.com:80 \ - pgp.mit.edu) ; do \ - if apt-key adv --keyserver "$server" --recv "$1"; then - exit 0 - fi - done - return 1 -} - if [ "x${1}" == "x" ]; then echo please pass PKGURL as an environment variable exit 0 @@ -40,8 +19,30 @@ apt-get install -qy --no-install-recommends \ procps \ libcap2-bin \ tzdata -echo 'deb https://www.ui.com/downloads/unifi/debian stable ubiquiti' | tee /etc/apt/sources.list.d/100-ubnt-unifi.list -tryfail apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv 06E85760C0A52C50 + +echo 'deb [signed-by=/usr/share/keyrings/unifi-repo.gpg] https://www.ui.com/downloads/unifi/debian stable ubiquiti' | tee /etc/apt/sources.list.d/100-ubnt-unifi.list +curl -L -o /usr/share/keyrings/unifi-repo.gpg https://dl.ui.com/unifi/unifi-repo.gpg + +#echo 'deb [signed-by=/usr/share/keyrings/mongodb-server-3.6.pgp] https://repo.mongodb.org/apt/ubuntu bionic/mongodb-org/3.6 multiverse' | tee /etc/apt/sources.list.d/100-mongodb-server.list +#curl -s -N https://pgp.mongodb.com/server-3.6.asc | gpg --dearmor > /usr/share/keyrings/mongodb-server-3.6.pgp +# need to set trusted because signature has expired and EOL'ed +#echo 'deb [trusted=yes] https://repo.mongodb.org/apt/ubuntu bionic/mongodb-org/4.0 multiverse' | tee /etc/apt/sources.list.d/100-mongodb-server.list +#echo 'deb [signed-by=/usr/share/keyrings/mongodb-server-4.2.pgp] https://repo.mongodb.org/apt/ubuntu bionic/mongodb-org/4.2 multiverse' | tee /etc/apt/sources.list.d/100-mongodb-server.list +#curl -s -N https://pgp.mongodb.com/server-4.2.asc | gpg --dearmor > /usr/share/keyrings/mongodb-server-4.2.pgp + +#echo 'deb [signed-by=/usr/share/keyrings/mongodb-server-4.4.pgp] https://repo.mongodb.org/apt/ubuntu bionic/mongodb-org/4.4 multiverse' | tee /etc/apt/sources.list.d/100-mongodb-server.list +#curl -s -N https://pgp.mongodb.com/server-4.4.asc | gpg --dearmor > /usr/share/keyrings/mongodb-server-4.4.pgp + +#echo 'deb [signed-by=/usr/share/keyrings/mongodb-server-5.0.pgp] https://repo.mongodb.org/apt/ubuntu bionic/mongodb-org/5.0 multiverse' | tee /etc/apt/sources.list.d/100-mongodb-server.list +#curl -s -N https://pgp.mongodb.com/server-5.0.asc | gpg --dearmor > /usr/share/keyrings/mongodb-server-5.0.pgp + +#echo 'deb [signed-by=/usr/share/keyrings/mongodb-server-6.0.pgp] https://repo.mongodb.org/apt/ubuntu bionic/mongodb-org/6.0 multiverse' | tee /etc/apt/sources.list.d/100-mongodb-server.list +#curl -s -N https://pgp.mongodb.com/server-6.0.asc | gpg --dearmor > /usr/share/keyrings/mongodb-server-6.0.pgp + +echo 'deb [signed-by=/usr/share/keyrings/mongodb-server-7.0.pgp] https://repo.mongodb.org/apt/ubuntu bionic/mongodb-org/7.0 multiverse' | tee /etc/apt/sources.list.d/100-mongodb-server.list +curl -s -N https://pgp.mongodb.com/server-7.0.asc | gpg --dearmor > /usr/share/keyrings/mongodb-server-7.0.pgp + +apt-get update if [ -d "/usr/local/docker/pre_build/$(dpkg --print-architecture)" ]; then find "/usr/local/docker/pre_build/$(dpkg --print-architecture)" -type f -exec '{}' \; From 6718f782cf7228c850666b520b6d0649358404d7 Mon Sep 17 00:00:00 2001 From: Jason Klapste Date: Thu, 28 Aug 2025 16:27:16 -0500 Subject: [PATCH 2/7] Updated to 9.4.19, Ubuntu 22.04, JDK 21 and keys for Mongodb 7.x --- Dockerfile | 7 +++---- docker-build.sh | 12 +++++++++--- 2 files changed, 12 insertions(+), 7 deletions(-) diff --git a/Dockerfile b/Dockerfile index 12895b4..28e90a4 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,11 +1,11 @@ # https://hub.docker.com/_/golang/tags?page=1&name=bullseye -FROM golang:1.23.3-bullseye as permset +FROM golang:1.24.6-bullseye AS permset WORKDIR /src RUN git clone https://github.com/jacobalberty/permset.git /src && \ mkdir -p /out && \ go build -ldflags "-X main.chownDir=/unifi" -o /out/permset -FROM ubuntu:20.04 +FROM ubuntu:22.04 LABEL maintainer="Jacob Alberty " @@ -15,8 +15,7 @@ ARG DEBIAN_FRONTEND=noninteractive # https://community.ui.com/releases # Unifi Network Application # Debian/Ubuntu package -#ARG PKGURL=https://dl.ui.com/unifi/8.6.9-0f45j609pu/unifi_sysvinit_all.deb -ARG PKGURL=https://dl.ui.com/unifi/9.0.114/unifi_sysvinit_all.deb +ARG PKGURL=https://dl.ui.com/unifi/9.4.19-0f76duk082/unifi_sysvinit_all.deb ENV BASEDIR=/usr/lib/unifi \ DATADIR=/unifi/data \ diff --git a/docker-build.sh b/docker-build.sh index d64040d..e4e5097 100755 --- a/docker-build.sh +++ b/docker-build.sh @@ -15,7 +15,7 @@ apt-get install -qy --no-install-recommends \ dirmngr \ gpg \ gpg-agent \ - openjdk-17-jre-headless \ + openjdk-21-jre-headless \ procps \ libcap2-bin \ tzdata @@ -39,8 +39,14 @@ curl -L -o /usr/share/keyrings/unifi-repo.gpg https://dl.ui.com/unifi/unifi-repo #echo 'deb [signed-by=/usr/share/keyrings/mongodb-server-6.0.pgp] https://repo.mongodb.org/apt/ubuntu bionic/mongodb-org/6.0 multiverse' | tee /etc/apt/sources.list.d/100-mongodb-server.list #curl -s -N https://pgp.mongodb.com/server-6.0.asc | gpg --dearmor > /usr/share/keyrings/mongodb-server-6.0.pgp -echo 'deb [signed-by=/usr/share/keyrings/mongodb-server-7.0.pgp] https://repo.mongodb.org/apt/ubuntu bionic/mongodb-org/7.0 multiverse' | tee /etc/apt/sources.list.d/100-mongodb-server.list -curl -s -N https://pgp.mongodb.com/server-7.0.asc | gpg --dearmor > /usr/share/keyrings/mongodb-server-7.0.pgp +#echo 'deb [signed-by=/usr/share/keyrings/mongodb-server-7.0.pgp] https://repo.mongodb.org/apt/ubuntu bionic/mongodb-org/7.0 multiverse' | tee /etc/apt/sources.list.d/100-mongodb-server.list +#curl -s -N https://pgp.mongodb.com/server-7.0.asc | gpg --dearmor > /usr/share/keyrings/mongodb-server-7.0.pgp + +echo "deb [ arch=amd64,arm64 signed-by=/usr/share/keyrings/mongodb-server-7.0.gpg ] https://repo.mongodb.org/apt/ubuntu jammy/mongodb-org/7.0 multiverse" | tee /etc/apt/sources.list.d/mongodb-org-7.0.list +curl -fsSL https://www.mongodb.org/static/pgp/server-7.0.asc | gpg -o /usr/share/keyrings/mongodb-server-7.0.gpg --dearmor + +#echo "deb [ arch=amd64,arm64 signed-by=/usr/share/keyrings/mongodb-server-8.0.gpg ] https://repo.mongodb.org/apt/ubuntu noble/mongodb-org/8.0 multiverse" | tee /etc/apt/sources.list.d/mongodb-org-8.0.list +#curl -fsSL https://www.mongodb.org/static/pgp/server-8.0.asc | gpg --dearmor > /usr/share/keyrings/mongodb-server-8.0.gpg apt-get update From 5f8dd6bd22cfbb88827cb2c16ab69c88cf163385 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 28 Aug 2025 16:33:20 -0500 Subject: [PATCH 3/7] Bump docker/metadata-action from 4 to 5 (#3) Bumps [docker/metadata-action](https://github.com/docker/metadata-action) from 4 to 5. - [Release notes](https://github.com/docker/metadata-action/releases) - [Commits](https://github.com/docker/metadata-action/compare/v4...v5) --- updated-dependencies: - dependency-name: docker/metadata-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/docker.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index 1b2a0bf..9ba34b8 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -51,7 +51,7 @@ jobs: docker stop unifitest - name: Extract metadata (tags, labels) for Docker id: meta - uses: docker/metadata-action@v4 + uses: docker/metadata-action@v5 with: tags: | type=raw,value=latest,enable={{is_default_branch}} From 9a22cd5cd305419a71eee9db8d1ab488b77cfeeb Mon Sep 17 00:00:00 2001 From: Jason Klapste Date: Thu, 28 Aug 2025 16:34:22 -0500 Subject: [PATCH 4/7] updated reviewer name --- .github/dependabot.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index b2665a6..323209b 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -6,11 +6,11 @@ updates: - package-ecosystem: github-actions directory: / schedule: {interval: monthly} - reviewers: [jacobalberty] - assignees: [jacobalberty] + reviewers: [jklap] + assignees: [jklap] - package-ecosystem: docker directory: / schedule: {interval: monthly} - reviewers: [jacobalberty] - assignees: [jacobalberty] + reviewers: [jklap] + assignees: [jklap] From dcae96a0ae7ef3b91a4d912dc446546ac9ab8b75 Mon Sep 17 00:00:00 2001 From: Jason Klapste Date: Wed, 22 Oct 2025 20:04:02 -0500 Subject: [PATCH 5/7] disabled GHAs --- .github/workflows/build.yml | 5 +++-- .github/workflows/docker.yml | 15 ++++++++------- .github/workflows/stale.yml | 5 +++-- 3 files changed, 14 insertions(+), 11 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 847bcbf..8a25ba5 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -1,8 +1,9 @@ name: Build Docker image on: - pull_request: - types: [opened, synchronize, reopened] + workflow_dispatch: +# pull_request: +# types: [opened, synchronize, reopened] env: TEST_TAG: jacobalberty/unifi:test diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index 9ba34b8..e599817 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -1,12 +1,13 @@ name: Publish Docker image on: - push: - branches: - - 'master' - - 'beta' - - 'hotfix/*' - tags: - - 'v*.*.*' + workflow_dispatch: +# push: +# branches: +# - 'master' +# - 'beta' +# - 'hotfix/*' +# tags: +# - 'v*.*.*' env: TEST_TAG: jacobalberty/unifi:test diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index 5007a24..99872f9 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -1,7 +1,8 @@ name: 'Close stale issues and PRs' on: - schedule: - - cron: '30 1 * * *' + workflow_dispatch: +# schedule: +# - cron: '30 1 * * *' jobs: stale: From 98eb65c302c80e3e5feef7b3e16a2a3f75f80a6e Mon Sep 17 00:00:00 2001 From: Jason Klapste Date: Wed, 22 Oct 2025 20:04:18 -0500 Subject: [PATCH 6/7] Update to 9.5.21 --- Dockerfile | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 28e90a4..f0a5194 100644 --- a/Dockerfile +++ b/Dockerfile @@ -15,7 +15,8 @@ ARG DEBIAN_FRONTEND=noninteractive # https://community.ui.com/releases # Unifi Network Application # Debian/Ubuntu package -ARG PKGURL=https://dl.ui.com/unifi/9.4.19-0f76duk082/unifi_sysvinit_all.deb +#ARG PKGURL=https://dl.ui.com/unifi/9.4.19-0f76duk082/unifi_sysvinit_all.deb +ARG PKGURL=https://dl.ui.com/unifi/9.5.21-6nxxr6v29z/unifi_sysvinit_all.deb ENV BASEDIR=/usr/lib/unifi \ DATADIR=/unifi/data \ From b1d81e69a0e7132ad328635c4cab9c8f7ac00898 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 23 Oct 2025 01:16:48 +0000 Subject: [PATCH 7/7] Bump ubuntu from 20.04 to 24.04 Bumps ubuntu from 20.04 to 24.04. --- updated-dependencies: - dependency-name: ubuntu dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index f0a5194..e5fe652 100644 --- a/Dockerfile +++ b/Dockerfile @@ -5,7 +5,7 @@ RUN git clone https://github.com/jacobalberty/permset.git /src && \ mkdir -p /out && \ go build -ldflags "-X main.chownDir=/unifi" -o /out/permset -FROM ubuntu:22.04 +FROM ubuntu:24.04 LABEL maintainer="Jacob Alberty "