Note mongo version tag, Z, and podman network.
#!/bin/bash
# Install podman
sudo dnf module install container-tools:ol8
# Enable linger
sudo loginctl enable-linger opc
# Set timezone
sudo timedatectl set-timezone America/Los_Angeles
# Allow systemd to mess with containers
sudo setsebool -P container_manage_cgroup on
# Create podman network for controller to communicate with the mongo DB
podman network create unifi-network
# create the init file for the database. This is used once on start, ensure it's present before the mongo contgainer is started
cat <<EOF > init-mongo.js
db.getSiblingDB("unifi").createUser({user: "mongo-unifi-user", pwd: "mongo-unifi-p2ss", roles: [{role: "dbOwner", db: "unifi"}]});
db.getSiblingDB("unifi_stat").createUser({user: "mongo-unifi-user", pwd: "mongo-unifi-p2ss", roles: [{role: "dbOwner", db: "unifi_stat"}]Q});
EOF
# Bail on error from now on
set -e
# Create folders
mkdir -p ~/unifi-db ~/unifi-app
# create systemd wrappers for mongo, enable and start the service
podman create \
--label "io.containers.autoupdate=registry" \
--name=unifi-db \
--network=unifi-network \
-v ~/unifi-db:/data/db:Z \
-v ~/init-mongo.js:/docker-entrypoint-initdb.d/init-mongo.js:ro,Z \
docker.io/mongo:7
podman generate systemd --new --name unifi-db --restart-policy=always > ~/.config/systemd/user/container-unifi-db.service
podman rm unifi-db
systemctl --user enable container-unifi-db.service
systemctl --user start container-unifi-db.service
# create systemd wrappers for mongo, enable and start the service
podman create \
--label "io.containers.autoupdate=registry" \
--name=unifi-network-application \
--network=unifi-network \
-e PUID=1000 \
-e PGID=1000 \
-e TZ=America/Los_Angeles \
-e MONGO_USER=mongo-unifi-user \
-e MONGO_PASS=mongo-unifi-p2ss \
-e MONGO_HOST=unifi-db \
-e MONGO_PORT=27017 \
-e MONGO_DBNAME=unifi \
-e MEM_LIMIT=2048 `#optional` \
-e MEM_STARTUP=2048 `#optional` \
-e MONGO_TLS= `#optional` \
-e MONGO_AUTHSOURCE= `#optional` \
-p 8443:8443 \
-p 3478:3478/udp \
-p 10001:10001/udp \
-p 8080:8080 \
-p 1900:1900/udp `#optional` \
-p 8843:8843 `#optional` \
-p 8880:8880 `#optional` \
-p 6789:6789 `#optional` \
-p 5514:5514/udp `#optional` \
-v ~/unifi-app:/config:Z \
--restart unless-stopped \
lscr.io/linuxserver/unifi-network-application:latest
podman generate systemd --new --name unifi-network-application --restart-policy=always > ~/.config/systemd/user/unifi-network-application.service
podman rm unifi-network-application
systemctl --user enable unifi-network-application.service
systemctl --user start unifi-network-application.service
systemctl --user status container-unifi-db.service
systemctl --user status unifi-network-application.service
podman logs -f unifi-db
podman logs -f unifi-network-application