MongoDB

From DenshiWiki
Jump to navigation Jump to search
The logo of MongoDB.

MongoDB is a modern, document-based database that is used by a lot of web software and services. Unlike SQL databases such as MySQL that store data in tables, MongoDB utilizes json documents instead.

Initial Setup[edit]

This section covers the base installation of a MongoDB database server; It is highly recommended to follow the steps in further setup.

Prerequisites[edit]

  • A VPS or local server for self-hosting
  • An installation of Debian 10
  • Basic UNIX knowledge

Installation[edit]

To install a relatively modern version of MongoDB on Debian, it is recommended to use the MongoDB community edition repositories:

wget -qO - https://www.mongodb.org/static/pgp/server-4.4.asc | sudo apt-key add -
echo "deb http://repo.mongodb.org/apt/debian buster/mongodb-org/4.4 main" | sudo tee /etc/apt/sources.list.d/mongodb-org-4.4.list

Then update your repository database:

sudo apt update

And install MongoDB:

sudo apt install mongodb-org

Systemd Service[edit]

The mongodb-org package automatically installs a systemd service that you can run to start, stop or enable MongoDB at launch:

sudo systemctl restart mongodb

Enabling MongoDB at launch:

sudo systemctl enable mongodb

Configuration[edit]

Configuration of the MongoDB daemon can be done in /etc/mongod.conf; Otherwise, a specific configuration file can be specified with the --config option while using mongod

(Note: It is recommended to run mongod as the user mongodb, which is created when installing MongoDB.)

Further Configuration[edit]

There are some further recommended steps to take to ensure secure functioning of the MongoDB database:

Creating a database[edit]

To create a database, first access the MongoDB shell:

mongo

Then use the use command to create (if not already existing) and begin using a database:

use DATABASE

Enabling Authentication/Access Control[edit]

MongoDB supports authentication, but it is disabled by default; To enable it, first enter the MongoDB shell and create a user named MyUserAdmin under the admin database:

mongo
use admin
db.createUser(
  {
    user: "myUserAdmin",
    pwd: passwordPrompt(),
    roles: [ { role: "userAdminAnyDatabase", db: "admin" }, "readWriteAnyDatabase" ]
  }
)

This will prompt for a password for the admin user; Remember that password!

Now exit the MongoDB shell and edit the daemon configuration file at /etc/mongod.conf and add the following line under the security section:

security:
    authorization: enabled

Restart the daemon with sudo systemctl restart mongod and test authentication:

mongo --authenticationDatabase "admin" -u "myUserAdmin" -p

This will prompt for your password; Enter it, and if you are able to enter MongoDB, you've enabled authentication!

Creating a new user[edit]

To create a new user, first specify their authentication database:

use DATABASE

(Note: some software may specifically require you to use the admin database to authenticate.)

Then create the user:

db.createUser(
  {
    user: "USER",
    pwd:  passwordPrompt(),
    roles: [ { role: "readWrite", db: "DATABASE" },
             { role: "read", db: "reporting" } ]
  }
)

With this, a user is created.