- Install mongo
- Setup replica set
replication:
replSetName: "rs0"
- Initiate replica set
rs.initiate(
{
_id : "rs0",
members: [
{ _id : 0, host : "<remote-ip>:<remote-port>" }
]
}
)
- Bind to 0.0.0.0 for ALL remote connection, bindIp specify which ip is allowed to connect
net:
port: 27017
bindIp: 0.0.0.0
- Setup authentication
use admin;
db.createUser(
{
user: "<your-username>",
pwd: "<your-password>",
roles: [
{ role: "userAdminAnyDatabase", db: "admin" },
{ role: "readWriteAnyDatabase", db: "admin" }
]
}
)
- Generate key file (required by replica set)
openssl rand -base64 756 > /etc/mongodb/keyFiles/mongo-key
chmod 400 /etc/mongodb/keyFiles/mongo-key
chown mongodb /etc/mongodb/keyFiles/mongo-key
- Enable authorization
security:
authorization: "enabled"
keyFile: /etc/mongodb/keyFiles/mongo-key
- Remote connection string
mongodb://<username>:<password>@<remote-ip>:<remote-port>/?authMechanism=DEFAULT&authSource=<auth-source>
username
- refer step 5password
- refer step 5remote-ip
- refer step 3remote-port
- refer step 3auth-source
- refer step 5, which db did you createUser on
When in doubt, check system logs:
systemLog:
destination: file
logAppend: true
path: /var/log/mongodb/mongod.log