sudo apt-get install gnupg
wget -qO - https://www.mongodb.org/static/pgp/server-4.2.asc | sudo apt-key add -
echo "deb http://repo.mongodb.org/apt/debian buster/mongodb-org/4.2 main" | sudo tee /etc/apt/sources.list.d/mongodb-org-4.2.list
sudo apt-get update
sudo apt-get install -y mongodb-org
sudo systemctl enable mongod
sudo systemctl start mongod
sudo systemctl status mongodEdit /etc/mongod.conf and change bindIp to 0.0.0.0(during development), after production, set it to a private IP address such as 192.168.5.1.
Enter the Mongo shell:
$ mongoUse the following JavaScript code to create an user:
use admin;
db.createUser(
{
user: "programmer",
pwd: "programmer123",
roles: [ { role: "root", db: "admin" } ]
}
)Edit /etc/mongod.conf and add
security:
authorization: "enabled"Restart the server sudo systemctl restart mongod.
mongo -u programmer -p
show dbs;sudo ufw enable
sudo ufw status
sudo ufw allow from client_ip_address to any port 22
sudo ufw allow proto tcp from client_ip_address to any port 27017# Where and how to store data.
storage:
dbPath: /var/lib/mongodb
journal:
enabled: true
engine: wiredTiger
# mmapv1:
# wiredTiger:
# where to write logging data.
systemLog:
destination: file
logAppend: true
path: /var/log/mongodb/mongod.log
# network interfaces
net:
port: 27017
bindIp: 0.0.0.0
security:
authorization: "enabled"
# how the process runs
processManagement:
timeZoneInfo: /usr/share/zoneinfoAdded the following four lines to /etc/security/limits.conf:
* soft nofile 65536
* hard nofile 65536
* soft nproc 65536
* hard nproc 65536
Configuring NUMA on Linux
sysctl -w vm.zone_reclaim_mode=0 ps --no-headers -o comm 1
- How to Install and Secure MongoDB on Ubuntu 16.04 - DigitalOcean
- UFW Essentials: Common Firewall Rules and Commands - DigitalOcean
- How to Install MongoDB on Debian 9 - DigitalOcean
- How to Install MongoDB on Ubuntu 18.04 - DigitalOcean
- How to secure MongoDB on Linux or Unix production server - nixCraft