Question

Install MongoDB 8, Authentication and allow access from remote server on Debian-12.7.0

Answer 1

inchirags@gmail.com   Chirag's MongoDB DBA Tutorial         https://www.chirags.in

*****************************************************************************************

*Install MongoDB 8, Authentication and allow access from remote server on Debian-12.7.0*

*****************************************************************************************

MongoDB Database server:

Server IP: 192.168.224.158

Part 1:

MongoDB Database - Install and access from mongoDB compass on Windows step by step process

Step 1: Install MongoDB Community Edition in Debian

1. From a terminal, install gnupg and curl if they are not already available:

sudo apt-get install gnupg curl

To import the MongoDB public GPG key, run the following command:

curl -fsSL https://www.mongodb.org/static/pgp/server-8.0.asc | \

   sudo gpg -o /usr/share/keyrings/mongodb-server-8.0.gpg \

   --dearmor

2. Create a /etc/apt/sources.list.d/mongodb-org-8.0.list file for MongoDB.

Create the list file using the command appropriate for your version of Debian:

echo "deb [ signed-by=/usr/share/keyrings/mongodb-server-8.0.gpg ] http://repo.mongodb.org/apt/debian bookworm/mongodb-org/8.0 main" | sudo tee /etc/apt/sources.list.d/mongodb-org-8.0.list

3.Reload local package database

Issue the following command to reload the local package database:

sudo apt-get update

4. Install MongoDB Community Server

You can install either the latest stable version of MongoDB or a specific version of MongoDB.

To install the latest stable version, issue the following

sudo apt-get install -y mongodb-org

Step 2: Run MongoDB Community Edition

1. Start MongoDB.

You can start the mongod process by issuing the following command:

sudo systemctl start mongod

2. Verify that MongoDB has started successfully.

sudo systemctl status mongod

You can optionally ensure that MongoDB will start following a system reboot by issuing the following command:

sudo systemctl enable mongod

3. Stop MongoDB.

As needed, you can stop the mongod process by issuing the following command:

sudo systemctl stop mongod

4. Restart MongoDB.

You can restart the mongod process by issuing the following command:

sudo systemctl restart mongod

You can follow the state of the process for errors or important messages by watching the output in the /var/log/mongodb/mongod.log file.

tail -f /var/log/mongodb/mongod.log

Step 3: Install MongoDB Compass

MongoDB Compass is a graphical tool that allows you to visualize and interact with your MongoDB database.

5. Begin using MongoDB.

Start a mongosh session on the same host machine as the mongod. You can run mongosh without any command-line options to connect to a mongod that is running on your localhost with default port 27017.

mongosh

Part 2: 

To allow MongoDB connections from a remote server or IP address, you'll need to make some changes to the MongoDB configuration and ensure that your system firewall or cloud security settings permit access. Here's a step-by-step guide on how to do this:

1. Modify MongoDB Configuration (mongod.conf)

MongoDB by default binds to localhost (127.0.0.1), which means it's only accessible locally. To allow remote connections, you'll need to modify the bind IP in the MongoDB configuration file (mongod.conf).

Steps:

Locate the mongod.conf file:

On Linux, it's typically located at /etc/mongod.conf.

Edit the mongod.conf file: Open the file in your preferred text editor.

Look for the following line under the net section:

sudo vi /etc/mongod.conf

bindIp: 127.0.0.1

Modify it to bind to all IP addresses (or specify specific IP addresses). To allow connections from any IP:

bindIp: 0.0.0.0

If you want to restrict access to a specific IP (e.g., 192.168.1.100), set it as follows:

bindIp: 127.0.0.1,192.168.1.100

Save the changes.

2. Restart MongoDB

After modifying the mongod.conf file, restart the MongoDB service for the changes to take effect.

On Linux:

sudo systemctl restart mongod

3. Configure MongoDB User Authentication (Optional but Recommended)

Allowing remote access makes your MongoDB instance more vulnerable to unauthorized access. It’s highly recommended to set up user authentication to secure your database.

Create an Admin User:

Start the MongoDB shell:

mongosh

Switch to the admin database:

use admin

Create an admin user with username and password:

db.createUser({

  user: "admin",

  pwd: "admin@123",

  roles: [{ role: "userAdminAnyDatabase", db: "admin" }]

});

exit

Enable authorization by adding the following line to mongod.conf:

sudo vi /etc/mongod.conf

security:

  authorization: enabled

Restart MongoDB for the changes to take effect.

4. Connect to MongoDB Remotely with Firewall enabled.

Using UFW (Uncomplicated Firewall)

UFW is easier to use and is sufficient for most scenarios.

a. Install UFW (if not already installed):

sudo apt-get update

sudo apt-get install ufw

b. Enable UFW:

Enable UFW to start the firewall and apply the default rules:

sudo ufw enable

c. Now that MongoDB is configured to allow remote connections, you can connect from a remote machine.

For any allow:

$ sudo ufw allow 27017

For delete any port in ufw:

Delete a Rule by Command

$ sudo ufw status numbered

Status: active

     To                         Action      From

     --                         ------      ----

[ 1] 27017                      ALLOW IN    Anywhere

[ 2] 27017 (v6)                 ALLOW IN    Anywhere (v6)

$ sudo ufw delete 1

d. Now allow for Specific IP Address:

Command to Allow MongoDB Port for Specific IP:

sudo ufw allow from 192.168.224.1 to any port 27017

e. Reload UFW (if needed):

If the firewall doesn’t automatically apply the rule, reload UFW to ensure it takes effect:

sudo ufw reload

5. Example of a Connection String:

mongosh --host your-server-ip --port 27017 -u "admin" -p "admin@123" --authenticationDatabase "admin"

example:

mongosh --host 127.0.0.1 --port 27017 -u "admin" -p "admin@123" --authenticationDatabase "admin"

Make sure to replace your-server-ip, admin, and admin@123 with your server's IP address, username, and password.

6. Test Remote Connection

Try to connect to MongoDB from a remote machine using the mongosh shell or a MongoDB client like MongoDB Compass.

Example (From Command Line):

mongosh --host <remote-ip> --port 27017

For any doubts and query, please write on YouTube video comments section.

Note : Flow the Process shown in video.

Please, Subscribe and like for more videos:

https://youtube.com/@chiragstutorial

Don't forget to, Follow, Like,  Share &, Comment

Thanks & Regards,

Chitt Ranjan Mahto "Chirag"

_________________________________________________________________________________________

Note: All scripts used in this demo will be available in our website.

Link will be available in description.

#mongodb 

#mongodbtutorial 

#mongo

#mongosh

#mongodbtutorialforbeginners 

#chiragstutorial 

#chiragsdatabasetutorial 

#chirags 

#chiragsmahto

Install MongoDB 8,Authentication,MongoDB Tutorial,MongoDB Chirags Tutorial,MongoDB DBA Tutorial,Chirags Tutorial,Chirags DBA Tutorial,Chirag Mahto,Chitt Ranjan Mahto,Chirag DBA Tutorial,Database Tutorial,NoSQL Database Tutorial,MongoDB NoSQL Database,MongoDB Install,MongoDB Configuration,MongoDB Access,MongoDB Compas,Mongosh,Rockmongo,Mongo,MongoDB Authorization,MongoDB Authentication,MongoDB Authorisation