How to quickly setup MongoDB on DigitalOcean
MongoDB is the most popular NoSQL database. Let’s quickly setup a single MongoDB server on an DigitalOcean Droplet in 4 easy steps. We can run multiple mongo databases on this system and keep them separated and secure with different user permissions.
--
1. Create the MongoDB droplet
Log in your DigitalOcean Account and create your new MongoDB droplet based on the newest MongoDB image.
- Choose “Create Droplet”
- One-click apps => Newest MongoDB image (actually MongoDB 3.2.12 on 16.04)
- Choose a size => I recommend at least 2GB RAM = 20$/month. Smaller instances can quickly run in overload errors!
- Select the datacenter region of your choice
- Access and naming is up to you. It does not matter for this instruction.
Now, we have a virtual ubuntu instance with preinstalled MongoDB.
2. Open MongoDB & droplet for access from the world
To access the database from outside the droplet, let’s connect to the instance (insert your droplet IP and DigitalOcean access key):
ssh -i /Users/yourusername/.ssh/yourkey root@123.123.123.123Now, let’s bind the MongoDB to localhost. To do this, edit the file /etc/mongod.conf with your favorite editor and change bindIp to 0.0.0.0.
bindIp: 0.0.0.0We also have to allow access to the MongoDB port from outside the droplet. DigitalOcean uses ufw (“uncomplicated firewall”) as a default on Ubuntu instances, so we can simply type:
ufw allow 27017Perfect! A restart of MongoDB will activate the settings:
sudo service mongod restartThe MongoDB database is now ready to use. You can connect to your database from everywhere. But actually, there is no security. Everyone can create and delete databases, collections and entries. In the next step, we protect the database with the MongoDB authorization system.
3. Enable MongoDB Authorization
Let’s make our database secure. Sometimes there are problems with the the language environment variables in some regions. We can prevent this with a simple command:
export LC_ALL=CNow let’s enter the MongoDB shell and connect to the admin database:
mongo
use adminExecute the following multi line command to create an admin user. Don’t forget to choose a secure password:
db.createUser(
{
user: "adminUser",
pwd: "yourSecretPassword",
roles: [ { role: "userAdminAnyDatabase", db: "admin" } ]
}
)The build-in MongoDB authorization system in disabled by default. To activate it, quit the MongoDB shell and change/add the corresponding lines in the file /etc/mongod.conf:
security:
authorization: enabledWe’re done with authorization! Simply restart MongoDB to apply the changes.
sudo service mongod restartOur MongoDB is secure now.
4. Create databases and users
We’re ready to go. Now, we can create databases and database users. We can do this with the MongoDB shell. I prefer to use an interface to create databases and database users. I can recommend the desktop application Studio3T (previously called ‘MongoChef’). Use the following order to create databases and users. You can do all the steps with the Studio3T interface:
1. Connect to the MongoDB instance with your admin credentials (see step 3):
2. Create a database (or multiple databases)
3. Create users for this database(s) and grant the correct roles (read / readWrite) by selecting the created database and click on “Users”
4. Disconnect your admin user. The admin user is not able to see/create database details like collections or entries. Connect to a single database with the corresponding created user.
You’re ready to create great applications! Have fun.
