How to quickly setup MongoDB on DigitalOcean

MongoDB is the most popular NoSQL database. Let’s quickly setup a single MongoDB server on an DigitalOcean Droplet in 4 easy steps. We can run multiple mongo databases on this system and keep them separated and secure with different user permissions.

1. Create the MongoDB droplet

Log in your DigitalOcean Account and create your new MongoDB droplet based on the newest MongoDB image.

  • Choose “Create Droplet”
  • One-click apps => Newest MongoDB image (actually MongoDB 3.2.12 on 16.04)
  • Choose a size => I recommend at least 2GB RAM = 20$/month. Smaller instances can quickly run in overload errors!
  • Select the datacenter region of your choice
  • Access and naming is up to you. It does not matter for this instruction.
Creation of MongoDB Instance in DigitalOcean

Now, we have a virtual ubuntu instance with preinstalled MongoDB.

2. Open MongoDB & droplet for access from the world

To access the database from outside the droplet, let’s connect to the instance (insert your droplet IP and DigitalOcean access key):

ssh -i /Users/yourusername/.ssh/yourkey root@123.123.123.123

Now, let’s bind the MongoDB to localhost. To do this, edit the file /etc/mongod.conf with your favorite editor and change bindIp to 0.0.0.0.

bindIp: 0.0.0.0

We also have to allow access to the MongoDB port from outside the droplet. DigitalOcean uses ufw (“uncomplicated firewall”) as a default on Ubuntu instances, so we can simply type:

ufw allow 27017

Perfect! A restart of MongoDB will activate the settings:

sudo service mongod restart

The MongoDB database is now ready to use. You can connect to your database from everywhere. But actually, there is no security. Everyone can create and delete databases, collections and entries. In the next step, we protect the database with the MongoDB authorization system.

3. Enable MongoDB Authorization

Let’s make our database secure. Sometimes there are problems with the the language environment variables in some regions. We can prevent this with a simple command:

export LC_ALL=C

Now let’s enter the MongoDB shell and connect to the admin database:

mongo
use admin

Execute the following multi line command to create an admin user. Don’t forget to choose a secure password:

db.createUser(
{
user: "adminUser",
pwd: "yourSecretPassword",
roles: [ { role: "userAdminAnyDatabase", db: "admin" } ]
}
)

The build-in MongoDB authorization system in disabled by default. To activate it, quit the MongoDB shell and change/add the corresponding lines in the file /etc/mongod.conf:

security:
authorization: enabled

We’re done with authorization! Simply restart MongoDB to apply the changes.

sudo service mongod restart

Our MongoDB is secure now.

4. Create databases and users

We’re ready to go. Now, we can create databases and database users. We can do this with the MongoDB shell. I prefer to use an interface to create databases and database users. I can recommend the desktop application Studio3T (previously called ‘MongoChef’). Use the following order to create databases and users. You can do all the steps with the Studio3T interface:

1. Connect to the MongoDB instance with your admin credentials (see step 3):
2. Create a database (or multiple databases)
3. Create users for this database(s) and grant the correct roles (read / readWrite) by selecting the created database and click on “Users”
4. Disconnect your admin user. The admin user is not able to see/create database details like collections or entries. Connect to a single database with the corresponding created user.

You’re ready to create great applications! Have fun.

Show your support

Clapping shows how much you appreciated Johannes Linowski’s story.