Install, Secure, Backup, Restore and Connect MongoDB database with separate user Role in Ubuntu 16.0
Intro
Today we take a ubuntu 16.04 server. Install MongoDB server there and secure it with users of various role. We use different user to backup, restore and read write operation. Also we will cover, how to connect a authenticate database from a node app using mongoose ODM tool.
Covering Area
Install MongoDB (You can skip this part and follow official doc)
Run MongoDB
Enable Authentication in our database server
Create user
Backup or dump database
Restore backup or dump database
Connect authenticate database from a Node app using Mongoose ODM tool.
Step 1 can be skipped by the official doc. Step 2 , 3 and 4 are heavily inspired from Digital Ocean Blog. So you can keep an eye on that.
Install MongoDB
1. Import the public key used by the package management system.
sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv 9DA31620334BD75D9DCB49F368818C72E52529D4
2. Create a list file for MongoDB.
echo “deb [ arch=amd64,arm64 ] [https://repo.mongodb.org/apt/ubuntu](https://repo.mongodb.org/apt/ubuntu) xenial/mongodb-org/4.0 multiverse” | sudo tee /etc/apt/sources.list.d/mongodb-org-4.0.list
3. Reload local package database.
sudo apt-get update
4. Install the MongoDB packages.
sudo apt-get install -y mongodb-org
Now we are done installing MongoDB.
Run MongoDB
1. To start MongoDB, Run Mongo Daemon
sudo systemctl start mongod
2. Your MongoDB database is up and running now. To access the MongoDB shell
mongo
3. Also You can check the status (You must confirm the Active key value is running)
sudo systemctl status mongod
4. To ensure, every time the OS boot, the MongoDB will run automatically
sudo systemctl enable mongod
Now we are done running our MongoDB server.
Enable Authentication
Let’s consider we have a database named ‘my-database’
To create any user first we need to create a super user. The super user can create and assign role to other users to perform operation in database.
Let’s create a super user.
1. Go to mongoDB shell
mongo
2. We need to switch to the admin database to create a super user.
use admin
3. Create a super user, so we can create various user with role in future,
db.createUser(
{
user: "my-super-user",
pwd: "my-super-user-password",
roles: [ { role: "userAdminAnyDatabase", db: "admin" } ]
}
)
Now a super user is created.
4. Leave the mongo shell
exit
Now in your Mongo Daemon configuration file, enable authentication.
5. Enter to the configuration file.
sudo nano /etc/mongod.conf
Now replace “#security” with the following two line. Here we remove comment from security. Then enable the authentication.
security:
authorization: "enabled"
6. To make this change available, we need to restart Mongo Daemon.
sudo systemctl restart mongod
7. To check the MongoDB runtime status
sudo systemctl status mongod
You should see the active property running.
Creating User
1. This time go to MongoDB shell with username and password
mongo -u my-super-user -p --authenticationDatabase admin
For password, give the previously created super user password “my-super-user-password”
2. Now Switch to admin database
use admin
3. Let’s create a user with read-write capability, so the user can perform read write operation in database and also restore backup database.
db.createUser(
{
user: "my-user",
pwd: "my-user-password",
roles: [ { role: "readWrite", db: "my-database" } ]
}
)
4. Also create another user to backup privilege.
db.createUser(
{
user: "my-backup-user",
pwd: "my-backup-user-password",
roles: [{ role: "backup", db: "admin" }]
}
)
Now we have two users, one for read-write and database restoring authorized. Another user can only take database backup.
Backup Database
To backup or dump the database, we have to use the user with ‘backup’ role.
mongodump --username my-backup-user --password my-backup-user-password
Restore Database
In order to restore the database, we have to use a database user with read-write privilege. First go to the directory, that contains dump database.
mongorestore --username my-user --password my-user-password
Now your database will be restored.
Connect using Mongoose ODM From Node APP
1. Install mogoose
npm i mongoose
2. In the index.js folder
const mongoose = require('mongoose');
const uri = 'mongodb://localhost:27017/my-database';
const option = {
"useNewUrlParser": true,
"auth": { "authSource": "admin" },
"user": "my-user",
"pass": "my-user-password"
};
mongoose.connect(uri, option);
3. Run the app
node index.js
Conclusion
So here we are. Our database is secure with role based user. Stay tuned and if there is a confusing term or something, response below. I will replay ASAP.