How-To: Install and Configure MongoDB Community on Ubuntu 20.04

0
435
Background Image byVectorbox Studio (Vecteezy)

The following guide shows installation and configuration of MongoDB 6.0 (the latest version at the time of this is published) on Ubuntu 20.04. Also note that MongoDB 6.0 is not yet officially supported on Ubuntu 22.04. 

Prerequisites

  • Operating System: Ubuntu 20.04
  • Command Line Interface or Terminal

Installation

01. Open a terminal window

02. Check if MongoDB is already installed. Execute the following to determine.

$ mongo

and

$ mongod

It should show some suggestions on how to install MongoDB.

03. At the CLI, import the public key used by the package management system. This will install an official version of MongoDB.

$ wget -qO - https://www.mongodb.org/static/pgp/server-6.0.asc | sudo apt-key add -

04. Create a list file for MongoDB

$ echo "deb [ arch=amd64,arm64 ] https://repo.mongodb.org/apt/ubuntu focal/mongodb-org/6.0 multiverse" | sudo tee /etc/apt/sources.list.d/mongodb-org-6.0.list

05. Reload local package database.

$ sudo apt update

06. Install the MongoDB packages.

$ sudo apt install mongodb-org -y

07. Check the version. If the version is returned, this means that MongoDB has been installed correctly. 

Since starting MongoDB 6.0, the mongo command has been replaced with mongosh. For the compatibility changes see here.

$ mongod --version

or

$ mongosh --version

08. Configure MongoDB to start on system boot.

$ sudo systemctl enable mongod.service

09. Connect to the Mongo shell.

$ mongosh

Enter exit to escape from the mongo shell.

test> exit

If you are unable to connect to the mongo shell. Try restarting the mongod service.

$ sudo service mongod restart

Changing the MongoDB Port

Changing the default port of MongoDB provides a first line of defence against unwanted intruders. While it isn’t a sure-way for deferring against bots that sweep through ports that try to access the database, it prevents them from trying to access the database using the default port. For security it is better to enable other mechanisms such as creating database users that have specific roles and access to databases with credentials.

01. Edit the MongoDB configuration file

$ sudo nano /etc/mongod.conf

02. While on the nano interface, press Ctrl+W (or command for Mac)  to search for the text, “network interfaces”. Then press Enter.

In this example change the port to 29999. After changing the port, Press Ctrl+O (or command for Mac), then Enter. Ctrl+X to exit the nano editor.

03. Restart MongoDB service to apply the changes

$ sudo service mongod restart

04. After restart, you cannot connect to the MongoDB using the default mongod command. Instead you have to identify the port.

$ mongosh --port 29999

Adding Authentication

While for development purposes the current setup will suffice. But for production it is recommended to enable authentication and add a db user with password for security.

01. Access the MongoDB shell

$ mongosh
# or if port has been changed$ mongosh --port <new-mongodb-port>

02. Switch to the admin database

> use admin

03. Create a Root user account. On the MongoDB shell, execute the following. Replace the geek-admin and geek-admin-password-314 with your preferred credentials.

Note that roles here should be configured as needed. In this example, we are using the root role. For the list of roles see the following link : https://docs.mongodb.com/manual/reference/built-in-roles/

db.createUser(  {    user: "geek-admin",    pwd: "geek-admin-password-314",    roles: [       { role: "root", db: "admin" }     ]  })

It should show something similar. This shows that the user has been added.

Exit from the mongo shell.

admin> exit

04. Edit the MongoDB configuration file

$ sudo nano /etc/mongod.conf

05. While on the nano interface, press Ctrl+W (or command for Mac)  to search for the text, “security”. Then press Enter.

06. Update the following lines on the #security section.

security:  authorization: enabled

07. Restart the MongoDB service.

$ sudo service mongod restart

or restart the MongoDB instance with access control

admin> db.adminCommand({shutdown:1})

08. Test the new user by using the following authentication command. 

$ mongosh --port 29999 --username geek-admin --password geek-admin-password-314 --authenticationDatabase admin

Insert a new document or record.

test> db.new_db.insertOne({'greeting':'hi'})

09. To test if authentication is really working, try the following. It access the mongo shell without any authentication and is given an error when interacting with the database.

$ mongosh --port 29999 
test> db.new_db.insertOne({'greeting':'hi'})

Appendix

Start MongoDB service

$ sudo service mongod start

Restart MongoDB service

$ sudo service mongod restart

Stop MongoDB service

$ sudo service mongod stop



For enquiries, product placements, sponsorships, and collaborations, connect with us at hello@firegulaman.com. We'd love to hear from you!