Prerequisites
- A FastyCloud server running up to date Arch Linux (see this article)
- Sudo access:
- Commands required to be ran as root are prefixed by
#
, and ones that can be ran as a regular user by$
. The recommended way to run commands as root is to, as a regular user, prefix each of them withsudo
.
- Commands required to be ran as root are prefixed by
Install MongoDB 4.0 Database
MongoDB is in the AUR (Arch User Repository). There are 2 sets of packages you can use. See Building Packages on Arch Linux (Including the AUR) to compile and install either set of packages:
- Compile from source. Use AUR packages
mongodb
and possiblymongodb-tools
‘. Note this takes about 180GB, and this is a long compilation. With 4 cores, it takes about 7 hours. This is the recommended method, because it uses Arch’s compilation flags. - Use MongoDB’s pre-built binary. Use AUR package
mongodb-bin
and possiblymongodb-tools-bin
. This skips the entire compilation stage, downloading a pre-built binary from mongodb.org, and packaging it with the necessary configuration files.
After installing the package, start MongoDB, and make it start after every boot. During this first start, it will pre-allocate files for its journal and other data, which may take a while before the database finishes coming up:
# systemctl enable --now mongodb
Test Connection
Connect to MongoDB:
$ mongo
To quit:
> exit
Firewall Consideration
Although configuring a firewall is always a good idea, by default, MongoDB only listens on port 27017
on localhost, so it will receive no external traffic.
Require Authentication
By default, MongoDB allows anyone to connect to it without any type of authentication, which is obviously a security risk.
Create a root database user:
$ mongo
> use admin
> db.createUser(
... {
... user: "root",
... pwd: "YOUR-NEW-PASSWORD",
... roles: [ { role: "userAdminAnyDatabase", db: "admin" }, "readWriteAnyDatabase" ]
... }
... )
> exit
Edit /etc/mongodb.conf
, and if using package mongodb
add:
security:
authorization: "enabled"
If using package mongodb-bin
add:
auth = true
Restart MongoDB:
# systemctl restart mongodb
Now, although you can still connect to MongoDB without authentication, it will not perform anything without it:
$ mongodb
> db.getUsers()
... Error: command usersInfo requires authentication :
Connect to MongoDB as root:
$ mongodb -u root
Alternatively, connect to MongoDB, then authenticate within it:
$ mongodb
> use admin
> db.auth("root", "<YOUR-DATABASE-ROOT-PASSWORD>")
Important: Upgrades
Because MongoDB is now part of the AUR, pacman
will not automatically compile and upgrade it to new versions, when you upgrade your entire Arch system. You will need to manually re-compile a new version and install the new package. Before doing so, it is important to look at MongoDB’s release notes, to see if there are any extra steps you need to take. It’s a good idea to backup your database before upgrading, as well.
Unclean Shutdown
If MongoDB does not cleanly shutdown, and does not automatically recover using its journal on the next boot, you may need to run the following:
sudo -u mongodb mongod --repair --dbpath /var/lib/mongodb/
Depending on the size of your database and indexes used, this process can range from seconds to hours.