Difference between revisions of "User:Saul/Mongodb"

From Organic Design wiki
(Setup Application Account)
m (Setup Admin Account)
Line 104: Line 104:
 
Inside the mongo shell:
 
Inside the mongo shell:
 
<source lang="bash">
 
<source lang="bash">
use admin
 
 
 
db.createUser({
 
db.createUser({
 
user: "admin",
 
user: "admin",

Revision as of 03:20, 9 July 2021

Install

Follow the official instructions or you are going to have a bad time: https://docs.mongodb.com/manual/installation/

Fix Permissions

sudo chown mongodb:mongodb /usr/bin/mongo*
sudo chown mongodb:mongodb /var/lib/mongodb

Config File

Create the config file if it doesn't exist /etc/mongod.conf

# mongod.conf

# for documentation of all options, see:
#   http://docs.mongodb.org/manual/reference/configuration-options/

# Where and how to store data.
storage:
  dbPath: /var/lib/mongodb
  journal:
    enabled: true
#  engine:
#  mmapv1:
#  wiredTiger:

# where to write logging data.
systemLog:
  destination: file
  logAppend: true
  path: /var/log/mongodb/mongod.log

# network interfaces
net:
  port: 27017
  bindIp: 127.0.0.1


# how the process runs
processManagement:
  timeZoneInfo: /usr/share/zoneinfo

#security:

#operationProfiling:

#replication:

#sharding:

## Enterprise-Only Options:

#auditLog:

#snmp:

Systemd

Create the systemd service if it doesn't exist /etc/systemd/system/mongod.service

[Unit]
Description=MongoDB Database Server
Documentation=https://docs.mongodb.org/manual
After=network-online.target
Wants=network-online.target

[Service]
User=mongodb
Group=mongodb
EnvironmentFile=-/etc/default/mongod
ExecStart=/usr/bin/mongod --config /etc/mongod.conf
PIDFile=/var/run/mongodb/mongod.pid
# file size
LimitFSIZE=infinity
# cpu time
LimitCPU=infinity
# virtual memory size
LimitAS=infinity
# open files
LimitNOFILE=64000
# processes/threads
LimitNPROC=64000
# locked memory
LimitMEMLOCK=infinity
# total threads (user+kernel)
TasksMax=infinity
TasksAccounting=false

# Recommended limits for mongod as specified in
# https://docs.mongodb.com/manual/reference/ulimit/#recommended-ulimit-settings

[Install]
WantedBy=multi-user.target

Enable and update it:

sudo systemctl enable mongod
sudo systemctl daemon-reload

Access Control

Setup Admin Account

Inside the mongo shell:

db.createUser({
	user: "admin",
	pwd: "admin",
	roles: [ { role: "userAdminAnyDatabase", db: "admin" } ],
});

# Add "mechanisms: ["SCRAM-SHA-1"]" property if you get a SHA error.

Then update the /etc/mongod.conf to enable authorization:

security:
  authorization: "enabled"
sudo service mongod restart

Connect with:

mongo -u "admin" -p "admin"

Setup Application Account

Inside the mongo shell:

use admin

db.createUser({
	user: "applicationName",
	pwd: "password",
	roles: [
		{ role: "readWrite", db: "test" },
		{ role: "read", db: "reporting" }
	]
});

Useful Mongodb commands:

show dbs # Shows all databases
use DBNAME # Select the database DBNAME

db.dropDatabase() # delete the current database

show collections # show collections in the current database - collections are a bit like MySQL tables
db.createCollection("CNAME") # creates a collection in the current database
db.CNAME # show documents under collection CNAME - documents are a bit like MySQL rows

db.CNAME.find({}) # return all objects under the collection CNAME
db.CNAME.find({KEY : VALUE}) # return all objects matching the KEY : VALUE pair under the collection CNAME
db.CNAME.find({}).pretty() # return all objects under the collection CNAME in a nicer/readable format
db.CNAME.find({}).sort({units: 1}) # return in ascending order - change to -1 for descending
db.CNAME.find({}).sort({name: 1}) # return in descending alphabetical order - change to -1 for ascending
db.CNAME.find({}).limit(10) # return only the first 10 results

db.CNAME.insert(JSON) # inserts the JSON object into the collection CNAME
db.CNAME.update({ {KEY : VALUE}, {$set: JSON} }) # updates the document found under the collection CNAME with the matching KEY : VALUE pair with the new data - JSON
db.CNAME.update({ {KEY : VALUE}, {$set: JSON} }, {$upsert: true}) # adds new fields in the JSON

db.CNAME.remove({}) # remove all documents from the collection CNAME
db.CNAME.remove({KEY : VALUE}) # remove document that has a matching KEY : VALUE pair from the collection CNAME

{KEY : {$gt : 10}} # returns all items that have KEY value greater than 10
{KEY : {$lt : 10}} # returns all items that have KEY value less than 10
{KEY : { $in : ["VALUE1", "VALUE2"] }} # returns all items that have KEY equal to "VALUE1" and "VALUE2" - VALUE being of type array
{KEY : { $or : [ {KEY: VALUE1}, {KEY: VALUE2} ] }} # returns all items that have KEY equal to VALUE1 or VALUE2