How to Installing MongoDB on Rocky Linux 8 with Firewall Configuration and Enhanced Security ?

MongoDB is a powerful NoSQL database that provides high performance, scalability, and flexibility. This guide will walk you through the step-by-step process of installing MongoDB 7.0 Community Edition on Rocky Linux 8, including securing your MongoDB installation.

Prerequisites

Before you begin, ensure that you have the necessary prerequisites installed on your Rocky Linux system:

sudo dnf install epel-release -y
sudo dnf update -y
sudo dnf install dnf-plugins-core -y
sudo dnf config-manager --set-enabled powertools
sudo dnf install gnupg2 curl -y

These packages are necessary for handling repositories, GPG keys, and secure communication.

Import MongoDB GPG Key

Next, import the MongoDB GPG key to verify the authenticity of the software packages. Run the following command:

curl -fsSL https://www.mongodb.org/static/pgp/server-7.0.asc | sudo gpg --dearmor -o /usr/share/keyrings/mongodb-server-7.0.gpg

Add MongoDB Repository

Create a MongoDB source list file for DNF in the /etc/yum.repos.d/ directory:

You can create it using the following command:

nano /etc/yum.repos.d/mongodb-org-7.0.repo

Add the following lines:

echo "[mongodb-org-7.0]" | sudo tee /etc/yum.repos.d/mongodb-org-7.0.repo
echo "name=MongoDB Repository" | sudo tee -a /etc/yum.repos.d/mongodb-org-7.0.repo
echo "baseurl=https://repo.mongodb.org/yum/redhat/8/mongodb-org/7.0/x86_64/" | sudo tee -a /etc/yum.repos.d/mongodb-org-7.0.repo
echo "gpgcheck=1" | sudo tee -a /etc/yum.repos.d/mongodb-org-7.0.repo
echo "enabled=1" | sudo tee -a /etc/yum.repos.d/mongodb-org-7.0.repo
echo "gpgkey=file:///usr/share/keyrings/mongodb-server-7.0.gpg" | sudo tee -a /etc/yum.repos.d/mongodb-org-7.0.repo

Install MongoDB

Install MongoDB 7.0 Community Edition using the following command:

sudo dnf install -y mongodb-org

Configure Firewall

Assuming you are using firewalld, open the MongoDB port (27017) and enable firewalld:

sudo firewall-cmd --add-port=27017/tcp --permanent
sudo firewall-cmd --reload

Enhance MongoDB Security

Bind MongoDB to Localhost

Edit the MongoDB configuration file:

sudo nano /etc/mongod.conf

Add or modify the following line:

bindIp: 127.0.0.1

Save the changes and restart MongoDB:

sudo systemctl restart mongod

Enable Authentication

Connect to the MongoDB shell:

mongosh

Inside the shell, create an admin user:

use admin
db.createUser({
  user: "admin",
  pwd: "your_strong_admin_password",
  roles: [{ role: "userAdminAnyDatabase", db: "admin" }]
})

Update the MongoDB configuration file (/etc/mongod.conf) to enable authorization:

security:
  authorization: enabled

Restart MongoDB:

sudo systemctl restart mongod

Verify Installation

Check the status of the MongoDB service to ensure it's running:

sudo systemctl status mongod

Access MongoDB Shell

Open the MongoDB Shell to interact with the database:

mongosh

Show Databases

Once in the MongoDB Shell, use the show dbs command to display a list of available databases:

show dbs

Congratulations! You have successfully installed MongoDB 7.0 Community Edition on Rocky Linux 8, secured your installation, and configured the firewall settings. You can now start working with MongoDB and building powerful applications.

Comments

Leave a Reply