How to Install and Secure MongoDB on Debian 11
MongoDB is an open-source, general-purpose, document-based, and distributed database designed for modern application developers. It is also called a NoSQL database because it does not rely on a traditional table-based relational database structure. It stores data in JSON format instead of the table style method. It can be integrated easily with various programming languages. It is used by many well-known companies including, Facebook, Cisco, Forbes, Adobe, Nokia, etc.
In this post, we will show you how to install and secure MongoDB NoSQL database on Debian 11.
Prerequisites
- A server running Debian 11.
- A root password is configured on the server.
Add MongoDB Repository
By default, the MongoDB package is not included in the Debian 11 default repository. So you will need to add the MongoDB official repository to the APT.
First, install the required dependencies using the following command:
apt-get install curl apt-transport-https software-properties-common gnupg2 -y
Once all the dependencies are installed, download and add the GPG key with the following command:
wget -qO - https://www.mongodb.org/static/pgp/server-4.4.asc | apt-key add -
Next, add the MongoDB repository to the APT sources list file using the command below:
echo "deb http://repo.mongodb.org/apt/debian buster/mongodb-org/4.4 main" | tee /etc/apt/sources.list.d/mongodb-org.list
Next, update the repository and install the MongoDB server with the following command:
apt-get update -y
apt-get install mongodb-org -y
After the successful installation, start the MongoDB service and enable it to start at system reboot:
systemctl start mongod
systemctl enable mongod
Next, verify the MongoDB version using the command below:
mongod --version
You should get the following output:
db version v4.4.9 Build Info: { "version": "4.4.9", "gitVersion": "b4048e19814bfebac717cf5a880076aa69aba481", "openSSLVersion": "OpenSSL 1.1.1k 25 Mar 2021", "modules": [], "allocator": "tcmalloc", "environment": { "distmod": "debian10", "distarch": "x86_64", "target_arch": "x86_64" } }
Enable MongoDB Authentication
By default, authentication is not enabled in MongoDB. For security reasons, it is recommended to enable MongoDB authentication.
To do so, you will need to create an administrative user for MongoDB.
First, connect to MongoDB shell with the following command:
mongo
Once you are connected, create a database named admin with the following command:
> use admin
Next, create an admin user and set a password:
> db.createUser(
{
user: "madmin",
pwd: "password",
roles: [ { role: "userAdminAnyDatabase", db: "admin" } ]
}
)
You should see the following output:
Successfully added user: { "user" : "madmin", "roles" : [ { "role" : "userAdminAnyDatabase", "db" : "admin" } ] }
Next, press CTRL+D to exit from the MongoDB shell. Then, edit the MongoDB configuration file with the following command:
nano /etc/mongod.conf
Add the following lines to enable the authentication:
security: authorization: enabled
Save and close the file then restart the MongoDB service to apply the changes.
systemctl restart mongod
Verify MongoDB Connection
At this point, MongoDB authentication is enabled. Now, run the following command to connect the MongoDB shell using the username and password:
mongo -u madmin -p
After the successful authentication, you will get the following output:
MongoDB shell version v4.4.9 Enter password: connecting to: mongodb://127.0.0.1:27017/?compressors=disabled&gssapiServiceName=mongodb Implicit session: session { "id" : UUID("8366d28f-55d3-4471-bd94-331329828181") } MongoDB server version: 4.4.9 >
Next, change the database to admin and list all users using the following command:
> use admin
> show users
You should get the following output:
{ "_id" : "admin.madmin", "userId" : UUID("26dd5225-7bb6-4a57-96a0-7efc4e1a98ba"), "user" : "madmin", "db" : "admin", "roles" : [ { "role" : "userAdminAnyDatabase", "db" : "admin" } ], "mechanisms" : [ "SCRAM-SHA-1", "SCRAM-SHA-256" ] }
Uninstall MongoDB
If you don't need MongoDB in your system, you can uninstall it from your system.
First, stop the MongoDB service with the following command:
systemctl stop mongod
Next, remove the MongoDB package by running the following command:
apt-get remove mongodb-org --purge
Next, remove the MongoDB logs and data directories by running the following command:
rm -rf /var/lib/mongodb
Conclusion
Congratulations! you have successfully installed and secured MongoDB on Debian 11. You can now use MongoDB with your web applications. For more information, visit MongoDB's official documentation.