I'm following the Mongo documentation for create init user with database and collection on first start of container, but when i create user with readWrite permissions i can't access my "dashboard" database with the collection "person_file_upload", with permission denied warning.
I just want to create an non-root user to read and write my database only. Is anything wrong with my script?
version: '3.8'
services:
mongo:
image: mongo:4.4.3-bionic
environment:
MONGO_INITDB_ROOT_USERNAME: root
MONGO_INITDB_ROOT_PASSWORD: mypassword
MONGO_INITDB_DATABASE: admin
volumes:
- ./proativa-dashboard-mongo/data:/data/db
- ./proativa-dashboard-mongo/init/mongo-init.js:/docker-entrypoint-initdb.d/mongo-init.js:ro
restart: always
ports:
- "127.0.0.1:27017:27017"
networks:
- mongo
container_name: mongo
db.createUser({
user: 'dashboard',
pwd: 'dashboard',
roles: [{
role: 'readWrite',
db: 'admin',
}]
});
db = db.getSiblingDB('dashboard');
db.createCollection('person_file_upload');
Related
I've got the following docker compose file with MongoDB container:
version: '3.6'
services:
mongo:
image: mongo
volumes:
- ./keyfile.txt:/data/keyfile.txt
entrypoint:
- bash
- -c
- |
cp /data/keyfile.txt /data/replica.key
chmod 400 /data/replica.key
chown 999:999 /data/replica.key
exec docker-entrypoint.sh $$#
command: "--bind_ip_all --replSet rs0 --keyFile /data/replica.key"
environment:
MONGO_INITDB_ROOT_USERNAME: root
MONGO_INITDB_ROOT_PASSWORD: example
healthcheck:
test: test $$(echo "rs.initiate().ok || rs.status().ok" | mongo -u root -p example --quiet) -eq 1
interval: 10s
retries: 3
network_mode: host
I have to get rid of network_mode: host, so I changed it to
ports:
- "27017:27017"
After that change, I'm not able to connect to the mongo outside of the docker network.
I'm trying to connect to the database using Compass with the following URI:
mongodb://root:example#localhost:27017/?authMechanism=DEFAULT
How to fix that?
This is fully working example.
I'm recommending to create custom DB and custom user instead of using root user.
Use special path of auto-executing queries and create one or multiple databases.
mongodb:
image: mongo:latest
restart: always
ports:
- "27017:27017"
volumes:
- ./var/mongodb:/data/db
- ./mongo-init.js:/docker-entrypoint-initdb.d/mongo-init.js:ro
environment:
MONGO_INITDB_ROOT_USERNAME: root
MONGO_INITDB_ROOT_PASSWORD: pass
mongo-init.js
db = db.getSiblingDB('SOME_DB');
db.createUser({
user: 'some_db_user',
pwd: '12345',
roles: [{ role: 'readWrite', db: 'SOME_DB' }],
});
db = db.getSiblingDB('SOME_OTHER_DB');
db.createUser({
user: 'some_other_db_user',
pwd: '12345',
roles: [{ role: 'readWrite', db: 'SOME_OTHER_DB' }],
});
db.createCollection('test');
version: '3.1'
services:
mongo:
image: mongo
restart: always
environment:
MONGO_INITDB_ROOT_USERNAME: root
MONGO_INITDB_ROOT_PASSWORD: example
MONGO_INITDB_DATABASE: test
volumes:
- /home/victor/Desarrollo/docker/mongo:/data/db
- ./init-mongo.js:/docker-entrypoint-initdb.d/init-mongo.js:ro
ports:
- "27017:27017"
command:
- init-mongo.sh
mongo-express:
image: mongo-express
restart: always
ports:
- 8081:8081
environment:
ME_CONFIG_MONGODB_ADMINUSERNAME: root
ME_CONFIG_MONGODB_ADMINPASSWORD: example
and this init-mongo.sh in the same directory
db.auth("root","example")
use test
db.createUser(
{
user: "myTester",
pwd: "example", // or cleartext password
roles: [ { role: "readWrite", db: "test" } ]
}
)
db.createCollection("collectiontest");
when I build up this, the services wont start, it says its restarting, if I quit the command option from YAML, it works, but I need to create a user and a collection when I install MongoDB with docker.
How can I do that?
Thanks.
docker-compose.yml
version: '3.7'
services:
mongodb:
image: mongo:latest
container_name: mongodb
restart: always
environment:
MONGO_INITDB_ROOT_USERNAME: devuser
MONGO_INITDB_ROOT_PASSWORD: devuser
MONGO_INITDB_DATABASE: devDB
ports:
- 27017:27017
volumes:
- ./mongo-init.js:/docker-entrypoint-initdb.d/mongo-init.js:ro
mongo-init.js
db.createUser(
{
user: "devuser",
pwd: "devuser",
roles: [
{
role: "readWrite",
db: "devDB"
}
]
}
);
use devDB;
db.item.insert(
[
{
"id": "xsd4cv89t5f5um4b",
"name": "r44d7piq",
"price": 1485521573482,
"dateCreation": 1485521569056
}
]
);
I run it
docker-compose up --build -d mongodb
I connect to mongodb
mongo -u devuser -p devuser
I check dbs:
> show dbs
admin 0.000GB
config 0.000GB
local 0.000GB
Why I don't see the devDB?
It seems to me pretty standard, I've copied the above from several examples...
The database is created on demand when an operation that needs it is performed.
You haven't performed any operations, hence there is no database created.
I'm trying to see the contents of a collection using MongoDB Compass. I have username/password authentication set up. I can log in successfully but can't see any documents in the collection. Instead, I see the error:
An error occurred while loading navigation: command hostInfo requires authentication.
Docker Compose file
version: '3.7'
services:
mongo:
image: mongo
restart: always
ports:
- 27017:27017
environment:
MONGO_INITDB_ROOT_USERNAME: admin
MONGO_INITDB_ROOT_PASSWORD: pass
volumes:
- ./mongo/init-mongo.js:/docker-entrypoint-initdb.d/init-mongo.js:ro
- ./mongo:/data/db
mongo-express:
image: mongo-express
restart: always
ports:
- 8081:8081
environment:
ME_CONFIG_BASICAUTH_USERNAME: rmurad93
ME_CONFIG_BASICAUTH_PASSWORD: Qwert111
ME_CONFIG_MONGODB_PORT : 27017
ME_CONFIG_MONGODB_ADMINUSERNAME: admin
ME_CONFIG_MONGODB_ADMINPASSWORD: pass
init-mongo.js file
use admin
db.createUser({
user: "rmurad93",
pwd: "password",
roles: [ { role: "root", db: "admin" } ]
})
Line in terminal mongo compass
mongodb://localhost:27017/rmurad93:password
to connect to MongoCompass you should follow this pattern
mongodb://USERNAME:PASSWORD#localhost:27017/DB_NAME
If you still can't connecting, try using (Fill in connection fields individually)
option shown above instead of (Paste connection string)
Trying to bring docker-compose up with the following:
version: '3.1'
services:
mongo:
image: mongo
container_name: mongo-db
networks:
- mongo
restart: always
environment:
MONGO_INITDB_ROOT_USERNAME: ${MONGO_ROOT_USER}
MONGO_INITDB_ROOT_PASSWORD: ${MONGO_ROOT_PASSWORD}
MONGO_INITDB_DATABASE: ${MONGO_INITDB_DATABASE}
ports:
- 27017:27017
volumes:
- ./mongo-init.js:/docker-entrypoint-initdb.d/mongo-init.js:ro
mongo-express:
image: mongo-express:latest
container_name: mongo-express
restart: always
networks:
- mongo
depends_on:
- mongo
ports:
- 8081:8081
environment:
ME_CONFIG_MONGODB_SERVER: mongo
ME_CONFIG_MONGODB_PORT: 27017
ME_CONFIG_MONGODB_ADMINUSERNAME: ${MONGO_ROOT_USER}
ME_CONFIG_MONGODB_ADMINPASSWORD: ${MONGO_ROOT_PASSWORD}
The entry point js file as below:
db.createUser(
{
user: "dba",
pwd: "dba",
roles: [
{
role: "readWrite",
db: "mydb"
}
]
}
);
The variables are defined in .env file as below:
MONGO_ROOT_USER=root
MONGO_ROOT_PASSWORD=root
MONGO_INITDB_DATABASE=mydb
MONGOEXPRESS_LOGIN=dev
MONGOEXPRESS_PASSWORD=dev
When I login to mongo-express, I don't see the user or the db that is created by mongo-init.js
Also, I can't login if I try to connect using:
docker exec -it mongo-db mongo --username dba
However, if I use the following I can connect but still don't see mydb when I run show dbs:
docker exec -it mongo-db mongo --username root
What's happening here?
Thanks in advance
I think you need to change the env to:
MONGO_INITDB_ROOT_USERNAME
MONGO_INITDB_ROOT_PASSWORD
These variables, used in conjunction, create a new user and set that
user's password. This user is created in the admin authentication
database and given the role of root, which is a "superuser" role.
see the Docs
another note:
if you do not insert data with your JavaScript files, then no database is created.
MONGO_INITDB_DATABASE
This variable allows you to specify the name of a database to be used
for creation scripts in /docker-entrypoint-initdb.d/*.js (see
Initializing a fresh instance below). MongoDB is fundamentally
designed for "create on first use", so if you do not insert data with
your JavaScript files, then no database is created.