MongoDB
How to install MongoDB
Install Official Repository
Use ExtraRepositories from here
https://wiki.koozali.org/Extrarepositories
Note that all versions are available form 0.9 -> 1.0 -> 3.0/1/2/3/4/5/6/7 -> 4.0/1/2/3/4 -> 5.0
Please check which versions are deprecated - they should not be used.
https://www.mongodb.com/support-policy/lifecycles
As of July 2022 the oldest supported version is 4.2 until April 2023
yum install smeserver-extrarepositories-mongodb
signal-event yum-modify
Install your chosen version:
yum --enablerepo=mongodb4.2 install mongodb-org
If refuses to install because of no GPG Key you can change GPGCheck above from Yes to No and try yum install... again or
rpm --import https://www.mongodb.org/static/pgp/server-4.0.asc
Or
yum --enablerepo=mongodb4.2 install mongodb-org --nogpgcheck
Starting Mongo
We need a db config entry for SME to recognise it:
config set mongod service status enabled access private
We will need a file
mkdir -p /usr/lib/systemd/system/mongod.service.d
nano /usr/lib/systemd/system/mongod.service.d/50koozali.conf
Something like:
[Unit] After=network.target network.service wan.service [Install] WantedBy=sme-server.target
Configuration File
Minimal config I use for Rocket.Chat
grep '^[[:blank:]]*[^[:blank:]#;]' /etc/mongod.conf
systemLog: verbosity: 0 destination: file logAppend: true path: /var/log/mongodb/mongod.log storage: dbPath: /var/lib/mongo journal: enabled: true processManagement: fork: true # fork and run in background pidFilePath: /var/run/mongodb/mongod.pid # location of pidfile timeZoneInfo: /usr/share/zoneinfo net: port: 27017 bindIp: 127.0.0.1 # Enter 0.0.0.0,:: to bind to all IPv4 and IPv6 addresses or, alternatively, use the net.bindIpAll setting.
- Enable replication for Rocket.Chat
replication: replSetName: rs0
Once started you need to initialises the replicaset:
mongo --eval "printjson(rs.initiate())"
Other settings
nano /etc/security/limits.conf
These settings are automatically added during installation
@mongod soft nproc unlimited @mongod hard nproc unlimited @mongod soft nofile 64000 @mongod hard nofile 64000
Adding a user
https://www.linode.com/docs/guides/install-mongodb-on-centos-7/
use admin db.createUser( { user: "admin", pwd: "admin123", roles: [ { role: "userAdminAnyDatabase", db: "admin" } ] } )
show users
We can then set Mongo to force authentication when connecting.
nano /usr/lib/systemd/system/mongod.service.d/50koozali.conf
Add:
[Service] Environment="OPTIONS= --auth-f /etc/mongod.conf"
Restart Mongo
systemctl restart mongod
You should now need a password to login.
Templating mongod.conf
This is possible but we need to create a new file so we do not overwrite the original - otherwise yum/rpm will complain.
Something like /etc/mongod/mongod.conf
Template fragments in
/etc/e-smith/templates/etc/mongod/mongod.conf
We can then amend the systemd overrride
nano /usr/lib/systemd/system/mongod.service.d/50koozali.conf
Add this:
[Service] Environment="OPTIONS=-f /etc/mongod/mongod.conf"
Dump and restore
Samples - YMMV.
Quick little script to dump the Rocket.Chat collection:
#!bin/bash echo "Dump with Users/Roles" mongodump --dumpDbUsersAndRoles -d rocketchat -o /root/backup/rocketchatmongo echo "dump all" mongodump -d rocketchat -o /root/backup/rocketchatmongo-all
If you export from a version eg 4.0 then restore to that version. Do not try and restore 4.0 to 4.2 or higher.
Then change your repo, and then upgrade mongo.
To restore:
mongorestore /root/backup/rocketchatmongo-all
Backup with system
With credit to Daniel Berteaud
Action script to dump the mongo DB on pre-backup event
mkdir -p /home/e-smith/db/mongo
cat <<_EOF > /etc/e-smith/events/actions/mongodb-dump #!/bin/bash -e /usr/bin/mongodump --quiet --out /home/e-smith/db/mongo/ _EOF
chmod +x /etc/e-smith/events/actions/mongodb-dump cd /etc/e-smith/events/pre-backup ln -s ../actions/mongodb-dump ./S60mongodb-dump
Vaporise or reinitialise the database
Remove the directory contents:
rm -rf /var/lib/mongo/*
Or remove the entire directory and recreate it with the correct ownership:
rm -rf /var/lib/mongo mkdir -p /var/lib/mongo chown -R mongod:mongod /var/lib/mongo
If you have a replicaset set in /etc/mongod.conf make sure you initiate it:
mongo --eval "printjson(rs.initiate())"