Last active
September 14, 2018 19:52
-
-
Save viq/f3d8a4906795cc0c05ea2a22db1898ee to your computer and use it in GitHub Desktop.
First attempt at automating installing mongodb and configuring it to require authentication
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| prepare mongodb: | |
| pkg: | |
| - installed | |
| - pkgs: | |
| - mongodb | |
| - py-mongo | |
| file: | |
| - managed | |
| - name: /etc/mongodb.conf | |
| - source: salt://mongodb/mongodb.conf | |
| - template: jinja | |
| - user: root | |
| - group: _mongodb | |
| - mode: 0640 | |
| - require: | |
| - pkg: prepare mongodb | |
| service: | |
| - running | |
| - name: mongod | |
| - watch: | |
| - file: prepare mongodb | |
| {% if salt['grains.get']('mongodb:configured', False) == False %} | |
| cmd: | |
| - script | |
| - name: salt://mongodb/mongoadmin.py | |
| - template: jinja | |
| - env: | |
| - PATH: '/bin:/usr/bin:/usr/local/bin' | |
| - require: | |
| - service: prepare mongodb | |
| - require_in: | |
| - mongodb_user: prepare mongodb | |
| {% endif %} | |
| mongodb_user: | |
| - present | |
| - name: {{salt.pillar.get('mongodb.user')}} | |
| - passwd: {{salt.pillar.get('mongodb.password')}} | |
| - host: {{salt.pillar.get('mongodb.host')}} | |
| - database: admin | |
| - roles: | |
| - userAdminAnyDatabase | |
| - require: | |
| - service: prepare mongodb | |
| grains: | |
| - present | |
| - name: mongodb:configured | |
| - value: True | |
| - require: | |
| - mongodb_user: prepare mongodb |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python2 | |
| import pymongo | |
| pymongo.database.Database(pymongo.MongoClient( | |
| host="{{salt.pillar.get('mongodb.host', '127.0.0.1')}}", | |
| port={{salt.pillar.get('mongodb.port', 27017)}} | |
| ), 'admin').add_user( | |
| "{{salt.pillar.get('mongodb.user')}}", | |
| "{{salt.pillar.get('mongodb.password')}}", | |
| roles=['userAdminAnyDatabase'] | |
| ) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # $OpenBSD: mongodb.conf,v 1.2 2016/05/06 15:33:37 sthen Exp $ | |
| # Sample configuration. See | |
| # https://docs.mongodb.org/manual/administration/configuration/ | |
| # for details. | |
| processManagement: | |
| fork: true | |
| net: | |
| # Only listen on the local network interface. Change this only if you | |
| # need a public-facing instance and have turned on authorization. | |
| bindIp: 127.0.0.1 | |
| storage: | |
| dbPath: /var/mongodb/data | |
| journal: | |
| enabled: true | |
| systemLog: | |
| destination: file | |
| path: /var/log/mongodb/mongodb.log | |
| logAppend: true | |
| {#% if salt['grains.get']('mongodb:configured', False) %#} | |
| security: | |
| authorization: enabled | |
| setParameter: | |
| enableLocalhostAuthBypass: true | |
| {#% endif %#} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment