Skip to content

Instantly share code, notes, and snippets.

@x-yuri
Last active February 20, 2023 12:28
Show Gist options
  • Save x-yuri/22eace6d6d047cbe090e1412eaabc97b to your computer and use it in GitHub Desktop.
Save x-yuri/22eace6d6d047cbe090e1412eaabc97b to your computer and use it in GitHub Desktop.
docker: mongo

Without either MONGO_INITDB_ROOT_USERNAME, or MONGO_INITDB_ROOT_PASSWORD the access is unrestricted.

docker-compose.yml:

version: '3'

services:
  mongo:
    image: mongo:4
      
  sh:
    image: alpine
    entrypoint: sleep 100000000
    init: true
$ docker-compose up -d
$ docker-compose exec sh sh -c 'echo http://dl-cdn.alpinelinux.org/alpine/v3.9/main >> /etc/apk/repositories' \
&& docker-compose exec sh sh -c 'echo http://dl-cdn.alpinelinux.org/alpine/v3.9/community >> /etc/apk/repositories' \
&& docker-compose exec sh apk update \
&& docker-compose exec bash apk add mongodb
$ docker-compose exec sh mongo --host mongo
> show dbs
> use admin
> show collections

But you can't specify a user when connecting to the database:

$ docker-compose exec sh mongo --host mongo -u whatever
Enter password: 
connecting to: mongodb://mongo:27017/?gssapiServiceName=mongodb
2019-11-15T20:25:21.998+0000 E QUERY    [js] Error: Authentication failed. :
connect@src/mongo/shell/mongo.js:328:13
@(connect):1:6
exception: connect failed

In terms of mongoid.yml that means either no user option (*.clients.default.options.user), or nil value (user: ). Empty string (user: '') won't do.

See this Stack Overflow question for installing mongodb on Alpine Linux.


docker-compose.yml:

version: '3'

services:
  mongo:
    image: mongo:4
    environment:
      MONGO_INITDB_ROOT_USERNAME: root
      MONGO_INITDB_ROOT_PASSWORD: root

      MONGO_USER: user
      MONGO_DB: db
    volumes:
      - db:/data/db
      - ./init-mongo.sh:/docker-entrypoint-initdb.d/init-mongo.sh

  sh:
    image: alpine
    entrypoint: sleep 100000000
    init: true

volumes:
  db:

init-mongo.sh:

#!/usr/bin/env bash
set -eu
mongo -- "$MONGO_DB" <<EOF
    var rootUser = '$MONGO_INITDB_ROOT_USERNAME';
    var rootPassword = '$MONGO_INITDB_ROOT_PASSWORD';
    var admin = db.getSiblingDB('admin');
    admin.auth(rootUser, rootPassword);

    var user = '$MONGO_USER';
    var passwd = '${MONGO_PASSWORD-}' || user;
    db.createUser({user: user, pwd: passwd, roles: ["readWrite"]});
EOF
$ docker-compose down -v && docker-compose up -d
$ docker-compose exec sh sh -c 'echo http://dl-cdn.alpinelinux.org/alpine/v3.9/main >> /etc/apk/repositories' \
&& docker-compose exec sh sh -c 'echo http://dl-cdn.alpinelinux.org/alpine/v3.9/community >> /etc/apk/repositories' \
&& docker-compose exec sh apk update \
&& docker-compose exec sh apk add mongodb
$ docker-compose exec sh mongo --host mongo --authenticationDatabase admin --username root
$ docker-compose exec sh mongo --host mongo --authenticationDatabase db --username user db
> db.c1.insert({a: 1})
> db.c1.find()
> show collections
@x-yuri
Copy link
Author

x-yuri commented Oct 25, 2022

@Nicofisi

For some reason I was getting a bash error before I separated the set line from the mongo line

I guess some line-ending issues?.. It works for me w/o an extra line. Particularly w/ mongo:6.

Also, as of, Mongo 6+ the command is now mongosh

Yeah, good point. It was Mongo 4 back then.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment