Without either MONGO_INITDB_ROOT_USERNAME
, or MONGO_INITDB_ROOT_PASSWORD
the access is unrestricted.
docker-compose.yml
:
version: '3'
services:
mongo:
image: mongo:4
sh:
image: alpine
entrypoint: sleep 100000000
init: true
$ docker-compose up -d
$ docker-compose exec sh sh -c 'echo http://dl-cdn.alpinelinux.org/alpine/v3.9/main >> /etc/apk/repositories' \
&& docker-compose exec sh sh -c 'echo http://dl-cdn.alpinelinux.org/alpine/v3.9/community >> /etc/apk/repositories' \
&& docker-compose exec sh apk update \
&& docker-compose exec bash apk add mongodb
$ docker-compose exec sh mongo --host mongo
> show dbs
> use admin
> show collections
But you can't specify a user when connecting to the database:
$ docker-compose exec sh mongo --host mongo -u whatever
Enter password:
connecting to: mongodb://mongo:27017/?gssapiServiceName=mongodb
2019-11-15T20:25:21.998+0000 E QUERY [js] Error: Authentication failed. :
connect@src/mongo/shell/mongo.js:328:13
@(connect):1:6
exception: connect failed
In terms of mongoid.yml
that means either no user
option (*.clients.default.options.user
), or nil
value (user:
). Empty string (user: ''
) won't do.
See this Stack Overflow question for installing mongodb
on Alpine Linux.
docker-compose.yml
:
version: '3'
services:
mongo:
image: mongo:4
environment:
MONGO_INITDB_ROOT_USERNAME: root
MONGO_INITDB_ROOT_PASSWORD: root
MONGO_USER: user
MONGO_DB: db
volumes:
- db:/data/db
- ./init-mongo.sh:/docker-entrypoint-initdb.d/init-mongo.sh
sh:
image: alpine
entrypoint: sleep 100000000
init: true
volumes:
db:
init-mongo.sh
:
#!/usr/bin/env bash
set -eu
mongo -- "$MONGO_DB" <<EOF
var rootUser = '$MONGO_INITDB_ROOT_USERNAME';
var rootPassword = '$MONGO_INITDB_ROOT_PASSWORD';
var admin = db.getSiblingDB('admin');
admin.auth(rootUser, rootPassword);
var user = '$MONGO_USER';
var passwd = '${MONGO_PASSWORD-}' || user;
db.createUser({user: user, pwd: passwd, roles: ["readWrite"]});
EOF
$ docker-compose down -v && docker-compose up -d
$ docker-compose exec sh sh -c 'echo http://dl-cdn.alpinelinux.org/alpine/v3.9/main >> /etc/apk/repositories' \
&& docker-compose exec sh sh -c 'echo http://dl-cdn.alpinelinux.org/alpine/v3.9/community >> /etc/apk/repositories' \
&& docker-compose exec sh apk update \
&& docker-compose exec sh apk add mongodb
$ docker-compose exec sh mongo --host mongo --authenticationDatabase admin --username root
$ docker-compose exec sh mongo --host mongo --authenticationDatabase db --username user db
> db.c1.insert({a: 1})
> db.c1.find()
> show collections
@Nicofisi
I guess some line-ending issues?.. It works for me w/o an extra line. Particularly w/
mongo:6
.Yeah, good point. It was Mongo 4 back then.