Enable Mongo Authentication | → 6.17.40 | Created: 6.17.23; Updated: 6.17.23 |
ePages 6.17.22 introduces Mongo authentication. Mongo authentication is added by (re)starting epagesj: (Re)start 1. checks if Mongo authentication can be enabled and 2. enables Mongo authentication.
For that, /etc/init.d/epagesj contains something like:
/var/epages/bin/mongo_can_enable_auth.sh && /var/epages/bin/mongo_enable_auth.sh
Mongo authentication is added automatically if:
Check if Mongo authentication can be enabled:
/var/epages/bin/mongo_can_enable_auth.sh
If yes, run:
/var/epages/bin/mongo_enable_auth.sh
If not, execute following steps:
1. Update package epages-release which contains latest mongo_*.sh scripts:
1a. On Redhat/CentOS run:
rpm -hUv http://epages.com/repo/epages/yum/epages-release.noarch.rpm
1b. On Debian run:
curl -O http://www.epages.com/repo/epages/apt/epages-release_all.deb dpkg -i epages-release_all.deb apt-get -y update
2. Add keys username, password, databaseName to section [Mongo] in configuration file /srv/epages/eproot/j/conf/epagesj.conf on any epagesj or Mongo server:
. /etc/default/epages6 EPAGESJ_CONF=$EPAGESJ_CONFIG/epagesj.conf [[ -d $EPAGESJ_CONFIG ]] || install -g epages -o "$EPAGESJ_USER" -m 755 -d "$EPAGESJ_CONFIG" [[ -f $EPAGESJ_CONF ]] || { touch "$EPAGESJ_CONF"; chmod 644 "$EPAGESJ_CONF"; } /var/epages/ini-config.sh -f "$EPAGESJ_CONF" -s Mongo -k databaseName -v epagesj -i /var/epages/ini-config.sh -f "$EPAGESJ_CONF" -s Mongo -k username -v epagesj -i /var/epages/ini-config.sh -f "$EPAGESJ_CONF" -s Mongo -k password -v PASSWORD -i
PASSWORD must be the same on any host and must contain only numbers or letters.
3. On first master MongoDB run:
/var/epages/bin/mongo_enable_auth.sh
4. This creates mongodb-keyfile, copy this file to all other master and slave MongoDBs:
KEYFILE=$(/var/epages/ini-config.sh -f /etc/mongo*.conf -k keyFile -G) scp $KEYFILE OTHER_MONGODB:$KEYFILE
5. On other master MongoDBs run:
/var/epages/bin/mongo_enable_auth.sh
6. On all slave MongoDBs set auth/keyFile keys:
/var/epages/ini-config.sh -f /etc/mongo*.conf -k keyFile -v $KEYFILE -i /var/epages/ini-config.sh -f /etc/mongo*.conf -k auth -v true -i
7. First on all slave MongoDBs, then on all epagesj servers restart Mongo/Java:
/etc/init.d/epages6 start_java
This finishes the MongoDB authentication.