Direkt zum Hauptinhalt

Systemadministration

Installieren und Konfigurieren von MongoDB

 

Befehlszeile für Debian:

apt update

apt-get install curl gnupg2 wget -y

curl -fsSL https://pgp.mongodb.com/server-7.0.asc | gpg -o /usr/share/keyrings/mongodb-server-7.0.gpg --dearmor

echo "deb [ signed-by=/usr/share/keyrings/mongodb-server-7.0.gpg ] http://repo.mongodb.org/apt/debian bullseye/mongodb-org/7.0 main" | tee /etc/apt/sources.list.d/mongodb-org-7.0.list

apt update

apt install mongodb-org -y

mongod --Version

systemctl start mongod

systemctl enable mongod

# create admin user
mongosh
    use admin
    db.createUser( {user: "admin", pwd: "xxxxxxxx", roles: [ { role: "userAdminAnyDatabase", db: "admin" } ] });
    exit;

# switch on authentication
vi /etc/mongod.conf

    security:
    authorization: "enabled"

    net:
    bindIp:192.168.101.120 (or leave as 127.0.0.1 or hostname as required)

systemctl restart mongod
systemctl status mongod

# Optional: if Status is not running (error 14) it may be that you need to remove socket lock (permissions are now incorrect)
cd /tmp
rm -rf mongodb*.sock

# log in and create database user
mongosh "mongodb://admin:xxxxxxxx@192.168.101.120:27017/ddok" --authenticationDatabase admin
    db.createUser( {user: "ddok", pwd: "xxxxxxxx", roles: [ { role: "readWrite", db: "ddok" } ] })

 

node server config.js:

module.exports =
{
    /////////////////////////////////////
    //  Configuration for D-DOK server
    //  All of these values may be overridden by setting environment variables
    /////////////////////////////////////

    // NODE_ENV: 'development' | 'production' (default)
    NODE_ENV: 'production',
    // PORT: web server port (default 80)
    PORT: 3000,
    // PROXY: trust reverse proxy when setting secure cookies (via the "X-Forwarded-Proto" header) (default false)
    PROXY: false,

    /////////////////////////////////////
    // Logging
    /////////////////////////////////////

    // LOG_ENABLED: true (default) | false
    LOG_ENABLED: true,
    // LOG_LEVEL: 'error' | 'warn' | 'info' (default) | 'verbose' | 'debug' | 'silly'
    LOG_LEVEL: 'verbose',

    /////////////////////////////////////
    // D-DOK Database
    /////////////////////////////////////

    // DESS_LINK_ENABLED: flag if D-DOK uses D-ESS database
    DESS_LINK_ENABLED: true,

    // DATABASE_TYPE: 'mysql' (required)
    DATABASE_TYPE: 'mysql',
    // DATABASE_USERNAME: (required)
    DATABASE_USERNAME: 'root',
    // DATABASE_PASSWORD: (required)
    DATABASE_PASSWORD: 'xxxxxxxx',
    // DATABASE_HOST: hostname or IP address of the database server (required)
    DATABASE_HOST: 'localhost',
    // DATABASE_PORT: port to which the database server is bound (required)
    DATABASE_PORT: 3306,
    // DATABASE_NAME: name of the database (required)
    DATABASE_NAME: 'xxxxxxxx',

    /////////////////////////////////////
    // Mongo Database
    /////////////////////////////////////

    // MONGO_DATABASE_USERNAME: (required)
    MONGO_DATABASE_USERNAME: 'ddok',
    // MONGO_DATABASE_PASSWORD: (required)
    MONGO_DATABASE_PASSWORD: 'xxxxxxxx',
    // MONGO_DATABASE_HOST hostname or IP address of the database server (required)
    MONGO_DATABASE_HOST: '127.0.0.1',
    // MONGO_DATABASE_PORT: port to which the database server is bound (required)
    MONGO_DATABASE_PORT: 27017,
    // MONGO_DATABASE_NAME: name of the database (required)
    MONGO_DATABASE_NAME: 'ddok',

    /////////////////////////////////////
    // Active Directory (LDAP) Authentication
    /////////////////////////////////////

    // AD_ENABLED: Active Directory auth enabled
    AD_ENABLED: true,
    // AD_URL: URL of the ldap server (required)
    AD_URL: 'ldaps://DC1.bab.network',
    // AD_BIND_DN: username that will be used to do the searching and request (required)
    AD_BIND_DN: 'DC=bab,DC=network',
    // AD_BIND_USER: username for LDAP bind (required)
    AD_BIND_USER: 'noreply@bab.network',
    // AD_BIND_PASSWORD: password for LDAP bind (required)
    AD_BIND_PASSWORD: 'xxxxxxxx',
    // AD_USERNAME_ATTRIBUTE: Username attribute
    AD_USERNAME_ATTRIBUTE: 'sAMAccountName',
    // AD_SEARCH_FILTER: search filter for user nodes. {{username}} is posted to LDAP (required)
    AD_SEARCH_FILTER: '(sAMAccountName={{username}})',
    // AD_GROUP_FILTER: search filter for group nodes.
    AD_GROUP_FILTER: 'OU=Guest,DC=bab,DC=network',

    /////////////////////////////////////
    // OpenID Connect (OIDC) Authentication
    /////////////////////////////////////

    // OIDC_ENABLED: OIDC auth enabled
    OIDC_ENABLED: true,
    // OIDC_BUTTON_SHOW: Show button on login page
    OIDC_BUTTON_SHOW: true,
    // OIDC_BUTTON_TEXT: Text to show on login page button
    OIDC_BUTTON_TEXT: 'Mit Keycloak Anmelden',
    // OIDC_CLIENT_SECRET: secret application password in OIDC server
    OIDC_CLIENT_SECRET: 'xxxxxxxx',
    // OIDC_CLIENT_ID: public client id in OIDC server
    OIDC_CLIENT_ID: 'dess',
    // OIDC_ISSUER: OIDC Issuer URL
    OIDC_ISSUER: 'https://sso.agrarforschung.at/realms/BAB',

    /////////////////////////////////////
    // System settings
    /////////////////////////////////////

    // SYSTEM_WIJMO_LICENSE_KEY: wijmo license
    SYSTEM_WIJMO_LICENSE_KEY: 'xxxxxxxx'
};

Keine Kommentare
nach oben