ELMA365 On-Premises > Prepare infrastructure > Databases > Prepare external databases / MongoDB


For the correct operation of the system, MongoDB version 3.6 to 6.0 is required. This article describes the installation of MongoDB 6.0 for Ubuntu Linux 22.04. You can also refer to the brief guide in the official MongoDB documentation.

начало внимание 

In this example, the database name is elma365, the user is elma365, and the password is SecretPassword.

When configuring MongoDB, set these data according to the security policy adopted in your organization.

конец внимание

Installation consists of six steps:

  1. Install MongoDB.
  2. Configure MongoDB.
  3. Configure connection to MongoDB.
  4. Initialize the replica.
  5. Connect to MongoDB.

Step 1: Install MongoDB

To install MongoDB, add the official repository:

sudo apt-get install gnupg
curl -fsSL https://pgp.mongodb.com/server-6.0.asc | sudo gpg -o /usr/share/keyrings/mongodb-server-6.0.gpg --dearmor
echo "deb [ arch=amd64,arm64 signed-by=/usr/share/keyrings/mongodb-server-6.0.gpg ] https://repo.mongodb.org/apt/ubuntu jammy/mongodb-org/6.0 multiverse" | sudo tee /etc/apt/sources.list.d/mongodb-org-6.0.list
sudo apt-get update

Then install MongoDB:

sudo apt install mongodb-org

Run MongoDB:

sudo systemctl enable --now mongod

Step 2: Configure MongoDB

Начало внимание

The password can contain the following characters:

  • Uppercase Latin letters: A to Z
  • Lowercase Latin letters: a to z
  • Digits: 0 to 9
  • Symbols: -_

Reserved (invalid) characters: ! * ' ( ) ; : @ & = + $ , / ? % # [ ]

Конец внимание

  1. Access mongosh (Command Line Interface) and create a database:


  1. Use the ELMA365 database. If it doesn't exist, create it:

use elma365

  1. Create a dedicated user, elma365, to work with the database, with the password SecretPassword. Username and password are provided as an example:

db.createUser({user:'elma365', pwd:'SecretPassword', roles:[{role:"readWrite", db:"elma365"},{"role":"root", "db":"admin"}]})

  1. Make sure that the user is created:

show users

  1. To enable authentication, create a superuser:

use admin
db.createUser({user:'superuser', pwd:'SecretPassword', roles: ["root"]})

  1. Make sure that the user is created:

show users

  1. Complete the configuration:


  1. Create a file with a general authentication key, set access to the file:

openssl rand -base64 756 > /var/lib/mongodb/keyfile
chmod 400 /var/lib/mongodb/keyfile
chown mongodb:mongodb /var/lib/mongodb/keyfile

  1. Enable secure access to the MongoDB server.

To do that, edit the /etc/mongod.conf file:

. . .
  enableLocalhostAuthBypass: false
   authorization: "enabled"
keyFile: /var/lib/mongodb/keyfile
. . .

  1. Restart MongoDB:

sudo systemctl restart mongod

Step 3: Configure connection to MongoDB

Make changes to the configuration file /etc/mongod.conf:

sudo nano /etc/mongod.conf

Configure the values for:

  • bindIp is a list of addresses from which connections on port 27017 can be accepted (in this case, it makes the MongoDB service available from all external addresses);
  • replSetName is the name of the replica set, by default it is "rs0"

. . .
# network interfaces
  port: 27017
. . .
  replSetName: "rs0"
  enableMajorityReadConcern: true
. . .

Configuring TLS/SSL in MongoDB

Restart MongoDB to apply the changes:

sudo systemctl restart mongod

Step 4: Initialize the replica

  1. Open the mongosh console for configuration.

To connect to MongoDB:

sudo mongosh

To connect to MongoDB with TLS/SSL enabled:

sudo mongosh --tls --host mongodb-server1.your_domain --tlsCAFile /etc/ssl/CA.pem

  1. Initialize the replica:

rs.initiate({ _id: "rs0", members: [{ _id: 0, host: "<mongodb-server-address>" }]})

  1. Check the replicaSet configuration:


  1. Check the state of MongoDB:


Step 5: Connect to MongoDB

Connection string for MongoDB:


Connection string for MongoDB with TLS/SSL:


Found a typo? Highlight the text, press ctrl + enter and notify us