Enable Mongo Authentication 6.17.41
Created: 6.17.23; Updated: 6.17.23

Automated Process

ePages 6.17.22 introduces Mongo authentication. Mongo authentication is added by (re)starting epagesj: (Re)start 1. checks if Mongo authentication can be enabled and 2. enables Mongo authentication.

For that, /etc/init.d/epagesj contains something like:

  /var/epages/bin/mongo_can_enable_auth.sh && /var/epages/bin/mongo_enable_auth.sh

Mongo authentication is added automatically if:

  1. there is only one Mongo server and one epagesj server and both have same host
  2. Mongo authentication not added yet (/etc/mongod.conf does not contain keys auth/keyFile)
If Mongo authentication is not added automatically, do it manually.

Manual Process

Check if Mongo authentication can be enabled:

  /var/epages/bin/mongo_can_enable_auth.sh

If yes, run:

  /var/epages/bin/mongo_enable_auth.sh

If not, execute following steps:

1. Update package epages-release which contains latest mongo_*.sh scripts:

1a. On Redhat/CentOS run:

  rpm -hUv http://epages-software.de/repo/epages/6.17.41/epages-release.noarch.rpm

1b. On Debian run:

  curl -O http://epages-software.de/repo/epages/apt/epages-release_all.deb
  dpkg -i epages-release_all.deb
  apt-get -y update

2. Add keys username, password, databaseName to section [Mongo] in configuration file /srv/epages/eproot/j/conf/epagesj.conf on any epagesj or Mongo server:

  . /etc/default/epages6
  EPAGESJ_CONF=$EPAGESJ_CONFIG/epagesj.conf
  [[ -d $EPAGESJ_CONFIG ]] || install -g epages -o "$EPAGESJ_USER" -m 755 -d "$EPAGESJ_CONFIG"
  [[ -f $EPAGESJ_CONF ]] || { touch "$EPAGESJ_CONF"; chmod 644 "$EPAGESJ_CONF"; }
  /var/epages/ini-config.sh -f "$EPAGESJ_CONF" -s Mongo -k databaseName -v epagesj -i
  /var/epages/ini-config.sh -f "$EPAGESJ_CONF" -s Mongo -k username -v epagesj -i
  /var/epages/ini-config.sh -f "$EPAGESJ_CONF" -s Mongo -k password -v PASSWORD -i

PASSWORD must be the same on any host and must contain only numbers or letters.

3. On first master MongoDB run:

  /var/epages/bin/mongo_enable_auth.sh

4. This creates mongodb-keyfile, copy this file to all other master and slave MongoDBs:

  KEYFILE=$(/var/epages/ini-config.sh -f /etc/mongo*.conf -k keyFile -G)
  scp $KEYFILE OTHER_MONGODB:$KEYFILE

5. On other master MongoDBs run:

  /var/epages/bin/mongo_enable_auth.sh

6. On all slave MongoDBs set auth/keyFile keys:

  /var/epages/ini-config.sh -f /etc/mongo*.conf -k keyFile -v $KEYFILE -i
  /var/epages/ini-config.sh -f /etc/mongo*.conf -k auth -v true -i

7. First on all slave MongoDBs, then on all epagesj servers restart Mongo/Java:

  /etc/init.d/epages6 start_java

This finishes the MongoDB authentication.


Copyright ePages GmbH 2016