Automated Process

ePages 6.17.22 introduces Mongo authentication. Mongo authentication is added by (re)starting epagesj: (Re)start 1. checks if Mongo authentication can be enabled and 2. enables Mongo authentication.

For that, /etc/init.d/epagesj contains something like:

/var/epages/bin/mongo_can_enable_auth.sh && /var/epages/bin/mongo_enable_auth.sh

Mongo authentication is added automatically if:

  1. there is only one Mongo server and one epagesj server and both have same host

  2. Mongo authentication not added yet (/etc/mongod.conf does not contain keys auth/keyFile)

If Mongo authentication is not added automatically, do it manually.

Manual Process

Check if Mongo authentication can be enabled:

/var/epages/bin/mongo_can_enable_auth.sh

If yes, run:

/var/epages/bin/mongo_enable_auth.sh

If not, execute following steps:

1) Update package epages-release which contains latest mongo_*.sh scripts:

1a) On Redhat/CentOS run (use your own UUID):

UUID=1234abcd-1234-1234-1234-0123456789abcd
export EPAGES_REPOURL=ftp://epages-software.de/repo/usr/$UUID
rpm -hUv http://epages-software.de/repo/epages/7.15.0/epages-release.noarch.rpm

1b) On Debian run (use your own UUID):

UUID=1234abcd-1234-1234-1234-0123456789abcd
export EPAGES_REPOURL=ftp://epages-software.de/repo/usr/$UUID
curl -LO $EPAGES_REPOURL/apt/epages-release_all.deb
dpkg -i epages-release_all.deb
apt-get -y update

2) Add keys username, password, databaseName to section [Mongo] in configuration file /srv/epages/eproot/j/conf/epagesj.conf on any epagesj or Mongo server:

. /etc/default/epages6
EPAGESJ_CONF=$EPAGESJ_CONFIG/epagesj.conf
[[ -d $EPAGESJ_CONFIG ]] || install -g epages -o "$EPAGESJ_USER" -m 755 -d "$EPAGESJ_CONFIG"
[[ -f $EPAGESJ_CONF ]] || { touch "$EPAGESJ_CONF"; chmod 644 "$EPAGESJ_CONF"; }
/var/epages/ini-config.sh -f "$EPAGESJ_CONF" -s Mongo -k databaseName -v epagesj -i
/var/epages/ini-config.sh -f "$EPAGESJ_CONF" -s Mongo -k username -v epagesj -i
/var/epages/ini-config.sh -f "$EPAGESJ_CONF" -s Mongo -k password -v PASSWORD -i

PASSWORD must be the same on any host and must contain only numbers or letters.

3) On first master MongoDB run:

/var/epages/bin/mongo_enable_auth.sh

4) This creates mongodb-keyfile, copy this file to all other master and slave MongoDBs:

KEYFILE=$(/var/epages/ini-config.sh -f /etc/mongo*.conf -k keyFile -G)
scp $KEYFILE OTHER_MONGODB:$KEYFILE

5) On other master MongoDBs run:

/var/epages/bin/mongo_enable_auth.sh

6) On all slave MongoDBs set auth/keyFile keys:

/var/epages/ini-config.sh -f /etc/mongo*.conf -k keyFile -v $KEYFILE -i
/var/epages/ini-config.sh -f /etc/mongo*.conf -k auth -v true -i

7) First on all slave MongoDBs, then on all epagesj servers restart Mongo/Java:

/etc/init.d/epages6 start_java

This finishes the MongoDB authentication.