add authentication to mongo, properly, not tested to see if it works with server

2018-06-25 18:18:40 -07:00 · 2018-06-25 18:18:40 -07:00 · a7f319a727
commit a7f319a727
parent f06198a4e1
4 changed files with 29 additions and 81 deletions
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -1,38 +1,40 @@
 version: '3.4'
 services:
  mongo:
-    build: ./mongo
+    image: mongo:3.4
    volumes:
      - dbdata:/data/db
      - "$PWD/mongo/:/docker-entrypoint-initdb.d/"
    expose:
      - "27017"
    ports:
      - '27017:27017'
    # restart: always
    env_file:
      - .env
-  # nginx:
+  nginx:
-  #   build: ./nginx
+    build: ./nginx
-  #   ports:
+    ports:
-  #     - '80:80'
+      - '80:80'
-  # app:
+  app:
-  #   build:
+    build:
-  #     context: .
+      context: .
-  #     dockerfile: Dockerfile
+      dockerfile: Dockerfile
-  #     target: production
+      target: production
-  #   env_file:
+    env_file:
-  #     - .env
+      - .env
-  #   environment:
+    environment:
-  #     - MONGO_URL=mongodb://mongo:27017/p5js-web-editor
+      - MONGO_URL=mongodb://mongo:27017/p5js-web-editor
-  #     - MONGO_HOSTNAME=mongo
+      - MONGO_HOSTNAME=mongo
-  #     # - API_URL=https://localhost/api
+      # - API_URL=https://localhost/api
-  #     # - PORT=80
+      # - PORT=80
-  #   volumes:
+    volumes:
-  #     - .:/opt/node/app
+      - .:/opt/node/app
-  #     - /opt/node/app/node_modules
+      - /opt/node/app/node_modules
-  #   ports:
+    ports:
-  #     - '8000:8000'
+      - '8000:8000'
-  #     # - '443:443'
+      # - '443:443'
-  #     # - '80:80'
+    depends_on:
-  #   depends_on:
+      - mongo
  #     - mongo
 volumes:
  dbdata:
--- a/mongo/Dockerfile
+++ b/mongo/Dockerfile
@ -1,13 +0,0 @@
 # Use an official mongo runtime as a parent image
 FROM mongo:3.4
 # Expose the mongo port
 EXPOSE 27017
 # Copy the mongod.conf file to env
 # COPY mongod.conf /env/
 # Copy the entrypoint file as well
 COPY ./docker-entrypoint.sh .
 CMD ["/bin/bash", "docker-entrypoint.sh"]
--- a/mongo/docker-entrypoint.sh
+++ b/mongo/docker-entrypoint.sh
@ -1,42 +0,0 @@
 #!/bin/bash
 set -euo pipefail
 function waitForMongo {
    port=$1
    n=0
    until [ $n -ge 20 ]
    do
        mongo admin --quiet --port $port --eval "db" && break
        n=$[$n+1]
        sleep 2
    done
 }
 if ! [[ -a /data/db/mydb-initialized ]]; then
    mongod & MONGO_PID=$!
    waitForMongo 27017
    mongo admin --port 27017 --eval "db.system.version.insert({ '_id' : 'authSchema', 'currentVersion' : 3 })"
    mongod --shutdown
    mongod & MONGO_PID=$!
    waitForMongo 27017
    mongo admin --port 27017 --eval "db.createUser({ user: '${MONGO_INITDB_ROOT_USERNAME}', pwd: '${MONGO_INITDB_ROOT_PASSWORD}', roles: [ 'root' ]})"
    mongo admin -u ${MONGO_INITDB_ROOT_USERNAME} -p ${MONGO_INITDB_ROOT_PASSWORD} --port 27017 --eval "db.createUser({ user: '${MONGO_RW_USERNAME}', pwd: '${MONGO_RW_PASSWORD}', roles: [ {role: 'readWrite', db: 'isf-website'}, {role: 'readWrite', db: 'sessions'} ]})"
    mongod --shutdown
    mongod -f /env/mongod.conf --auth & MONGO_PID=$!
    waitForMongo 27017
    mongo admin -u ${MONGO_INITDB_ROOT_USERNAME} -p ${MONGO_INITDB_ROOT_PASSWORD} --port 27017 --eval "db.runCommand({ replSetInitiate: '{}' })"
    mongo admin -u ${MONGO_INITDB_ROOT_USERNAME} -p ${MONGO_INITDB_ROOT_PASSWORD} --port 27017 --eval "db.setSlaveOk()"
    mongod --shutdown
    touch /data/db/mydb-initialized
 fi
 mongod -f /env/mongod.conf --auth & MONGO_PID=$!
 waitForMongo 27017
 trap 'echo "KILLING"; kill $MONGO_PID; wait $MONGO_PID' SIGINT SIGTERM EXIT
 wait $MONGO_PID
--- a/mongo/init.sh
+++ b/mongo/init.sh
@ -0,0 +1 @@
 mongo $MONGO_INITDB_DATABASE --eval "db.createUser({ user: '$MONGO_RW_USERNAME', pwd: '$MONGO_RW_PASSWORD', roles: [ 'readWrite' ] })"
		`@ -0,0 +1 @@`
							`mongo $MONGO_INITDB_DATABASE --eval "db.createUser({ user: '$MONGO_RW_USERNAME', pwd: '$MONGO_RW_PASSWORD', roles: [ 'readWrite' ] })"`