How To Install Mongodb On Ubuntu 22.04

How To Install Mongodb On Ubuntu 22.04

Reading time1 min
#Database#Security#DevOps#MongoDB#Ubuntu#Linux

Step-by-Step Guide to Securely Installing MongoDB on Ubuntu 22.04 with Production-Ready Settings

Forget generic install instructions—this guide focuses on a production-ready MongoDB setup on Ubuntu 22.04 that balances security, performance, and maintainability, saving you from costly misconfigurations down the line.

MongoDB’s document-oriented architecture is a top choice for modern app developers looking to build scalable, flexible backends. But an insecure or sub-optimally configured MongoDB instance poses risks—from unauthorized access to performance bottlenecks. If you’re running Ubuntu 22.04, this guide walks you through securely installing MongoDB with production-ready settings so your database is safe, efficient, and maintainable from day one.

Why Not Just Use the Default Ubuntu Packages?

Ubuntu’s default repositories often provide outdated MongoDB versions—and installing without tweaks leaves your instance exposed and unoptimized. We’ll use the official MongoDB repository ensuring you get the latest stable version along with secure configurations baked in.

Prerequisites

  • Ubuntu 22.04 server with sudo privileges
  • Basic familiarity with terminal and command-line editing
  • Recommended: a separate non-root user account for running MongoDB

Step 1: Import MongoDB Public GPG Key

MongoDB packages are signed with their own GPG key.

wget -qO - https://pgp.mongodb.com/server-6.0.asc | sudo tee /usr/share/keyrings/mongodb-server-6.0.gpg > /dev/null

This ensures APT can verify packages’ authenticity.

Step 2: Add Official MongoDB Repository

Create a new APT source list file pointing to MongoDB’s official repo:

echo "deb [ arch=amd64 signed-by=/usr/share/keyrings/mongodb-server-6.0.gpg ] https://repo.mongodb.org/apt/ubuntu jammy/mongodb-org/6.0 multiverse" | sudo tee /etc/apt/sources.list.d/mongodb-org-6.0.list

Update package lists:

sudo apt update

Step 3: Install MongoDB

Now install the latest stable version:

sudo apt install -y mongodb-org

Confirm installation:

mongod --version
# Example output: db version v6.0.x

Step 4: Configure Systemd for Automatic Startup and Resource Limits

Enable systemd service to start MongoDB on boot:

sudo systemctl enable mongod
sudo systemctl start mongod

Check status:

sudo systemctl status mongod

Set resource limits for better database reliability by creating or editing /etc/security/limits.d/mongodb.conf:

mongodb soft nproc 64000
mongodb hard nproc 64000
mongodb soft nofile 64000
mongodb hard nofile 64000

Why does this matter? Higher process and file descriptor limits help prevent bottlenecks under load.

Step 5: Secure MongoDB Configuration

Edit the main config file /etc/mongod.conf:

sudo nano /etc/mongod.conf

Make the following important changes:

Bind IP

By default, MongoDB binds only to localhost (127.0.0.1) to prevent outside access.

If your app server is separate from your database server or you want remote access over VPN/firewall, include trusted IPs explicitly:

net:
  port: 27017
  bindIp: 127.0.0.1,<your-trusted-ip>

Avoid binding to 0.0.0.0 in production.

Enable Authentication

Add or edit these lines to enable role-based access control (RBAC):

security:
  authorization: enabled

Save and exit (Ctrl+O, Enter, Ctrl+X in nano).

Restart mongod to apply changes:

sudo systemctl restart mongod

Step 6: Create an Admin User for Authentication

Login to Mongo shell (locally):

mongosh --port 27017

Switch to admin DB and create admin user (replace <yourStrongPassword> with a robust password):

use admin;
db.createUser({
   user: "admin",
   pwd: "<yourStrongPassword>",
   roles: [ { role: "userAdminAnyDatabase", db: "admin" }, "readWriteAnyDatabase" ]
});
exit;

Now all connections require authentication.

Step 7: Test Authentication Enforcement

Try connecting without credentials (should fail):

mongosh --port 27017 --eval 'db.runCommand({ connectionStatus: 1 })'
# Error about authentication failure expected.

Try authenticating properly:

mongosh -u admin -p <yourStrongPassword> --authenticationDatabase admin --port 27017

If successful, your secure setup is working.

Optional Enhancements for Production Stability & Security

Enable TLS Encryption (Optional but Recommended)

Generate SSL certificates and configure these lines in /etc/mongod.conf under net::

tls:
  mode: requireTLS  
  certificateKeyFile: /path/to/mongodb.pem  
  CAFile: /path/to/ca.pem

Then restart MongoDB.

Set Up Backup & Monitoring

Implement regular backups using mongodump or integrated cloud tools (Atlas or ops manager). Watch resources using monitoring solutions like Prometheus or Datadog.

Recap Checklist Before Going Live

✅ Latest official MongoDB installed from repo
✅ Systemd enabled with resource limits tuned
✅ Bind IP restricted to trusted addresses only
✅ Authentication enabled + admin user created
✅ Connections verified enforce authentication

Conclusion

By following this step-by-step guide tailored specifically for Ubuntu 22.04, you avoid common pitfalls like open unauthenticated access or outdated software versions that expose your data and impact performance.

Secure your app’s database foundation today and focus on building features instead of firefighting misconfigurations tomorrow!

Feel free to share any questions—or best practices you’ve discovered—down below in the comments!

Happy coding 🚀✨

Related Articles

How To Install Mongodb On Ubuntu 22.04

Step-by-Step Guide to Securely Installing MongoDB on Ubuntu 22.04 with Production-Ready Settings

1 min

Add Mongodb To Docker

No description

1 min

Add User To Docker Group

How to Safely Add a User to the Docker Group Without Compromising Security

1 min
← Back to Blog