Pritunl

Pritunl Documentation

Welcome to the Pritunl developer hub. You'll find comprehensive guides and documentation to help you start working with Pritunl as quickly as possible, as well as support if you get stuck. Let's jump right in!

Get Started    

MongoDB Authentication

Add authentication to MongoDB

These instructions are for Oracle Linux 7. The commands for other distributions will be different. First install and start MongoDB.

sudo tee /etc/yum.repos.d/mongodb-org-4.0.repo << EOF
[mongodb-org-4.0]
name=MongoDB Repository
baseurl=https://repo.mongodb.org/yum/redhat/7/mongodb-org/4.0/x86_64/
gpgcheck=1
enabled=1
gpgkey=https://www.mongodb.org/static/pgp/server-4.0.asc
EOF

sudo yum -y install mongodb-org
sudo systemctl start mongod
sudo systemctl enable mongod

Then create an admin user by first connecting with the mongo cli. Once connected switch to the admin database and run the create user command. Change the PASSWORD below to a secure random password.

mongo
use admin;
db.createUser(
  {
    user: "admin",
    pwd: "PASSWORD",
    roles: [
      "userAdminAnyDatabase",
      "dbAdminAnyDatabase",
      "readWriteAnyDatabase"
    ]
  }
);

After the user has been created edit the MongoDB configuration to enable authorization. The net section should be replaced with the section below.

sudo nano /etc/mongod.conf
security:
  authorization: enabled

Create Pritunl User

Then create a pritunl user for the prituinl database in the admin database. First connect with the mongo cli using the admin account then switch to the admin database. Change the PASSWORD below to a secure random password. When authenticating from mongo cli tools use --authenticationDatabase admin.

If configuring Pritunl Zero or Pritunl Cloud update the name of the database below.

mongo --host subnet.domain.com -u admin --authenticationDatabase admin

use admin;
db.createUser({
  user: "pritunl",
  pwd: "PASSWORD",
  roles: [{role: "dbOwner", db: "pritunl"}]
});

Test the new use with the command below.

mongo --host mongo-test.silicon.red -u pritunl --authenticationDatabase admin pritunl

Connecting to MongoDB

When configuring Pritunl the username, password and ssl option must be added to the MongoDB uri. Such as mongodb://pritunl:PASSWORD@subnet.domain.com:27017/pritunl?authSource=admin If configuring Pritunl Zero or Pritunl Cloud update the name of the database.

Authentication Database

If the authentication user is on a different database the authSource parameter must be included in the MongoDB uri. Such as mongodb://pritunl:PASSWORD@subnet.domain.com:27017/pritunl?authSource=admin

Updated about a year ago

MongoDB Authentication


Add authentication to MongoDB

Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.