Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Auth flag #19

Open
Christilut opened this issue Nov 27, 2018 · 8 comments
Open

Auth flag #19

Christilut opened this issue Nov 27, 2018 · 8 comments

Comments

@Christilut
Copy link

So my development MongoDB is exposed because it is on a Lightsail VPS and I'd like to secure it with the --auth flag.
I tried adding it myself, seemed like a small feature but I'm getting some errors in the underlying topology manager when adding the auth flag.

@vkarpov15
Copy link
Owner

It's something we're planning on adding, but hasn't really been a priority. Out of curiosity, why is it a priority for you to secure a dev DB? Not saying you're wrong, just curious to hear your perspective

@Christilut
Copy link
Author

Well I want to load real data in there and instead of putting effort into anonymizing the data I'd rather secure it. There's bots out there that just go after every IP address and test every default port, especially mongo since the default mongo installations have auth disabled.
I changed my ports of course but IP whitelisting is proving difficult because my server is on heroku which uses dynamic IP's.

@Christilut
Copy link
Author

But honestly, I had runrs running for a few days and it worked fine but lately I've been getting strange errors and the primary clusters seems to go down repeatedly after 12+ hours of uptime. After messing with it (and other ways of getting a replicaset with auth running) I decided it costs me too much time to get it working and that an M10 instance on Atlas is maybe the best option after all.

@vkarpov15
Copy link
Owner

It sounds like your case is not what run-rs is designed for. Our goal is to make local dev and testing as easy as possible. As soon as you start worrying about uptime and securing customer data, you should look into MongoDB Atlas. I'll keep this open to track adding auth support though, that will be useful.

@Christilut
Copy link
Author

Yeah you're right. I was kind of forced to do something like this because of this issue

@vkarpov15
Copy link
Owner

Thanks for the heads up, I've never seen that Atlas issue before. I opened up a Mongoose issue to look into it.

@ashisherc
Copy link

would love to have auth flag, when running a dev cluster on a cloud VM

@rattrayalex
Copy link

It looks like Prisma requires auth for local dev: https://www.prisma.io/docs/concepts/database-connectors/mongodb

lack of this flag seems to make this project unusable for that…

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

4 participants