- Published on
[MacBook - Development Server] Deploy MongoDB Service (3/4)
- Authors
- Name
- Đông Trần
- Github
- @dongitran
Đi sâu hơn nào!!
Hi anh em dev 👋, tiếp nối phần 2, hôm nay mình sẽ hướng dẫn cách deploy MongoDB service trên MacBook server.
Sau bài viết này, chúng ta sẽ:
- ✅ Setup MongoDB với Docker
- ✅ Cấu hình bảo mật cơ bản
- ✅ Triển khai backup strategy
Docker Compose Setup
Tạo file docker-compose.yml trong thư mục ~/infra:
name: infra
services:
mongodb:
image: mongo:latest
container_name: local-macos-mongodb
ports:
- "27017:27017"
volumes:
- /private/docker/mongodb/data:/data/db
- /private/docker/mongodb/config:/data/configdb
environment:
- MONGO_INITDB_ROOT_USERNAME=admin
- MONGO_INITDB_ROOT_PASSWORD=secretpassword
deploy:
resources:
limits:
cpus: "1"
memory: 1G
reservations:
cpus: "0.25"
memory: 512M
healthcheck:
test: ["CMD", "mongosh", "--eval", "'db.runCommand(\"ping\").ok'"]
interval: 30s
timeout: 10s
retries: 3
restart: unless-stopped
networks:
- infra-network
networks:
infra-network:
driver: bridge
Tạo thư mục cho volumes:
mkdir -p /private/docker/mongodb/{data,config,backups}
Deploy với GitHub Actions
Update file .github/workflows/deploy.yml:
name: Deploy MongoDB
on:
push:
branches:
- deploy
jobs:
deploy:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Install Cloudflared
run: |
curl -L https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-linux-amd64 -o cloudflared
chmod +x cloudflared
sudo mv cloudflared /usr/local/bin
- name: Setup SSH key
run: |
mkdir -p ~/.ssh
echo "${{ secrets.SSH_PRIVATE_KEY }}" > ~/.ssh/id_ed25519
chmod 600 ~/.ssh/id_ed25519
- name: Deploy MongoDB
run: |
ssh -i ~/.ssh/id_ed25519 -o StrictHostKeyChecking=no \
-o ProxyCommand='cloudflared access ssh --hostname %h' \
[email protected] "cd ~/infra && docker-compose up -d"
notify:
needs: deploy
runs-on: ubuntu-latest
steps:
- name: Send Telegram Notification
uses: appleboy/telegram-action@master
with:
to: ${{ secrets.TELEGRAM_CHAT_ID }}
token: ${{ secrets.TELEGRAM_BOT_TOKEN }}
format: html
message: |
${{ job.status == 'success' && '✅' || '❌' }} <b>Deploy MongoDB ${{ job.status == 'success' && 'thành công' || 'thất bại' }}!</b>
Status: ${{ job.status }}
Branch: ${{ github.ref_name }}
Commit: ${{ github.sha }}
Bảo mật MongoDB
1. Tạo User và Database
Kết nối vào MongoDB và tạo user:
use admin
db.createUser({
user: "appuser",
pwd: "apppassword",
roles: [
{ role: "readWrite", db: "yourdb" }
]
})
2. Cấu hình Cloudflare Tunnel
Update file ~/.cloudflared/config.yml:
tunnel: <TUNNEL_ID>
credentials-file: ~/.cloudflared/<TUNNEL_ID>.json
ingress:
- hostname: mongo.your-domain.com
service: http://localhost:27017
originRequest:
noTLSVerify: true
- service: http_status:404
3. Network Security
Tạo file mongodb.conf:
net:
bindIp: 127.0.0.1
port: 27017
security:
authorization: enabled
operationProfiling:
mode: slowOp
slowOpThresholdMs: 100
Phần tiếp theo, chúng ta sẽ tìm hiểu cách deploy Node.js application và kết nối với Database MongoDB này 🚀