Complete users setup guide for Meteor and MongoDB

Meteor is one of the few frameworks to make use of the oplog feature in mongodb. It’s quite a feat of engineering and the way it is done uses it heavily. It’s very important to set it up correctly.

When deploying a Meteor app, it actually requires two users. A “Meteor User” who has read/write abilities & an “Oplog User” for oplog tailing. This guide assumes the database is named app and SSL is enabled.

Create the meteor application user

Outside of meteor, this would typically be called an “application user”. This user will be used for the MONGO_URL. Note the user name doesn’t have to match the database name, but I think it helps keep things simple.

use app
db.createUser({user: 'app', pwd: 'password', roles: [{role: 'readWrite', db: 'app'}]});

Creating the oplog user

This user will be used for the MONGO_OPLOG_URL. You may notice the db is local. This where the oplog collection is.

use admin
db.createUser({user: 'oplog', pwd: 'password', roles: [{role: 'read', db: 'local'}]})

Check users

You can verify that you have created your two users correctly by connecting to the database via the mongo shell:

// List all the databases on the primary node.
show dbs

// Meteor apps will normally only have 3 dbs
admin   0.000GB  // For dbs authentication
local   0.000GB  // For oplog
app     0.000GB  // To store our Meteor collections. Won't exist until it's created

// Check the users
use admin
Meteor User should have: {role: 'readWrite', db: 'app'}
Oplog User should have: {role: 'read', db: 'local'}

Generate connection strings

Create the MONGO_URL and MONGO_OPLOG_URL connection strings using the passwords from earlier.


Note about MongoDB 5

I have experienced some bugginess with startup, which seems to be fixed by adding directConnection=true

That’s it! We now have the two URLs needed to connect our Meteor app with our database.