Docker Compose setup for a MongoDB 8 single-node replica set with:
- Local host access on loopback only (
127.0.0.1) - Cloudflare Tunnel connector (
cloudflared) for remote access - Auth-enabled Mongo bootstrap via a custom init script
mongo:- MongoDB 8
- Replica set:
rs0 - Auth enabled
- Host bind:
127.0.0.1:${MONGO_RS_PORT}:27017
cloudflared:- Runs your Cloudflare Tunnel token
- Reaches Mongo over internal Docker network
- Docker + Docker Compose plugin
- Cloudflare Tunnel already created
- Cloudflare route for
mongo-db.eodeluga.comset to:tcp://mongo:27017
Create .env (already gitignored) with:
CLOUDFLARE_TOKEN=<your-cloudflare-tunnel-token>
MONGO_RS_HOST=mongo
MONGO_RS_PORT=27019
MONGO_INITDB_ROOT_USERNAME=admin
MONGO_INITDB_ROOT_PASSWORD=<strong-password>docker compose up -dCheck status:
docker compose ps
docker logs --tail 100 mongo_dbMongo is exposed locally on 127.0.0.1:${MONGO_RS_PORT}.
Mongo Compass URI:
mongodb://<username>:<password>@127.0.0.1:27019/?authSource=admin&directConnection=true
Replace 27019 if you changed MONGO_RS_PORT.
On your client machine, start a local forwarder:
cloudflared access tcp --hostname <your-cloudflare-tunnel-host> --url 127.0.0.1:37017
Then connect Compass to:
mongodb://<username>:<password>@127.0.0.1:37017/?authSource=admin&directConnection=true
MONGO_RS_PORTis the host-published port only.- Mongo inside Docker still listens on
27017. - If you change
.env, recreate containers:
docker compose up -d --force-recreate mongo cloudflared