Skip to main content

Overview

The Money monorepo uses MongoDB as its primary database for the Secure and CashGap applications. This guide covers setting up MongoDB for development and production environments.

Database Requirements

MongoDB Version

MongoDB 4.4 or higher

Connection Method

MongoDB URI connection string

ORM/ODM

Mongoose for schema and queries

Authentication

Username/password authentication

Applications Using MongoDB

Secure App

Stores:
  • User accounts and profiles
  • Authentication sessions
  • Password vault entries
  • Encryption keys and metadata
  • OAuth account links
  • Email verification tokens

CashGap App

Stores:
  • User accounts and profiles
  • Transaction records
  • Financial data
  • Authentication sessions
  • User preferences
The Secure app stores sensitive encrypted data. Ensure your database has appropriate security measures, backups, and access controls.

Development Setup

Option 1: Local MongoDB

1

Install MongoDB

Choose your installation method:
brew tap mongodb/brew
brew install mongodb-community
brew services start mongodb-community
2

Verify installation

Check that MongoDB is running:
# Connect to MongoDB
mongosh

# Or check the process
ps aux | grep mongod
3

Configure connection string

Add to your .env file:
MONGODB_URI=mongodb://localhost:27017/money-dev
For separate databases per app:
# In apps/secure/.env
MONGODB_URI=mongodb://localhost:27017/secure-dev

# In apps/cashgap/.env
MONGODB_URI=mongodb://localhost:27017/cashgap-dev
4

Test connection

Start your app and verify database connectivity:
pnpm dev --filter=secure
Check logs for successful database connection.

Option 2: MongoDB Atlas (Cloud)

Recommended for teams and production-like development environments.
1

Create MongoDB Atlas account

Sign up at MongoDB Atlas
2

Create a cluster

  1. Click “Build a Database”
  2. Choose “Shared” (free tier)
  3. Select your cloud provider and region
  4. Name your cluster
  5. Click “Create Cluster”
3

Configure database access

  1. Go to “Database Access”
  2. Click “Add New Database User”
  3. Create username and strong password
  4. Grant “Read and write to any database” permission
  5. Click “Add User”
4

Configure network access

  1. Go to “Network Access”
  2. Click “Add IP Address”
  3. For development: Click “Allow Access from Anywhere” (0.0.0.0/0)
  4. For production: Add specific IP addresses
  5. Click “Confirm”
5

Get connection string

  1. Click “Connect” on your cluster
  2. Choose “Connect your application”
  3. Copy the connection string
  4. Replace <password> with your database password
  5. Replace <database> with your database name (e.g., money-dev)
6

Add to environment variables

MONGODB_URI=mongodb+srv://username:[email protected]/money-dev?retryWrites=true&w=majority

Production Setup

1

Create production cluster

Create a separate cluster for production:
  • Use a dedicated cluster (M10+) for better performance
  • Choose a region close to your deployment
  • Enable backups (automatic on paid tiers)
  • Consider multi-region deployment for high availability
2

Security configuration

  1. Database users: Create dedicated user for production with minimal required permissions
  2. Network access: Whitelist only your production server IPs
  3. Encryption: Enable encryption at rest (available on paid tiers)
  4. TLS/SSL: Always enabled by default on Atlas
3

Performance optimization

  1. Indexes: Create indexes on frequently queried fields
  2. Connection pooling: Configure appropriate pool size
  3. Read preference: Use appropriate read preference for your use case
  4. Monitoring: Enable MongoDB Atlas monitoring and alerts
4

Backup strategy

  1. Enable continuous backups (available on M10+)
  2. Configure backup retention policy
  3. Test restore procedures
  4. Consider point-in-time recovery
5

Configure connection string

Add to production environment variables:
MONGODB_URI=mongodb+srv://prod-user:[email protected]/money-prod?retryWrites=true&w=majority&maxPoolSize=10

Self-Hosted MongoDB

For self-hosted deployments:
1

Install MongoDB on server

Follow MongoDB installation guides for your OS/platform
2

Enable authentication

# Create admin user
mongosh
use admin
db.createUser({
  user: "admin",
  pwd: "strong-password",
  roles: [{ role: "userAdminAnyDatabase", db: "admin" }]
})
Enable authentication in mongod.conf:
security:
  authorization: enabled
3

Configure firewall

# Allow MongoDB port only from app servers
sudo ufw allow from <app-server-ip> to any port 27017
4

Enable TLS/SSL

Configure TLS in mongod.conf:
net:
  tls:
    mode: requireTLS
    certificateKeyFile: /path/to/mongodb.pem
5

Setup replication (recommended)

Configure a replica set for high availability:
mongosh
rs.initiate({
  _id: "rs0",
  members: [
    { _id: 0, host: "mongo1:27017" },
    { _id: 1, host: "mongo2:27017" },
    { _id: 2, host: "mongo3:27017" }
  ]
})

Database Schema

The applications use Mongoose for schema definition and queries:

Connection Management

Connections are managed per-app: 
// apps/secure/src/lib/db/connection.ts
import mongoose from 'mongoose';

const MONGODB_URI = process.env.MONGODB_URI;

if (!MONGODB_URI) {
  throw new Error('Please define MONGODB_URI environment variable');
}

export async function connectToDatabase() {
  if (mongoose.connection.readyState >= 1) {
    return;
  }

  return mongoose.connect(MONGODB_URI);
}

Mongoose Models

Models are defined in each app’s models directory:
  • User models
  • Session models
  • App-specific data models

Database Operations

Clearing Development Database

A utility script is available to clear development databases: 
# Clear all development data
pnpm tsx scripts/clear-databases.ts
This script is for development only and will delete all data. Never run in production!

Database Migrations

Currently, the project does not use formal migrations. Schema changes are handled by:
  1. Updating Mongoose models
  2. Deploying code changes
  3. Running manual migration scripts if needed
Consider adding a migration tool like:

Seeding Data

For development, you can seed test data: 
// Example seed script
import { connectToDatabase } from './lib/db';
import { User } from './models/User';

async function seed() {
  await connectToDatabase();
  
  await User.create({
    email: '[email protected]',
    name: 'Test User',
    // ... other fields
  });
  
  console.log('Seed completed');
}

seed();

Performance Optimization

Indexing

Create indexes on frequently queried fields: 
// In Mongoose model
const UserSchema = new Schema({
  email: { type: String, required: true, unique: true, index: true },
  createdAt: { type: Date, default: Date.now, index: true }
});

Connection Pooling

Configure connection pool size in URI: 
MONGODB_URI=mongodb+srv://...?maxPoolSize=10&minPoolSize=5

Query Optimization

  • Use lean() for read-only queries
  • Select only needed fields
  • Use pagination for large result sets
  • Avoid N+1 queries with populate()

Monitoring

MongoDB Atlas Monitoring

Atlas provides built-in monitoring:
  • Real-time metrics
  • Query performance insights
  • Index recommendations
  • Alerts for issues

Application-Level Monitoring

Log database operations: 
mongoose.set('debug', process.env.NODE_ENV === 'development');

Backup and Recovery

MongoDB Atlas Backups

  • Continuous backups on M10+ clusters
  • Point-in-time recovery
  • Automated snapshots
  • Download backup archives

Manual Backup

# Export database
mongodump --uri="mongodb://localhost:27017/money-dev" --out=./backup

# Restore database
mongorestore --uri="mongodb://localhost:27017/money-dev" ./backup

Backup Strategy Recommendations

  1. Automated daily backups
  2. Retain backups for 30 days minimum
  3. Test restore procedures monthly
  4. Store backups in separate location
  5. Encrypt backup files

Troubleshooting

Connection Refused

# Check if MongoDB is running
sudo systemctl status mongod

# Check logs
sudo journalctl -u mongod

# Verify port is open
sudo netstat -tlnp | grep 27017

Authentication Failed

  1. Verify username and password are correct
  2. Check user has permissions on target database
  3. Ensure authentication is enabled in MongoDB config
  4. Verify connection string format

Slow Queries

  1. Enable query profiling: 
    db.setProfilingLevel(2)
  2. Check for missing indexes
  3. Use explain() to analyze queries
  4. Review MongoDB Atlas Performance Advisor

Connection Pool Exhausted

  1. Increase maxPoolSize in connection string
  2. Check for connection leaks in code
  3. Ensure connections are properly closed
  4. Monitor connection usage

Security Best Practices

Always follow these security practices for production databases:
  1. Enable authentication: Never run without authentication
  2. Use strong passwords: Generate random passwords
  3. Restrict network access: Whitelist specific IPs only
  4. Enable TLS/SSL: Encrypt data in transit
  5. Encrypt at rest: Enable encryption for stored data
  6. Regular updates: Keep MongoDB updated
  7. Audit logs: Enable and monitor audit logs
  8. Least privilege: Grant minimum required permissions
  9. Separate environments: Use different databases for dev/staging/prod
  10. Regular backups: Maintain backup schedule

Next Steps

Environment Variables

Configure database connection strings

Deployment Overview

Deploy with database configuration

Running Locally

Start development with database

Setup Guide

Complete development setup

Build docs developers (and LLMs) love

Get started for freeTalk to us