Saturday, November 23, 2019

setting up postgresql in manjaro linux


This article covers
1. installing postgresql
2. Creating database
3. Create user
4. Configure for remote connections
5. Dbeaver private key issue.

Install Postgresql


source : https://manjaro.site/how-to-install-postgresql-server-on-manjaro-18-0/

sudo pacman -Sy postgresql

sudo su postgres -l
initdb --locale $LANG -E UTF8 -D '/var/lib/postgres/data/'
exit



sudo systemctl start postgresql
sudo systemctl enable postgresql
sudo systemctl status postgresql


source : https://wiki.archlinux.org/index.php/PostgreSQL



Create Database



Create your first database/user



Tip: If you create a PostgreSQL user with the same name as your Linux username, it allows you to access the PostgreSQL database shell without having to specify a user to login (which makes it quite convenient).



Become the postgres user. Add a new database user using the createuser command:







CREATE USER










[postgres]$ createuser --interactive




Create a new database over which the above user has read/write privileges using the createdb command (execute this command from your login shell if the database user has the same name as your Linux user, otherwise add -O database-username to the following command):


$ createdb myDatabaseName





Remote Connectivity


Also make sure we can connect from remote hosts


[rprajapa@hpmanjaro ~]$ psql
psql (11.5)
Type "help" for help.

rprajapa=# show config_file;
              config_file               
----------------------------------------
 /var/lib/postgres/data/postgresql.conf
(1 row)

rprajapa=# show hba_file;
              hba_file              
------------------------------------
 /var/lib/postgres/data/pg_hba.conf
(1 row)










Optional configuration



The PostgreSQL database server configuration file is postgresql.conf. This file is located in the data directory of the server, typically /var/lib/postgres/data. This folder also houses the other main configuration files, including the pg_hba.conf which defines authentication settings, for both local users and other hosts ones.



Note: By default, this folder will not be browsable or searchable by a regular user. This is why find and locate are not finding the configuration files.



Restricts access rights to the database superuser by default



The defaults pg_hba.conf allow any local user to connect as any database user, including the database superuser. This is likely not what you want, so in order to restrict global access to the postgres user, change the following line:


/var/lib/postgres/data/pg_hba.conf


# TYPE  DATABASE        USER            ADDRESS                 METHOD

# "local" is for Unix domain socket connections only
local   all             all                                     trust



To:


/var/lib/postgres/data/pg_hba.conf


# TYPE  DATABASE        USER            ADDRESS                 METHOD

# "local" is for Unix domain socket connections only
local   all             postgres                                peer



You might later add additional lines depending on your needs or software ones.



Configure PostgreSQL to be accessible exclusively through UNIX Sockets



In the connections and authentications section of your configuration, set:


/var/lib/postgres/data/postgresql.conf


listen_addresses = ''



This will disable network listening completely. After this you should restart postgresql.service for the changes to take effect.



Configure PostgreSQL to be accessible from remote hosts



In the connections and authentications section, set the listen_addresses line to your needs:


/var/lib/postgres/data/postgresql.conf


listen_addresses = 'localhost,my_local_ip_address'



You can use '*' to listen on all available addresses.



Note: PostgreSQL uses TCP port 5432 by default for remote connections. Make sure this port is open in your firewall and able to receive incoming connections. You can also change it in the configuration file, right below listen_addresses



Then add a line like the following to the authentication config:


/var/lib/postgres/data/pg_hba.conf


# TYPE  DATABASE        USER            ADDRESS                 METHOD
# IPv4 local connections:
host    all             all             ip_address/32   md5



where ip_address is the IP address of the remote client.



See the documentation for pg_hba.conf.



Note: Neither sending your plain password nor the md5 hash (used in the example above) over the Internet is secure if it is not done over an SSL-secured connection. See Secure TCP/IP Connections with SSL for how to configure PostgreSQL with SSL.



After this you should restart postgresql.service for the changes to take effect.



For troubleshooting take a look in the server log file:


$ journalctl -u postgresql.service




Another reference: https://superuser.com/questions/800201/postgresql-connection-refused






Now install DBeaver or pgadmin4 (a GUI to postgresql)




set a password for user using command 


alter role rprajapa with password 'xxxxzzzzz';




To test connection from a remote machine using cli


psql -h 10.2.2.11 -U rprajapa -d rprajapa







DBEAVER Private key issue


IF DBeaver cannot connect to DB with public key and when you add the private key it gives error INVALID PRIVATE KEY :[


run the command to change the format of the key


ssh-keygen -p -m PEM -f /path/to/openssh/key will re-write the private key in the correct format.  (source : https://github.com/rundeck/rundeck/issues/4813#issuecomment-492358649)
















Posted by



at






































No comments:















Post a Comment
























        

      









Subscribe to:
Post Comments (Atom)

















Followers
























About Me











Torrance, CA, United States