From 8ed2160b18ff75a53e23b8f49ffa3faf762ce2f0 Mon Sep 17 00:00:00 2001 From: Kaimbacher Date: Thu, 30 Jun 2022 14:12:34 +0000 Subject: [PATCH] Update 'Install_PostgreSQL_14_and_PostGIS_3' --- Install_PostgreSQL_14_and_PostGIS_3.md | 41 ++++++++++++++++++++++++-- 1 file changed, 39 insertions(+), 2 deletions(-) diff --git a/Install_PostgreSQL_14_and_PostGIS_3.md b/Install_PostgreSQL_14_and_PostGIS_3.md index dfcba5d..c077504 100644 --- a/Install_PostgreSQL_14_and_PostGIS_3.md +++ b/Install_PostgreSQL_14_and_PostGIS_3.md @@ -1,4 +1,4 @@ -# Step 1: Install PostgreSQL 14 on Ubuntu 22.04 +## Step 1: Install PostgreSQL 14 on Ubuntu 22.04 ``` echo "deb http://apt.postgresql.org/pub/repos/apt/ `lsb_release -cs`-pgdg main" |sudo tee /etc/apt/sources.list.d/pgdg.list \ response: @@ -11,7 +11,44 @@ sudo apt install postgresql postgresql-contrib sudo apt install postgresql-14-postgis-3 postgresql-14-postgis-3-scripts ``` -# Step 2: Create Database +Viewing the server version\ +`/usr/lib/postgresql/12/bin/postgres -V` \ +response:\ +postgres (PostgreSQL) 14.4 (Ubuntu 14.4-1.pgdg22.04+1) + +## Step2: Configure CONNECTIONS AND AUTHENTICATION +### postgresql.conf + +Most global configuration settings are stored in postgresql.conf, which is created automatically when you install PostgreSQL. Open this file in your preferred text editor:\ +`sudo nano /etc/postgresql/14/main/postgresql.conf` + +By default, Postgres only listens on localhost. However, by editing the listen_addresses-section and replacing localhost with an IP, you can force Postgres to listen on another IP. Use '*' to listen on all IP addresses, restrict access via firewall.\ +`listen_addresses= '*'` + +### pg_hba.conf + +It’s now time to open the (in)famous pg_hba.conf configuration file, located at /etc/postgresql/10/main/pg_hba.conf: + +`sudo nano /etc/postgresql/10/main/pg_hba.conf` + +HBA stands for host-based authentication. Basically, this file is used to control how PostgreSQL users are authenticated.\ +`host all all 127.0.0.1/32 md5`\ +This line allows "all" users to login using TCP/IP ("host") from the localhost "127.0.0.1/32" to "all" databases, if they succeed in password authentication using the "md5" method. There are more password authentication methods (md5, scram-sha-256, gss, ldap, …) than we can cover, so let’s just get back to simpler examples. + +In most cases the access is restricted to localhost and the clients vlan e.g.: + +```ini +# existing entry, allows connections from localhost +host all all 127.0.0.1/32 md5 + +# new entry to allow connections from 192.168.101.1/24 subnet, +host all all 192.168.1.1/24 md5 + +# ip of your webserver +host all all 172.16.4.48/32 md5 +``` + +## Step 3: Create Database While in terminal, log in to the psql console as postgres user: `sudo su -l postgres`