feat: adjust postgres setup

2022-05-25 13:25:51 +02:00 · 2022-05-25 13:25:51 +02:00 · a7155fa489
parent bacd7d82a1
commit a7155fa489
11 changed files with 135 additions and 25 deletions
--- a/devices/cloud-server.md
+++ b/devices/cloud-server.md
@ -4,3 +4,6 @@
 * [SSH Public Key Authentication](../doc/ssh-pub-key-auth.md)
 * [Docker](../doc/docker.md)
 * [Static-gtfs-manager](../doc/static-gtfs-manager.md)
+* [Install Postgres](../doc/postgres.md)
+* [Create Database with Postgres](../doc/postgres-create-db.md)
+* [Create User with Postgres](../doc/postgres-create-user.md)
--- a/devices/ltpt490.md
+++ b/devices/ltpt490.md
@ -7,3 +7,4 @@
 * [Debian Configuration](../doc/debian-config.md)
 * [Debian Keyboard Layout](../doc/debian-keyboard-layout.md)
 * [Debian Lid Switch Configuration](../doc/debian-lid-switch-config.md)
+* [Python for Debian 11](../doc/debian11python.md)
--- a/doc/debian11python.md
+++ b/doc/debian11python.md
@ -0,0 +1,23 @@
+# Setup Python on Debian 11
+
+* update apt repository cache
+```
+sudo apt update
+```
+
+* check available Python version
+```
+python3 -V
+python -V
+```
+
+* install Python on Python 3 link
+```
+sudo apt install python-is-python3 --no-install-recommends
+```
+
+* validate version
+```
+python3 -V
+python -v
+```
--- a/doc/debian11python.md.license
+++ b/doc/debian11python.md.license
@ -0,0 +1,5 @@
+/*
+ * SPDX-FileCopyrightText: 2022 Software Ingenieur Begerad <swingbe.de>
+ *
+ * SPDX-License-Identifier: CC0-1.0
+ */
--- a/doc/postgres-connect.md
+++ b/doc/postgres-connect.md
@ -0,0 +1,28 @@
+# Connect to Postgres Database Using Psql
+
+* configure Postgres like [this](./postgres.md)
+
+* create a database like [this](./postgres-create-db.md)
+
+* create a use like [this](./postgres-create-user.md)
+
+* when needed connect to Postgres as admin user locally
+```
+sudo -u postgres psql postgres -W
+```
+
+* when needed connect to the database <database name>
+as user <user name> locally
+```
+psql -U <user name> -d <database name> -W
+
+```
+
+* when needed connect to the database <database name>
+as user <user name> to a remote Postgres instance at host
+<host name> and port <port number>\
+NOTE: Configure Postgres for remote connections like
+[this](./postgres.md)
+```
+psql -h <host name> -p <port number> -U <user name> -d <database name> -W
+```
--- a/doc/postgres-connect.md.license
+++ b/doc/postgres-connect.md.license
@ -0,0 +1,5 @@
+/*
+ * SPDX-FileCopyrightText: 2022 Software Ingenieur Begerad <swingbe.de>
+ *
+ * SPDX-License-Identifier: CC0-1.0
+ */
--- a/doc/postgres-create-db.md
+++ b/doc/postgres-create-db.md
@ -0,0 +1,9 @@
+# Create Database with Postgres
+
+* configure Postgres like [this](./postgres.md)
+
+* create a new database
+```
+sudo -u postgres psql -W
+CREATE DATABASE <database name>;
+```
--- a/doc/postgres-create-db.md.license
+++ b/doc/postgres-create-db.md.license
@ -0,0 +1,5 @@
+/*
+ * SPDX-FileCopyrightText: 2022 Software Ingenieur Begerad <swingbe.de>
+ *
+ * SPDX-License-Identifier: CC0-1.0
+ */
--- a/doc/postgres-create-user.md
+++ b/doc/postgres-create-user.md
@ -0,0 +1,34 @@
+# Create User with Postgres
+
+* configure Postgres like [this](./postgres.md)
+
+* create a database like [this](./postgres-create-db.md)
+
+* create a database user called <user name> with password <key>
+```
+sudo -u postgres psql -W
+CREATE USER <user name> with encrypted password <key>;
+grant all privileges on database <database name> to <user name>;
+```
+
+* edit the pg_hba.conf file\
+NOTE: Insert the postgresql database version that is running on the respective host
+```
+sudo cp /etc/postgresql/<psql version>/main/pg_hba.conf /etc/postgresql/<psgl version>/main/pg_hba.conf-backup
+sudo vi /etc/postgresql/<psql version>/main/pg_hba.conf
+```
+
+* in order to be able to run applications like e.g. Spring Boot with a local PostgreSQL installation, change the authentication method for the Unix domain socket and local connections to trust like this
+```
+# "local" is for Unix domain socket connections only
+local   all             all                                     trust
+# IPv4 local connections:
+host    all             all             127.0.0.1/32            trust
+```
+
+* restart PostgreSQL to enable the changes
+```
+systemctl status postgresql
+sudo systemctl restart postgresql
+systemctl status postgresql
+```
--- a/doc/postgres-create-user.md.license
+++ b/doc/postgres-create-user.md.license
@ -0,0 +1,5 @@
+/*
+ * SPDX-FileCopyrightText: 2022 Software Ingenieur Begerad <swingbe.de>
+ *
+ * SPDX-License-Identifier: CC0-1.0
+ */
--- a/doc/postgres.md
+++ b/doc/postgres.md
@ -16,50 +16,44 @@ cat /etc/passwd|grep postgres
 cat /etc/group|grep postgres
 ```

-* set key for user postgres
+* set key for admin user postgres
 ```
 sudo -u postgres psql
 postgres=# \password postgres
 ```

-* create a new database with createdb command, which is going to be owned by user <user name>
+* create copy of config file ```pg_hba.conf file```\
+NOTE: Insert the postgresql version <psql version> that is running on the respective host
 ```
-sudo -u postgres psql
-CREATE DATABASE <database name>;
+cd /etc/postgresql/<psql version>/main/
+sudo cp pg_hba.conf pg_hba.conf-backup
 ```

-* create a new database user
+* switch authentication method from ```peer``` to ```md5``` for all local users connecting by Unix domain sockets by opening the following config file and adding the example configuration
 ```
-sudo -u postgres psql
-CREATE USER <user name> with encrypted password <key>;
-grant all privileges on database <database name> to <user name>;
+sudo vi pg_hba.conf
 ```

-* edit the pg_hba.conf file\
-NOTE: Insert the postgresql database version that is running on the respective host
-```
-sudo cp /etc/postgresql/<psql version>/main/pg_hba.conf /etc/postgresql/<psgl version>/main/pg_hba.conf-backup
-sudo vi /etc/postgresql/<psql version>/main/pg_hba.conf
-```
-
-* in order to be able to run applications like e.g. Spring Boot with a local PostgreSQL installation, change the authentication method for the Unix domain socket and local connections to trust like this
 ```
 # "local" is for Unix domain socket connections only
-local   all             all                                     trust
-# IPv4 local connections:
-host    all             all             127.0.0.1/32            trust
+#local   all             all                                     peer
+local   all             all                                     md5
 ```

 * restart PostgreSQL to enable the changes
 ```
+systemctl status postgresql
 sudo systemctl restart postgresql
 systemctl status postgresql
 ```

-* use the psql tool to connect to the database
-```
-psql -U <user name> -d <database name> -W
-```
+* when needed, create a database like [this](./postgres-create-db.md)
+
+* when needed, create a user like [this](./postgres-create-user.md)
+
+TODO: move the following description to dedicated setup files
+
+# Allow Remote Connections

 * configure ports and update firewall using the [firewall setup](firewall.md)
 ```
@ -68,8 +62,6 @@ sudo ufw enable
 sudo ufw status numbered
 ```

-# Allow Remote Connections
-
 * create config backup
 ```
 sudo cp /etc/postgresql/<version>/main/postgresql.conf /etc/postgresql/<version>/main/postgresql.conf-backup