/munetakaJupyterHub/Computer/PostgreSQL/archlinux/.ipynb

§2023-03-31

試作機器：　hc4MnGnome.yushei.net

Current setup,

$ lsblk -f
NAME        FSTYPE FSVER LABEL      UUID                                 FSAVAIL FSUSE% MOUNTPOINTS
mtdblock0                                                                               
mmcblk0                                                                                 
├─mmcblk0p1 vfat   FAT16 BOOT_MNJRO 4C5E-6080                             396.7M    13% /boot
├─mmcblk0p2 ext4   1.0   ROOT_MNJRO 88e5ebe4-184e-4a7a-b2cf-5a6c271c05d0   52.5G    10% /
├─mmcblk0p3 swap   1                53ac343d-9c77-4f01-a827-a0e31cf8b25e                [SWAP]
└─mmcblk0p4 xfs                     2f8598bf-b478-440a-93f6-e7b2c0994adb  159.8G     1% /opt

$ grep postgres /etc/passwd
postgres:x:965:965:PostgreSQL user:/var/lib/postgres:/bin/bash

modify /usr/lib/systemd/system/postgresql.service

original /usr/lib/systemd/system/postgresql.service

[Unit]
Description=PostgreSQL database server
After=network.target

[Service]
Type=notify
TimeoutSec=120
User=postgres
Group=postgres

Environment=PGROOT=/var/lib/postgres

SyslogIdentifier=postgres
PIDFile=/var/lib/postgres/data/postmaster.pid
RuntimeDirectory=postgresql
RuntimeDirectoryMode=755

ExecStartPre=/usr/bin/postgresql-check-db-dir ${PGROOT}/data
ExecStart=/usr/bin/postgres -D ${PGROOT}/data
ExecReload=/bin/kill -HUP ${MAINPID}
KillMode=mixed
KillSignal=SIGINT

# Due to PostgreSQL's use of shared memory, OOM killer is often overzealous in
# killing Postgres, so adjust it downward
OOMScoreAdjust=-200

# Additional security-related features
PrivateTmp=true
ProtectHome=true
ProtectSystem=full
NoNewPrivileges=true
ProtectControlGroups=true
ProtectKernelModules=true
ProtectKernelTunables=true
PrivateDevices=true
RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6
RestrictNamespaces=true
RestrictRealtime=true
SystemCallArchitectures=native

[Install]
WantedBy=multi-user.target

modify

$ sudo cp -v /usr/lib/systemd/system/postgresql.service  /usr/lib/systemd/system/postgresql.service.ori
$ sudo diff /usr/lib/systemd/system/postgresql.service.ori  /usr/lib/systemd/system/postgresql.service
11c11
< Environment=PGROOT=/var/lib/postgres
---
> Environment=PGROOT=/opt/postgres
14c14
< PIDFile=/var/lib/postgres/data/postmaster.pid
---
> PIDFile=/opt/postgres/data/postmaster.pid

Chage postgres home directory to /opt/postgres

$ sudo mkdir /opt/postgres
$ sudo mkdir /opt/postgres/data
$ sudo chown -R postgres:postgres /opt/postgres/
$ ls -l  /opt/postgres/
total 0
drwxr-xr-x 2 postgres postgres 6 Mar 31 09:47 data
$ ls -l  /opt/
total 0
drwxr-xr-x 3 alexlai  alexlai  19 Mar 30 14:42 alexlai
drwxr-xr-x 3 postgres postgres 18 Mar 31 09:47 postgres

$ sudo usermod -d /opt/postgres postgres
$ grep postgres /etc/passwd
postgres:x:965:965:PostgreSQL user:/opt/postgres:/bin/bash

initdb

$ sudo -iu postgres
[postgres@hc4MnGnome ~]$ cd
[postgres@hc4MnGnome ~]$ pwd
/opt/postgres
[postgres@hc4MnGnome ~]$ ls -l
total 0
drwxr-xr-x 2 postgres postgres 6 Mar 31 09:47 data

[postgres@hc4MnGnome ~]$ initdb --locale=en_US.UTF-8 --encoding=UTF8 -D /opt/postgres/data --data-checksums
The files belonging to this database system will be owned by user "postgres".
This user must also own the server process.

The database cluster will be initialized with locale "en_US.UTF-8".
The default text search configuration will be set to "english".

Data page checksums are enabled.

fixing permissions on existing directory /opt/postgres/data ... ok
creating subdirectories ... ok
selecting dynamic shared memory implementation ... posix
selecting default max_connections ... 100
selecting default shared_buffers ... 128MB
selecting default time zone ... Asia/Taipei
creating configuration files ... ok
running bootstrap script ... ok
performing post-bootstrap initialization ... ok
syncing data to disk ... ok

initdb: warning: enabling "trust" authentication for local connections
initdb: hint: You can change this by editing pg_hba.conf or using the option -A, or --auth-local and --auth-host, the next time you run initdb.

Success. You can now start the database server using:

    pg_ctl -D /opt/postgres/data -l logfile start

[postgres@hc4MnGnome ~]$ exit
logout
[alexlai@hc4MnGnome ~]$ whoami
alexlai

systemctl start postgresql


[alexlai@hc4MnGnome ~]$ sudo systemctl daemon-reload
[alexlai@hc4MnGnome ~]$ sudo systemctl start postgresql.service 
[alexlai@hc4MnGnome ~]$ sudo systemctl status postgresql.service 
● postgresql.service - PostgreSQL database server
     Loaded: loaded (/usr/lib/systemd/system/postgresql.service; disabled; preset: disabled)
     Active: active (running) since Fri 2023-03-31 09:55:02 CST; 7s ago
    Process: 8448 ExecStartPre=/usr/bin/postgresql-check-db-dir ${PGROOT}/data (code=exited, status=0/SUCCESS)
   Main PID: 8450 (postgres)
      Tasks: 6 (limit: 4077)
     Memory: 17.0M
        CPU: 292ms
     CGroup: /system.slice/postgresql.service
             ├─8450 /usr/bin/postgres -D /opt/postgres/data
             ├─8451 "postgres: checkpointer "
             ├─8452 "postgres: background writer "
             ├─8454 "postgres: walwriter "
             ├─8455 "postgres: autovacuum launcher "
             └─8456 "postgres: logical replication launcher "

Mar 31 09:55:01 hc4MnGnome systemd[1]: Starting PostgreSQL database server...
Mar 31 09:55:02 hc4MnGnome postgres[8450]: 2023-03-31 09:55:02.232 CST [8450] LOG:  starting PostgreSQL 15.2 on aarch64-unknown-linux-gnu, compiled by gcc (GCC) 12.1.0, 64-bit
Mar 31 09:55:02 hc4MnGnome postgres[8450]: 2023-03-31 09:55:02.235 CST [8450] LOG:  listening on IPv4 address "127.0.0.1", port 5432
Mar 31 09:55:02 hc4MnGnome postgres[8450]: 2023-03-31 09:55:02.237 CST [8450] LOG:  listening on Unix socket "/run/postgresql/.s.PGSQL.5432"
Mar 31 09:55:02 hc4MnGnome postgres[8453]: 2023-03-31 09:55:02.245 CST [8453] LOG:  database system was shut down at 2023-03-31 09:52:53 CST
Mar 31 09:55:02 hc4MnGnome postgres[8450]: 2023-03-31 09:55:02.258 CST [8450] LOG:  database system is ready to accept connections
Mar 31 09:55:02 hc4MnGnome systemd[1]: Started PostgreSQL database server.

Create alexlai as first database/user

[alexlai@hc4MnGnome ~]$ sudo -iu postgres
[postgres@hc4MnGnome ~]$ cd
[postgres@hc4MnGnome ~]$ pwd
/opt/postgres
[postgres@hc4MnGnome ~]$ createuser --interactive
Enter name of role to add: alexlai
Shall the new role be a superuser? (y/n) n
Shall the new role be allowed to create databases? (y/n) y
Shall the new role be allowed to create more new roles? (y/n) y

[postgres@hc4MnGnome ~]$ psql
psql (15.2)
Type "help" for help.

postgres=# \du
                                   List of roles
 Role name |                         Attributes                         | Member of 
-----------+------------------------------------------------------------+-----------
 alexlai   | Create role, Create DB                                     | {}
 postgres  | Superuser, Create role, Create DB, Replication, Bypass RLS | {}

postgres=# \l
                                                 List of databases
   Name    |  Owner   | Encoding |   Collate   |    Ctype    | ICU Locale | Locale Provider |   Access privileges   
-----------+----------+----------+-------------+-------------+------------+-----------------+-----------------------
 postgres  | postgres | UTF8     | en_US.UTF-8 | en_US.UTF-8 |            | libc            | 
 template0 | postgres | UTF8     | en_US.UTF-8 | en_US.UTF-8 |            | libc            | =c/postgres          +
           |          |          |             |             |            |                 | postgres=CTc/postgres
 template1 | postgres | UTF8     | en_US.UTF-8 | en_US.UTF-8 |            | libc            | =c/postgres          +
           |          |          |             |             |            |                 | postgres=CTc/postgres
(3 rows)
o
postgres=# ALTER USER alexlai WITH PASSWORD 'alex1nnn';
ALTER ROLE
postgres=# SET ROLE alexlai;
SET
postgres=> CREATE DATABASE alexlai;
CREATE DATABASE
postgres=> \l
                                                 List of databases
   Name    |  Owner   | Encoding |   Collate   |    Ctype    | ICU Locale | Locale Provider |   Access privileges   
-----------+----------+----------+-------------+-------------+------------+-----------------+-----------------------
 alexlai   | alexlai  | UTF8     | en_US.UTF-8 | en_US.UTF-8 |            | libc            | 
 postgres  | postgres | UTF8     | en_US.UTF-8 | en_US.UTF-8 |            | libc            | 
 template0 | postgres | UTF8     | en_US.UTF-8 | en_US.UTF-8 |            | libc            | =c/postgres          +
           |          |          |             |             |            |                 | postgres=CTc/postgres
 template1 | postgres | UTF8     | en_US.UTF-8 | en_US.UTF-8 |            | libc            | =c/postgres          +
           |          |          |             |             |            |                 | postgres=CTc/postgres
(4 rows)

postgres=# \q

Try to use alexlai

postgres=# \q
[postgres@hc4MnGnome ~]$ exit
logout
[alexlai@hc4MnGnome ~]$ psql -U alexlai
psql (15.2)
Type "help" for help.

alexlai=> \l
                                                 List of databases
   Name    |  Owner   | Encoding |   Collate   |    Ctype    | ICU Locale | Locale Provider |   Access privileges   
-----------+----------+----------+-------------+-------------+------------+-----------------+-----------------------
 alexlai   | alexlai  | UTF8     | en_US.UTF-8 | en_US.UTF-8 |            | libc            | 
 postgres  | postgres | UTF8     | en_US.UTF-8 | en_US.UTF-8 |            | libc            | 
 template0 | postgres | UTF8     | en_US.UTF-8 | en_US.UTF-8 |            | libc            | =c/postgres          +
           |          |          |             |             |            |                 | postgres=CTc/postgres
 template1 | postgres | UTF8     | en_US.UTF-8 | en_US.UTF-8 |            | libc            | =c/postgres          +
           |          |          |             |             |            |                 | postgres=CTc/postgres
(4 rows)

alexlai=> \q