Good day!
I have a task to delimit user access to databases
for example, that user_1 would have access only to the database of "oranges" and user_2 only to the database of "watermelons"
I try to do this through pg_hba.conf, but I can still connect to the watermelon database through user_1
MY pg_hba.conf
# PostgreSQL Client Authentication Configuration File
# ===================================================
#
# Refer to the "Client Authentication" section in the PostgreSQL
# documentation for a complete description of this file. A short
# synopsis follows.
#
# This file controls: which hosts are allowed to connect, how clients
# are
#...
# TYPE DATABASE USER ADDRESS METHOD
# "local" is for Unix domain socket connections only
# local all all trust
# IPv4 local connections:
# host all all 127.0.0.1/32 trust
# IPv6 local connections:
# host all all ::1/128 trust
# Allow replication connections from localhost, by a user with the
# replication privilege.
# local replication all trust
# host replication all 127.0.0.1/32 trust
# host replication all ::1/128 trust
# host all all all scram-sha-256
host oranges user_1 password
host watermelons user_2 password
MY DOCKERFILE
FROM postgres:14.1
RUN rm -f /var/lib/postgresql/data/pg_hba.conf
COPY ./pg_hba.conf /var/lib/postgresql/data/pg_hba.conf
ADD ./init.sql /docker-entrypoint-initdb.d/
ENTRYPOINT ["docker-entrypoint.sh"]
CMD ["postgres"]
MY DOCKER-COMPOSE
version: "3.9"
services:
#DATABASE_SERVER
postgres:
build: ./databases/postgres
hostname: postgres
environment:
POSTGRES_PASSWORD: root
PGDATA: /var/lib/postgresql/data
ports:
- 5432:5432
What am I doing wrong? I will be grateful for any comment!
Related
So I have my strapi server, which should connect to the Docker container running my Postgres DB, but I get this error when I try to start the development server for the strapi component of my application.
no pg_hba.conf entry for host "127.0.0.1", user "admin", database "store", no encryption
error: no pg_hba.conf entry for host "127.0.0.1", user "admin", database "store", no encryption
This is what is within my pg_hba.conf file on my local
# "local" is for Unix domain socket connections only
local all all scram-sha-256
# IPv4 local connections:
host all all 127.0.0.1/32 scram-sha-256
# IPv6 local connections:
host all all ::1/128 scram-sha-256
# Allow replication connections from localhost, by a user with the
# replication privilege.
local replication all scram-sha-256
host replication all 127.0.0.1/32 scram-sha-256
host replication all ::1/128 scram-sha-256
I also have a docker-compose.yml file which creates the postgres database, so I can connect the strapi server to it.
version: '3'
services:
database:
image: 'postgres'
container_name: nndesign
build:
context: .
target: nndesign
environment:
POSTGRES_USER: admin
POSTGRES_PASSWORD: nuzhat
POSTGRES_DB: store
expose:
- 5432
ports:
- 5432:5432
volumes:
- ./scripts/postgres-data:/var/lib/postgresql/data
- ./scripts/admin_users.sql:/docker-entrypoint-initdb.d/admin_users.sql
This is what I have as environment variables so the strapi server can connect to the postgres db running in the docker container
export default ({ env }) => ({
connection: {
client: 'postgres',
connection: {
host: env('DATABASE_HOST', 'localhost'),
port: env.int('DATABASE_PORT', 5432),
database: env('DATABASE_NAME', 'store'),
user: env('DATABASE_USERNAME', 'admin'),
password: env('DATABASE_PASSWORD', 'nuzhat'),
ssl: env.bool('DATABASE_SSL', false),
},
},
});
I'm a bit confused on how to revolve this error. Been trying to Google and also use ChatGPT to find a solution, but to no avail.
Any help would be greatly appreciated.
Thank you.
I am trying to set up postgres docker instances with a replication function
I have working on building this based on this tutorial:
https://medium.com/swlh/postgresql-replication-with-docker-c6a904becf77
And I came across a repo build on this :
https://github.com/mekeerati/docker-compose-example/tree/main/postgresql-read-replica
The only thing I have changed
Since I have a port running on 5432, have changed the port to the following values
--> 127.0.0.1/32 to 127.0.0.1/33 (I am not sure if this was necessary)
and also the docker-compose.yml values
When I run the application I am expecting to replicate but it does not work.
It seems like everything is works fine, what should I do to provide replication properly
pg_hba.conf
# TYPE DATABASE USER ADDRESS METHOD
# "local" is for Unix domain socket connections only
local all all trust
# IPv4 local connections:
host all all 127.0.0.1/33 trust
# IPv6 local connections:
host all all ::1/128 trust
# Allow replication connections from localhost, by a user with the
# replication privilege.
local replication all trust
host replication all 127.0.0.1/33 trust
host replication all ::1/128 trust
host replication replicator 0.0.0.0/0 trust
host all all all scram-sha-256
docker-compose.yml
version: '3'
services:
# To start replica mode please use `docker-init.sh`
postgres_master:
container_name: postgres_master
image: postgres:14.5
restart: always
volumes:
- ./data:/var/lib/postgresql/data
- ./data-slave:/var/lib/postgresql/data-slave
- ./init-script/config/postgres.conf:/etc/postgresql/postgresql.conf
- ./init-script/config/pg_hba.conf:/etc/postgresql/pg_hba.conf
- ./init-script:/etc/postgresql/init-script
ports:
- "127.0.0.1:5433:5433"
environment:
- POSTGRES_USER=postgresql
- POSTGRES_PASSWORD=postgresql
postgres_slave:
container_name: postgres_slave
image: postgres:14.5
restart: always
volumes:
- ./data-slave:/var/lib/postgresql/data
- ./config/postgres.conf:/etc/postgresql/postgresql.conf
- ./config/pg_hba.conf:/etc/postgresql/pg_hba.conf
ports:
- "127.0.0.1:5434:5433"
environment:
- POSTGRES_USER=postgresql
- POSTGRES_PASSWORD=postgresql
I'm using docker to turn my app.
When I was using the image 'postgres:10-alpine', I didn't have any problem but after I upgraded to 'postgres:14-alpine', I can still access to the database directly in the postgres container but when I try to access with phppgadmin thorugh "http://localhost:9080" , I have the login page but the user + password don't works (but in postgres 10, no problem).
Do you have any idea how to fix it ?
my docker-compose.yml:
# Postgres BDD
postgres:
container_name: postgres
image: postgres:14-alpine
env_file:
- .env
restart : always
ports:
- "5432:5432"
environment:
POSTGRES_DB: ${DATABASE_NAME}
POSTGRES_USER: ${DATABASE_USER}
POSTGRES_PASSWORD: ${DATABASE_PASS}
volumes:
- postgres_starter_db:/var/lib/postgresql/data
- ./docker/database_utils:/home/db
# Postgres visualization tool
phppgadmin:
image: dockage/phppgadmin:latest
container_name: phppgadmin
env_file:
- .env
links:
- postgres:postgres
ports:
- "9080:80"
environment:
- PHP_PG_ADMIN_SERVER_DESC=PostgreSQL
- PHP_PG_ADMIN_SERVER_HOST=${DATABASE_HOST}
- PHP_PG_ADMIN_SERVER_PORT=${DATABASE_PORT}
the pg_hba.conf in postgres container
# TYPE DATABASE USER ADDRESS METHOD
# "local" is for Unix domain socket connections only
local all all trust
# IPv4 local connections:
host all all 127.0.0.1/32 trust
# IPv6 local connections:
host all all ::1/128 trust
# Allow replication connections from localhost, by a user with the
# replication privilege.
local replication all trust
host replication all 127.0.0.1/32 trust
host replication all ::1/128 trust
host all all all scram-sha-256
When I try to start a container like this:
db:
container_name: database-pg
image: postgres
ports:
- 127.0.0.1:5432:5432
restart: always
logging:
<<: *logging_default
volumes:
- datavolume:/var/lib/postgresql/data
- ./backend/db/migrations/0001-init.up.sql:/docker-entrypoint-initdb.d/0001-init.up.sql
- ./envs/ropsten/seed.sql:/docker-entrypoint-initdb.d/0002-seed.sql
environment:
- POSTGRES_PASSWORD=postgres
- POSTGRES_USER=postgres
- POSTGRES_HOST_AUTH_METHOD=trust
I see this:
2021-01-09 12:00:48.362 UTC [89] FATAL: password authentication failed for user "postgres"
2021-01-09 12:00:48.362 UTC [89] DETAIL: Password does not match for user "postgres".
Connection matched pg_hba.conf line 99: "host all all all md5"
2021-01-09 12:01:47.477 UTC [91] FATAL: password authentication failed for user "postgres"
2021-01-09 12:01:47.477 UTC [91] DETAIL: Password does not match for user "postgres".
Connection matched pg_hba.conf line 99: "host all all all md5"
2021-01-09 12:01:47.909 UTC [92] FATAL: password authentication failed for user "postgres"
2021-01-09 12:01:47.909 UTC [92] DETAIL: Password does not match for user "postgres".
Connection matched pg_hba.conf line 99: "host all all all md5"
2021-01-09 12:01:47.988 UTC [93] FATAL: password authentication failed for user "postgres"
2021-01-09 12:01:47.988 UTC [93] DETAIL: Password does not match for user "postgres".
Connection matched pg_hba.conf line 99: "host all all all md5"
2021-01-09 12:01:48.540 UTC [94] FATAL: password authentication failed for user "postgres"
2021-01-09 12:01:48.540 UTC [94] DETAIL: Password does not match for user "postgres".
Connection matched pg_hba.conf line 99: "host all all all md5"
2021-01-09 12:01:48.627 UTC [95] FATAL: password authentication failed for user "postgres"
2021-01-09 12:01:48.627 UTC [95] DETAIL: Password does not match for user "postgres".
Connection matched pg_hba.conf line 99: "host all all all md5"
I cannot understand why this is happening. Why does postgres show this error at all, what else should the password be at startup.
I've tried to run postgres using your configuration (I've just removed the logging and volumes section) and everything was fine.
It seems to me that you put the POSTGRES_HOST_AUTH_METHOD=trust config after initializing the database. There is a note in the official docker image readme:
This optional variable can be used to control the auth-method for host connections for all databases, all users, and all addresses. If unspecified then md5 password authentication is used. On an uninitialized database, this will populate pg_hba.conf via this approximate line:
echo "host all all all $POSTGRES_HOST_AUTH_METHOD" >> pg_hba.conf
So, to fix your problem you should either delete your data and recreate the database or mount your own updated pg_hba.conf file:
version: '3'
services:
db:
container_name: database-pg
image: postgres
ports:
- 127.0.0.1:5433:5432
restart: always
environment:
- POSTGRES_PASSWORD=postgres
- POSTGRES_USER=postgres
- POSTGRES_HOST_AUTH_METHOD=trust
command: postgres -c 'hba_file=/var/lib/postgresql/pg_hba.conf'
volumes:
- datavolume:/var/lib/postgresql/data
- ./backend/db/migrations/0001-init.up.sql:/docker-entrypoint-initdb.d/0001-init.up.sql
- ./envs/ropsten/seed.sql:/docker-entrypoint-initdb.d/0002-seed.sql
- ./hba.conf:/var/lib/postgresql/pg_hba.conf
where hba.conf:
# "local" is for Unix domain socket connections only
local all all trust
# IPv4 local connections:
host all all 127.0.0.1/32 trust
# IPv6 local connections:
host all all ::1/128 trust
# Allow replication connections from localhost, by a user with the
# replication privilege.
local replication all trust
host replication all 127.0.0.1/32 trust
host replication all ::1/128 trust
# warning trust is enabled for all connections
# see https://www.postgresql.org/docs/12/auth-trust.html
host all all all trust
I am trying to set up a postgres server on Windows Server 2012 R2 machine. My server machine ip is 192.168.1.3 and i am trying to hit the server from Client machine 192.168.1.4 I always get connection time out and is the server up and running but i did changes to the postgres configuration files but in Vain.Please help me
I did the following steps:
Changed my Postgresql.config like the below
# - Connection Settings -
listen_addresses = '*' # what IP address(es) to listen on;
# comma-separated list of addresses;
# defaults to 'localhost'; use '*' for all
# (change requires restart)
port = 5432 # (change requires restart)
And pg_hba.config file as
# IPv4 local connections:
host all all 0.0.0.0/0 md5
host all all 192.168.1.5/32 trust
# IPv6 local connections:
host all all ::1/128 md5
# Allow replication connections from localhost, by a user with the replication privilege.
#host replication postgres 127.0.0.1/32 md5
#host replication postgres ::1/128 md5
host all all 192.168.1.4/32 trust