PostgreSQL

PostgreSQL is an open source, community driven, standard compliant object-relational database system.

Installation

Install the postgresql package. It will also create a system user called postgres.

You can now switch to the postgres user using a privilege elevation program.

You can switch to the PostgreSQL user by executing the following command:

• If you have sudo and are in sudoers:

  $ sudo -iu postgres

• Otherwise using su:

  $ su
  # su -l postgres
  

See sudo(8) or su(1) for their usage.

Initial configuration

Before PostgreSQL can function correctly, the database cluster must be initialized:

[postgres]$ initdb -D /var/lib/postgres/data

Where -D is the default location where the database cluster must be stored (see #Change default data directory if you want to use a different one). initdb accepts a number of extra arguments:

• By default, the locale and the encoding for the database cluster are derived from your current environment (using $LANG value). If this is not what you want, you can override the defaults using --locale=locale (where locale is to be chosen amongst the system's available locales) and --encoding=encoding (which must match the chosen locale). (Once the database is up, you can check which values were used with [postgres]$ psql -l.)
• If your data directory resides on a file system without data checksumming, you may wish to enable PostgreSQL's built-in checksumming for increased integrity guarantees - add the --data-checksums argument to do so. Read #Enable data checksumming for more information. (Once the database is up, you can check if it is enabled with [postgres]$ psql -c "SHOW data_checksums".)
• For more options, see initdb --help and official documentation.

Example:

[postgres]$ initdb --locale=en_US.UTF-8 --encoding=UTF8 -D /var/lib/postgres/data --data-checksums

Many lines should now appear on the screen with several ending by ... ok:

The files belonging to this database system will be owned by user "postgres".
This user must also own the server process.

The database cluster will be initialized with locale "en_US.UTF-8".
The default database encoding has accordingly been set to "UTF8".
The default text search configuration will be set to "english".

Data page checksums are disabled.

fixing permissions on existing directory /var/lib/postgres/data ... ok
creating subdirectories ... ok
selecting default max_connections ... 100
selecting default shared_buffers ... 128MB
selecting dynamic shared memory implementation ... posix
creating configuration files ... ok
running bootstrap script ... ok
performing post-bootstrap initialization ... ok
syncing data to disk ... ok

WARNING: enabling "trust" authentication for local connections
You can change this by editing pg_hba.conf or using the option -A, or
--auth-local and --auth-host, the next time you run initdb.

Success. You can now start the database server using:

    pg_ctl -D /var/lib/postgres/data -l logfile start

If these are the kind of lines you see, then the process succeeded. Return to the regular user using exit.

Finally, start and enable the postgresql.service.

Create your first database/user

Become the postgres user. Add a new database role/user using the createuser command:

[postgres]$ createuser --interactive

Create a new database over which the above user has read/write privileges using the createdb command (execute this command from your login shell if the database user has the same name as your Linux user, otherwise add -O database-username to the following command):

$ createdb myDatabaseName

Familiarize with PostgreSQL

Access the database shell

Become the postgres user. Start the primary database shell, psql, where you can do all your creation of databases/tables, deletion, set permissions, and run raw SQL commands. Use the -d option to connect to the database you created (without specifying a database, psql will try to access a database that matches your username).

[postgres]$ psql -d myDatabaseName

Some helpful commands:

Get help:

=> \help

Connect to a particular database:

=> \c <database>

List all users and their permission levels:

=> \du

Show summary information about all tables in the current database:

=> \dt

Exit/quit the psql shell:

=> \q or CTRL+d

There are of course many more meta-commands, but these should help you get started. To see all meta-commands run:

=> \?

Optional configuration

The PostgreSQL database server configuration file is postgresql.conf. This file is located in the data directory of the server, typically /var/lib/postgres/data. This folder also houses the other main configuration files, including the pg_hba.conf which defines authentication settings, for both local users and other hosts ones.

Restricts access rights to the database superuser by default

The defaults pg_hba.conf allow any local user to connect as any database user, including the database superuser. This is likely not what you want, so in order to restrict global access to the postgres user, change the following line:

/var/lib/postgres/data/pg_hba.conf

# TYPE  DATABASE        USER            ADDRESS                 METHOD

# "local" is for Unix domain socket connections only
local   all             all                                     trust

To:

/var/lib/postgres/data/pg_hba.conf

# TYPE  DATABASE        USER            ADDRESS                 METHOD

# "local" is for Unix domain socket connections only
local   all             postgres                                peer

You might later add additional lines depending on your needs or software ones.

Require password for login

Edit /var/lib/postgres/data/pg_hba.conf and set the authentication method for each user (or "all" to affect all users) to scram-sha-256 (preferred), or md5 (less secure; should be avoided if possible):

/var/lib/postgres/data/pg_hba.conf

# TYPE  DATABASE        USER            ADDRESS                 METHOD                                                                                               
                                                                                                                                                                                                                                                              
# "local" is for Unix domain socket connections only                                                                                                                        
local   all             user                                    scram-sha-256

If you choose scram-sha-256, you must also edit /var/lib/postgres/data/postgresql.conf and set:

/var/lib/postgres/data/postgresql.conf

password_encryption = scram-sha-256

Restart postgresql.service, and then re-add each user's password using ALTER USER user WITH ENCRYPTED PASSWORD 'password';.

Configure PostgreSQL to be accessible exclusively through UNIX Sockets

In the connections and authentications section of your configuration, set:

/var/lib/postgres/data/postgresql.conf

listen_addresses = ''

This will disable network listening completely. After this you should restart postgresql.service for the changes to take effect.

Configure PostgreSQL to be accessible from remote hosts

In the connections and authentications section, set the listen_addresses line to your needs:

/var/lib/postgres/data/postgresql.conf

listen_addresses = 'localhost,my_local_ip_address'

You can use '*' to listen on all available addresses.

Then add a line like the following to the authentication config:

/var/lib/postgres/data/pg_hba.conf

# TYPE  DATABASE        USER            ADDRESS                 METHOD
# IPv4 local connections:
host    all             all             ip_address/32   md5

where ip_address is the IP address of the remote client.

See the documentation for pg_hba.conf.

After this you should restart postgresql.service for the changes to take effect.

For troubleshooting take a look in the server log file:

# journalctl -u postgresql.service

Configure PostgreSQL authenticate against PAM

PostgreSQL offers a number of authentication methods. If you would like to allow users to authenticate with their system password, additional steps are necessary. First you need to enable PAM for the connection.

For example, the same configuration as above, but with PAM enabled:

/var/lib/postgres/data/pg_hba.conf

# IPv4 local connections:
host   all   all   my_remote_client_ip_address/32   pam

The PostgreSQL server is however running without root privileges and will not be able to access /etc/shadow. We can work around that by allowing the postgres group to access this file:

# setfacl -m g:postgres:r /etc/shadow

Change default data directory

The default directory where all your newly created databases will be stored is /var/lib/postgres/data. To change this, follow these steps:

Create the new directory and make the postgres user its owner:

# mkdir -p /pathto/pgroot/data
# chown -R postgres:postgres /pathto/pgroot

Become the postgres user, and initialize the new cluster:

[postgres]$ initdb -D /pathto/pgroot/data

Edit postgresql.service to create a drop-in file and override the Environment and PIDFile settings. For example:

/etc/systemd/system/postgresql.service.d/PGROOT.conf

[Service]
Environment=PGROOT=/pathto/pgroot
PIDFile=/pathto/pgroot/data/postmaster.pid

If you want to use /home directory for default directory or for tablespaces, add one more line in this file:

ProtectHome=false

Change default encoding of new databases to UTF-8

When creating a new database (e.g. with createdb blog) PostgreSQL actually copies a template database. There are two predefined templates: template0 is vanilla, while template1 is meant as an on-site template changeable by the administrator and is used by default. In order to change the encoding of a new database, one of the options is to change on-site template1. To do this, log into PostgreSQL shell (psql) and execute the following:

First, we need to drop template1. Templates cannot be dropped, so we first modify it so it is an ordinary database:

UPDATE pg_database SET datistemplate = FALSE WHERE datname = 'template1';

Now we can drop it:

DROP DATABASE template1;

The next step is to create a new database from template0, with a new default encoding:

CREATE DATABASE template1 WITH TEMPLATE = template0 ENCODING = 'UNICODE';

Now modify template1 so it is actually a template:

UPDATE pg_database SET datistemplate = TRUE WHERE datname = 'template1';

Optionally, if you do not want anyone connecting to this template, set datallowconn to FALSE:

UPDATE pg_database SET datallowconn = FALSE WHERE datname = 'template1';

Now you can create a new database:

[postgres]$ createdb blog

If you log back in to psql and check the databases, you should see the proper encoding of your new database:

\l

                              List of databases
  Name    |  Owner   | Encoding  | Collation | Ctype |   Access privileges
-----------+----------+-----------+-----------+-------+----------------------
blog      | postgres | UTF8      | C         | C     |
postgres  | postgres | SQL_ASCII | C         | C     |
template0 | postgres | SQL_ASCII | C         | C     | =c/postgres
                                                     : postgres=CTc/postgres
template1 | postgres | UTF8      | C         | C     |

Enable data checksumming

If your database files reside on a file system without checksumming, its data is suspectible to silent data corruption due to bit rot and broken hardware. While those events are rare, you might want to enable PostgreSQL's built-in data checksumming if you care about data integrity. This feature must be enabled on the cluster level, not per-database or per-table.

• To enable checksumming during cluster creation, add the --data-checksums argument to initdb.
• To verify whenever checksumming is enabled, run [postgres]$ psql -c "SHOW data_checksums" (which should print off or on).
• To toggle checksumming on an existing cluster:

1. Stop postgresql.service.
2. Run [postgres]$ pg_checksums --pgdata /var/lib/postgres/data --enable (or --disable if you no longer want checksumming). Enabling checksums will rewrite all database pages, which will take a while for large database instances.
3. Start postgresql.service.

Graphical tools

• phpPgAdmin — Web-based administration tool for PostgreSQL.

https://github.com/phppgadmin/phppgadmin || phppgadmin

• pgAdmin — Comprehensive design and management GUI for PostgreSQL.

https://www.pgadmin.org/ || pgadmin3^AUR or pgadmin4

• pgModeler — Graphical schema designer for PostgreSQL.

https://pgmodeler.io/ || pgmodeler^AUR

For tools supporting multiple DBMSs, see List of applications/Documents#Database tools.

Upgrading PostgreSQL

Upgrading major PostgreSQL versions requires some extra maintenance.

Get the currently used database version via

# cat /var/lib/postgres/data/PG_VERSION

To ensure you do not accidentally upgrade the database to an incompatible version, it is recommended to skip updates to the PostgreSQL packages.

Minor version upgrades are safe to perform. However, if you do an accidental upgrade to a different major version, you might not be able to access any of your data. Always check the PostgreSQL home page to be sure of what steps are required for each upgrade. For a bit about why this is the case, see the versioning policy.

There are two main ways to upgrade your PostgreSQL database. Read the official documentation for details.

pg_upgrade

The pg_upgrade utility attempts to copy over as much compatible data as possible between clusters and upgrading everything else. It is generally the fastest method to upgrade most instances, although it requires access to binaries for both source and target PostgreSQL versions. Read the pg_upgrade(1) man page to understand what actions it performs. For non-trivial instances (e.g. with streaming replication or log-shipping), read the upstream documentation first.

For those wishing to use pg_upgrade, a postgresql-old-upgrade package is available that will always run one major version behind the real PostgreSQL package. This can be installed side-by-side with the new version of PostgreSQL. To upgrade from older versions of PostgreSQL there are AUR packages available: postgresql-96-upgrade^AUR, postgresql-95-upgrade^AUR, postgresql-94-upgrade^AUR, postgresql-93-upgrade^AUR, postgresql-92-upgrade^AUR. (You must use the pg_upgrade version packaged with the PostgreSQL version you are upgrading to.)

Note that the database cluster directory does not change from version to version, so before running pg_upgrade, it is necessary to rename your existing data directory and migrate into a new directory. The new database cluster must be initialized using the same parameters as the old one.

When you are ready to begin the upgrade:

1. While the old database cluster is still online, collect the initdb arguments used to create it. Refer to #Initial configuration for more information.
2. Stop postgresql.service. (Check the unit status to be sure that PostgresSQL was stopped correctly. If it failed, pg_upgrade will fail too.)
3. Upgrade postgresql, postgresql-libs, and postgresql-old-upgrade.
4. Rename the old cluster directory, then create a new cluster and temporary working directory:

   # mv /var/lib/postgres/data /var/lib/postgres/olddata
   # mkdir /var/lib/postgres/data /var/lib/postgres/tmp
   # chown postgres:postgres /var/lib/postgres/data /var/lib/postgres/tmp
   [postgres]$ cd /var/lib/postgres/tmp

5. Initialize the new cluster using the same initdb arguments as were used for the old cluster:

   [postgres]$ initdb -D /var/lib/postgres/data --locale=xy_XY.UTF-8 --encoding=UTF8 --data-checksums

6. Upgrade the cluster, replacing PG_VERSION below, with the old PostgreSQL version number (e.g. 13):

   [postgres]$ pg_upgrade -b /opt/pgsql-PG_VERSION/bin -B /usr/bin -d /var/lib/postgres/olddata -D /var/lib/postgres/data

   Note: If necessary, adjust the configuration files of new cluster (e.g. pg_hba.conf and postgresql.conf) to match the old cluster.
   Note: If pg_upgrade fails with The source cluster was not shut down cleanly, PostgreSQL was not stopped before attempting the upgrade. Stop it, then restart the cluster with old database binaries to recover old cluster files:

   [postgres]$ /opt/pgsql-PG_VERSION/bin/pg_ctl start -D /var/lib/postgres/olddata && /opt/pgsql-PG_VERSION/bin/pg_ctl stop -D /var/lib/postgres/olddata

   You can now safely retry the pg_upgrade command. If the upgrade process still fails, shut down any database processes, downgrade PostgreSQL packages to their previous versions, recover your previous cluster data from backups and restart the upgrade process.
7. Start postgresql.service again.
8. Optional: Run [postgres]$ /usr/bin/vacuumdb --all --analyze-in-stages to recalculate query analyzer statistics, which should improve query performance shortly after the upgrade. (Adding --jobs=NUMBER_OF_CPU_CORES argument may improve this command's performance.)
9. Optional: Back up the /var/lib/postgres/olddata directory in case you need to restore a previous PostgreSQL version.
10. Delete the /var/lib/postgres/olddata directory with old cluster data.
11. Delete the /var/lib/postgres/tmp directory.

Manual dump and reload

You could also do something like this (after the upgrade and install of postgresql-old-upgrade).

Stop postgresql.service

# mv /var/lib/postgres/data /var/lib/postgres/olddata
# mkdir /var/lib/postgres/data
# chown postgres:postgres /var/lib/postgres/data
[postgres]$ initdb -D /var/lib/postgres/data
[postgres]$ /opt/pgsql-13/bin/pg_ctl -D /var/lib/postgres/olddata/ start
# cp /usr/lib/postgresql/postgis-3.so /opt/pgsql-13/lib/ # Only if postgis installed
[postgres]$ pg_dumpall -h /tmp -f /tmp/old_backup.sql
[postgres]$ /opt/pgsql-13/bin/pg_ctl -D /var/lib/postgres/olddata/ stop

Start postgresql.service

[postgres]$ psql -f /tmp/old_backup.sql postgres

Troubleshooting

Improve performance of small transactions

If you are using PostgresSQL on a local machine for development and it seems slow, you could try turning synchronous_commit off in the configuration. Beware of the caveats, however.

/var/lib/postgres/data/postgresql.conf

synchronous_commit = off

Prevent disk writes when idle

PostgreSQL periodically updates its internal "statistics" file. By default, this file is stored on disk, which prevents disks from spinning down on laptops and causes hard drive seek noise. It is simple and safe to relocate this file to a memory-only file system with the following configuration option:

/var/lib/postgres/data/postgresql.conf

stats_temp_directory = '/run/postgresql'

pgAdmin 4 issues after upgrade to PostgreSQL 12

If you see errors about string indices must be integers when navigating the tree on the left, or about column rel.relhasoids does not exist when viewing the data, remove the server from the connection list in pgAdmin and add a fresh server instance. pgAdmin will otherwise continue to treat the server as a PostgreSQL 11 server resulting in these issues.

PostgreSQL database unable to start after package update when using extensions

The cause in this case is mostly the existing package is not compiled for the newer version (and it may be up-to-date), the solution is rebuilding the package either manually or waiting for an update to the extension package.

Failing to start a PostgreSQL server with the older version of the database while upgrading to the newer version with extensions

This is caused because the old version of postgres from the package postgresql-old-upgrade does not have the required extensions (.so files) in it's lib directory, the current solution is dirty, and might cause a lot of problems so keep a backup of the database just in case, basically copy the required extension .so files from /usr/lib/postgresql/ to /opt/pgsql-XX/lib/ (remember to replace XX with the major version of postgresql-old-upgrade).

For example, for timescaledb

# cp /usr/lib/postgresql/timescaledb*.so /opt/pgsql-13/lib/

to know the exact files to copy, check the contant of the package of the extension using :

$ pacman -Ql package_name