Install PostgreSQL on Ubuntu [Latest Version]

By /

Okay, here’s a comprehensive article detailing the installation of PostgreSQL on Ubuntu, targeting the latest stable versions of both Ubuntu and PostgreSQL, and providing a deep dive into various aspects of the process.

Installing PostgreSQL on Ubuntu: A Comprehensive Guide (Latest Versions)

This guide provides a detailed, step-by-step walkthrough for installing and configuring the latest stable version of PostgreSQL on the latest stable version of Ubuntu. We’ll cover everything from initial setup to basic database management, security considerations, and troubleshooting common issues. This guide assumes a relatively clean Ubuntu installation, but we’ll address potential conflicts and dependencies as they arise.

Target Audience:

This guide is intended for:

  • Beginners: Users with little to no prior experience with PostgreSQL or database administration.
  • Intermediate Users: Users familiar with Linux and basic database concepts who want a detailed reference for Ubuntu-specific PostgreSQL installation.
  • Developers: Developers who need a reliable and up-to-date PostgreSQL environment for their projects.
  • System Administrators: Administrators tasked with setting up and managing PostgreSQL servers on Ubuntu.

Prerequisites:

Before you begin, ensure you have the following:

  • A running Ubuntu system: This guide assumes you have the latest LTS (Long-Term Support) version of Ubuntu installed and running. While the steps are generally applicable to other recent Ubuntu versions, specific package names or commands might differ slightly. You should have a user account with sudo privileges.
  • Internet connection: You’ll need an internet connection to download the necessary packages.
  • Basic command-line familiarity: This guide uses the terminal extensively. A basic understanding of common Linux commands (like cd, ls, sudo, apt) is essential.
  • Updated System: It’s crucial to start with an updated system.

1. Updating the System:

Before installing any new software, it’s crucial to ensure your system’s package list and installed packages are up-to-date. This minimizes potential conflicts and ensures you’re installing the latest versions of all dependencies.

Open a terminal (usually by pressing Ctrl+Alt+T) and run the following commands:

bash
sudo apt update
sudo apt upgrade -y

  • sudo apt update: This command updates the local package list. It fetches the latest information about available packages and their versions from the configured repositories. It doesn’t actually install or upgrade anything; it just updates the information about what’s available.
  • sudo apt upgrade -y: This command upgrades all installed packages to their latest versions, based on the updated package list. The -y flag automatically answers “yes” to any prompts, making the process unattended.

This process may take some time, depending on your internet connection speed and the number of packages that need updating. It’s a good idea to reboot your system after a major upgrade:

bash
sudo reboot

2. Installing PostgreSQL:

Ubuntu includes PostgreSQL in its default repositories. However, to ensure we get the absolute latest stable release, we’ll add the official PostgreSQL repository. This gives us access to newer versions and more frequent updates directly from the PostgreSQL project.

2.1. Adding the PostgreSQL Repository:

  1. Import the repository signing key: This key verifies the authenticity of the packages you’ll be downloading.

    bash
    wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | sudo apt-key add -
    This downloads the key from the PostgreSQL website and adds it to your system’s trusted keys.

  2. Add the repository to your system’s sources list: This tells apt where to find the PostgreSQL packages.

    bash
    sudo sh -c 'echo "deb http://apt.postgresql.org/pub/repos/apt $(lsb_release -cs)-pgdg main" > /etc/apt/sources.list.d/pgdg.list'
    This command does the following:
    * sh -c: Executes the enclosed command in a subshell.
    * echo "deb ...": Creates a string containing the repository information. The format is:
    * deb: Indicates a Debian package repository.
    * http://apt.postgresql.org/pub/repos/apt: The URL of the repository.
    * $(lsb_release -cs)-pgdg: This dynamically determines your Ubuntu codename (e.g., “focal”, “jammy”). lsb_release -cs retrieves the codename, and -pgdg is appended.
    * main: Specifies the main component of the repository.
    * > /etc/apt/sources.list.d/pgdg.list: Redirects the output of the echo command to a new file named pgdg.list in the /etc/apt/sources.list.d/ directory. This is the standard location for adding third-party repositories.

  3. Update the package list again: After adding the new repository, you need to update apt‘s package list:

    bash
    sudo apt update

2.2. Installing the PostgreSQL Server and Client:

Now that the repository is configured, you can install PostgreSQL:

bash
sudo apt install postgresql postgresql-contrib -y

  • postgresql: This package installs the core PostgreSQL server software.
  • postgresql-contrib: This package installs additional modules and utilities that provide extra functionality (e.g., extensions, data types, functions). It’s highly recommended to install this package.
  • -y: Automatically answers “yes” to any prompts.

This command will download and install the latest stable version of PostgreSQL and its dependencies. The installation process will automatically:

  • Create a system user named postgres. This user is used to manage the PostgreSQL service and owns the database files.
  • Initialize a default database cluster. A database cluster is a collection of databases managed by a single PostgreSQL server instance.
  • Start the PostgreSQL service.

3. Verifying the Installation:

After the installation completes, it’s important to verify that PostgreSQL is running correctly.

3.1. Checking the Service Status:

Use the systemctl command to check the status of the PostgreSQL service:

bash
systemctl status postgresql

You should see output similar to this:

● postgresql.service - PostgreSQL RDBMS
Loaded: loaded (/lib/systemd/system/postgresql.service; enabled; vendor preset: enabled)
Active: active (exited) since Tue 2023-10-27 10:00:00 UTC; 1min ago
Main PID: 1234 (code=exited, status=0/SUCCESS)
Tasks: 0 (limit: 4915)
Memory: 0B
CPU: 0ms
CGroup: /system.slice/postgresql.service

The key line is Active: active (exited). While “exited” might seem concerning, in the case of the main postgresql.service, it’s normal. The main service starts the individual PostgreSQL cluster services. We need to check the status of the cluster itself:

To check the status of the cluster, run the following command:
bash
pg_lsclusters
You should see an output like below:
bash
Ver Cluster Port Status Owner Data directory Log file
15 main 5432 online postgres /var/lib/postgresql/15/main /var/log/postgresql/postgresql-15-main.log
If the Status is online, then postgresql is running correctly.

3.2. Connecting to the Default Database:

The installation process creates a default database named postgres and a database user also named postgres. We can connect to this database using the psql command-line client.

Since the postgres user is a system user, we need to use sudo to switch to that user before connecting:

bash
sudo -i -u postgres
psql

  • sudo -i -u postgres: This command switches to the postgres user and simulates a login, setting the environment variables appropriately.
  • psql: This command starts the psql interactive terminal.

You should now see the psql prompt:

postgres=#

This indicates that you’ve successfully connected to the postgres database as the postgres user.

3.3. Basic psql Commands:

Here are a few basic psql commands to get you started:

  • \l: Lists all databases.
  • \du: Lists all database users (roles).
  • \dt: Lists all tables in the current database.
  • \conninfo: Displays information about the current connection.
  • \q: Quits the psql terminal.

To exit the psql terminal and return to your regular user account, type:

\q
exit

The exit command returns you from the postgres user’s shell to your own.

4. Securing PostgreSQL:

The default PostgreSQL installation is relatively insecure. It’s crucial to take steps to secure your database server, especially if it will be accessible from the network.

4.1. Setting a Password for the postgres User:

By default, the postgres database user doesn’t have a password set. It relies on “peer authentication,” which means that only the postgres system user can connect without a password. This is fine for local access, but it’s not secure enough for network access.

  1. Connect to the postgres database as the postgres user:

    bash
    sudo -i -u postgres
    psql

  2. Set the password:

    sql
    ALTER USER postgres WITH PASSWORD 'your_strong_password';

    Replace 'your_strong_password' with a strong, unique password. Use a combination of uppercase and lowercase letters, numbers, and symbols.

  3. Exit psql and the postgres user’s shell:

    \q
    exit

4.2. Configuring Network Access (pg_hba.conf):

The pg_hba.conf file (PostgreSQL Host-Based Authentication) controls which clients are allowed to connect to the database server and how they authenticate. By default, it’s configured to allow only local connections using peer authentication.

  1. Locate the pg_hba.conf file:

    The location of this file can vary depending on the PostgreSQL version and installation. You can find it using the following command:

    bash
    sudo -u postgres psql -c "SHOW hba_file;"
    This will output the full path to the file, for example /etc/postgresql/15/main/pg_hba.conf.

  2. Edit the pg_hba.conf file:

    Use a text editor with sudo privileges to open the file. For example, using nano:

    bash
    sudo nano /etc/postgresql/15/main/pg_hba.conf
    (Replace the path with the actual path from the previous step).

  3. Understanding pg_hba.conf entries:

    The pg_hba.conf file contains a series of lines, each representing an authentication rule. Each line has the following format:

    TYPE DATABASE USER ADDRESS METHOD

    • TYPE: The type of connection:
      • local: Unix-domain socket connections (for local connections).
      • host: TCP/IP connections (for network connections).
      • hostssl: TCP/IP connections with SSL encryption.
      • hostnossl: TCP/IP connections without SSL encryption.
    • DATABASE: The database(s) the rule applies to:
      • all: All databases.
      • sameuser: Databases with the same name as the user.
      • samerole: Databases the user is a member of.
      • A specific database name.
      • A comma-separated list of database names.
    • USER: The database user(s) the rule applies to:
      • all: All users.
      • A specific username.
      • A comma-separated list of usernames.
      • +groupname: All users belonging to group.
    • ADDRESS: The client IP address(es) the rule applies to:
      • all: All IP addresses.
      • A specific IP address (e.g., 192.168.1.100).
      • A CIDR network address (e.g., 192.168.1.0/24).
      • samehost: The same host as the server.
      • samenet: Any address in the server’s subnet.
    • METHOD: The authentication method:
      • trust: Allow connection without a password (highly insecure, avoid for network connections).
      • reject: Reject the connection.
      • md5: Require an MD5-hashed password.
      • password: Require a cleartext password (insecure, avoid).
      • scram-sha-256: Require a SCRAM-SHA-256 hashed password (more secure than MD5).
      • peer: Obtain the client’s operating system user name from the kernel (only for local connections).
      • ident: Obtain the client’s operating system user name from an ident server (rarely used).

  4. Modifying the rules:

    • Local Connections: By default, you’ll likely see a line like this:

      local all postgres peer

      This allows the postgres system user to connect to any database locally using peer authentication. You can add a similar line for your own user account:

      local all your_username peer
      Replace your_username.

    • Network Connections (Example): To allow connections from a specific IP address (e.g., 192.168.1.100) with password authentication, you could add a line like this:

      host all all 192.168.1.100/32 scram-sha-256

      This allows any user to connect to any database from that specific IP address using SCRAM-SHA-256 password authentication. The /32 indicates a single IP address.

    • Allowing all connections (NOT RECOMMENDED FOR PRODUCTION):
      host all all 0.0.0.0/0 scram-sha-256
      This opens the database to connections from any IP address. This is extremely dangerous for production servers and should only be used in very controlled development environments. Never use trust for network connections.

  5. Reload PostgreSQL configuration:

    After making changes to pg_hba.conf, you need to reload the PostgreSQL configuration for the changes to take effect:

    bash
    sudo systemctl reload postgresql
    Or, using the pg_ctlcluster command:
    bash
    sudo pg_ctlcluster 15 main reload
    (replace 15 with your PostgreSQL version if different).

4.3. Firewall Configuration (ufw):

If you have a firewall enabled (which you should), you’ll need to allow connections to the PostgreSQL port (default is 5432) if you want to access the database from other machines. Ubuntu typically uses ufw (Uncomplicated Firewall).

  1. Check ufw status:

    bash
    sudo ufw status

  2. Allow PostgreSQL connections:

    bash
    sudo ufw allow 5432/tcp

    This allows TCP connections on port 5432. You can also restrict this rule to specific IP addresses or networks:

    bash
    sudo ufw allow from 192.168.1.0/24 to any port 5432 proto tcp

  3. Reload ufw:

    bash
    sudo ufw reload

5. Creating Users and Databases:

Now that you have a secured PostgreSQL installation, you’ll likely want to create additional users and databases for your applications.

5.1. Creating a New Database User (Role):

  1. Connect to PostgreSQL as the postgres user:

    bash
    sudo -i -u postgres
    psql

  2. Create the user:

    sql
    CREATE USER your_new_username WITH PASSWORD 'your_new_password';

    Replace your_new_username and your_new_password with the desired username and password.

  3. Grant privileges (optional):

    By default, the new user has no privileges. You need to explicitly grant them privileges to access databases and perform actions. Here are some common examples:

    • Grant all privileges on a specific database:

      sql
      GRANT ALL PRIVILEGES ON DATABASE your_database_name TO your_new_username;

    • Grant specific privileges:

      sql
      GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE your_table_name TO your_new_username;

    • Grant the ability to create databases:

      sql
      ALTER USER your_new_username CREATEDB;
      * Grant the ability to create roles (users):
      sql
      ALTER USER your_new_username CREATEROLE;
      * Make the user a superuser (full access – use with caution):

      sql
      ALTER USER your_new_username SUPERUSER;
      Warning: Granting superuser privileges should be done sparingly, as it gives the user complete control over the database server.

5.2. Creating a New Database:

  1. Connect to PostgreSQL (as a user with CREATEDB privileges):

    You can create a database either from the psql prompt or directly from the command line.

  2. Create the database (from psql):

    sql
    CREATE DATABASE your_new_database_name;

  3. Create the database (from the command line):

    bash
    sudo -u postgres createdb your_new_database_name
    Or, if your user has CREATEDB privileges:
    bash
    createdb your_new_database_name

  4. Set the owner of the database (optional):

    By default, the user who creates the database is the owner. You can change the owner using:
    From psql:
    sql
    ALTER DATABASE your_new_database_name OWNER TO your_new_username;

5.3. Connecting to the New Database:

You can connect to the new database using psql:

bash
psql -d your_new_database_name -U your_new_username

  • -d: Specifies the database name.
  • -U: Specifies the username.

You’ll be prompted for the user’s password.

6. Basic Database Administration:

Here are some common database administration tasks:

6.1. Backing Up a Database:

The pg_dump utility is used to create backups of PostgreSQL databases.

  • Backup a single database:

    bash
    pg_dump -U your_username -d your_database_name -f your_backup_file.sql

    • -U: Specifies the username.
    • -d: Specifies the database name.
    • -f: Specifies the output file name.

    This creates a SQL script (.sql file) that can be used to recreate the database.

  • Backup all databases:

    bash
    pg_dumpall -U postgres > all_databases.sql

    This creates a backup of all databases in the cluster. It’s usually run as the postgres user.

  • Backup in custom format:
    bash
    pg_dump -U your_username -d your_database_name -F c -f your_backup_file.dump
    This creates a backup file in custom format, that can be restored using pg_restore. The advantage of this format is that it can be used to select which items to restore.

6.2. Restoring a Database:

  • Restore from a SQL script:

    bash
    psql -U your_username -d your_database_name -f your_backup_file.sql

    This executes the SQL script to recreate the database. You may need to create the database first if it doesn’t exist.

  • Restore from custom format:
    bash
    pg_restore -U your_username -d your_database_name -v your_backup_file.dump
    The -v option provides verbose output.

6.3. Managing PostgreSQL Extensions:

PostgreSQL extensions add functionality to the database. The postgresql-contrib package includes many useful extensions.

  • List available extensions:

    sql
    SELECT * FROM pg_available_extensions;

  • List installed extensions:

    sql
    SELECT * FROM pg_extension;

  • Install an extension:
    sql
    CREATE EXTENSION IF NOT EXISTS "uuid-ossp";
    This example installs the “uuid-ossp” extension, which provides functions for generating UUIDs (Universally Unique Identifiers). Replace "uuid-ossp" with the name of the extension you want to install. You must install the extension within the database you want to use it in.

  • Uninstall an extension:

    sql
    DROP EXTENSION IF EXISTS "uuid-ossp";

7. Troubleshooting:

Here are some common issues and solutions:

  • psql: error: connection to server on socket "/var/run/postgresql/.s.PGSQL.5432" failed: No such file or directory: This usually means the PostgreSQL server isn’t running. Check the service status (systemctl status postgresql) and start it if necessary (sudo systemctl start postgresql). Also check pg_lsclusters.
  • psql: error: connection to server on socket "/var/run/postgresql/.s.PGSQL.5432" failed: FATAL: Peer authentication failed for user "your_username": This means your pg_hba.conf file isn’t configured to allow your user to connect using peer authentication. Check the pg_hba.conf file and make sure there’s a rule that allows your user to connect from local.
  • psql: error: connection to server at "your_ip_address" (your_ip_address), port 5432 failed: FATAL: password authentication failed for user "your_username": This means either the password you entered is incorrect, or your pg_hba.conf file isn’t configured to allow password authentication from your IP address. Check the password and the pg_hba.conf file.
  • psql: error: could not connect to server: Connection refused: This usually means either the PostgreSQL server isn’t running, or your firewall is blocking connections on port 5432. Check the service status, start the service if necessary, and check your firewall rules.
  • Postgresql Service won’t start: Check the log file for error messages: /var/log/postgresql/postgresql-15-main.log. (Replace 15)
  • Permission denied errors when accessing data directory: Make sure the postgres user owns the data directory and has the correct permissions.

8. Advanced Topics (Brief Overview):

  • Replication: Setting up multiple PostgreSQL servers for high availability and read scaling.
  • Connection Pooling: Using tools like pgBouncer or pgpool-II to manage database connections efficiently.
  • Performance Tuning: Optimizing PostgreSQL configuration for specific workloads.
  • Monitoring: Using tools to monitor PostgreSQL performance and resource usage.
  • Security Auditing: Implementing measures to track and audit database activity.

9. Conclusion:

This guide has provided a comprehensive overview of installing, configuring, and securing PostgreSQL on Ubuntu. By following these steps, you can set up a robust and reliable database server for your applications and projects. Remember to always prioritize security and keep your system and PostgreSQL software up-to-date to protect against vulnerabilities. The official PostgreSQL documentation is an invaluable resource for further learning and exploring the advanced features of PostgreSQL.

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top