Bitnami PostgreSQL for Amazon Web Services

PostgreSQL is a powerful, open source object-relational database system. It has more than 15 years of active development and a proven architecture that has earned it a strong reputation for reliability, data integrity, and correctness. It is fully ACID compliant, has full support for foreign keys, joins, views, triggers, and stored procedures (in multiple languages).

How to connect to the PostgreSQL database?

You can connect to the PostgreSQL database from the same computer where it is installed with the psql client tool.

$ psql -U postgres

You will be prompted to enter the postgres user password.

Find out how to obtain application credentials.

How to create a database backup?

To back up only the database, create a dump file using the pg_dump tool.

 $ pg_dump -U postgres DATABASE_NAME > backup.sql

This operation could take some time depending on the database size.

How to restore a database backup?

Once you have the backup file, you can restore it with a command like the one below:

$ psql -U postgres DATABASE_NAME < backup.sql

If you want to restore the database and the database schema does not exist, it is necessary to first follow the steps described below. As a side note, the value for the BITNAMI_USER_PASSWORD placeholder is included in the application credentials or, if the credentials were defined by the user, it is the same as the application password.

$ psql -U postgres
drop database DATABASE_NAME;
create database DATABASE_NAME;
create user USER_NAME;
alter role USER_NAME with password 'BITNAMI_USER_PASSWORD';
grant all privileges on database DATABASE_NAME to USER_NAME;
alter database DATABASE_NAME owner to USER_NAME;
$ psql -U postgres DATABASE_NAME < backup.sql

Note that the steps previously described will only back up the data contained inside your database. There may be other files that you should take into account when performing a full backup, such as files that may have been uploaded to the application. These files are stored in the application folder itself, so copy this folder to have a backup of your uploaded files.

How to change the PostgreSQL root password?

You can modify the PostgreSQL password using the following command at the shell prompt:

$ psql -U postgres
postgres=# alter user postgres with password 'NEW_PASSWORD';
postgresl=# \q

How to reset the PostgreSQL password?

If you don't remember your PostgreSQL database password, you can follow the steps below to reset it to a new value:

  • Change the authentication method in the configuration file at /opt/bitnami/postgresql/data/pg_hba.conf from md5 to trust and reload the configuration.

     $ sudo sed -ibak 's/^\([^#]*\)md5/\1trust/g' /opt/bitnami/postgresql/data/pg_hba.conf
     $ sudo -u postgres pg_ctl reload
    
  • Connect to the PostgreSQL database and set the password to a new value:

     $ psql -U postgres
     postgres=# alter user postgres with password 'NEW_PASSWORD';
     postgresl=# \q
    
  • Finally, change the authentication method back to md5 and reload the old PostgreSQL configuration:

     $ sudo sed -i 's/^\([^#]*\)trust/\1md5/g' /opt/bitnami/postgresql/data/pg_hba.conf
     $ sudo -u postgres pg_ctl reload
    

You should now be able to connect to PostgreSQL with the new password.

How to configure pgAdmin 4?

NOTE: This section assumes that you have downloaded and installed pgAdmin 4.

pgAdmin is the most popular and feature-rich platform for administration and development of PostgreSQL databases. Check the pgAdmin official page for more information.

To connect to your remote PostgreSQL database server using pgAdmin 4, follow these steps:

  • Make sure that you have your cloud server's IP address and application credentials (instructions).

  • Open port 5432 in the server firewall (instructions).

IMPORTANT: Making this application's network ports public is a significant security risk. You are strongly advised to only allow access to those ports from non-routable IP addresses. If access is required from outside of a trusted network, do not allow access to those ports via a public IP address. Instead, use a secure channel such as a VPN or an SSH tunnel. Follow these instructions to remotely connect safely and reliably.
  • Connect to your cloud server using PuTTY or another SSH client (instructions).

  • At the server console, edit the file /opt/bitnami/postgresql/data/pg_hba.conf and add the following at the end, then save the file:

    host all all all md5
    
  • Edit the file /opt/bitnami/postgresql/data/postgresql.conf and replace this line

    listen_address='127.0.0.1'
    

    with:

    listen_addresses = '*'
    
  • Save the file.

  • Restart the PostgreSQL server:

    sudo /opt/bitnami/ctlscript.sh restart postgresql
    

Your PostgreSQL server is now configured to accept remote connections, and you can connect to it using pgAdmin 4. Follow these steps:

  • Launch pgAdmin 4.

  • Go to the "Dashboard" tab. In the "Quick Link" section, click "Add New Server" to add a new connection.

    pgAdmin 4 configuration

  • Select the "Connection" tab in the "Create-Server" window.

  • Then, configure the connection as follows:

  • Enter your server's IP address in the "Hostname/Address" field.

  • Specify the "Port" as "5432".

  • Enter the name of the database in the "Database Maintenance" field.

  • Enter your username as postgres and password (use the same password you used when previously configuring the server to accept remote connections) for the database.

  • Click "Save" to apply the configuration.

    pgAdmin 4 configuration

  • Check that the connection between pgAdmin 4 and the PostgreSQL database server is active. Navigate to the "Dashboard" tab and find the state of the server in the "Server activity" section:

pgAdmin 4 configuration

How to connect to PostgreSQL from a different machine?

To connect to PostgreSQL from a different machine, you must make sure that port 5432 is opened for remote access or open it by following the instructions given in the FAQ.

How to create a database for a custom application?

These are the basic steps to create a new database and user for your applications:

  • Create a new role by executing the createuser command. With the options below, the new role will not be a superuser and will not have privileges for creating new databases or new roles (this is usually the default for the createuser command).

     createuser -U postgres USER_NAME -S -D -R -P
    

    You will be prompted to enter first the password for the new role and to reenter it, and then to enter the postgres role password.

  • Create a new database with the new role as the owner:

     createdb -U postgres DATABASE_NAME  -O USER_NAME
    

How to install PostGIS in a PostgreSQL database?

PostGIS adds support for geographic objects to the PostgreSQL object-relational database.

NOTE: Since Bitnami LAPP Stack v5.4.0-1 version, PostGIS is already included in the stack so it is not necessary to install it manually.

Follow these steps to install the PostGIS extension:

  • Install the compilation tools:

     $ sudo apt-get update
     $ sudo apt-get install build-essential libtool autoconf unzip wget 
    
  • Download and install the dependencies:

     $ wget http://download.osgeo.org/geos/geos-3.3.2.tar.bz2
     $ bunzip2 geos-3.3.2.tar.bz2
     $ tar -xvf geos-3.3.2.tar
     $ cd geos-3.3.2
     $ ./configure
     $ make 
     $ sudo make install
    
     $ wget http://download.osgeo.org/proj/proj-4.8.0.tar.gz
     $ tar -xzvf proj-4.8.0.tar.gz
     $ cd proj-4.8.0
     $ ./configure
     $ make
     $ sudo make install
    
  • Download and install PostGIS.

     $ wget http://postgis.refractions.net/download/postgis-1.5.3.tar.gz
     $ tar -xzvf postgis-1.5.3.tar.gz
     $ cd postgis-1.5.3
     $ ./configure
     $ make
     $ sudo make install
    
  • Verify that the postgis database has been successfully created, using the phpPgAdmin application at http://127.0.0.1/phppgadmin. For more information on using phpPgAdmin, refer to this page.

Learn more about configuring PostgreSQL with PostGIS.

How to secure your server from remote connections?

Once you have created a new database and user for your application, connect your applications to the PostgreSQL server using that database and password.

It is strongly recommended that you do not have empty passwords for any user accounts when using the server for any production work.

Allow remote access only from the database user associated with the database name by editing the pg_hba.conf file as explained below.

  • Comment out the line that allow remote access to all users:

     #host all all all md5
    
  • Add a line for the new user:

     host DATABASE_NAME USER_NAME all md5
    
  • If your application will be connected from a fixed domain or IP address, you should update your pg_hba.conf file to only accept connections from that server instead:

     host DATABASE_NAME USER_NAME applicationserver.domain.com md5
    

    or

     host DATABASE_NAME USER_NAME IP_ADDRESS 255.255.255.255 md5
    
  • Change your postgres user password as explained in this section.

What is the default configuration?

The default configuration consists of:

  • A database cluster or directory under which all data will be stored. The default data directory in Bitnami is located at /opt/bitnami/postgresql/data.
  • Every connection to the PostgreSQL database server is made using the name of some particular role. A database superuser bypasses all permission checks, except the right to log in. Bitnami configures a default superuser role with a name of postgres. The postgres role has remote access to the database.

Check our recommendations for a production server.

PostgreSQL version

In order to see which PostgreSQL version are your machine running, execute the following command:

$ postgres --version

PostgreSQL configuration files

The PostgreSQL configuration settings file is located at /opt/bitnami/postgresql/data/postgresql.conf.

The PostgreSQL client authentication configuration file is located at /opt/bitnami/postgresql/data/pg_hba.conf.

The PostgreSQL official documentation has more details on how to configure the PostgreSQL database.

PostgreSQL socket

On Unix, PostgreSQL clients can connect to the server using an Unix socket file. Usually when you use a PostgreSQL client tool included in the Stack, you will not need to specify the socket for the connection.

The socket file is created at /opt/bitnami/postgresql/.s.PGSQL.5432.

PostgreSQL port

The default port in which PostgreSQL listens is 5432.

PostgreSQL log file

The main PostgreSQL log file is created at /opt/bitnami/postgresql/data/postgresql.log file. You can change the default error reporting and logging configuration settings in the postgresql.conf file.

NOTE: On some platforms, you may need root account privileges to view these files.