Thread: Ubuntu and Rails postgresql setup
I found useful information on how to configure PostgreSQL in Ubuntu for Rails development at help.ubuntu.com, at Heroku and at digitalocean.com.
In the PostgreSQL documentation I could not find instructions related to setup after installation with PPA and about configuration for Rails, but only setup instructions after installation from souce code.
Putting everything together, all the information seems to converge on the necessity of creating a database superuser with login name that match my Ubuntu user name with:
sudo -u postgres createuser --superuser $USER
When time arrives to create a password for the new superuser with sudo -u postgres psql
, I am wondering if Rails can use PostgreSQL without setting the password, if this password can and should be different from my Ubuntu account password and also whether database.yml
could be a security concern when pushing to Git repository hosting web sites and to Heroku.
Indatabase.yml
in fact is recorded exactly this kind of sensitive information.
According to Heroku it is necessary "to export the DATABASE_URL environment variable for your app to connect to it when running locally", with:
export DATABASE_URL=postgres:///$(whoami)
Is that really necessary? At help.ubuntu.com and digitalocean.com this information is not reported.
Finally I am wondering whether the choice of installing PostgreSQL through the PostgreSQL apt repository would be safe enough or it would be preferable to install the LTS version of Ubuntu.
On 2/24/2016 12:34 AM, Marco Lobbia wrote: > Finally I am wondering whether the choice of installing PostgreSQL > through the PostgreSQL apt repository would be safe enough or it would > be preferable to install the LTS version of Ubuntu. the LTS version of Ubuntu is preferable for server installs where you want long term stability. the versions of postgres in the ubuntu standard apt repositories are perfectly adequate for production use, up to date, and well managed. there's a bunch of ubuntu/debian specific command wrappers like pg_lsclusters, pg_createcluster, and so forth that come along with that install. -- john r pierce, recycling bits in santa cruz
On 2/24/2016 1:34 AM, Marco Lobbia wrote: > Once support for 14.04 LTS will be terminated in 2019, there will not > be any more support for PostgreSQL too. At that time I suppose I and > other Ubuntu users will be left with the only choice to install from > scratch another version of Ubuntu and related software, included > PostgreSQL. by 2019, I would expect the server deployed today to be pretty obsolete. its pretty easy now to use streaming replication to create a live copy of your database then promote and cut over to it with almost no downtime. or, simply do an in place upgrade of your operating system, as long as you use the same major version of postgres, you can run with the same data directory. you can upgrade postgres to a new major version via pg_upgrade... -- john r pierce, recycling bits in santa cruz
On 02/24/2016 12:34 AM, Marco Lobbia wrote: > I am on a Ubuntu 14.04 LTS machine. > > I found useful information on how to configure PostgreSQL in Ubuntu for > Rails development at help.ubuntu.com > <https://help.ubuntu.com/community/PostgreSQL>, at Heroku > <https://devcenter.heroku.com/articles/heroku-postgresql#local-setup> > and at digitalocean.com > <https://www.digitalocean.com/community/tutorials/how-to-use-postgresql-with-your-ruby-on-rails-application-on-ubuntu-14-04>. > > In the PostgreSQL documentation I could not find instructions related to > setup after installation with PPA and about configuration for Rails, but > only setup instructions after installation from souce code. > > Putting everything together, all the information seems to converge on > the necessity of creating a database superuser with login name that > match my Ubuntu user name with: > > |sudo -u postgres createuser --superuser $USER| > > When time arrives to create a password for the new superuser with |sudo > -u postgres psql| , I am wondering if Rails can use PostgreSQL without > setting the password, if this password can and should be different from > my Ubuntu account password and also whether |database.yml| could be a > security concern when pushing to Git repository hosting web sites and to > Heroku. > In|database.yml| in fact is recorded exactly this kind of sensitive > information. Do not know if the pg gem uses libpq to make its connections. I suspect it does: https://bitbucket.org/ged/ruby-pg/wiki/Home Requirements Ruby 1.9.3+ or Rubinius 2.0+ . PostgreSQL 9.0.x (with headers, -dev packages, etc). If that is the case, the you can use .pgpass to keep sensitive information out of the *.yml file: http://www.postgresql.org/docs/9.5/static/libpq-pgpass.html > > According to Heroku > <https://devcenter.heroku.com/articles/heroku-postgresql#local-setup> it > is necessary "to export the DATABASE_URL environment variable for your > app to connect to it when running locally", with: | > | > > |export DATABASE_URL=postgres:///$(whoami)| > > Is that really necessary? At help.ubuntu.com > <https://help.ubuntu.com/community/PostgreSQL> and digitalocean.com > <https://www.digitalocean.com/community/tutorials/how-to-use-postgresql-with-your-ruby-on-rails-application-on-ubuntu-14-04> > this information is not reported. See here: http://guides.rubyonrails.org/configuring.html#configuring-a-database Since a good bit of the above deals with Rails specifically, you might want to also ask on the Rails list: https://groups.google.com/forum/#!forum/rubyonrails-talk > > Finally I am wondering whether the choice of installing PostgreSQL > through the PostgreSQL apt repository would be safe enough or it would > be preferable to install the LTS version of Ubuntu. > -- Adrian Klaver adrian.klaver@aklaver.com
On 02/24/2016 12:34 AM, Marco Lobbia wrote: > I am on a Ubuntu 14.04 LTS machine. I thought I'd chime in since I work with Rails and Postgres on Ubuntu all day long. :-) 14.04 LTS is fine for both production and development. (Sounds like you're using Heroku for production in any case.) > Putting everything together, all the information seems to converge on > the necessity of creating a database superuser with login name that > match my Ubuntu user name with: > > |sudo -u postgres createuser --superuser $USER| This is the "normal" way to do it for Rails. It wants a superuser so it can drop and recreate the database before running tests (`rake test`). Personally I prefer to give each project a separate non-superuser Postgres account and start tests with just `rspec spec`, but if you're new to Rails I recommend going with the approved method. Also, Rails wants to use Postgres "ident" authentication, which does not require a password because it trusts that the OS has already authenticated you. You can avoid this too if you like by adding `host: localhost` to your `database.yml`, but then you'll need to use a password. Btw since this is not the Rails mailing list, feel free to email me personally if you have more Rails-specific questions. > According to Heroku > <https://devcenter.heroku.com/articles/heroku-postgresql#local-setup> > it is necessary "to export the DATABASE_URL environment variable for > your app to connect to it when running locally", with: > |export DATABASE_URL=postgres:///$(whoami)| That is if you want to connect to the *remote* database on Heroku (i.e. probably your *production* database). If you want to connect to your locally-installed Postgres, you should not set DATABASE_URL. > Finally I am wondering whether the choice of installing PostgreSQL > through the PostgreSQL apt repository would be safe enough or it would > be preferable to install the LTS version of Ubuntu. Either is fine. Good luck! Paul
On 02/24/2016 09:44 AM, Paul Jungwirth wrote: > Also, Rails wants to use Postgres "ident" authentication, which does not > require a password because it trusts that the OS has already > authenticated you. Sorry, I misspoke: this is "peer" authentication, not "ident". Should have looked it up first. :-) Paul