Installation
PostgreSQL version 16.9 or higher is required.
To install PostgreSQL in an air-gapped environment, download the required packages on a preparation machine and then transfer them to the air-gapped server. The preparation machine should have internet access and run the same operating system version as the target server.
Debian, Ubuntu
Prepare packages
- On the preparation machine, run commands.
xxxxxxxxxx# Set PostgreSQL version, replace "16" by the version you wantPOSTGRESQL_VERSION=16 # Install apt-rdependssudo apt install -y apt-rdepends # Automated repository configurationsudo apt install -y postgresql-commonecho "" | sudo /usr/share/postgresql-common/pgdg/apt.postgresql.org.sh # Download packagemkdir -p postgresql-$POSTGRESQL_VERSION-offline && cd postgresql-$POSTGRESQL_VERSION-offlineapt-get download postgresql-$POSTGRESQL_VERSION postgresql-contrib # Download dependencies tooapt-rdepends -p postgresql-$POSTGRESQL_VERSION \ | grep -v "^ " \ | grep -v "^debconf" \ | xargs -I {} bash -c 'apt-get download "{}" || true'cd ..- Copy the
postgresql-<version>-offlinefolder to a USB drive or secure transfer medium. - Move it to the air-gapped server.
Install PostgreSQL
- On the target server, insert the USB drive or secure transfer medium.
- Run the commands below in the
postgresql-<version>-offlinefolder.
xxxxxxxxxx# Installsudo dpkg -i ./*.deb # Configures PostgreSQL to start automatically whenever the system bootssudo systemctl enable --now postgresql # Setup login passwordsudo -u postgres psql -c "ALTER USER postgres WITH PASSWORD '<your_password>';"Open connection
- Locate the PostgreSQL data directory on your server.
xxxxxxxxxx/etc/postgresql/<version>/main/- To allow remote connections, open the
postgresql.conffile and configure the following setting:
xxxxxxxxxxlisten_addresses = '*'- To allow MetaDefender Cluster services to access the database, open the
pg_hba.conffile and add the following rule.
xxxxxxxxxxhostssl all all 0.0.0.0/0 scram-sha-256- Restart the PostgreSQL service to apply the changes.
xxxxxxxxxxsudo systemctl restart postgresqlRocky, RHEL 9
Prepare packages
- On the preparation machine, run commands.
# Set PostgreSQL version, replace "16" by the version you wantPOSTGRESQL_VERSION=16 # Install the repository RPMsudo dnf install -y https://download.postgresql.org/pub/repos/yum/reporpms/EL-8-x86_64/pgdg-redhat-repo-latest.noarch.rpm # Disable the built-in PostgreSQL modulesudo dnf -qy module disable postgresql # download packages (not install)mkdir -p postgresql-$POSTGRESQL_VERSION-offline && cd postgresql-$POSTGRESQL_VERSION-offline && sudo dnf download --resolve --alldeps --downloaddir . postgresql$POSTGRESQL_VERSION-server postgresql-contrib && cd ..- Copy the
postgresql-<version>-offlinefolder to a USB drive or secure transfer medium. - Move it to the air-gapped server.
Install PostgreSQL
- On the target server, insert the USB drive or secure transfer medium.
- Run the commands below in the
postgresql-<version>-offlinefolder.
xxxxxxxxxx# Installsudo dnf install -y ./*.rpm # Configures PostgreSQL to start automatically whenever the system bootssudo /usr/pgsql-$POSTGRESQL_VERSION/bin/postgresql-$POSTGRESQL_VERSION-setup initdbsudo systemctl enable --now postgresql-$POSTGRESQL_VERSION # Setup login passwordsudo -u postgres psql -c "ALTER USER postgres WITH PASSWORD '<your_password>';"Sometimes, other dependencies require upgrading. Example:
You should manually download the dependencies using the command dnf download --resolve --alldeps --downloaddir . <package_names> . Then copy them to the postgresql-<version>-offline folder and install again.
Open connection
- Locate the PostgreSQL data directory on your server.
xxxxxxxxxx/etc/postgresql/<version>/main/- To allow remote connections, open the
postgresql.conffile and configure the following setting:
xxxxxxxxxxlisten_addresses = '*'- To allow MetaDefender Cluster services to access the database, open the
pg_hba.conffile and add the following rule.
xxxxxxxxxxhost all all 0.0.0.0/0 scram-sha-256- Restart the PostgreSQL service to apply the changes.
xxxxxxxxxxsudo systemctl restart postgresql-16Was this page helpful?