I try to set up Amazon EC2 with Vagrant and Chef-zero. Chef contains only one receipt for the installation of Nginx, Ruby, PostgreSQL, that is those utilities that are necessary for a Ruby on Rails stack. For PostgreSQL installation I use this cookbook https://supermarket.chef.io/cookbooks/postgresql. It automatically adds “local all all peer” to the end of pg_hba.conf. If I run Chef on my local machine in VirtualBox, everything is OK. But if I run it on Amazon, PostgreSQL gives an error “invalid authentication method "peer”. What is the reason? Maybe, I should use Amazon RDS instead of running the Ruby stack and PostgreSQL on the same machine? Locally, I use Centos 7.2, but on Amazon EC2 - Amazon Linux AMI 2016.09.0.
/var/lib/pgsql/9.2/data/pg_hba.conf
# This file was automatically generated and dropped off by Chef!
# PostgreSQL Client Authentication Configuration File
# ===================================================
#
# Refer to the "Client Authentication" section in the PostgreSQL
# documentation for a complete description of this file.
# TYPE DATABASE USER ADDRESS METHOD
###########
# Other authentication configurations taken from chef node defaults:
###########
local all postgres ident
local all all ident
host all all 127.0.0.1/32 md5
host all all ::1/128 md5
# "local" is for Unix domain socket connections only
local all all peer
logfile:
LOG: invalid authentication method "peer"
CONTEXT: line 24 of configuration file "/var/lib/pgsql/9.2/data/pg_hba.conf"
FATAL: could not load pg_hba.conf
Related
In testing subscriptions within postgresql, there came a realisation that spaces in passwords were not going to be digested properly. Thus with postgresql commands a role was edited ALTER ROLE deploy WITH PASSWORD '4rut9_qo38'; fictitious pwd
However, from that moment on, an application was responding with:
ActiveRecord::ConnectionNotEstablished
FATAL: password authentication failed for user "deploy"
Now the password is not defined in the application and
bundle exec rails c
Rails.application.credentials.config
{:telegram=>{:bot=>{:token=>"49202[...]
yields no password credential and, noteworthy, no secret_key_base.
pg_hba.conf remains in its default state with an added line for replication purposes
local all postgres md5
# TYPE DATABASE USER ADDRESS METHOD
local all all peer
host all all 127.0.0.1/32 md5
host all all ::1/128 md5
# Allow replication connections from localhost, by a user with the replication privilege.
local replication all peer
host replication all 127.0.0.1/32 md5
host replication all ::1/128 md5
host all all 10.935.0.18/32 md5
There was an attempt to set the connection via database.yml by adding the password line
development:
<<: *default
database: example_development
password: '4rut9_qo38'
The password in postgresql (v12) was reset to the previous value ALTER ROLE deploy WITH PASSWORD '4rut9 qo38';,
sudo service nginx restart, sudo service postgresql restart and touch tmp/restart.txt to relaunch the app, but to no avail:
ActiveRecord::ConnectionNotEstablished
FATAL: password authentication failed for user "deploy"
The real curiosity arises from a second app on the same server: it IS connecting appropriately, credentials.config has a secret_key_base and database.yml has no password inserted.
Further oddities: one can change the user password via postgresql, add the password to database.yml to the same value and the behaviours of both applications remains unaltered - thereby excluding issues with pg_hba.conf...
Clearly the first app is not well configured (both are rails 6.1.3).
How should the passwords be set in a failsafe manner, assuming that the password of the postgresql deploy user has to change, so that each of these applications runs as expected?
/home/deploy/example/.rbenv-vars needs to be checked; it contains the database connection password.
This can be reset, or given the replication case above, the postgresql role can be amended accordingly.
PG 9.4
Centos 6.7
I successfully installed Postgres 9.4 on Centos. I am checking my authentication through pgAdmin. I can create new users etc with the Centos terminal.
However, after the user and passwords are created, I can't use them to access localhost on Postgres. I get the error: 'FATAL: Ident authentication failed for user "pguser"'
The weird thing is, I can login using my linux username and NO password. However, as soon as I create a new username and password, it doesn't work.
/var/lib/pgsql/9.4/data/pg_hba.conf file as in password authentication failed for user "postgres":
# Database administrative login by UNIX sockets
local all postgres ident
# TYPE DATABASE USER ADDRESS METHOD
# "local" is for Unix domain socket connections only
local all all md5
# IPv4 local connections:
host all all 127.0.0.1/32 md5
# IPv6 local connections:
host all all ::1/128 md5
How do I set up a new superuser and password that will properly authenticate? (This user is going to be used to read/write to pg in a ruby on rails app)
Edit: the answer provided below works. You may have to restart your computer or find a good way to kill/restart pg, looks like sometimes the changes to the pg_hba.conf file don't take.
You need to configure your pg_hba.conf file to accept password as the METHOD to get in. If I am reading this correctly, you are attempting to log in to postgres locally with a user and password you configured. So you should configure pg_hba.conf as such:
# Database administrative login by UNIX sockets
local all postgres ident
# TYPE DATABASE USER ADDRESS METHOD
# "local" is for Unix domain socket connections only
local all all password
After this is done, you should be able to log in locally with the username and password.
I'm trying to update a Chef server that is hosted on a AWS EC2 instance. This is what happens when I'm trying to connect to the server:
$ knife ssl check
Error: Network Error: getaddrinfo: nodename nor servname provided, or not
known
I can only think of issues w/ the knife configuration. However, all knife functions work within the AWS EC2 instance, while not on my local machine (Macbook+iTerm).
knife.rb on EC2
log_level :info
log_location STDOUT
node_name 'jdoe'
client_key '/home/ec2-user/.chef/jdoe.pem'
validation_client_name 'chef-validator'
validation_key '/etc/chef-server/chef-validator.pem'
chef_server_url 'https://ip-xx-x-x-xxx.ec2.internal:443'
syntax_check_cache_path '/home/ec2-user/.chef/syntax_check_cache'
knife.rb on local machine
log_level :info
log_location STDOUT
node_name 'jdoe'
client_key '/Users/.../.chef/jdoe.pem'
validation_client_name 'chef-validator'
validation_key '/Users/.../.chef/chef-validator.pem'
chef_server_url 'https://ip-xx-x-x-xxx.ec2.internal:443'
syntax_check_cache_path '/Users/yoonsulee/.chef/syntax_check_cache'
# Amazon AWS
knife[:aws_access_key_id]='A...........Q' # actual access key
knife[:aws_secret_access_key]='Q.............................g' # actual secret access eky
knife[:aws_ssh_key_id]='xyz-abcd' # general key name used for AWS access
My AWS security group and ACL are all fine. And I was somehow able to download 'trusted_certs' from:
$ knife ssl fetch
Ultimately, I'm trying to do the following from my Chef repo directory:
$ berks upload <new_cookbook> --force
$ knife role from file ../../roles/*
Looks like the issue is due to you using the internal DNS name of your EC2 instance. Unless you are VPN'd in to your AWS VPC this will not resolve.
You should change your workstation's knife.rb to use the Public DNS name if it exists. If you do not wish to create a public endpoint for your instance, you will need to VPN to your VPC to have internal endpoints resolvable.
So I'm trying to start working on an existing RubyRails app, I've got RVM, Rails and PostgreSQL set up. I've tested rails server on a test app I made, I can connect to localhost:3000 just fine. When I copy over the existing app I'm trying to work on, cd to it and run rails server, localhost:3000 gives me
PG::ConnectionBad
fe_sendauth: no password supplied
I've looked for a few hours across Google and SO and can't find a proper solution. What I tried after a lot of reading was changing my pg_hba.conf file for postgres to have the following settings:
# TYPE DATABASE USER ADDRESS METHOD
# "local" is for Unix domain socket connections only
local all all trust
# IPv4 local connections:
host all all 127.0.0.1/32 trust
# IPv6 local connections:
host all all ::1/128 trust
# Allow replication connections from localhost, by a user with the
# replication privilege.
#local replication postgres md5
#host replication postgres 127.0.0.1/32 md5
#host replication postgres ::1/128 md5
I saved these changes and restarted the terminal (to reload these changes), and I am getting the same error on localhost:3000, the PG:ConnectionBad error. Could anyone lend a hand? This is so frustrating.
In case it helps, I'm using Ruby 2.1.1 and Rails 4.1.0 and PostgreSQL 9.3 Thank you!
Restarting the terminal is not enough. You can restart Postgres with
service postgresql restart
Looks like there is no password specified for the database:
fe_sendauth: no password supplied
You can see how you specify username and password for your database here:
http://guides.rubyonrails.org/configuring.html#configuring-a-database
I fear this may be a dumb question/easy fix, but have been stuck for a while. Would really appreciate any feedback you may have.
Both my development and production databases are Postgres. After pushing to Heroku, I was having issues with my scss files in my development environment. (Updates to the SCSS files were not reflected in my DEVELOPMENT environment, despite having the default config. settings. Not sure if this is an expected result from precompiling for the production env.)
After restarting my system, I can no longer connect to the Postgres database. I get the same error through the command line (rails s) and pgAdminIII, that says, "
could not connect to server: Connection refused (0x0000274D/10061) Is the
server running on host "127.0.0.1" and accepting TCP/IP connections on port
5432?
My files are configured as below, and fit the descriptions given in the other posts I found related to this issue. Also, I am able to access localhost:3000 with my SQLite3 projects.
Any feedback would be appreciated.
My postgresql.conf file
#------------------------------------------------------------------------------
# CONNECTIONS AND AUTHENTICATION
#------------------------------------------------------------------------------
# - Connection Settings -
listen_addresses = '*'
port = 5432
max_connections = 100
My pg_hba.conf file
# TYPE DATABASE USER CIDR-ADDRESS METHOD
# IPv4 local connections:
host all all 127.0.0.1/32 md5
# IPv6 local connections:
host all all ::1/128 md5
I ended up doing a full uninstall, then configured the postgres service to use my local system account. Now I can connect to my postgres server without issue.