Re: Postgres user UID and GID

guix-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Postgres user UID and GID

From:	Martin Baulig
Subject:	Re: Postgres user UID and GID
Date:	Mon, 17 Jul 2023 21:28:29 +0000

Hello,

I had considered idmap before, but realized there might be a bit of a 
chicken-egg problem with it.  Even though that likely doesn't actually exist 
because GNU Guix is smart enough about it, the circular dependency still feels 
weird:

What I mean is that the NFS client would depend on the existence of the 
'postgres' user, to put it into the idmap file, and to resolve its UID / GID on 
service startup.

But the PostgreSQL service also depends on the NFS share already being mounted, 
so the postgres process can access its data directory.

The only clean solution I could think about is to create the account during 
system initialization via an explicit entry in (operating-system (users ...)).  
But then I won't need idmap because I can just hard-code the UID and GID there.

About running the database on the server - unfortunately, there is no official 
package for Synology's DSM and I don't feel good about some third-party sites 
that only provide binaries.  They also made some custom changes to the Linux 
kernel and use some kind of custom libc - it's a nightmare to install anything 
on that thing!

And the "official" recommendation that you get on Reddit, Stack Overflow, etc. 
about running PostgreSQL on Synology DSM is to install a Docker image.

I figured running GNU Guix in a VM to be a much better choice than messing with 
a bunch of Docker images.

Best regards,

Martin

------- Original Message -------
On Monday, July 17th, 2023 at 8:23 PM, Felix Lechner 
<felix.lechner@lease-up.com> wrote:

> 
> 
> Hi Martin,
> 
> On Mon, Jul 17, 2023 at 11:44 AM Martin Baulig martin@baulig.is wrote:
> 
> > I have decided to NFS-mount an encrypted shared folder
> 
> 
> I use a similar setup and use Gocryptfs for encryption. How do you
> encrypt, please?
> 
> > there is a tiny little problem with PostgreSQL:
> > the UID and GID of the 'postgres' user needs to match that of the server.
> 
> 
> Perhaps I do not understand the needs of your setup completely.
> Doesn't 'idmapd' in NFSv4 address your conundrum effectively?
> 
> For performance reasons, I would discourage such a setup, though. It
> would be better to run Postgres on the NAS, if it is an option, or to
> replicate the database for backup purposes.
> 
> Kind regards
> Felix

[Prev in Thread]

Current Thread

[Next in Thread]

Postgres user UID and GID, Martin Baulig, 2023/07/17
- Re: Postgres user UID and GID, Denis 'GNUtoo' Carikli, 2023/07/17
  - Re: Postgres user UID and GID, Martin Baulig, 2023/07/17
    - Re: Postgres user UID and GID, Denis 'GNUtoo' Carikli, 2023/07/18
    - Re: Postgres user UID and GID, Martin Baulig, 2023/07/19
- Re: Postgres user UID and GID, Felix Lechner, 2023/07/17
  - Re: Postgres user UID and GID, Martin Baulig <=

Prev by Date: Re: A Forum for Guix Users
Next by Date: Re: Postgres user UID and GID
Previous by thread: Re: Postgres user UID and GID
Next by thread: openshot patch: Guix QA shows 14000 rebuilds
Index(es):
- Date
- Thread