Postgre and Jails

[nrgpix]

I am starting this thread in this channel because it relates to installing an application in a jail.
I am blocked from creating a running instance of Postgre DB in a Freenas Jail

Steps to create are

1. Create Pool
2. Create Data set -location of dataset /mnt/PostgrePool/PostgreDS
3. Create User and Group for pgsql
4. Create user 'pgsql' UID 5432, primary group pgsql, nologin, nonexistent, disable password login
5. Set ACL for user and Group User and Group have full read write execute and other only has read write
6. Set up share /mnt/PostgrePool/PostgreDS (share visible over network in Windows explorer)
7. Set up new JAIL at 12.2 release as postgre_JAIL boot=ON
8. vnet dhcp and bpf are "=on postgre_JAIL"
9. allow_raw_sockets = 1 postgre_JAIL

inside postgres_JAIL

1. pkg updated and upgraded
2. pkg install sudo postgresql13-contrib-13.3 postgresql13-server-13.3_1
3. sysrc postgresql_enable=YES
4. sysrc postgresql_data=/mnt/postgres/data
5. mkdir /mnt/postgres
6. pw useradd -n pgsql -u 1004 -d /nonexistent -s /usr/sbin/nologin
7. pw groupadd -n pgsql -g 1004
8. pw groupmod pgsql -m pgsql
9. sudo chown pgsql:pgsql /mnt/postgres
   
   exiting postgres_JAIL and restarting
10. iocage fstab -a postgres_JAIL "/mnt/PostgrePool/PostgreDS /mnt/postgres nullfs rw 0 0" results in unsuccessful mount with message "Destination: /mnt/PlexPool/iocage/jails/postgre_JAIL/root/mnt/postgre does not exist or is not a directory".

I followed the Freenas set up plex instructions and this is where the first succesful mount to iocage arose.
Now freeenas is always seeking to mount to this iocage - have I screwed up Free nas - do I have to lose all plex stuff in order to get Postgre up and running

 

[sretalla]

To add fstab via CLI requires jail to be running and the target directory must already exist (iocage exec jail mkdir /whatever/dir) and be empty.

Have you landed with the fstab entry in your jail or not?

iocage fstab jail -l

You can remove it by number as shown in that list.

 

[danb35]

To add fstab via CLI requires jail to be running

I don't think this is correct, though adding it at the GUI does require the jail to be stopped (why, I don't know).

the target directory must already exist

But it does require this, which has tripped me up many times before.

I followed the Freenas set up plex instructions and this is where the first succesful mount to iocage arose.

iocage only supports having jails on one pool. Data mounts can be anywhere, but the jails themselves will all be on the same pool.

Create user 'pgsql' UID 5432, primary group pgsql, nologin, nonexistent, disable password login

pw useradd -n pgsql -u 1004 -d /nonexistent -s /usr/sbin/nologin

Two questions on this:
1. Doesn't installing PostgreSQL create the pgsql user?
2. If not, why are you setting a different uid/gid than what you set in the FreeNAS UI?

If you need to create the user manually (which I'd doubt), its uid/gid need to match the user you created in the base OS if you want permissions to work.

 

[sretalla]

I don't think this is correct

And you're right.

It was easily tested and I confirm it works with the jail stopped. (although I'm sure it was at some point not the case, anyway, great!)

 

[nrgpix]

I don't think this is correct, though adding it at the GUI does require the jail to be stopped (why, I don't know).

But it does require this, which has tripped me up many times before.

iocage only supports having jails on one pool. Data mounts can be anywhere, but the jails themselves will all be on the same pool.


Two questions on this:
1. Doesn't installing PostgreSQL create the pgsql user?
2. If not, why are you setting a different uid/gid than what you set in the FreeNAS UI?

If you need to create the user manually (which I'd doubt), its uid/gid need to match the user you created in the base OS if you want permissions to work.

Thankyou for the reply.
Each of the three examples I used gave me different methods on user.
Either way getting to the postgre user by default or by manual intervention I stilll have the same issue I end up with an invalid Group using the chown
.
Have followed the thread which suggest 3 ways to fix that and still not joy.