Remote administration for pgmoneta
This tutorial will show you how to do setup remote management for pgmoneta.
Preface
This tutorial assumes that you have an installation of PostgreSQL 13+ and pgmoneta.
See Install pgmoneta for more detail.
Change the pgmoneta configuration
Change pgmoneta.conf to add
management = 5002management = 5002under the [pgmoneta] setting, like
[pgmoneta]
...
management = 5002[pgmoneta]
...
management = 5002(pgmoneta user)
Add pgmoneta admin
pgmoneta-admin -f pgmoneta_admins.conf -U admin -P admin1234 user addpgmoneta-admin -f pgmoneta_admins.conf -U admin -P admin1234 user add(pgmoneta user)
Restart pgmoneta
Stop pgmoneta and start it again with
pgmoneta-cli -c pgmoneta.conf stop
pgmoneta -c pgmoneta.conf -u pgmoneta_users.conf -A pgmoneta_admins.confpgmoneta-cli -c pgmoneta.conf stop
pgmoneta -c pgmoneta.conf -u pgmoneta_users.conf -A pgmoneta_admins.conf(pgmoneta user)
Connect via remote administration interface
pgmoneta-cli -h localhost -p 5002 -U admin status detailspgmoneta-cli -h localhost -p 5002 -U admin status detailsand use admin1234 as the password
(pgmoneta user)
Using Transport Level Security for access
You can security the administration level interface by using Transport Level Security (TLS).
It is done by setting the following options,
[pgmoneta]
tls_cert_file=/path/to/server.crt
tls_key_file=/path/to/server.key
tls_ca_file=/path/to/root.crt
...[pgmoneta]
tls_cert_file=/path/to/server.crt
tls_key_file=/path/to/server.key
tls_ca_file=/path/to/root.crt
...in pgmoneta.conf.
The client side setup must go into ~/.pgmoneta/ with the following files
~/.pgmoneta/pgmoneta.key
~/.pgmoneta/pgmoneta.crt
~/.pgmoneta/root.crt~/.pgmoneta/pgmoneta.key
~/.pgmoneta/pgmoneta.crt
~/.pgmoneta/root.crtThey must have 0600 permission.