CYBERTEC PostgreSQL EE Repository

PGEE Logo

[ DEB Repository ] [ RPM Repository ] [ Docker Images ] [ Windows Installer ]

RPM Repository

This page helps you configure the CYBERTEC PostgreSQL Enterprise Edition (PGEE) RPM repository.

Several repositories are hosted here:

PGEE includes Transparent Data Encryption (TDE) and more features.

Available Packages

PGEE packages:

Supported Distributions

Repository Configuration

Disable Built-In Modules

On RedHat 8 and later, disable the built-in postgresql module:

sudo dnf module disable -y postgresql

Public PGEE Demo Version Repository

Free to use, limited to 1 GB per table

version=17 # available: 13 14 15 16 17

# RedHat/CentOS
sudo tee /etc/yum.repos.d/cybertec-pg$version.repo <<EOF
[cybertec_pg$version]
name=CYBERTEC PostgreSQL $version for RHEL/CentOS \$releasever - \$basearch
baseurl=https://repository.cybertec.at/public/$version/redhat/\$releasever/\$basearch
gpgkey=https://repository.cybertec.at/assets/cybertec-rpm.asc
enabled=1
EOF

# SUSE SLES
sudo tee /etc/zypp/repos.d/cybertec-pg$version.repo <<EOF
[cybertec_pg$version]
name=CYBERTEC PostgreSQL $version for SLES \$releasever_major - \$basearch
baseurl=https://repository.cybertec.at/public/$version/sles/\$releasever_major/\$basearch
gpgkey=https://repository.cybertec.at/assets/cybertec-rpm.asc
enabled=1
EOF

Full PGEE Version Repository

Unlimited version - contact CYBERTEC for a quote

version=17 # available: 13 14 15 16 17
username="YOUR_LOGIN"
password="YOUR_PASSWORD"

# RedHat/CentOS
sudo tee /etc/yum.repos.d/cybertec-pg$version.repo <<EOF
[cybertec_pg$version]
name=CYBERTEC PostgreSQL $version for RHEL/CentOS \$releasever - \$basearch
baseurl=https://repository.cybertec.at/pgee/$version/redhat/\$releasever/\$basearch
gpgkey=https://repository.cybertec.at/assets/cybertec-rpm.asc
username=$username
password=$password
enabled=1
EOF

# SUSE SLES
sudo tee /etc/zypp/repos.d/cybertec-pg$version.repo <<EOF
[cybertec_pg$version]
name=CYBERTEC PostgreSQL $version for SLES \$releasever_major - \$basearch
baseurl=https://$username:$password@repository.cybertec.at/pgee/$version/sles/\$releasever_major/\$basearch
gpgkey=https://repository.cybertec.at/assets/cybertec-rpm.asc
enabled=1
EOF

Install Packages

sudo yum install -y postgresql17-ee-server # adjust for version

Create Encrypted Cluster

To create an encrypted cluster, set up an encryption key, and create a new cluster:

version=16 # adjust for version
PATH=/usr/pgsql-$version/bin:$PATH
KEY=$(dd if=/dev/random bs=1k count=1 | md5sum - | cut -d ' ' -f 1)

initdb -D /var/lib/pgsql/$version/data -k -K "echo $KEY"
pg_ctl -D /var/lib/pgsql/$version/data start
psql

psql (17.2 EE 1.4.0)
 ____   ____ _____ _____
|  _ \ / ___| ____| ____|
| |_) | |  _|  _| |  _|
|  __/| |_| | |___| |___
|_|    \____|_____|_____|
PostgreSQL EE by CYBERTEC
Type "help" for help.

postgres=# show data_encryption;
 data_encryption
-----------------
 on
(1 row)

postgres=#

Note: The cluster created here uses an encryption key that is stored inside postgresql.conf. Other more secure key retrieval methods can be configured; talk to CYBERTEC about which method fits your security requirements best.

Migrate from legacy TDE packages to PGEE

Before PGEE, Cybertec provided TDE packages. These packages are scheduled to be end-of-life in Septemter 2025. Customers are asked to migrate to PGEE packages.

To migrate from the legacy TDE packages to the PGEE packages, use pg_upgrade.

For example, when starting with 13 TDE moving to 17 EE, install 17 EE as above, then:

initdb -D /var/lib/pgsql/17/data -k -K "echo $KEY" # same key
/usr/pgsql-17/bin/pg_upgrade -b /usr/pgsql-13-tde/bin/ \
    -d /var/lib/pgsql/13/data -D /var/lib/pgsql/17/data

Alternatively, for versions 13 and 14, the PGEE packages can be installed instead of the old TDE packages. The existing data directory will continue to work after adjusting the paths.

Documentation

© 2024 Cybertec — Built with swege