RPM Repository

CYBERTEC PostgreSQL Enterprise Edition (PGEE) RPM repository configuration manual.

Repository hosts:

PostgreSQL Enterprise Edition full version
PostgreSQL Enterprise Edition free public demo version

Sections:

Available PGEE Versions
Supported Distributions
Repository Configuration
Public PGEE Demo Version Repository
Full PGEE Version Repository
Install Packages
Create Encrypted Cluster
Switching from demo packages to full PGEE
Migrate from legacy TDE packages to PGEE
Documentation

Available PGEE Versions

Supported Distributions

RHEL 10 and derivatives
RHEL 9 and derivatives
RHEL 8 and derivatives
SUSE SLES 16
SUSE SLES 15

Repository Configuration

On RedHat 8 and 9, disable the built-in postgresql module:

sudo dnf module disable -y postgresql

Modules are deprecated since RHEL 10.

Public PGEE Demo Version Repository

Free to use, limited to 1 GB per table

version=18 # available: 13 14 15 16 17 18

# RedHat, CentOS, Rocky Linux, Almalinux
sudo tee /etc/yum.repos.d/cybertec-pg$version.repo <<EOF
[cybertec_pg$version]
name=CYBERTEC PostgreSQL $version repository for RHEL/CentOS \$releasever - \$basearch
baseurl=https://repository.cybertec.at/public/$version/redhat/\$releasever/\$basearch
gpgkey=https://repository.cybertec.at/assets/cybertec-rpm.asc
enabled=1
[cybertec_common]
name=CYBERTEC common repository for RHEL/CentOS \$releasever - \$basearch
baseurl=https://repository.cybertec.at/public/common/redhat/\$releasever/\$basearch
gpgkey=https://repository.cybertec.at/assets/cybertec-rpm.asc
enabled=1
EOF

# SUSE SLES
sudo tee /etc/zypp/repos.d/cybertec-pg$version.repo <<EOF
[cybertec_pg$version]
name=CYBERTEC PostgreSQL $version repository for SLES \$releasever_major - \$basearch
baseurl=https://repository.cybertec.at/public/$version/sles/\$releasever_major/\$basearch
gpgkey=https://repository.cybertec.at/assets/cybertec-rpm.asc
enabled=1
[cybertec_common]
name=CYBERTEC common repository for SLES \$releasever_major - \$basearch
baseurl=https://repository.cybertec.at/public/common/sles/\$releasever_major/\$basearch
gpgkey=https://repository.cybertec.at/assets/cybertec-rpm.asc
enabled=1
EOF

Full PGEE Version Repository

Unlimited version - contact CYBERTEC for a quote

version=18 # available: 13 14 15 16 17 18
username="YOUR_LOGIN"
password="YOUR_PASSWORD"

# RedHat, CentOS, Rocky Linux, Almalinux
sudo tee /etc/yum.repos.d/cybertec-pg$version.repo <<EOF
[cybertec_pg$version]
name=CYBERTEC PostgreSQL $version repository for RHEL/CentOS \$releasever - \$basearch
baseurl=https://repository.cybertec.at/pgee/$version/redhat/\$releasever/\$basearch
gpgkey=https://repository.cybertec.at/assets/cybertec-rpm.asc
username=$username
password=$password
enabled=1
[cybertec_common]
name=CYBERTEC common repository RHEL/CentOS \$releasever - \$basearch
baseurl=https://repository.cybertec.at/pgee/common/redhat/\$releasever/\$basearch
gpgkey=https://repository.cybertec.at/assets/cybertec-rpm.asc
username=$username
password=$password
enabled=1
EOF

# SUSE SLES
sudo tee /etc/zypp/repos.d/cybertec-pg$version.repo <<EOF
[cybertec_pg$version]
name=CYBERTEC PostgreSQL $version repository for SLES \$releasever_major - \$basearch
baseurl=https://$username:$password@repository.cybertec.at/pgee/$version/sles/\$releasever_major/\$basearch
gpgkey=https://repository.cybertec.at/assets/cybertec-rpm.asc
enabled=1
[cybertec_common]
name=CYBERTEC common repository for SLES \$releasever_major - \$basearch
baseurl=https://$username:$password@repository.cybertec.at/pgee/common/sles/\$releasever_major/\$basearch
gpgkey=https://repository.cybertec.at/assets/cybertec-rpm.asc
enabled=1
EOF

Install Packages

sudo dnf install -y postgresql18-ee-server # adjust for version

Create Encrypted Cluster

To create an encrypted cluster, set up an encryption key, and create a new cluster:

version=18 # adjust for version

KEY=$(dd if=/dev/random bs=1k count=1 | md5sum - | cut -d ' ' -f 1)

sudo PGSETUP_INITDB_OPTIONS="-k -K 'echo $KEY'" \
    "postgresql-${version}-setup" initdb

sudo systemctl start "postgresql-${version}.service"

sudo -u postgres psql -c 'show data_encryption;'

Note: The data encryption key is stored in the server config file which is a bad security practice. Contact Cybertec for better options.

Switching from demo packages to full PGEE

To migrate from the demo packages to the full PGEE version, simply switch the repository to the full version described above, and provide your username and password. Then, yum upgrade and the PGEE packages will be installed (the demo versions have slightly smaller version numbers to make this possible). Existing clusters retain their data and will run PGEE from now.

$ sudo yum upgrade
CYBERTEC PostgreSQL 18 for RHEL/CentOS 9 - x86_64
...
Transaction Summary
===========================================================================
Upgrade  3 Packages

Running transaction
  Upgrading        : postgresql18-ee-libs-18.0-EE.rhel9.cybertec1.x86_64
  Upgrading        : postgresql18-ee-18.0-EE.rhel9.cybertec1.x86_64
  Upgrading        : postgresql18-ee-server-18.0-EE.rhel9.cybertec1.x86_64

Complete!

Migrate from legacy TDE packages to PGEE

Before PGEE, Cybertec provided TDE packages. These packages are scheduled to be end-of-life in Septemter 2025. Customers are asked to migrate to PGEE packages.

To migrate from the legacy TDE packages to the PGEE packages, use pg_upgrade.

For example, when starting with 13 TDE moving to 18 EE, install 18 EE as above, then:

initdb -D /var/lib/pgsql/18/data -k -K "echo $KEY" # same key
/usr/pgsql-18/bin/pg_upgrade -b /usr/pgsql-13-tde/bin/ \
    -d /var/lib/pgsql/13/data -D /var/lib/pgsql/18/data

Alternatively, for versions 13 and 14, the PGEE packages can be installed instead of the old TDE packages. The existing data directory will continue to work after adjusting the paths.