# Postgres

```sh
bastille create postgresql 14.2-RELEASE 192.168.1.203 em0
bastille config postgresql set allow.sysvipc=1
bastille restart postgresql
bastille pkg postgresql bootstrap
bastille pkg postgresql update
bastille pkg postgresql install -y postgresql15-server postgresql15-client
bastille service postgresql postgresql enable
bastille service postgresql postgresql initdb
bastille service postgresql postgresql start
```

You need to change `/var/db/postgres/data15/postgresql.conf`

```sh
nvim /var/db/postgres/data15/postgresql.conf
```

To listen to the ip address:

```
listen_addresses = '192.168.1.203'
```

And restart.

We need to allow communications via the jails. Add this to pf.conf on the host:

```
pass in on $ext_if proto tcp from 192.168.1.202 to 192.168.1.203 port 5432
pass out on $ext_if proto tcp from 192.168.1.203 to 192.168.1.202 port 5432
```

Add a user, for example nextcloud:

```sh
su - postgres
createuser nextcloud
createdb nextcloud -O admin
psql nextcloud
alter role nextcloud with encrypted password 'yourpassword';
grant all privileges on database nextcloud to nextcloud;
exit
exit
```

Add this to `/var/db/postgres/data15/pg_hba.conf`

```
host    nextcloud       nextcloud       0.0.0.0/0               scram-sha-256
host    nextcloud       nextcloud       ::/0                    scram-sha-256
```