PostgreSQL 17 is the latest major release of the world’s most advanced open-source relational database. This guide covers a clean installation on RHEL 10, Rocky Linux 10, or AlmaLinux 10 – from repo setup through remote access configuration.

Prerequisites

  • A running RHEL 10, Rocky Linux 10, or AlmaLinux 10 server
  • Root or sudo access
  • A working internet connection
  • Firewall access to port 5432 (if allowing remote connections)

Step 1: Add the PostgreSQL Official Repository

The default AppStream repositories may ship an older PostgreSQL version. Install the official PGDG (PostgreSQL Global Development Group) repository to get PostgreSQL 17.

sudo dnf install -y https://download.postgresql.org/pub/repos/yum/reporpms/EL-10-x86_64/pgdg-redhat-repo-latest.noarch.rpm

Disable the built-in PostgreSQL module so it does not conflict with the PGDG packages:

sudo dnf -qy module disable postgresql

Verify the repo is active:

sudo dnf repolist | grep pgdg

Expected output should show pgdg17 in the list.

Step 2: Install PostgreSQL 17

sudo dnf install -y postgresql17-server postgresql17

Confirm the installed version:

/usr/pgsql-17/bin/psql --version

You should see output like psql (PostgreSQL) 17.x.

Step 3: Initialize the Database

Before starting PostgreSQL, initialize the data directory. This creates the system catalogs, default databases, and configuration files.

sudo /usr/pgsql-17/bin/postgresql-17-setup initdb

The data directory is created at /var/lib/pgsql/17/data/.

Step 4: Start and Enable PostgreSQL

sudo systemctl start postgresql-17
sudo systemctl enable postgresql-17

Verify the service is running:

sudo systemctl status postgresql-17

Look for active (running) in the output.

Step 5: Secure the PostgreSQL Installation

Set a password for the default postgres superuser account. Switch to the postgres system user first:

sudo -i -u postgres
psql

Inside the psql shell, set a strong password:

ALTER USER postgres WITH PASSWORD 'YourStrongPasswordHere';
\q

Exit back to your regular user:

exit

Step 6: Create a New Database User and Database

Switch to the postgres user and create a new role and database:

sudo -i -u postgres

Create a user:

createuser --interactive --pwprompt myappuser

When prompted, enter a password and answer n to superuser, n to create databases, and n to create roles – unless your application needs those privileges.

Create a database owned by the new user:

createdb --owner=myappuser myappdb

Verify the database exists:

psql -l

You should see myappdb in the list with myappuser as the owner. Exit the postgres user session:

exit

Step 7: Configure Remote Access

By default, PostgreSQL only listens on localhost. To allow connections from other hosts, two files need editing.

Edit postgresql.conf

Open the main configuration file:

sudo vi /var/lib/pgsql/17/data/postgresql.conf

Find the listen_addresses line and change it to:

listen_addresses = '*'

This tells PostgreSQL to listen on all network interfaces. In production, you may want to specify exact IP addresses instead of *.

Edit pg_hba.conf

The pg_hba.conf file controls client authentication. Open it:

sudo vi /var/lib/pgsql/17/data/pg_hba.conf

Add a line at the end to allow password-based authentication from a specific subnet. Replace 192.168.1.0/24 with your actual network range:

# Allow connections from local network
host    all     all     192.168.1.0/24     scram-sha-256

To allow from any IP (not recommended for production):

host    all     all     0.0.0.0/0          scram-sha-256

PostgreSQL 17 defaults to scram-sha-256 for password hashing, which is more secure than the older md5 method.

Restart PostgreSQL to apply the changes:

sudo systemctl restart postgresql-17

Step 8: Configure the Firewall

Open port 5432 in firewalld:

sudo firewall-cmd --permanent --add-port=5432/tcp
sudo firewall-cmd --reload

Verify the port is open:

sudo firewall-cmd --list-ports

You should see 5432/tcp in the output.

Step 9: Test the Connection

Test a local connection with the new user:

psql -h 127.0.0.1 -U myappuser -d myappdb

From a remote machine, test with:

psql -h <server-ip> -U myappuser -d myappdb

Run a quick query to confirm everything works:

SELECT version();

Troubleshooting

Connection refused on port 5432

Check that PostgreSQL is actually listening on the correct interface:

sudo ss -tlnp | grep 5432

If it only shows 127.0.0.1:5432, revisit the listen_addresses setting in postgresql.conf and restart the service.

Authentication failed

Check pg_hba.conf for a matching rule. Rules are evaluated top to bottom – the first match wins. Look at the PostgreSQL log for details:

sudo tail -50 /var/lib/pgsql/17/data/log/postgresql-*.log

PGDG repo not found or GPG key errors

Re-install the repository RPM and clean the dnf cache:

sudo dnf clean all
sudo dnf install -y https://download.postgresql.org/pub/repos/yum/reporpms/EL-10-x86_64/pgdg-redhat-repo-latest.noarch.rpm

Service fails to start after config changes

A syntax error in postgresql.conf or pg_hba.conf will prevent PostgreSQL from starting. Check the journal for the exact error:

sudo journalctl -xeu postgresql-17

Fix the config file and try starting again.

Firewall blocking connections

If remote clients still cannot connect after opening the port, check for additional network-level firewalls (cloud security groups, iptables rules) and SELinux:

sudo getsebool -a | grep postgresql

If SELinux is blocking network connections for PostgreSQL, allow it:

sudo setsebool -P postgresql_can_rsync on

Summary

PostgreSQL 17 is now installed and running on your RHEL 10 / Rocky Linux 10 / AlmaLinux 10 server. You have a working database with a dedicated user, remote access configured through pg_hba.conf, and the firewall open on port 5432. From here, set up regular backups with pg_dump or pg_basebackup, tune postgresql.conf for your workload, and monitor performance with pg_stat_activity.

RELATED ARTICLESMORE FROM AUTHOR

LEAVE A REPLY

Please enter your comment!
Please enter your name here