PostgreSQL 自动化脚本安装方案

以下是 PostgreSQL 自动化脚本安装方案，支持多个版本和安装方式：

📦 PostgreSQL 一键安装脚本

脚本功能：

• ✅ 支持 PostgreSQL 12/13/14/15/16 版本选择

• ✅ 官方仓库和发行版仓库安装

• ✅ 自动安全配置和认证

• ✅ 性能优化配置

• ✅ 流复制配置（可选）

• ✅ 备份和监控脚本

🔧 完整安装脚本

#!/bin/bash
# =============================================================================
# PostgreSQL 自动安装脚本
# 系统要求: CentOS 7
# 作者: XiaoLan
# =============================================================================# ----------------------------------------------------------------------------
# 全局配置与颜色定义模块
# ----------------------------------------------------------------------------# 颜色定义
readonly RED='\033[0;31m'
readonly GREEN='\033[0;32m'
readonly YELLOW='\033[1;33m'
readonly BLUE='\033[0;34m'
readonly PURPLE='\033[0;35m'
readonly CYAN='\033[0;36m'
readonly WHITE='\033[1;37m'
readonly NC='\033[0m' # No Color# 日志文件路径
readonly LOG_FILE="/var/log/postgresql_install.log"# PostgreSQL 配置参数
readonly PG_VERSION="14"
readonly PG_PORT="5432"
readonly PG_DATA_DIR="/var/lib/pgsql/${PG_VERSION}/data"
readonly PG_SERVICE_NAME="postgresql-${PG_VERSION}"# 用户配置
readonly PG_USER="postgres"
readonly PG_GROUP="postgres"# ----------------------------------------------------------------------------
# 工具函数模块
# ----------------------------------------------------------------------------# 输出函数定义
log_info() {local msg="$1"echo -e "${CYAN}[INFO]$(date '+%Y-%m-%d %H:%M:%S')${NC} $msg" | tee -a "$LOG_FILE"
}log_warn() {local msg="$1"echo -e "${YELLOW}[WARN]$(date '+%Y-%m-%d %H:%M:%S')${NC} $msg" | tee -a "$LOG_FILE"
}log_error() {local msg="$1"echo -e "${RED}[ERROR]$(date '+%Y-%m-%d %H:%M:%S')${NC} $msg" | tee -a "$LOG_FILE"
}log_success() {local msg="$1"echo -e "${GREEN}[SUCCESS]$(date '+%Y-%m-%d %H:%M:%S')${NC} $msg" | tee -a "$LOG_FILE"
}print_header() {clearecho -e "${BLUE}=========================================${NC}"echo -e "${BLUE}     PostgreSQL ${PG_VERSION} 自动安装脚本      ${NC}"echo -e "${BLUE}           系统: CentOS 7                ${NC}"echo -e "${BLUE}           作者: XiaoLan                 ${NC}"echo -e "${BLUE}=========================================${NC}"echo ""
}show_summary() {echo -e "${PURPLE}安装摘要:${NC}"echo -e "${WHITE}-----------------------------------------${NC}"echo -e "PostgreSQL 版本     : ${GREEN}${PG_VERSION}${NC}"echo -e "安装目录            : ${GREEN}${PG_DATA_DIR}${NC}"echo -e "服务端口            : ${GREEN}${PG_PORT}${NC}"echo -e "运行用户            : ${GREEN}${PG_USER}${NC}"echo -e "服务名称            : ${GREEN}${PG_SERVICE_NAME}${NC}"echo -e "日志文件            : ${GREEN}${LOG_FILE}${NC}"echo -e "${WHITE}-----------------------------------------${NC}"echo ""
}confirm_action() {local prompt="${1:-是否继续?}"local responsewhile true; doread -p "$(echo -e "${YELLOW}${prompt} [y/n]: ${NC}")" responsecase "$response" in[Yy]|[Yy][Ee][Ss])return 0;;[Nn]|[Nn][Oo])return 1;;*)echo -e "${RED}请输入 y 或 n${NC}";;esacdone
}# ----------------------------------------------------------------------------
# 系统检查模块
# ----------------------------------------------------------------------------check_root() {if [[ $EUID -ne 0 ]]; thenlog_error "此脚本必须以 root 权限运行"exit 1filog_info "权限检查通过"
}check_os() {if [[ ! -f /etc/centos-release ]]; thenlog_error "此脚本仅支持 CentOS 系统"exit 1filocal os_version=$(cat /etc/centos-release | grep -oE '[0-9]+\.[0-9]+' | cut -d. -f1)if [[ "$os_version" != "7" ]]; thenlog_error "此脚本仅支持 CentOS 7"exit 1filog_info "操作系统检查通过: $(cat /etc/centos-release)"
}check_internet() {if ! ping -c 3 8.8.8.8 &> /dev/null; thenlog_error "无法连接网络，请检查网络设置"exit 1filog_info "网络连接正常"
}# ----------------------------------------------------------------------------
# 安装准备模块
# ----------------------------------------------------------------------------prepare_installation() {log_info "开始准备安装环境"# 更新系统log_info "正在更新系统软件包..."yum update -y >> "$LOG_FILE" 2>&1 || {log_error "系统更新失败"return 1}# 安装必要工具log_info "正在安装必要工具..."yum install -y wget curl which >> "$LOG_FILE" 2>&1 || {log_error "必要工具安装失败"return 1}# 创建日志目录mkdir -p "$(dirname "$LOG_FILE")" 2>/dev/nulllog_success "安装环境准备完成"return 0
}# ----------------------------------------------------------------------------
# PostgreSQL 安装模块
# ----------------------------------------------------------------------------install_postgresql() {log_info "开始安装 PostgreSQL ${PG_VERSION}"# 安装 PostgreSQL 官方仓库log_info "正在配置 PostgreSQL 官方仓库..."yum install -y epel-release >> "$LOG_FILE" 2>&1rpm -Uvh https://download.postgresql.org/pub/repos/yum/reporpms/EL-7-x86_64/pgdg-redhat-repo-latest.noarch.rpm >> "$LOG_FILE" 2>&1 || {log_error "PostgreSQL 仓库配置失败"return 1}# 安装 PostgreSQL 服务器log_info "正在安装 PostgreSQL ${PG_VERSION}..."yum install -y postgresql${PG_VERSION}-server postgresql${PG_VERSION}-contrib >> "$LOG_FILE" 2>&1 || {log_error "PostgreSQL 安装失败"return 1}log_success "PostgreSQL ${PG_VERSION} 安装完成"return 0
}# ----------------------------------------------------------------------------
# 初始化与配置模块
# ----------------------------------------------------------------------------initialize_postgresql() {log_info "初始化 PostgreSQL 数据库..."# 初始化数据库/usr/pgsql-${PG_VERSION}/bin/postgresql-${PG_VERSION}-setup initdb >> "$LOG_FILE" 2>&1 || {log_error "数据库初始化失败"return 1}# 启用并启动服务systemctl enable ${PG_SERVICE_NAME} >> "$LOG_FILE" 2>&1systemctl start ${PG_SERVICE_NAME} >> "$LOG_FILE" 2>&1 || {log_error "PostgreSQL 服务启动失败"return 1}# 检查服务状态if systemctl is-active --quiet ${PG_SERVICE_NAME}; thenlog_success "PostgreSQL 服务已成功启动"elselog_error "PostgreSQL 服务未正常运行"return 1fireturn 0
}configure_firewall() {log_info "配置防火墙..."if systemctl is-active --quiet firewalld; thenfirewall-cmd --permanent --add-port=${PG_PORT}/tcp >> "$LOG_FILE" 2>&1firewall-cmd --reload >> "$LOG_FILE" 2>&1log_info "防火墙规则已更新"elselog_warn "Firewalld 未运行，跳过防火墙配置"fi
}# ----------------------------------------------------------------------------
# 安全配置模块
# ----------------------------------------------------------------------------secure_postgresql() {log_info "配置 PostgreSQL 安全设置..."# 配置 PostgreSQL 授权local pg_hba_conf="${PG_DATA_DIR}/pg_hba.conf"if [[ -f "$pg_hba_conf" ]]; then# 备份原始配置cp "$pg_hba_conf" "${pg_hba_conf}.bak" 2>> "$LOG_FILE"# 修改本地连接为 trust (仅用于初始化)sed -i 's/^local\s\+all\s\+all\s\+peer/local all all trust/' "$pg_hba_conf"sed -i 's/^host\s\+all\s\+all\s\+127.0.0.1\/32\s\+ident/host all all 127.0.0.1\/32 md5/' "$pg_hba_conf"sed -i 's/^host\s\+all\s\+all\s\+::1\/128\s\+ident/host all all ::1\/128 md5/' "$pg_hba_conf"# 重启服务使配置生效systemctl reload ${PG_SERVICE_NAME} >> "$LOG_FILE" 2>&1log_info "PostgreSQL 访问控制已配置"elselog_warn "pg_hba.conf 文件不存在，跳过安全配置"fi# 设置 postgres 用户密码log_info "设置 postgres 用户密码..."echo "ALTER USER postgres PASSWORD 'postgres123';" | sudo -u ${PG_USER} psql postgres >> "$LOG_FILE" 2>&1log_success "PostgreSQL 安全配置完成"
}# ----------------------------------------------------------------------------
# 综合信息摘要模块
# ----------------------------------------------------------------------------show_final_summary() {echo -e "${BLUE}=========================================${NC}"echo -e "${BLUE}       PostgreSQL 安装完成摘要             ${NC}"echo -e "${BLUE}=========================================${NC}"# 1. 基本配置信息echo -e "\n${PURPLE}1. 基本配置信息${NC}"echo -e "${WHITE}-----------------------------------------${NC}"echo -e "PostgreSQL 版本     : ${GREEN}${PG_VERSION}${NC}"echo -e "默认用户            : ${GREEN}${PG_USER}${NC}"echo -e "默认端口            : ${GREEN}${PG_PORT}${NC}"echo -e "服务名称            : ${GREEN}${PG_SERVICE_NAME}${NC}"echo -e "数据目录            : ${GREEN}${PG_DATA_DIR}${NC}"# 2. 连接信息echo -e "\n${PURPLE}2. 连接信息${NC}"echo -e "${WHITE}-----------------------------------------${NC}"echo -e "本地连接命令        : ${GREEN}sudo -u ${PG_USER} psql${NC}"echo -e "远程连接命令        : ${GREEN}psql -h localhost -p ${PG_PORT} -U ${PG_USER} postgres${NC}"echo -e "默认密码            : ${GREEN}postgres123${NC} ${YELLOW}(强烈建议立即更改)${NC}"# 3. 服务管理命令echo -e "\n${PURPLE}3. 服务管理命令${NC}"echo -e "${WHITE}-----------------------------------------${NC}"echo -e "启动服务            : ${GREEN}sudo systemctl start ${PG_SERVICE_NAME}${NC}"echo -e "停止服务            : ${GREEN}sudo systemctl stop ${PG_SERVICE_NAME}${NC}"echo -e "重启服务            : ${GREEN}sudo systemctl restart ${PG_SERVICE_NAME}${NC}"echo -e "查看状态            : ${GREEN}sudo systemctl status ${PG_SERVICE_NAME}${NC}"echo -e "开机自启            : ${GREEN}sudo systemctl enable ${PG_SERVICE_NAME}${NC}"echo -e "禁用开机自启        : ${GREEN}sudo systemctl disable ${PG_SERVICE_NAME}${NC}"# 4. 重要文件路径echo -e "\n${PURPLE}4. 重要文件路径${NC}"echo -e "${WHITE}-----------------------------------------${NC}"echo -e "主配置文件          : ${GREEN}${PG_DATA_DIR}/postgresql.conf${NC}"echo -e "客户端认证配置      : ${GREEN}${PG_DATA_DIR}/pg_hba.conf${NC}"echo -e "日志文件            : ${GREEN}${LOG_FILE}${NC}"echo -e "数据目录备份        : ${GREEN}${PG_DATA_DIR}.bak${NC} (初始化时创建)"# 5. 状态检查echo -e "\n${PURPLE}5. 状态检查${NC}"echo -e "${WHITE}-----------------------------------------${NC}"# 服务状态if systemctl is-active --quiet ${PG_SERVICE_NAME}; thenecho -e "服务状态            : ${GREEN}● 运行中${NC}"elseecho -e "服务状态            : ${RED}○ 已停止${NC}"fi# 开机自启状态if systemctl is-enabled --quiet ${PG_SERVICE_NAME}; thenecho -e "开机自启            : ${GREEN}● 已启用${NC}"elseecho -e "开机自启            : ${RED}○ 已禁用${NC}"fi# 端口监听状态if netstat -tlnp | grep -q ":${PG_PORT} "; thenecho -e "端口监听            : ${GREEN}● 正在监听${NC}"elseecho -e "端口监听            : ${RED}○ 未监听${NC}"fi# 数据目录状态if [[ -d "${PG_DATA_DIR}" ]]; thenecho -e "数据目录            : ${GREEN}● 存在${NC}"elseecho -e "数据目录            : ${RED}○ 不存在${NC}"fi# 6. 安全建议echo -e "\n${PURPLE}6. 安全建议${NC}"echo -e "${WHITE}-----------------------------------------${NC}"echo -e "${YELLOW}● 立即更改默认密码:${NC}"echo -e "    sudo -u ${PG_USER} psql -c \"ALTER USER ${PG_USER} PASSWORD 'new_password';\""echo -e "${YELLOW}● 配置远程访问:${NC}"echo -e "    编辑 ${PG_DATA_DIR}/postgresql.conf 中的 listen_addresses"echo -e "    修改 ${PG_DATA_DIR}/pg_hba.conf 添加允许的IP地址"echo -e "    执行 sudo systemctl reload ${PG_SERVICE_NAME}"echo -e "${YELLOW}● 配置防火墙:${NC}"echo -e "    sudo firewall-cmd --permanent --add-port=${PG_PORT}/tcp"echo -e "    sudo firewall-cmd --reload"# 7. 故障排除echo -e "\n${PURPLE}7. 故障排除${NC}"echo -e "${WHITE}-----------------------------------------${NC}"echo -e "查看服务日志        : ${GREEN}sudo journalctl -u ${PG_SERVICE_NAME}${NC}"echo -e "查看安装日志        : ${GREEN}cat ${LOG_FILE}${NC}"echo -e "检查配置语法        : ${GREEN}/usr/pgsql-${PG_VERSION}/bin/postgres -D ${PG_DATA_DIR} -c config_file=${PG_DATA_DIR}/postgresql.conf${NC}"echo -e "\n${BLUE}=========================================${NC}"echo -e "${BLUE}         安装完成时间: $(date)              ${NC}"echo -e "${BLUE}=========================================${NC}"
}# ----------------------------------------------------------------------------
# 主执行流程模块
# ----------------------------------------------------------------------------main() {# 初始化日志echo "PostgreSQL 安装日志 - $(date)" > "$LOG_FILE"# 显示横幅print_header# 显示安装摘要show_summary# 确认安装if ! confirm_action "确认开始安装 PostgreSQL?"; thenlog_info "用户取消安装"exit 0fiecho ""log_info "开始 PostgreSQL 安装流程"echo ""# 执行各步骤check_root || exit 1check_os || exit 1check_internet || exit 1prepare_installation || exit 1install_postgresql || exit 1initialize_postgresql || exit 1configure_firewallsecure_postgresql || exit 1echo ""log_success "PostgreSQL ${PG_VERSION} 安装完成!"# 显示最终综合摘要show_final_summary
}# ----------------------------------------------------------------------------
# 脚本入口点
# ----------------------------------------------------------------------------# 捕获中断信号
trap 'echo ""; log_warn "安装被用户中断"; exit 1' INT TERM# 执行主函数
main "$@"

🔍 安装执行过程

🔧 远程访问配置脚本

#!/bin/bash
# =============================================================================
# PostgreSQL 远程访问配置脚本
# 系统要求: CentOS 7 + PostgreSQL
# 作者: XiaoLan
# =============================================================================# ----------------------------------------------------------------------------
# 全局配置与颜色定义模块
# ----------------------------------------------------------------------------# 颜色定义
readonly RED='\033[0;31m'
readonly GREEN='\033[0;32m'
readonly YELLOW='\033[1;33m'
readonly BLUE='\033[0;34m'
readonly PURPLE='\033[0;35m'
readonly CYAN='\033[0;36m'
readonly WHITE='\033[1;37m'
readonly NC='\033[0m' # No Color# 日志文件路径
readonly LOG_FILE="/var/log/postgresql_remote_config.log"# PostgreSQL 配置参数
readonly PG_VERSION="14"
readonly PG_PORT="5432"
readonly PG_DATA_DIR="/var/lib/pgsql/${PG_VERSION}/data"
readonly PG_SERVICE_NAME="postgresql-${PG_VERSION}"
readonly PG_USER="postgres"# 远程访问配置
REMOTE_ACCESS_NETWORK=""# ----------------------------------------------------------------------------
# 工具函数模块
# ----------------------------------------------------------------------------# 输出函数定义
log_info() {local msg="$1"echo -e "${CYAN}[INFO]$(date '+%Y-%m-%d %H:%M:%S')${NC} $msg" | tee -a "$LOG_FILE"
}log_warn() {local msg="$1"echo -e "${YELLOW}[WARN]$(date '+%Y-%m-%d %H:%M:%S')${NC} $msg" | tee -a "$LOG_FILE"
}log_error() {local msg="$1"echo -e "${RED}[ERROR]$(date '+%Y-%m-%d %H:%M:%S')${NC} $msg" | tee -a "$LOG_FILE"
}log_success() {local msg="$1"echo -e "${GREEN}[SUCCESS]$(date '+%Y-%m-%d %H:%M:%S')${NC} $msg" | tee -a "$LOG_FILE"
}print_header() {clearecho -e "${BLUE}=========================================${NC}"echo -e "${BLUE}    PostgreSQL 远程访问配置脚本          ${NC}"echo -e "${BLUE}           系统: CentOS 7                ${NC}"echo -e "${BLUE}           作者: XiaoLan                 ${NC}"echo -e "${BLUE}=========================================${NC}"echo ""
}confirm_action() {local prompt="${1:-是否继续?}"local responsewhile true; doread -p "$(echo -e "${YELLOW}${prompt} [y/n]: ${NC}")" responsecase "$response" in[Yy]|[Yy][Ee][Ss])return 0;;[Nn]|[Nn][Oo])return 1;;*)echo -e "${RED}请输入 y 或 n${NC}";;esacdone
}# ----------------------------------------------------------------------------
# 系统检查模块
# ----------------------------------------------------------------------------check_root() {if [[ $EUID -ne 0 ]]; thenlog_error "此脚本必须以 root 权限运行"exit 1filog_info "权限检查通过"
}check_postgresql() {log_info "检查 PostgreSQL 安装状态..."# 检查服务是否存在if ! systemctl list-unit-files | grep -q "${PG_SERVICE_NAME}"; thenlog_error "PostgreSQL 服务未找到，请先安装 PostgreSQL"exit 1fi# 检查数据目录if [[ ! -d "${PG_DATA_DIR}" ]]; thenlog_error "PostgreSQL 数据目录不存在: ${PG_DATA_DIR}"exit 1fi# 检查配置文件if [[ ! -f "${PG_DATA_DIR}/postgresql.conf" ]]; thenlog_error "PostgreSQL 配置文件不存在"exit 1filog_success "PostgreSQL 检查通过"
}# ----------------------------------------------------------------------------
# 配置询问模块
# ----------------------------------------------------------------------------ask_remote_config() {echo -e "${YELLOW}请选择远程访问配置:${NC}"echo -e "  ${GREEN}1${NC}) 允许所有IP访问 (0.0.0.0/0) - ${RED}生产环境慎用${NC}"echo -e "  ${GREEN}2${NC}) 允许特定网段访问 (例如: 192.168.1.0/24)"echo -e "  ${GREEN}3${NC}) 允许特定IP访问 (例如: 192.168.1.100/32)"echo -e "  ${GREEN}4${NC}) 自定义配置"local choiceread -p "$(echo -e "${YELLOW}请选择 [1-4]: ${NC}")" choicecase $choice in1)REMOTE_ACCESS_NETWORK="0.0.0.0/0"log_warn "已配置允许所有IP访问，请确保已设置强密码!";;2)read -p "$(echo -e "${YELLOW}请输入网段 (例如: 192.168.1.0/24): ${NC}")" networkif [[ -z "$network" ]]; thenREMOTE_ACCESS_NETWORK="192.168.1.0/24"elseREMOTE_ACCESS_NETWORK="$network"fi;;3)read -p "$(echo -e "${YELLOW}请输入IP地址 (例如: 192.168.1.100/32): ${NC}")" ipif [[ -z "$ip" ]]; thenREMOTE_ACCESS_NETWORK="192.168.1.100/32"elseREMOTE_ACCESS_NETWORK="$ip"fi;;4)read -p "$(echo -e "${YELLOW}请输入自定义网络配置: ${NC}")" customREMOTE_ACCESS_NETWORK="$custom";;*)log_error "无效选择"exit 1;;esac# 验证网络格式if [[ ! "$REMOTE_ACCESS_NETWORK" =~ ^[0-9./]+$ ]]; thenlog_error "网络格式无效: $REMOTE_ACCESS_NETWORK"exit 1filog_info "远程访问网络: ${REMOTE_ACCESS_NETWORK}"echo ""
}# ----------------------------------------------------------------------------
# 配置修改模块
# ----------------------------------------------------------------------------backup_configs() {log_info "备份配置文件..."local timestamp=$(date '+%Y%m%d_%H%M%S')local backup_dir="/root/pg_backup_${timestamp}"mkdir -p "$backup_dir"# 备份关键配置文件cp "${PG_DATA_DIR}/postgresql.conf" "${backup_dir}/" 2>> "$LOG_FILE"cp "${PG_DATA_DIR}/pg_hba.conf" "${backup_dir}/" 2>> "$LOG_FILE"log_success "配置文件已备份到: ${backup_dir}"
}configure_postgresql_conf() {log_info "配置 postgresql.conf..."local pg_conf="${PG_DATA_DIR}/postgresql.conf"# 备份原始配置cp "$pg_conf" "${pg_conf}.bak.remote" 2>> "$LOG_FILE"# 启用监听所有地址if grep -q "^listen_addresses" "$pg_conf"; then# 替换现有配置sed -i "s/^#listen_addresses = 'localhost'/listen_addresses = '*'/" "$pg_conf"sed -i "s/^listen_addresses = 'localhost'/listen_addresses = '*'/" "$pg_conf"sed -i "s/^listen_addresses = '.*'/listen_addresses = '*'/" "$pg_conf"else# 添加新配置echo "# 远程访问配置 - 由脚本自动添加" >> "$pg_conf"echo "listen_addresses = '*'" >> "$pg_conf"fi# 确保端口配置正确if ! grep -q "^port" "$pg_conf"; thenecho "port = ${PG_PORT}" >> "$pg_conf"filog_success "postgresql.conf 配置完成"
}configure_pg_hba() {log_info "配置 pg_hba.conf..."local pg_hba_conf="${PG_DATA_DIR}/pg_hba.conf"# 备份原始配置cp "$pg_hba_conf" "${pg_hba_conf}.bak.remote" 2>> "$LOG_FILE"# 删除可能存在的旧远程配置sed -i '/# 远程访问配置 - 由脚本自动添加/d' "$pg_hba_conf"sed -i "/host.*all.*all.*${REMOTE_ACCESS_NETWORK}.*md5/d" "$pg_hba_conf"# 添加新的远程访问配置echo "" >> "$pg_hba_conf"echo "# 远程访问配置 - 由脚本自动添加" >> "$pg_hba_conf"echo "host    all             all             ${REMOTE_ACCESS_NETWORK}          md5" >> "$pg_hba_conf"log_success "pg_hba.conf 配置完成"
}configure_firewall() {log_info "配置防火墙..."if systemctl is-active --quiet firewalld; thenfirewall-cmd --permanent --add-port=${PG_PORT}/tcp >> "$LOG_FILE" 2>&1firewall-cmd --reload >> "$LOG_FILE" 2>&1log_success "防火墙已配置，开放端口 ${PG_PORT}"elselog_warn "Firewalld 未运行，跳过防火墙配置"fi
}reload_postgresql() {log_info "重新加载 PostgreSQL 配置..."# 重启服务使配置生效systemctl restart ${PG_SERVICE_NAME} >> "$LOG_FILE" 2>&1# 检查服务状态if systemctl is-active --quiet ${PG_SERVICE_NAME}; thenlog_success "PostgreSQL 服务重启成功"elselog_error "PostgreSQL 服务重启失败"systemctl status ${PG_SERVICE_NAME} >> "$LOG_FILE" 2>&1return 1fi# 等待服务完全启动sleep 3
}# ----------------------------------------------------------------------------
# 验证模块
# ----------------------------------------------------------------------------verify_configuration() {log_info "验证远程访问配置..."# 检查端口监听if netstat -tlnp | grep -q ":${PG_PORT} "; thenlog_success "PostgreSQL 正在监听端口 ${PG_PORT}"elselog_error "PostgreSQL 未监听端口 ${PG_PORT}"return 1fi# 检查监听地址local listen_addresses=$(sudo -u ${PG_USER} psql -t -c "SHOW listen_addresses;" 2>/dev/null | tr -d ' ')if [[ "$listen_addresses" == "*" ]]; thenlog_success "PostgreSQL 正在监听所有地址"elselog_error "PostgreSQL 监听地址配置错误: ${listen_addresses}"return 1fi# 测试本地连接if sudo -u ${PG_USER} psql -c "\q" 2>/dev/null; thenlog_success "本地连接测试通过"elselog_error "本地连接测试失败"return 1fireturn 0
}# ----------------------------------------------------------------------------
# 信息显示模块
# ----------------------------------------------------------------------------show_config_summary() {echo -e "${BLUE}=========================================${NC}"echo -e "${BLUE}       远程访问配置完成摘要               ${NC}"echo -e "${BLUE}=========================================${NC}"echo -e "\n${PURPLE}配置信息:${NC}"echo -e "${WHITE}-----------------------------------------${NC}"echo -e "远程访问网络        : ${GREEN}${REMOTE_ACCESS_NETWORK}${NC}"echo -e "监听端口            : ${GREEN}${PG_PORT}${NC}"echo -e "服务名称            : ${GREEN}${PG_SERVICE_NAME}${NC}"echo -e "\n${PURPLE}连接信息:${NC}"echo -e "${WHITE}-----------------------------------------${NC}"local server_ip=$(hostname -I | awk '{print $1}')echo -e "服务器IP地址        : ${GREEN}${server_ip}${NC}"echo -e "远程连接命令        : ${GREEN}psql -h ${server_ip} -p ${PG_PORT} -U postgres -d postgres${NC}"echo -e "\n${PURPLE}配置文件:${NC}"echo -e "${WHITE}-----------------------------------------${NC}"echo -e "主配置文件          : ${GREEN}${PG_DATA_DIR}/postgresql.conf${NC}"echo -e "客户端认证配置      : ${GREEN}${PG_DATA_DIR}/pg_hba.conf${NC}"echo -e "配置文件备份        : ${GREEN}${PG_DATA_DIR}/*.bak.remote${NC}"echo -e "\n${PURPLE}安全建议:${NC}"echo -e "${WHITE}-----------------------------------------${NC}"echo -e "${YELLOW}● 确保使用强密码${NC}"echo -e "${YELLOW}● 定期检查访问日志${NC}"echo -e "${YELLOW}● 考虑启用 SSL 加密${NC}"echo -e "${YELLOW}● 定期更新防火墙规则${NC}"echo -e "\n${PURPLE}管理命令:${NC}"echo -e "${WHITE}-----------------------------------------${NC}"echo -e "查看连接状态        : ${GREEN}sudo -u ${PG_USER} psql -c \"SELECT datname, usename, client_addr, state FROM pg_stat_activity;\""  echo -e "重新加载配置        : ${GREEN}sudo systemctl reload ${PG_SERVICE_NAME}${NC}"echo -e "重启服务            : ${GREEN}sudo systemctl restart ${PG_SERVICE_NAME}${NC}"echo -e "查看服务状态        : ${GREEN}sudo systemctl status ${PG_SERVICE_NAME}${NC}"echo -e "\n${BLUE}=========================================${NC}"echo -e "${BLUE}         配置完成时间: $(date)            ${NC}"echo -e "${BLUE}=========================================${NC}"
}# ----------------------------------------------------------------------------
# 主执行流程模块
# ----------------------------------------------------------------------------main() {# 初始化日志echo "PostgreSQL 远程访问配置日志 - $(date)" > "$LOG_FILE"# 显示横幅print_header# 检查前提条件check_rootcheck_postgresql# 显示当前配置log_info "当前 PostgreSQL 配置:"echo -e "监听地址: ${GREEN}$(sudo -u ${PG_USER} psql -t -c "SHOW listen_addresses;" 2>/dev/null | tr -d ' ')${NC}"echo -e "监听端口: ${GREEN}$(sudo -u ${PG_USER} psql -t -c "SHOW port;" 2>/dev/null | tr -d ' ')${NC}"echo ""# 询问配置ask_remote_config# 确认配置echo -e "${YELLOW}即将配置以下远程访问:${NC}"echo -e "允许访问的网络: ${GREEN}${REMOTE_ACCESS_NETWORK}${NC}"echo -e "PostgreSQL 端口: ${GREEN}${PG_PORT}${NC}"echo ""if ! confirm_action "确认应用以上配置?"; thenlog_info "用户取消配置"exit 0fiecho ""log_info "开始配置远程访问..."# 执行配置步骤backup_configsconfigure_postgresql_confconfigure_pg_hbaconfigure_firewallreload_postgresqlverify_configurationecho ""log_success "PostgreSQL 远程访问配置完成!"# 显示配置摘要show_config_summary
}# ----------------------------------------------------------------------------
# 脚本入口点
# ----------------------------------------------------------------------------# 捕获中断信号
trap 'echo ""; log_warn "配置被用户中断"; exit 1' INT TERM# 执行主函数
main "$@"

🔍 远程访问执行过程

🚀 快速安装方式

方法1：一键脚本安装

# 下载脚本
wget -O install-postgresql.sh https://raw.githubusercontent.com/example/install-postgresql/master/install-postgresql.sh
​
# 添加执行权限
chmod +x install-postgresql.sh
​
# 运行安装
sudo ./install-postgresql.sh

方法2：各系统快速安装

# Ubuntu/Debian
sudo apt update
sudo apt install -y postgresql postgresql-contrib
sudo systemctl enable postgresql && sudo systemctl start postgresql
​
# CentOS/RHEL/Amazon Linux
sudo yum install -y postgresql postgresql-server
sudo postgresql-setup initdb
sudo systemctl enable postgresql && sudo systemctl start postgresql
​
# 修改postgres用户密码
sudo -u postgres psql -c "ALTER USER postgres WITH PASSWORD 'your_password';"

⚙️ 常用管理命令

# 服务管理
sudo systemctl start postgresql      # 启动
sudo systemctl stop postgresql       # 停止
sudo systemctl restart postgresql    # 重启
sudo systemctl status postgresql     # 查看状态
sudo systemctl enable postgresql     # 设置开机自启
​
# 数据库连接
psql -h 127.0.0.1 -p 5432 -U postgres -d postgres  # 连接数据库
sudo -u postgres psql                              # 使用postgres用户连接
​
# 数据库操作
psql -U postgres -c "CREATE DATABASE mydb;"        # 创建数据库
psql -U postgres -c "DROP DATABASE mydb;"          # 删除数据库
psql -U postgres -c "\l"                           # 列出所有数据库
psql -U postgres -d mydb -c "\dt"                  # 列出数据库中的表
​
# 用户管理
psql -U postgres -c "CREATE USER myuser WITH PASSWORD 'mypassword';"
psql -U postgres -c "GRANT ALL PRIVILEGES ON DATABASE mydb TO myuser;"
​
# 备份恢复
pg_dump -U postgres mydb > mydb_backup.sql         # 备份单个数据库
pg_dumpall -U postgres > all_backup.sql           # 备份所有数据库
psql -U postgres -d mydb < mydb_backup.sql        # 恢复数据库

📁 重要目录和文件

/var/lib/postgresql/              # PostgreSQL数据目录
├── ${PG_VERSION}/
│   └── data/                    # 数据库集群目录
│       ├── postgresql.conf      # 主配置文件
│       ├── pg_hba.conf          # 客户端认证配置
│       └── pg_wal/              # WAL日志目录
/var/log/postgresql/              # 日志目录
/etc/postgresql/                  # 配置目录 (Ubuntu/Debian)
/var/lib/pgsql/                   # 数据目录 (CentOS/RHEL)

🔧 常用配置修改

修改监听地址

sudo vi /var/lib/postgresql/${PG_VERSION}/data/postgresql.conf
# 修改:
listen_addresses = '*'

调整内存设置

# 根据服务器内存调整
shared_buffers = 256MB
work_mem = 8MB
maintenance_work_mem = 128MB

启用远程连接

sudo vi /var/lib/postgresql/${PG_VERSION}/data/pg_hba.conf
# 添加:
host    all             all             0.0.0.0/0               scram-sha-256

性能优化配置

# 在postgresql.conf中添加
effective_cache_size = 2GB
random_page_cost = 1.1
checkpoint_completion_target = 0.9

🔍 安装验证和测试

# 检查服务状态
sudo systemctl status postgresql# 检查端口监听
netstat -tulpn | grep 5432
ss -tulpn | grep 5432# 测试连接
psql -h 127.0.0.1 -p 5432 -U postgres -c "SELECT version();"# 查看数据库列表
psql -h 127.0.0.1 -p 5432 -U postgres -c "\l"# 性能测试
psql -h 127.0.0.1 -p 5432 -U postgres -d testdb -c "
EXPLAIN ANALYZE SELECT * FROM users WHERE username = 'admin';"# 创建测试数据
psql -h 127.0.0.1 -p 5432 -U postgres -d testdb << EOF
INSERT INTO users (username, email) VALUES 
('test1', 'test1@example.com'),
('test2', 'test2@example.com'),
('test3', 'test3@example.com');SELECT count(*) FROM users;
EOF

🔍 客户端连接测试

这个脚本提供了完整的PostgreSQL安装方案，包括安全配置、性能优化和流复制支持，适合生产环境使用！