What do I change 10.10.29.0/24 to in my Postgres server?

All we need is an easy explanation of the problem, so here it is.

I am setting a server up with my Raspberry Pi running Rasbian OS by Debian and the SQL I am planning to use is PostgreSQL.

What I am hoping to do is create a server where I can save peoples information when they sign up. I have connected to the Raspberry Pi remotely on my mac and now I am stuck.

I am following this tutorial:
https://www.cyberciti.biz/tips/postgres-allow-remote-access-tcp-connection.html

And it told me to edit a file with this:

host all all 10.10.29.0/24 trust

It includes that I should change the "10.10.29.0/24" part to something in my client’s and network’s range but I do not know what to change it to.

Also, when I edit the file, I do not know how to save it so if anyone knows how to go about that please do tell me.

How to solve :

I know you bored from this bug, So we are here to help you! Take a deep breath and look at the explanation of your problem. We have many solutions to this problem, But we recommend you to use the first method because it is tested & true method that will 100% work for you.

Method 1

You might want to consider looking at the official documentation for the settings in pg_hba.conf file.

This file is used by the PostgreSQL instance to determine how hosts/computers/accounts are allowed to connect to the instance/database via a certain method.

The first couple of lines from the example pg_hba.conf file in the official documentation are a good summary of how you can set the access permissions for a given PostgrSQL instance:

 # Allow any user on the local system to connect to any database with
 # any database user name using Unix-domain sockets (the default for local
 # connections).
 #
 # TYPE  DATABASE        USER            ADDRESS                 METHOD
 local   all             all                                     trust
 
 # The same using local loopback TCP/IP connections.
 #
 # TYPE  DATABASE        USER            ADDRESS                 METHOD
 host    all             all             127.0.0.1/32            trust
 
 # The same as the previous line, but using a separate netmask column
 #
 # TYPE  DATABASE        USER            IP-ADDRESS      IP-MASK             METHOD
 host    all             all             127.0.0.1       255.255.255.255     trust
 
 # The same over IPv6.
 #
 # TYPE  DATABASE        USER            ADDRESS                 METHOD
 host    all             all             ::1/128                 trust
 

Instead of replacing the entry host all all 10.10.29.0/24 trust as you pointed out in your question to something that matches your network configuration, just comment out the line and create a new line.

# TYPE  DATABASE        USER            ADDRESS                 METHOD
# host  all             all             10.10.29.0/24           trust

Let’s say, if your server is running with an IP address of 10.112.19.24 and you only want the application located on the same server to access the mydatabase and you have a dedicated user for that database named my_user, then the line might look like this:

# TYPE  DATABASE        USER            ADDRESS                 METHOD
# host  all             all             10.10.29.0/24           trust
local   mydatabase      my_user                                 trust

No need to add an IP address. This line basically tells the PostgreSQL instance to allow a connection on the same server to access the mydatabase with the user my_user.

Now if somebody comes along from an external source (10.112.19.26) and tries to access the same database (mydatabase) with the same user (my_user), then the access will be denied, because the source IP address would conflict with the configuration you just made.

You would have to add another IP address line or just allow a certain subnet to access the database. E.g.

# TYPE  DATABASE        USER            ADDRESS                 METHOD
# host  all             all             10.10.29.0/24           trust
local   mydatabase      my_user                                 trust
host    mydatabase      my_user         10.112.19.0/26          trust

The 10.112.19.0/26 is the CIDR notation of an IP range. In this case it resolve to:

first address: 10.112.19.0
last address:  10.112.19.63
subnet mask:   255.255.255.192

So anybody in that range could connect to your mydatabase with the user my_user.
Depending on your network configuration you might require a different CIDR notation.

Answering Your Question

What do I change 10.10.29.0/24 to in my Postgres server?

  1. Use either the local .... configuration setting if the PostgreSQL instance is on the same server as your application.

  2. If the database is located on a different host than the hosts connecting to the database, then use the host ....
    configuration setting, with an IP address that comes from the client range you are expecting.

  3. If the connections are coming from a single host then you could use something like the following line:

    # TYPE  DATABASE        USER            ADDRESS                 METHOD
    # host  all             all             10.10.29.0/24           trust
    local   mydatabase      my_user                                 trust
    host    mydatabase      my_user         10.112.19.13/32         trust # <<== THIS LINE
    

    This is basically telling the PostgreSQL instance to accept connections from one IP address. If your servers IP address that is connecting is 10.1.1.1 then the line becomes:

    host    mydatabase      my_user         10.1.1.1/32         trust 
    

Good luck.

Note: Use and implement method 1 because this method fully tested our system.
Thank you 🙂

All methods was sourced from stackoverflow.com or stackexchange.com, is licensed under cc by-sa 2.5, cc by-sa 3.0 and cc by-sa 4.0

Leave a Reply