Cloud customer?
 Upgrade in MyJFrog >

Search





Overview

By using PostgreSQL you can benefit from features in PostgreSQL infrastructure such as backup and restore.

For Artifactory to run with PostgreSQL you must create a dedicated PostgreSQL database instance and then configure Artifactory to use it as described in the following sections.

Before You Continue

Before proceeding with the steps below, please make sure you have read and followed the steps described in Configuring the Database.

Enabling PostgreSQL connectivity from remote servers

The following is an example for enabling PostgreSQL connectivity from remote servers. Please consult your security team for your organization's best practices.

  • Add the following line to  <postgres_mount>/data/pg_hba.conf

                        host           [artifactory_db_name]              [artifactory_user]              [cidr]           md5

For example:

host           artifactory              artifactory              123.456.78.90/32           md5

Note: [cidr] is the single host or network segment you want to give access to.

  • Add the following line to <postgres_mount>/data/postgresql.conf

                         listen_addresses='*'

Note: You can also use a specific IP address for the PostgreSQL server to listen on.

  • Restart postgres after adding above changes
Page Contents

 



Creating the Artifactory PostgreSQL Database

Supported PostgreSQL Versions

Artifactory supports PostgreSQL versions between 9.5 and 11.

The commands below create artifactory user and database with appropriate permissions.

Use the commands below to create an Artifactory user and database with appropriate permissions. Modify the relevant values to match your specific environment:

Creating an Artifactory User and Database
CREATE USER artifactory WITH PASSWORD 'password';
CREATE DATABASE artifactory WITH OWNER=artifactory ENCODING='UTF8';
GRANT ALL PRIVILEGES ON DATABASE artifactory TO artifactory;

Once you have verified that the script is correct, you need to run it to create the database and proceed with configuring the database.

Artifactory privileges

We recommend providing Artifactory with full privileges on the database.



Configuring Artifactory to use PostgreSQL

  1. Download the JDBC driver corresponding to your PostgreSQL version from the  PostgreSQL JDBC Driver Download site and copy the downloaded jar file into $JFROG_HOME/artifactory/var/bootstrap/artifactory/tomcat/lib directory

    Permissions

    Make sure your driver has read permissions for all users. 
    chmod +r <your driver>
  2. Adjust the database connection details in the system.yaml configuration file.

    For example
    shared:
      database:
        type: postgresql
        driver: org.postgresql.Driver
        url: jdbc:postgresql://<your db url, for example: localhost:5432>/artifactory
        username: artifactory
        password: password

Storing BLOBs inside PostgreSQL is not recommended

The above recommended configuration keeps all artifact information in PostgreSQL while storing the artifact binary data on the file system (under $JFROG_HOME/artifactory/var/data/artifactory/filestore).

While it is possible, to store BLOBs inside PostgreSQL we do not recommended it. This is important because the PostgreSQL driver doesn't support streaming BLOBs with unknown length to the database. Therefore, Artifactory will temporarily save deployed files to the filesystem and only then save the BLOB to the database.



Enabling TLS Encryption

To enable Transport Layer Security (TLS) encryption for PostgreSQL, set the sslmode property to verify-full in the  JDBC connector URL.

For example, in the $JFROG_HOME/artifactory/var/etc/system.yaml file: 


shared:
  database:
    ...
    url:jdbc:postgresql://mypostgress.mydomain.com:5432/artifactory?ssl=true&sslfactory=org.postgresql.ssl.jdbc4.LibPQFactory&sslmode=verify-  
    full&sslrootcert=/tmp/server.crt
...
Copyright © 2020 JFrog Ltd.