How to Install PostgreSQL on RHEL 8

December 9, 2025
Linux
Comment off

PostgreSQL is a powerful, standards-compliant open-source relational database known for its extensibility, advanced data types, and strict ACID compliance. RHEL 8’s AppStream makes multiple PostgreSQL major versions available as installable modules, so you can target a specific release without managing external repositories. This guide demonstrates installing PostgreSQL 13 via the AppStream module system, initialising the data directory, configuring authentication and network access, and creating your first database and role. You will also learn how to install newer versions such as PostgreSQL 15 or 16 from the official PGDG repository if your application requires a more recent release.

Prerequisites

A server running RHEL 8 or a compatible rebuild (AlmaLinux 8, Rocky Linux 8)
Root or sudo access
Working dnf access to the RHEL 8 AppStream repository
firewalld installed and active if remote connections are required

Step 1 — Install PostgreSQL via the AppStream Module

RHEL 8’s AppStream provides PostgreSQL streams for versions 10, 12, 13, 15, and 16 (availability varies by RHEL minor release). Install the server profile of the postgresql:13 module:

sudo dnf module install -y postgresql:13/server

To list all available PostgreSQL module streams on your system before choosing a version, run:

dnf module list postgresql

For PostgreSQL 15 or 16 from the official PostgreSQL Global Development Group repository, first disable the AppStream module and add the PGDG repo:

sudo dnf module disable -y postgresql
sudo dnf install -y https://download.postgresql.org/pub/repos/yum/reporpms/EL-8-x86_64/pgdg-redhat-repo-latest.noarch.rpm
sudo dnf install -y postgresql16-server

Step 2 — Initialise the Database Cluster

PostgreSQL requires a one-time initialisation step to create the data directory structure, default configuration files, and the initial system catalog. The postgresql-setup utility handles this automatically:

sudo postgresql-setup --initdb

On success the command prints Initializing database ... OK. The data directory is created at /var/lib/pgsql/data/ and is owned by the postgres system user.

Step 3 — Start and Enable the PostgreSQL Service

Enable and start the postgresql service so that it is available immediately and automatically on every subsequent boot:

sudo systemctl enable --now postgresql

Verify the service is active:

sudo systemctl status postgresql

PostgreSQL listens on TCP port 5432 by default, bound to localhost unless configured otherwise.

Step 4 — Configure Network Access and Authentication

Two files in the data directory control how PostgreSQL listens and authenticates. Open /var/lib/pgsql/data/postgresql.conf and set the listen_addresses parameter to allow connections from remote hosts:

sudo sed -i "s/#listen_addresses = 'localhost'/listen_addresses = '*'/" /var/lib/pgsql/data/postgresql.conf

Next, edit the client authentication file /var/lib/pgsql/data/pg_hba.conf to permit password-based connections from your application subnet. Add a line at the end of the file (replace 192.168.1.0/24 with your actual network range):

sudo tee -a /var/lib/pgsql/data/pg_hba.conf <<'EOF'
# Allow application subnet with scram-sha-256 password authentication
host    all             all             192.168.1.0/24          scram-sha-256
EOF

Reload PostgreSQL to apply both configuration changes:

sudo systemctl reload postgresql

Step 5 — Create a Database Role and Database

Switch to the postgres operating system user to use the psql client without password authentication via peer authentication:

sudo -i -u postgres psql

At the psql prompt, create a new role with a login password and a database owned by that role:

CREATE ROLE appuser WITH LOGIN PASSWORD 'StrongPassword1!';
CREATE DATABASE appdb OWNER appuser ENCODING 'UTF8' LC_COLLATE 'en_US.UTF-8' LC_CTYPE 'en_US.UTF-8';
q

Test the connection as the new role:

psql -U appuser -d appdb -h 127.0.0.1 -W

Step 6 — Open the Firewall Port

Allow inbound TCP traffic on PostgreSQL’s default port 5432 through firewalld:

sudo firewall-cmd --permanent --add-port=5432/tcp
sudo firewall-cmd --reload
sudo firewall-cmd --list-ports

For stricter control, limit the rule to a specific source address:

sudo firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address="192.168.1.50" port port="5432" protocol="tcp" accept'
sudo firewall-cmd --reload

Conclusion

You have installed PostgreSQL 13 on RHEL 8 using the AppStream module, initialised the data cluster, configured network listening and client authentication, created an application role and database, and opened the firewall. PostgreSQL is now ready to serve your applications with a reliable and standards-compliant relational database backend.

Next steps: How to Configure PostgreSQL Streaming Replication on RHEL 8, How to Back Up PostgreSQL Databases with pg_dump and pg_basebackup, and How to Enable SSL/TLS Connections for PostgreSQL on RHEL 8.