Installing OpenIAM with a remote Postgres database in RPM environment

This document provides step-by-step instructions for installing OpenIAM using a remote PostgreSQL database. It is intended for system administrators and engineers who need to configure the application to connect to an externally hosted database environment. PostgreSQL is a powerful, open-source relational database management system (RDBMS) known for its reliability, extensibility, and strong compliance with SQL standards. By following this guide, you will learn how to prepare your environment, configure the required connection parameters, and complete the installation process with a remote PostgreSQL database backend.

Configuring Postgres for OpenIAM RPM Installation

Prerequisites

• A provisioned VM running CentOS / RHEL 9.
• Network access to the VM.
• SSH client (e.g., terminal or PuTTY).
• Sudo privileges.

1. Setup a VM. Create a virtual machine (e.g., via Remmina or your virtualization platform) with the following example configuration:

• Private IP: 10.50.41.11
• Public IP: 68.170.153.144
• Username: Administrator
• Password: <your-password>

Ensure the VM is accessible over the network.

2. Connect to the VM via SSH. From your local machine, connect using:

ssh openiam@68.170.153.144

3. Install PostgreSQL repository. Add the official PostgreSQL YUM repository:

sudo dnf install -y https://download.postgresql.org/pub/repos/yum/reporpms/EL-9-x86_64/pgdg-redhat-repo-latest.noarch.rpm

4. Disable Default PostgreSQL module to avoid conflicts with the following command.

sudo dnf -qy module disable postgresql

5. Install PostgreSQL 15

sudo dnf install -y postgresql15-server

6. Initialize the database cluster.

sudo /usr/pgsql-15/bin/postgresql-15-setup initdb

7. Enable and start PostgreSQL

sudo systemctl enable --now postgresql-15
systemctl status postgresql-15

8. Prepare initialization SQL script. First, create the setup script:

sudo vi setup.sql

You can use the OpenIAM initialization script as a reference.

9. Execute the initialization script. Move the script and set proper permissions with the following commands.

sudo cp /root/setup.sql /tmp/
sudo chown postgres:postgres /tmp/setup.sql
sudo chmod 600 /tmp/setup.sql

Switch to the PostgreSQL user and execute the following.

sudo su - postgres
psql -f /tmp/setup.sql

If the file location is unknown use the following command.

sudo find / -name setup.sql 2>/dev/null

10. Update role settings. Run the following commands to ensure proper schema access.

psql -d openiam -c "ALTER ROLE idmuser SET search_path TO public; GRANT USAGE ON SCHEMA public TO idmuser; GRANT CREATE ON SCHEMA public TO idmuser;"

psql -d activiti -c "ALTER ROLE activiti SET search_path TO public; GRANT USAGE ON SCHEMA public TO activiti; GRANT CREATE ON SCHEMA public TO activiti;"

psql -d groovy -c "ALTER ROLE groovy SET search_path TO public; GRANT USAGE ON SCHEMA public TO groovy; GRANT CREATE ON SCHEMA public TO groovy;"

11. Verify PostgreSQL service with

systemctl status postgresql-15.service

Ensure the service is running without errors.

12. Validate database setup. Access PostgreSQL CLI and list databases.

psql
\l

Verify that the following databases exist:

• openiam
• activiti
• groovy

Exit CLI:

exit

13. Your PostgreSQL instance is now ready to be used as a backend for OpenIAM. Once the database is ready

• Start the OpenIAM RPM installation process.
• When prompted, proceed with default selections where applicable.
• Configure the application to connect to the remote PostgreSQL database, namely ensure to
  • Edit the below conf file since the default value is MySQL. You will need to change the port from 3306 to 5432 and export FLYWAY_DATABASE_TYPE=”postgres”.

    export OPENIAM_ENV= prerelease // if it is prerelease by default, it will be release
    sudo vi /usr/local/openiam/env.conf