我在系统启动时运行 wg-quick.service 以建立 VPN 隧道:
root@db ~ # cat /usr/lib/systemd/system/wg-quick@.service
[Unit]
Description=WireGuard via wg-quick(8) for %I
After=network-online.target nss-lookup.target
Wants=network-online.target nss-lookup.target
PartOf=wg-quick.target
Documentation=man:wg-quick(8)
Documentation=man:wg(8)
Documentation=https://www.wireguard.com/
Documentation=https://www.wireguard.com/quickstart/
Documentation=https://git.zx2c4.com/wireguard-tools/about/src/man/wg-quick.8
Documentation=https://git.zx2c4.com/wireguard-tools/about/src/man/wg.8
[Service]
Type=oneshot
RemainAfterExit=yes
ExecStart=/usr/bin/wg-quick up %i
ExecStop=/usr/bin/wg-quick down %i
Environment=WG_ENDPOINT_RESOLUTION_RETRIES=infinity
[Install]
WantedBy=multi-user.target
我想让 postgresql 监听 wireguard 地址 - 10.100.0.107:
root@db ~ # cat /etc/postgresql/13/main/conf.d/db1.conf | grep listen
listen_addresses = '127.0.0.1,10.100.0.107' # what IP address(es) to listen on;
重新启动后,我的 postgresql 日志中出现以下错误:
2021-06-23 19:44:26.389 UTC [831] LOG: starting PostgreSQL 13.3 (Ubuntu 13.3-1.pgdg20.04+1) on x86_64-pc-linux-gnu, compiled by gcc (Ubuntu 9.3.0-17ubuntu1~20.04) 9.3.0, 64-bit
2021-06-23 19:44:26.389 UTC [831] LOG: listening on IPv4 address "127.0.0.1", port 5432
2021-06-23 19:44:26.395 UTC [831] LOG: could not bind IPv4 address "10.100.0.107": Cannot assign requested address
2021-06-23 19:44:26.395 UTC [831] HINT: Is another postmaster already running on port 5432? If not, wait a few seconds and retry.
2021-06-23 19:44:26.395 UTC [831] WARNING: could not create listen socket for "10.100.0.107"
2021-06-23 19:44:26.395 UTC [831] LOG: listening on Unix socket "/var/run/postgresql/.s.PGSQL.5432"
2021-06-23 19:44:26.411 UTC [880] LOG: database system was shut down at 2021-06-23 19:43:14 UTC
2021-06-23 19:44:26.422 UTC [831] LOG: database system is ready to accept connections
遗憾的是,postgresql 不接受 10.100.0.107 处的连接。
服务器重启后重启 postgresql 有帮助。
同时设置 listen_addresses='*' 也有帮助。
但我只想接受到指定地址的连接:127.0.0.1、10.100.0.107。成功初始化wg-quick服务后如何启动postgresql服务?
谢谢!