Postgres Permission denied when started over systemctl

ODIronE · August 31, 2022, 2:19pm

I am running a local setup of Nakama (nakama-3.13.1-linux-amd64) on CentOS.

my configuration is simple:

name: nw-nakama-node1
data_dir: "/etc/nakama/data/"

logger:
#    stdout: false
#    level: "warn"
    file: "/tmp/nakama-logfile.log"

socket:
    server_key: "XXXXXXXXXXXX"
    port: 7350
    max_message_size_bytes: 4096 # bytes
    read_timeout_ms: 10000
    write_timeout_ms: 10000
    idle_timeout_ms: 60000
    write_wait_ms: 5000
    pong_wait_ms: 10000
    ping_period_ms: 8000 # Must be less than pong_wait_ms
    outgoing_queue_size: 16

session:
    encryption_key: "XXXXXXXXXXXX"
    token_expiry_sec: 60
    refresh_encryption_key: "XXXXXXXXXXXX"
    refresh_token_expiry_sec: 3600
    udp_key: "XXXXXXXXXXXX"

runtime:
    path: "/etc/nakama/data/modules"
    http_key: "XXXXXXXXXXXX"

database:
    address:
    - "postgres:XXXXXXXXXXXX@127.0.0.1:5432"
    conn_max_lifetime_ms: 0
    max_open_conns: 0
    max_idle_conns: 100

console:
    port: 7351
    username: "XXXXXXXXXXXX"
    password: "XXXXXXXXXXXX"
    signing_key: "XXXXXXXXXXXX"

Te Service onfiguration:

Description=Nakama server


[Service]
ExecStart=/etc/nakama/nakama --config /etc/nakama/config.yml
KillMode=process


[Install]
WantedBy=multi-user.target

if I start Nakama over systemctl it fails at the connection to the database:

[~]> sudo systemctl restart nakama.service
[---] [/dev/pts/0] [15:56@2022/08/31]
[~]> cat /tmp/nakama-logfile.log
{"level":"info","ts":"2022-08-31T15:56:54.257+0200","caller":"v3/main.go:104","msg":"Nakama starting"}
{"level":"info","ts":"2022-08-31T15:56:54.258+0200","caller":"v3/main.go:105","msg":"Node","name":"nw-nakama-node1","version":"3.13.1+2000e4b8","runtime":"go1.19","cpu":2,"proc":2}
{"level":"info","ts":"2022-08-31T15:56:54.258+0200","caller":"v3/main.go:106","msg":"Data directory","path":"/etc/nakama/data/"}
{"level":"info","ts":"2022-08-31T15:56:54.258+0200","caller":"v3/main.go:125","msg":"Database connections","dsns":["postgres:xxxxx@127.0.0.1:5432"]}
{"level":"fatal","ts":"2022-08-31T15:56:54.258+0200","caller":"server/db.go:73","msg":"Error pinging database","error":"failed to connect to `host=127.0.0.1 user=postgres database=nakama`: dial error (dial tcp 127.0.0.1:5432: connect: permission denied)"}
[---] [/dev/pts/0] [15:56@2022/08/31]
[~]>

if i use the same config file and start it manualy, it succeeds:

[---] [/dev/pts/0] [1][15:57@2022/08/31]
[~]> sudo /etc/nakama/nakama --config /etc/nakama/config.yml
{"level":"info","ts":"2022-08-31T15:58:10.651+0200","caller":"server/config.go:86","msg":"Successfully loaded config file","path":"/etc/nakama/config.yml"}
{"level":"info","ts":"2022-08-31T15:58:10.651+0200","caller":"v3/main.go:104","msg":"Nakama starting"}
{"level":"info","ts":"2022-08-31T15:58:10.651+0200","caller":"v3/main.go:105","msg":"Node","name":"nw-nakama-node1","version":"3.13.1+2000e4b8","runtime":"go1.19","cpu":2,"proc":2}
{"level":"info","ts":"2022-08-31T15:58:10.651+0200","caller":"v3/main.go:106","msg":"Data directory","path":"/etc/nakama/data/"}
{"level":"info","ts":"2022-08-31T15:58:10.652+0200","caller":"v3/main.go:125","msg":"Database connections","dsns":["postgres:xxxxx@127.0.0.1:5432"]}
{"level":"info","ts":"2022-08-31T15:58:10.656+0200","caller":"v3/main.go:131","msg":"Database information","version":"PostgreSQL 13.7 on x86_64-redhat-linux-gnu, compiled by gcc (GCC) 11.3.1 20220421 (Red Hat 11.3.1-2), 64-bit"}
{"level":"info","ts":"2022-08-31T15:58:10.659+0200","caller":"server/leaderboard_rank_cache.go:117","msg":"Initializing leaderboard rank cache"}
{"level":"info","ts":"2022-08-31T15:58:10.660+0200","caller":"server/leaderboard_rank_cache.go:240","msg":"Leaderboard rank cache initialization completed successfully","cached":[],"skipped":[]}
{"level":"info","ts":"2022-08-31T15:58:10.660+0200","caller":"server/runtime.go:587","msg":"Initialising runtime","path":"/etc/nakama/data/modules"}
{"level":"info","ts":"2022-08-31T15:58:10.660+0200","caller":"server/runtime.go:594","msg":"Initialising runtime event queue processor"}
{"level":"info","ts":"2022-08-31T15:58:10.660+0200","caller":"server/runtime.go:596","msg":"Runtime event queue processor started","size":65536,"workers":8}
{"level":"info","ts":"2022-08-31T15:58:10.660+0200","caller":"server/runtime_go.go:2516","msg":"Initialising Go runtime provider","path":"/etc/nakama/data/modules"}
{"level":"info","ts":"2022-08-31T15:58:10.660+0200","caller":"server/runtime_go.go:2540","msg":"Go runtime modules loaded"}
{"level":"info","ts":"2022-08-31T15:58:10.660+0200","caller":"server/runtime_lua.go:110","msg":"Initialising Lua runtime provider","path":"/etc/nakama/data/modules"}
{"level":"info","ts":"2022-08-31T15:58:10.660+0200","caller":"server/runtime_lua.go:1164","msg":"Lua runtime modules loaded"}
{"level":"info","ts":"2022-08-31T15:58:10.660+0200","caller":"server/runtime_lua.go:1167","msg":"Allocating minimum Lua runtime pool","count":16}
{"level":"info","ts":"2022-08-31T15:58:10.660+0200","caller":"server/runtime_lua.go:1175","msg":"Allocated minimum Lua runtime pool"}
{"level":"info","ts":"2022-08-31T15:58:10.660+0200","caller":"server/runtime_javascript.go:593","msg":"Initialising JavaScript runtime provider","path":"/etc/nakama/data/modules","entrypoint":""}
{"level":"info","ts":"2022-08-31T15:58:10.661+0200","caller":"server/runtime_javascript.go:1635","msg":"JavaScript runtime modules loaded"}
{"level":"info","ts":"2022-08-31T15:58:10.661+0200","caller":"server/runtime_javascript.go:1638","msg":"Allocating minimum JavaScript runtime pool","count":16}
{"level":"info","ts":"2022-08-31T15:58:10.661+0200","caller":"server/runtime_javascript.go:1646","msg":"Allocated minimum JavaScript runtime pool"}
{"level":"info","ts":"2022-08-31T15:58:10.661+0200","caller":"server/runtime.go:629","msg":"Found runtime modules","count":0,"modules":[]}
{"level":"info","ts":"2022-08-31T15:58:10.661+0200","caller":"server/leaderboard_scheduler.go:92","msg":"Leaderboard scheduler start"}
{"level":"info","ts":"2022-08-31T15:58:10.661+0200","caller":"server/leaderboard_scheduler.go:279","msg":"Leaderboard scheduler update","end_active":"-1ns","end_active_count":0,"expiry":"-1ns","expiry_count":0}
{"level":"info","ts":"2022-08-31T15:58:10.661+0200","caller":"server/api.go:131","msg":"Starting API server for gRPC requests","port":7349}
{"level":"info","ts":"2022-08-31T15:58:10.662+0200","caller":"server/api.go:265","msg":"Starting API server gateway for HTTP requests","port":7350}
{"level":"info","ts":"2022-08-31T15:58:10.664+0200","caller":"server/console.go:213","msg":"Starting Console server for gRPC requests","port":7348}
{"level":"info","ts":"2022-08-31T15:58:10.664+0200","caller":"server/console.go:316","msg":"Starting Console server gateway for HTTP requests","port":7351}
{"level":"info","ts":"2022-08-31T15:58:10.809+0200","caller":"v3/main.go:188","msg":"Startup done"}
^C{"level":"info","ts":"2022-08-31T15:59:37.150+0200","caller":"v3/main.go:204","msg":"Shutdown started"}
{"level":"info","ts":"2022-08-31T15:59:37.150+0200","caller":"v3/main.go:211","msg":"All authoritative matches stopped"}
{"level":"info","ts":"2022-08-31T15:59:37.185+0200","caller":"v3/main.go:244","msg":"Shutdown complete"}
[---] [/dev/pts/0] [15:59@2022/08/31]
[~]> cat /tmp/nakama-logfile.log
{"level":"info","ts":"2022-08-31T15:56:54.257+0200","caller":"v3/main.go:104","msg":"Nakama starting"}
{"level":"info","ts":"2022-08-31T15:56:54.258+0200","caller":"v3/main.go:105","msg":"Node","name":"nw-nakama-node1","version":"3.13.1+2000e4b8","runtime":"go1.19","cpu":2,"proc":2}
{"level":"info","ts":"2022-08-31T15:56:54.258+0200","caller":"v3/main.go:106","msg":"Data directory","path":"/etc/nakama/data/"}
{"level":"info","ts":"2022-08-31T15:56:54.258+0200","caller":"v3/main.go:125","msg":"Database connections","dsns":["postgres:xxxxx@127.0.0.1:5432"]}
{"level":"fatal","ts":"2022-08-31T15:56:54.258+0200","caller":"server/db.go:73","msg":"Error pinging database","error":"failed to connect to `host=127.0.0.1 user=postgres database=nakama`: dial error (dial tcp 127.0.0.1:5432: connect: permission denied)"}
{"level":"info","ts":"2022-08-31T15:58:10.651+0200","caller":"v3/main.go:104","msg":"Nakama starting"}
{"level":"info","ts":"2022-08-31T15:58:10.651+0200","caller":"v3/main.go:105","msg":"Node","name":"nw-nakama-node1","version":"3.13.1+2000e4b8","runtime":"go1.19","cpu":2,"proc":2}
{"level":"info","ts":"2022-08-31T15:58:10.651+0200","caller":"v3/main.go:106","msg":"Data directory","path":"/etc/nakama/data/"}
{"level":"info","ts":"2022-08-31T15:58:10.652+0200","caller":"v3/main.go:125","msg":"Database connections","dsns":["postgres:xxxxx@127.0.0.1:5432"]}
{"level":"info","ts":"2022-08-31T15:58:10.656+0200","caller":"v3/main.go:131","msg":"Database information","version":"PostgreSQL 13.7 on x86_64-redhat-linux-gnu, compiled by gcc (GCC) 11.3.1 20220421 (Red Hat 11.3.1-2), 64-bit"}

is there an PostgreSQL configuration I am missing?

tom · September 1, 2022, 9:35am

Hi @ODIronE welcome to the forum,

It’s difficult to diagnose the issue without knowing more about your setup but in general this looks like an OS / Postgres configuration issue and not a Nakama issue since Nakama is able to successfully connect to Postgres when executed manually.

I would recommend posting on the Postgres forum as they may be better placed to help you with your configuration.

Topic		Replies	Views
Permission denied error trying to create new user by authentication request Local Setup authentication , sdk-unity	3	467	March 6, 2021
Can I get help with my Nakama and Nakama common setup? Local Setup	1	914	October 15, 2021
Digital Ocean App Issue Local Setup server-framework	2	102	December 11, 2023
Nakama + postgres with username/password Local Setup	2	1005	March 22, 2024
Nakama migrate up error --insecure Local Setup	4	353	May 23, 2022

Postgres Permission denied when started over systemctl

Related Topics