Prerequisites

  • An up-and-running Postgres instance. Instructions for installing PostgreSQL and creating an initial database are outside the scope of this tutorial; our instructions assume that you have a PostgreSQL instance up and running. For help installing and getting started with PostgreSQL, refer to the Postgres documentation.

  • A PostgreSQL instance running on 9.3 or higher or above. While this isn’t something that Stitch strictly enforces, we recommend keeping your version current as a best practice.

  • createdb permissions in your PostgreSQL instance. This is required to create a database for Stitch.


Step 1: Whitelist Stitch's IP addresses

For the connection to be successful, you’ll need to configure your firewall to allow access from our IP addresses. Whitelist the following IPs before continuing onto the next step:

  • 52.23.137.21/32

  • 52.204.223.208/32

  • 52.204.228.32/32

  • 52.204.230.227/32


Step 2: Create a Postgres database

Next, you’ll create a database in your PostgreSQL instance for Stitch. This is where data replicated by Stitch will be stored.

Connect to your instance as a user with createdb permissions and run the following command, replacing [stitch_database] with whatever you want the database name to be:

CREATE DATABASE [stitch_database];

Responses are only returned if the command is not successful. If you don’t receive a response, then the command was successful and the database was created.

If you encounter errors - for example, createdb: command not found - then you’ll need to do some troubleshooting before you can move onto the next step. This Postgres article contains troubleshooting steps for some of the most common issues when creating databases.

Stitch doesn’t require any particular configuration for the database nor do you need to create any tables or schemas. Stitch will take care of that for you after the destination setup is complete and you’ve connected integrations.


Step 3: Retrieve your Public Key

The Stitch Public Key

The Public Key is used to authorize the Stitch Linux user. If the key isn’t properly installed, Stitch will be unable to access your database.

To retrieve the key:

  1. Sign into your Stitch account.

  2. Click the Destination tab.
  3. Click the PostgreSQL icon.

  4. When the credentials page displays, click the Encryption Type menu and select the SSH Tunnel option.

  5. The Public Key will display, along with the other SSH fields.

Leave this page open for now - you’ll need it to wrap things up at the end.


Step 4: Create a Stitch Linux user

  1. Run the following commands as root on your Linux server to create a user named stitch:

    adduser --disabled-password stitch
    mkdir /home/stitch/.ssh
    
  2. Next, import the Public Key into authorized_keys, replacing [PASTE KEY HERE] with the Stitch Public Key:

    echo "[PASTE KEY HERE]" >> /home/[stitch_username]/.ssh/authorized_keys
    
  3. Alter the permissions on the /home/stitch directory to allow access via SSH:

    chown -R [stitch_username]:stitch /home/stitch
    chmod -R 700 /home/stitch/.ssh
    

Step 5: Create a PostgreSQL Stitch user

In the following tabs are the instructions for creating a Stitch PostgreSQL database user and explanations for the permissions Stitch requires.

  1. If you haven’t already, connect to your PostgreSQL instance using your SQL client.

  2. After connecting, run this command to create the user:

    CREATE USER <stitch_username> WITH PASSWORD '<password>';
  3. Next, you’ll assign the CREATE permissions to the user. For <database_name>, enter the name of the database where all Stitch-replicated data should be loaded.

    Note: This must be a pre-existing database.

    GRANT CREATE ON DATABASE <database_name> TO <stitch_username>
  4. If you restricted access to the system tables, you’ll also need to run the following commands to grant the Stitch user SELECT permissions.

    GRANT SELECT ON ALL TABLES IN SCHEMA information_schema TO <stitch_username>
    
    GRANT SELECT ON ALL TABLES IN SCHEMA pg_catalog TO <stitch_username>

In the table below are the database user privileges Stitch requires to connect to and load data into PostgreSQL.

Privilege name Reason for requirement
CREATE ON DATABASE

Required to create the necessary database objects to load and store your data.

CREATE permissions on the database are required to successfully load data. When Stitch loads data, it will run a CREATE SCHEMA IF NOT EXISTS command, which will create a schema if it doesn’t already exist. To run this command, the Stitch user must have the CREATE ON DATABASE permission.

Note: The CREATE ON SCHEMA permission is not a sufficient alternative for CREATE ON DATABASE. As outlined in PostgreSQL’s documentation, this permission only allows a user to create objects within a schema, but not the schema itself.

SELECT ON ALL TABLES IN information_schema

Required to select rows from tables in the information_schema schema. Prior to loading data, Stitch will use the data in this schema to verify the existence and structure of integration schemas and tables.

Note: Stitch will only ever read data from systems tables.

SELECT ON ALL TABLES IN pg_catalog

Required to select rows from tables in the pg_catalog schema. Prior to loading data, Stitch will use the data in this schema to verify the existence and structure of integration schemas and tables.

Note: Stitch will only ever read data from systems tables.


Step 6: Connect Stitch

To complete the setup, you need to enter your PostgreSQL connection details into the Destination Settings page in Stitch.

  1. If you aren’t signed into your Stitch account, sign in now.
  2. Click the Destination tab.
  3. Click the PostgreSQL icon.
  4. Fill in the fields as follows:

    • Host (Endpoint): Enter the host address (endpoint) used by the PostgreSQL instance.

    • Port: Enter the port used by the PostgreSQL instance. The default is 5432.

    • Username: Enter the Stitch PostgreSQL user’s username.

    • Password: Enter the password associated with the Stitch PostgreSQL user.

    • Database: Enter the name of the PostgreSQL database that you created for Stitch.

    • Connect using SSL: Check to connect to PostgreSQL using SSL. Note: This is not required to connect Stitch.

    • SSL Certificate: Optional: Provide the certificate (typically a CA or server certificate) Stitch should verify the SSL connection against. The connection will succeed only if the server’s certificate verifies against the certificate provided here.

      Note: Providing a certificate isn’t required to use SSL. This is only if Stitch should verify the connection against a specific certificate.

When finished, click Update PostgreSQL Settings.

Stitch will perform a connection test to the PostgreSQL database; if successful, a Success! mesage will display at the top of the screen. Note: This test may take a few minutes to complete.



Questions? Feedback?

Did this article help? If you have questions or feedback, feel free to submit a pull request with your suggestions, open an issue on GitHub, or reach out to us.