diff --git a/documentation/docs/apt.md b/documentation/docs/apt.md
index df7f2300cfd..02d87891ce6 100644
--- a/documentation/docs/apt.md
+++ b/documentation/docs/apt.md
@@ -1,7 +1,5 @@
# Install `pg_tde` on Debian or Ubuntu
-The packages for `pg_tde` {{release}} are available in the testing repository for Percona Distribution for PostgreSQL 16.
-
The packages for the tech preview `pg_tde` are available in the experimental repository for Percona Distribution for PostgreSQL 17.
Check the [list of supported platforms](install.md#__tabbed_1_2).
@@ -39,19 +37,19 @@ You need the `percona-release` repository management tool that enables the desir
4. Enable the Percona Distribution for PostgreSQL repository
- === "pg_tde Beta"
+ Percona provides [two repositories](repo-overview.md) for Percona Distribution for PostgreSQL. We recommend enabling the Major release repository to timely receive the latest updates.
- ```bash
- sudo percona-release enable-only ppg-{{pgversion16}} testing
- ```
-
- === "pg_tde Tech preview"
+ ```{.bash data-prompt="$"}
+ $ sudo percona-release setup ppg-17
+ ```
+
+5. Enable the experimental Percona Distribution for PostgreSQL repository that contains the pg_tde package
- ```bash
- sudo percona-release enable-only ppg-{{pgversion17}} experimental
- ```
+ ```bash
+ sudo percona-release enable ppg-{{pgversion17}} experimental
+ ```
-5. Update the local cache
+6. Update the local cache
```bash
sudo apt-get update
@@ -59,39 +57,22 @@ You need the `percona-release` repository management tool that enables the desir
## Install `pg_tde`
-=== "pg_tde Beta"
-
- 1. Install Percona Distribution for PostgreSQL.
-
- Run the following command to install Percona Distribution for PostgreSQL and the required packages:
-
- ```bash
- sudo apt-get install -y percona-postgresql-16 percona-postgresql-contrib percona-postgresql-server-dev-all
- ```
-
- 2. Install `pg_tde` packages
-
- ```bash
- sudo apt-get install percona-postgresql-16-pg-tde
- ```
-
-=== "pg_tde Tech preview"
- 1. Install Percona Distribution for PostgreSQL.
+1. Install Percona Distribution for PostgreSQL.
- Run the following command to install Percona Distribution for PostgreSQL and the required packages:
+ Run the following command to install Percona Distribution for PostgreSQL and the required packages:
- ```bash
- sudo apt-get install -y percona-postgresql-17 percona-postgresql-contrib percona-postgresql-server-dev-all
- ```
+ ```bash
+ sudo apt-get install -y percona-postgresql-17 percona-postgresql-contrib percona-postgresql-server-dev-all
+ ```
- 2. Install `pg_tde` packages
+2. Install `pg_tde` packages
- ```bash
- sudo apt-get install percona-postgresql-17-pg-tde
- ```
+ ```bash
+ sudo apt-get install percona-postgresql-17-pg-tde
+ ```
## Next step
-[Setup](setup.md){.md-button}
\ No newline at end of file
+[Setup](setup.md){.md-button}
diff --git a/documentation/docs/install.md b/documentation/docs/install.md
index 3c23651e81a..b2f805c101d 100644
--- a/documentation/docs/install.md
+++ b/documentation/docs/install.md
@@ -25,6 +25,7 @@ Install `pg_tde` using one of available installation methods:
- Red Hat Enterprise Linux 9 and compatible derivatives
- Ubuntu 20.04 (Focal Fossa)
- Ubuntu 22.04 (Jammy Jellyfish)
+ - Ubuntu 24.04 (Noble Numbat)
- Debian 11 (Bullseye)
- Debian 12 (Bookworm)
diff --git a/documentation/docs/setup.md b/documentation/docs/setup.md
index 7207c6d471b..8831b46b420 100644
--- a/documentation/docs/setup.md
+++ b/documentation/docs/setup.md
@@ -65,6 +65,12 @@ Load the `pg_tde` at the start time. The extension requires additional shared me
```sql
SELECT pg_tde_add_key_provider_file('provider-name','/path/to/the/keyring/data.file');
```
+
+ :material-information: Warning: Example for testing purposes only:
+
+ ```sql
+ SELECT pg_tde_add_key_provider_file('file-vault','/tmp/pg_tde_test_local_keyring.per');
+ ```
2. Add a principal key
@@ -73,6 +79,12 @@ Load the `pg_tde` at the start time. The extension requires additional shared me
SELECT pg_tde_set_principal_key('name-of-the-principal-key', 'provider-name');
```
+ :material-information: Warning: Example for testing purposes only:
+
+ ```sql
+ SELECT pg_tde_set_principal_key('test-db-master-key','file-vault');
+ ```
+
:material-information: Info: The key provider configuration is stored in the database catalog in an unencrypted table. See [how to use external reference to parameters](external-parameters.md) to add an extra security layer to your setup.
@@ -103,9 +115,9 @@ After you [enabled `pg_tde`](#enable-extension) and started the Percona Server f
3. We highly recommend you to create your own keyring and rotate the principal key. This is because the default principal key is created from the local keyfile and is stored unencrypted.
Set up the key provider for WAL encryption
-
- === "With HashiCorp Vault"
+ === "With HashiCorp Vault"
+
```sql
SELECT pg_tde_add_key_provider_vault_v2('PG_TDE_GLOBAL','provider-name',:'secret_token','url','mount','ca_path');
```
diff --git a/documentation/docs/test.md b/documentation/docs/test.md
index 42fe03d6b1d..6ed97153c27 100644
--- a/documentation/docs/test.md
+++ b/documentation/docs/test.md
@@ -1,8 +1,12 @@
# Test Transparent Data Encryption
-!!! warning
+To check if the data is encrypted, do the following:
+
+=== "pg_tde Tech preview"
+
+ !!! warning
- This is the tech preview functionality. Its scope is not yet finalized and can change anytime.** Use it only for testing purposes.**
+ This is the tech preview functionality. Its scope is not yet finalized and can change anytime.** Use it only for testing purposes.**
To check if the data is encrypted, do the following:
@@ -12,6 +16,17 @@ To check if the data is encrypted, do the following:
CREATE TABLE ( ) USING tde_heap;
```
+ :material-information: Warning: Example for testing purposes only:
+
+ ```sql
+ CREATE TABLE albums (
+ album_id INTEGER GENERATED ALWAYS AS IDENTITY PRIMARY KEY,
+ artist_id INTEGER,
+ title TEXT NOT NULL,
+ released DATE NOT NULL
+ ) USING tde_heap;
+ ```
+
2. Run the following function:
```sql
@@ -30,6 +45,12 @@ To check if the data is encrypted, do the following:
SELECT pg_tde_rotate_principal_key('new-principal-key', 'new-provider'); -- changeprovider
```
+4. You can encrypt existing table. It requires rewriting the table, so for large tables, it might take a considerable amount of time.
+
+ ```sql
+ ALTER TABLE table_name SET access method tde_heap;
+ ```
+
!!! hint
- If you no longer wish to use `pg_tde` or wish to switch to using the `tde_heap_basic` access method, see how you can [decrypt your data](decrypt.md).
\ No newline at end of file
+ If you no longer wish to use `pg_tde` or wish to switch to using the `tde_heap_basic` access method, see how you can [decrypt your data](decrypt.md).
diff --git a/documentation/docs/uninstall.md b/documentation/docs/uninstall.md
index cb4dd968680..2c196a91da8 100644
--- a/documentation/docs/uninstall.md
+++ b/documentation/docs/uninstall.md
@@ -27,5 +27,5 @@ Here's how to do it:
* On RHEL and derivatives
```sh
- sudo systemctl restart postgresql-16
- ```
\ No newline at end of file
+ sudo systemctl restart postgresql-17
+ ```
diff --git a/documentation/docs/yum.md b/documentation/docs/yum.md
index 09234993b0b..b6d79013f38 100644
--- a/documentation/docs/yum.md
+++ b/documentation/docs/yum.md
@@ -1,7 +1,5 @@
# Install `pg_tde` on Red Hat Enterprise Linux and derivatives
-The packages for `pg_tde` {{release}} are available in the testing repository for Percona Distribution for PostgreSQL 16.
-
The packages for the tech preview `pg_tde` are available in the experimental repository for Percona Distribution for PostgreSQL 17.
Check the [list of supported platforms](install.md#__tabbed_1_2).
@@ -30,51 +28,25 @@ You need the `percona-release` repository management tool that enables the desir
2. Enable the repository
- Enable the Percona Distribution for PostgreSQL repository
-
- === "pg_tde Beta"
-
- ```bash
- sudo percona-release enable-only ppg-{{pgversion16}} testing
- ```
-
- === "pg_tde Tech preview"
-
- ```bash
- sudo percona-release enable-only ppg-{{pgversion17}} experimental
- ```
+ ```bash
+ sudo percona-release enable-only ppg-{{pgversion17}} experimental
+ ```
## Install `pg_tde`
-=== "pg_tde Beta"
-
- 1. Install Percona Distribution for PostgreSQL 16 and the required packages, run the following command:
+1. Install Percona Distribution for PostgreSQL 17 and the required packages, run the following command:
- ```bash
- sudo yum -y install percona-postgresql-client-common percona-postgresql-common percona-postgresql-server-dev-all percona-postgresql16 percona-postgresql16-contrib percona-postgresql16-devel percona-postgresql16-libs
- ```
-
- 2. Install `pg_tde` packages
-
- ```bash
- sudo yum install percona-pg_tde_16
- ```
-
-=== "pg_tde Tech preview"
-
- 1. Install Percona Distribution for PostgreSQL 16 and the required packages, run the following command:
-
- ```bash
- sudo yum -y install percona-postgresql-client-common percona-postgresql-common percona-postgresql-server-dev-all percona-postgresql17 percona-postgresql17-contrib percona-postgresql17-devel percona-postgresql17-libs
- ```
+ ```bash
+ sudo yum -y install percona-postgresql-client-common percona-postgresql-common percona-postgresql-server-dev-all percona-postgresql17 percona-postgresql17-contrib percona-postgresql17-devel percona-postgresql17-libs
+ ```
- 2. Install `pg_tde` packages
+2. Install `pg_tde` packages
- ```bash
- sudo yum install percona-pg_tde_17
- ```
+ ```bash
+ sudo yum install percona-pg_tde_17
+ ```
## Next steps
-[Setup](setup.md){.md-button}
\ No newline at end of file
+[Setup](setup.md){.md-button}