Ident authentication for user diaspora failed

Here is my diaspora.yml document:

***** BEGIN DOCUMENT COPY *****

## Some notes about this file:
## - All comments start with a double #
## - All settings are commented out with a single #
##   To change the default settings, you need both to uncomment the lines
##   AND, in most cases, to change the value that is given.
## - Take care to keep proper indentation, that is by simply deleting
##   the original #, with no additional space before the setting's name.
## - Take care to keep proper quoting. All ' must have a matching ' at
##   the end of the same line. The same goes for "
## - Lines containing "## Section" are section headings. Do not edit them!
## - Lists need the space after the -
## - The values true, false and numbers should have no quote marks.
##   Single words don't need quote marks, but it doesn't do any harm to have them.
##
## You can set and/or override all these settings through environment variables
## with the following conversion rules:
## - Strip the top level namespace (configuration, production, etc.)
## - Build the path to the setting, for example environment.s3.enable
## - Replace the dots with underscores: environment_s3_enable
## - Convert to upper case: ENVIRONMENT_S3_ENABLE
## - Specify lists/arrays as comma-separated values
##
## - For example, on Heroku:
##   heroku config:set SERVICES_TWITTER_KEY=yourkey SERVICES_TWITTER_SECRET=yoursecret

  configuration: ## Section

  ## You need to change or at least review the settings in this section
  ## in order for your pod to work.
  environment: ## Section

    ## Set the hostname of the machine you're running Diaspora on, as seen
    ## from the internet. This should be the URL you want to use to
    ## access the pod. So if you plan to use a reverse proxy, it should be
    ## the URL the proxy listens on. DO NOT CHANGE THIS AFTER INITIAL SETUP!
    ## However changing http to https is okay and has no consequences.
    ## If you do change the URL, you will have to start again as the URL
    ## will be hardcoded into the database.
    #url: "https://example.org/"
    url: "https://diaspora.[THIS URL HAS BEEN REDACTED]"
    ## Set the bundle of certificate authorities (CA) certificates.
    ## This is specific to your operating system.
    ## Examples (uncomment the relevant one or add your own):
    ## For Debian, Ubuntu, Archlinux, Gentoo (package ca-certificates):
    #certificate_authorities: '/etc/ssl/certs/ca-certificates.crt'
    ## For CentOS, Fedora:
    certificate_authorities: '/etc/pki/tls/certs/ca-bundle.crt'

    ## URL for a remote Redis (default=localhost).
    ## Don't forget to restrict IP access if you uncomment these!
    #redis: 'redis://example_host'
    #redis: 'redis://username:password@host:6379/0'
    #redis: 'unix:///tmp/redis.sock'

    ## Require SSL (default=true).
    ## When set, your pod will force the use of HTTPS in production mode.
    ## Since OAuth2 requires SSL, Diaspora's future API might not work if
    ## you're not using SSL. Also there is no guarantee that posting to
    ## services will be possible if SSL is disabled.
    ## Do not change this default unless you are sure!
    require_ssl: true

    ## Single-process mode (default=false).
    ## If set to true, Diaspora will work with just the appserver (Unicorn by
    ## default) running. However, this makes it quite slow as intensive jobs
    ## must be run all the time inside the request cycle. We strongly
    ## recommended you leave this disabled for production setups.
    ## Set to true to enable.
    #single_process_mode: false

    ## Sidekiq - background processing
    sidekiq: ## Section

      ## Number of parallel threads Sidekiq uses (default=5).
      ## If you touch this, please set the pool setting in your database.yml
      ## to a value that's at minimum close to this! You can safely increase
      ## it to 25 and more on a medium-sized pod. This applies per started
      ## Sidekiq worker, so if you set it to 25 and start two workers, you'll
      ## process up to 50 jobs in parallel.
      #concurrency: 5

      ## Number of times a job is retried (default=10).
      ## There's an exponential effect to this: if you set this too high you
      ## might get too many jobs building up in the queue.
      ## Set it to 0 to disable it completely.
      #retry: 10

      ## Lines of backtrace that are stored on failure (default=15).
      ## Set n to the required value. Set this to false to reduce Redis memory
      ## usage (and log size) if you're not interested in this data.
      #backtrace: 15

      ## Number of jobs to keep in the dead queue (default=5000).
      ## Jobs get into the dead queue after they failed and exhausted all retries.
      ## Increasing this setting will increase the memory usage of Redis.
      ## Once gone from the dead queue, a failed job is permanently lost and
      ## cannot be retried manually.
      # dead_jobs_limit: 1000

      ## Number of seconds a job remains in the dead queue (default=3628800 (six weeks)).
      ## Jobs get into the dead queue after they failed and exhausted all retries.
      ## Increasing this setting will increase the memory usage of Redis.
      ## Once gone from the dead queue, a failed job is permanently lost and
      ## cannot be retried manually.
      # dead_jobs_timeout: 15552000 # 6 months

      ## Log file for Sidekiq (default="log/sidekiq.log")
      #log: "log/sidekiq.log"

    ## Use Amazon S3 instead of your local filesystem
    ## to handle uploaded pictures (disabled by default).
    s3: ## Section

      #enable: true
      #key: 'change_me'
      #secret: 'change_me'
      #bucket: 'my_photos'
      #region: 'us-east-1'

      ## Use max-age header on Amazon S3 resources (default=true).
      ## When true, this allows locally cached images to be served for up to
      ## one year. This can improve load speed and save requests to the image
      ## host. Set to false to revert to browser defaults (usually less than
      ## one year).
      #cache : true

    ## Set redirect URL for an external image host (Amazon S3 or other).
    ## If hosting images for your pod on an external server (even your own),
    ## add its URL here. All requests made to images under /uploads/images
    ## will be redirected to https://yourhost.tld/uploads/images/
    #image_redirect_url: 'https://images.example.org'

    assets: ## Section

      ## Serve static assets via the appserver (default=false).
      ## This is highly discouraged for production use. Let your reverse
      ## proxy/webserver do it by serving the files under public/ directly.
      #serve: false

      ## Upload your assets to S3 (default=false).
      #upload: false

      ## Specify an asset host. Ensure it does not have a trailing slash (/).
      #host: http://cdn.example.org/diaspora

    ## Pubsub server (default='https://pubsubhubbub.appspot.com/').
    ## Diaspora is only tested against the default pubsub server.
    ## You probably don't want to uncomment or change this.
    #pubsub_server: 'https://pubsubhubbub.appspot.com/'

    ## Logger configuration
    logging: ## Section

      logrotate: ## Section

        ## Roll the application log on a daily basis (default=true).
        #enable: true

        ## The number of days to keep (default=7)
        #days: 7

      ## Debug logging
      debug: ## Section

        ## Enables the debug-logging for SQL (default=false)
        ## This logs every SQL-statement!
        #sql: true

        ## Enables the federation-debug-log (default=false)
        ## This logs all XMLs that are used for the federation
        #federation: true

  ## Settings affecting how ./script/server behaves.
  server: ## Section
    ## Where the appserver should listen to (default=unix:tmp/diaspora.sock)
    #listen: 'unix:tmp/diaspora.sock'
    #listen: 'unix:/run/diaspora/diaspora.sock'
    #listen: '127.0.0.1:3000'

    ## Set the path for the PID file of the unicorn master process (default=tmp/pids/web.pid)
    #pid: 'tmp/pids/web.pid'

    ## Rails environment (default='development').
    ## The environment in which the server should be started by default.
    ## Change this to 'production' if you wish to run a production environment.
    #rails_environment: 'development'
    rails_environment: 'production'

    ## Write unicorn stderr and stdout log.
    #stderr_log: 'log/unicorn-stderr.log'
    #stdout_log: 'log/unicorn-stdout.log'

    ## Number of Unicorn worker processes (default=2).
    ## Increase this if you have many users.
    #unicorn_worker: 2

    ## Number of seconds before a request is aborted (default=90).
    ## Increase if you get empty responses, or if large image uploads fail.
    ## Decrease if you're under heavy load and don't care if some
    ## requests fail.
    #unicorn_timeout: 90

    ## Embed a Sidekiq worker inside the unicorn process (default=false).
    ## Useful for minimal Heroku setups.
    #embed_sidekiq_worker: false

    ## Number of Sidekiq worker processes (default=1).
    ## In most cases it is better to
    ## increase environment.sidekiq.concurrency instead!
    #sidekiq_workers: 1

  ## Diaspora has an internal XMPP web-client. If you want to enable the chat
  ## functionality or want to use a custom XMPP server, then you should edit
  ## the following configuration.
  chat: ## Section

    ## Enable the chat service and all its components.
    ##
    ## Please make sure that you followed the Installation-Instructions first:
    ## https://wiki.diasporafoundation.org/Integration/Chat#Installation.2FUpdate
    #enabled: true

    ## Custom XMPP server configuration goes here.
    server: ## Section

      ## Use the configuration bridge to prosody (default=true).
      ## In case you want to run your own server or want to configure
      ## prosody on your own, you should disable it.
      #enabled: false

      ## Set the directory in which to look for virtual hosts TLS certificates.
      #certs: 'config/certs'

      ## XEP-0124 BOSH requests
      ## The easiest way of avoiding certificate and mixed-content issues
      ## is to use a proxy, e.g.:
      ##
      ## Apache: https://wiki.diasporafoundation.org/Integration/Chat#Apache2
      ## Nginx: https://wiki.diasporafoundation.org/Integration/Chat#Nginx
      ##
      ## If you configured your proxy correctly,
      ## you should set the proxy option to 'true'
      bosh: ## Section

        ## If you'd like to use a proxy, you should set the proxy
        ## option to true, otherwise jsxc always tries to
        ## connect directly to the port specified below.
        #proxy: true

        ## Configure the protocol used to access the BOSH endpoint
        #proto: http

        ## Configure the address that prosody should listen on.
        #address: '0.0.0.0'

        ## Configure the BOSH port.
        #port: 5280

        ## Configure the bind endpoint.
        #bind: '/http-bind'

      ## Specify log behaviour here.
      log: ## Section

        ## Log file location.
        #info: 'log/prosody.log'

        ## Error log file location.
        #error: 'log/prosody.err'

        ## The debug level logs all XML sent and received by the server.
        #debug: false

  ## Displays the location of a post in a map. Per default we are using the map
  ## tiles of the Heidelberg University (http://giscience.uni-hd.de).
  ## You also have the possibility to use the map tiles of https://www.mapbox.com
  ## which is probably more reliable. There you have to create an account to get
  ## an access token which is limited. If you want to get an unlimited account
  ## you can write an email to team@diasporafoundation.org.
  ## Please enable mapbox and fill out your access_token.
  map: ##Section

    mapbox:
      #enabled: false
      #access_token: "youraccesstoken"
      #style: "mapbox/streets-v9"

  ## Settings potentially affecting the privacy of your users.
  privacy: ## Section

    ## Include jQuery from jquery.com's CDN (default=false).
    ## Enabling this can reduce traffic and speed up load time since most
    ## clients already have this one cached. When set to false (the default),
    ## the jQuery library will be loaded from your pod's own resources.
    #jquery_cdn: false

    ## Google Analytics (disabled by default).
    ## Provide a key to enable tracking by Google Analytics.
    #google_analytics_key:

    ## Piwik Tracking (disabled by default).
    ## Provide a site ID and the host piwik is running on to enable
    ## tracking through Piwik.
    piwik: ## Section

      #enable: true
      #host: 'stats.example.org'
      #site_id: 1

    ## Statistics
    ## Your pod will report its name, software version and whether
    ## or not registrations are open via /statistics and NodeInfo.
    ## Uncomment the options below to enable more statistics.
    statistics: ## Section

      ## Local user total and 6 month active counts.
      #user_counts: true

      ## Local post total count.
      #post_counts: true
      #comment_counts: true

    ## Use Camo to proxy embedded remote images.
    ## Do not enable this setting unless you have a working Camo setup. Using
    ## camo to proxy embedded images will improve the privacy and security of
    ## your pod's frontend, but it will increase the traffic on your server.
    ## Check out https://wiki.diasporafoundation.org/Installation/Camo for
    ## more details and installation instructions.
    camo: ## Section

      ## Proxy images embedded via markdown (default=false).
      ## Embedded images are quite often from non-SSL sites and may cause a
      ## partial content warning, so this is recommended.
      #proxy_markdown_images: true

      ## Proxy Open Graph thumbnails (default=false).
      ## Open Graph thumbnails may or may not be encrypted and loaded from
      ## servers outside the network. Recommended.
      #proxy_opengraph_thumbnails: true

      ## Proxy remote pod's images (default=false).
      ## Profile pictures and photos from other pods usually are encrypted,
      ## so enabling this is only useful if you want to avoid HTTP requests to
      ## third-party servers. This will create a lot of traffic on your camo
      ## instance. You have been warned.
      #proxy_remote_pod_images: true

      ## Root of your Camo installation
      #root: "https://example.com/camo/"

      ## Shared key of your Camo installation
      #key: "example123example456example!"

  ## General settings
  settings: ## Section

    ## Pod name (default="diaspora*")
    ## The pod name displayed in various locations, including the header.
    #pod_name: "diaspora*"

    ## Allow registrations (default=true)
    ## Set this to false to prevent people from signing up to your pod
    ## without an invitation. Note that this needs to be set to true
    ## (or commented out) to enable the first registration (you).
    #enable_registrations: true

    ## Auto-follow on sign-up (default=true)
    ## Users will automatically follow a specified account on creation.
    ## Set this to false if you don't want your users to automatically
    ## follow an account upon creation.
    #autofollow_on_join: true

    ## Auto-follow account (default='hq@pod.diaspora.software')
    ## The diaspora* HQ account keeps users up to date with news about Diaspora.
    ## If you set another auto-follow account (for example your podmin account),
    ## please consider resharing diaspora* HQ's posts for your pod's users!
    #autofollow_on_join_user: 'hq@pod.diaspora.software'

    ## Welcome Message settings
    welcome_message: ##Section

      ## Welcome Message on registration (default=false)
      ## Send a message to new users after registration
      ## to tell them about your pod and how things
      ## are handled on it.
      #enabled: false

      ## Welcome Message subject (default='Welcome Message')
      ## The subject of the conversation that is started
      ## by your welcome message.
      #subject: "Welcome Message"

      ## Welcome Message text (default='Hello %{username}, welcome to diaspora.')
      ## The content of your welcome message.
      ## The placeholder "%{username}" will be replaced by the username
      ## of the new user.
      #text: "Hello %{username}, welcome to diaspora."

    ## Invitation settings
    invitations: ## Section

      ## Enable invitations (default=true)
      ## Set this to false if you don't want users to be able to send invites.
      #open: true

      ## Number of invitations per invite link (default=25)
      ## Every user will see such a link if you have enabled
      ## invitations on your pod.
      #count: 25

    ## Paypal donations (disabled by default)
    ## You can set details for a Paypal button here to allow donations
    ## towards running the pod.
    ## First, enable the function, then set the currency in which you
    ## wish to receive donations, and **either** a hosted button id
    ## **or** an encrypted key for an unhosted button.
    paypal_donations: ## Section
      #enable: false

      ## Currency used (USD, EUR...)
      #currency: USD

      ## hosted Paypal button id
      #paypal_hosted_button_id: "change_me"
      ## OR encrypted key of unhosted button
      #paypal_unhosted_button_encrypted: "-----BEGIN PKCS7-----"

    ## Liberapay.com is a free platform which allow donations like patreon
    ## Set your username to include your liberapay button
    # liberapay_username: "change_me"

    ## Bitcoin donations
    ## You can provide a bitcoin address here to allow your users to provide
    ## donations towards the running of their pod.
    #bitcoin_address: "change_me"

    ## Community spotlight (disabled by default)
    ## The community spotlight shows new users public posts from people you
    ## think are interesting in Diaspora's community. To add an account
    ## to the community spotlight add the 'spotlight' role to it.
    community_spotlight: ## Section

      #enable: true

      ## E-mail address to which users can make suggestions about who
      ## should be in the community spotlight (optional).
      #suggest_email: 'admin@example.org'

    ## CURL debug (default=false)
    ## Turn on extra verbose output when sending stuff. Note: you
    ## don't need to touch this unless explicitly told to.
    #typhoeus_verbose: false

    ## Maximum number of parallel HTTP requests made to other pods (default=20)
    ## Be careful, raising this setting will heavily increase the memory usage
    ## of your Sidekiq workers.
    #typhoeus_concurrency: 20

    ## Maximum number of parallel user data export jobs (default=1)
    ## Be careful, exports of big/old profiles can use a lot of memory, running
    ## many of them in parallel can be a problem for small servers.
    #export_concurrency: 1

    ## Captcha settings
    captcha: ## Section

      ## Enable captcha (default=true)
      ## Set this to false if you don't want to use captcha for signup process.
      #enable: true

      ## Captcha image size (default='120x20')
      #image_size: '120x20'

      ## Length of captcha text (default=5)(max=12)
      #captcha_length: 5

      ## Captcha image style (default='simply_green')
      ## Available options for captcha image styles are: 'simply_blue',
      ## 'simply_red' 'simply_green', 'charcoal_grey', 'embossed_silver',
      ## 'all_black', 'distorted_black', 'almost_invisible', 'random'.
      #image_style: 'simply_green'

      ## Captcha image distortion (default='low')
      ## Sets the level of image distortion used in the captcha.
      ## Available options are: 'low', 'medium', 'high', 'random'.
      #distortion: 'low'

    ## Terms of Service
    ## Show a default or customized terms of service for users.
    ## You can create a custom Terms of Service by placing a template
    ## as app/views/terms/terms.haml or app/views/terms/terms.erb
    ## The default terms of service that can be extended is
    ## at app/views/terms/default.haml
    ## NOTE! The default terms have not been checked over by a lawyer and
    ## thus are unlikely to provide full legal protection for all situations
    ## for a podmin using them. They are also not specific to all countries
    ## and jurisdictions. If you are unsure, please check with a lawyer.
    ## We provide these for podmins as some basic rules that podmins
    ## can communicate to users easily via the diaspora* server software.
    ## Uncomment to enable this feature.
    terms: ## Section

      ## First enable it by uncommenting below.
      #enable: true

      ## Important! If you enable the terms, you should always
      ## set a location under which laws any disputes are governed
      ## under. For example, country or state/country, depending
      ## on the country in question.
      ## If this is not set, the whole paragraph about governing
      ## laws *is not shown* in the terms page.
      #jurisdiction: ""

      ## Age limit for signups.
      ## Set a number to activate this setting. This age limit is shown
      ## in the default ToS document.
      #minimum_age: false

    ## Maintenance
    ## Various pod maintenance related settings are controlled from here.
    maintenance: ## Section

      ## Removing old inactive users can be done automatically by background
      ## processing. The amount of inactivity is set by `after_days`. A warning
      ## email will be sent to the user and after an additional `warn_days`, the
      ## account will be automatically closed.
      ## This maintenance is not enabled by default.
      remove_old_users: ## Section

        #enable: true
        #after_days: 730
        #warn_days: 30

        ## Limit queuing for removal per day.
        #limit_removals_to_per_day: 100

    ## Source code URL
    ## URL to the source code your pod is currently running.
    ## If not set your pod will provide a downloadable archive.
    #source_url: 'https://example.org/username/diaspora'

    ## Changelog URL
    ## URL to the changelog of the diaspora-version your pod is currently running.
    ## If not set an auto-generated url to github is used.
    #changelog_url: "https://github.com/diaspora/diaspora/blob/master/Changelog.md"

    ## Default color theme
    ## You can change which color theme is displayed when a user is not signed in
    ## or has not selected any color theme from the available ones. You simply have
    ## to enter the name of the theme's folder in "app/assets/stylesheets/color_themes/".
    ## ("original" for the theme in "app/assets/stylesheets/color_themes/original/", for
    ## example).
    #default_color_theme: "original"

    ## Default meta tags
    ## You can change here the default meta tags content included on the pages of your pod.
    ## Title will be used for the opengraph og:site_name property while description will be used
    ## for description and og:description.
    default_metas:
      #title: 'diaspora* social network'
      #description: 'diaspora* is the online social world where you are in control.'

    ## CSP (Content Security Policy) header
    ## CSP allows limiting origins from where resources are allowed to be loaded. This
    ## improves security, since it helps to detect and mitigate cross-site scripting
    ## and data injection attacks. The default policy of diaspora* allows all third
    ## party domains from services that are included in diaspora*, like OEmbed
    ## scripts, so you can safely activate it by setting `report_only` to false. If
    ## you customized diaspora* (edited templates or added own JS), additional work
    ## may be required. You can test the policy with the `report_uri`. Our default CSP
    ## does not work with Google analytics or Piwik, because they inject JS code that
    ## is blocked by CSP.
    csp:

      ## Report-Only header (default=true)
      ## By default diaspora* adds only a "Content-Security-Policy-Report-Only" header. If you set
      ## this to false, the "Content-Security-Policy" header is added instead.
      #report_only: false

      ## CSP report URI (default=)
      ## You can set an URI here, where the user agent reports violations as JSON document via a POST request.
      #report_uri: "/csp_violation_reports"

  ## Posting from Diaspora to external services (all are disabled by default).
  services: ## Section

    ## OAuth credentials for Twitter
    twitter: ## Section

      #enable: true
      #key: 'abcdef'
      #secret: 'change_me'

    ## OAuth credentials for Tumblr
    tumblr: ## Section

      #enable: true
      #key: 'abcdef'
      #secret: 'change_me'

    ## OAuth credentials for Wordpress
    wordpress: ## Section

      #enable: true
      #client_id: 'abcdef'
      #secret: 'change_me'

  ## Allow your pod to send emails for notifications, password recovery
  ## and other purposes (disabled by default).
  mail: ## Section

    ## First you need to enable it.
    #enable: true

    ## Sender address used in mail sent by Diaspora.
    #sender_address: 'no-reply@example.org'

    ## This selects which mailer should be used. Use 'smtp' for a smtp
    ## connection or 'sendmail' to use the sendmail binary.
    #method: 'smtp'

    ## Ignore if method isn't 'smtp'.
    smtp: ## Section

      ## Host and port of the smtp server handling outgoing mail.
      ## This should match the common name of the certificate sent by
      ## the SMTP server, if it sends one. (default port=587)
      #host: 'smtp.example.org'
      #port: 587

      ## Authentication required to send mail (default='plain').
      ## Use one of 'plain', 'login' or 'cram_md5'. Use 'none'
      ## if server does not support authentication.
      #authentication: 'plain'

      ## Credentials to log in to the SMTP server.
      ## May be necessary if authentication is not 'none'.
      #username: 'change_me'
      #password: 'change_me'

      ## Automatically enable TLS (default=true).
      ## Leave this commented out if authentication is set to 'none'.
      #starttls_auto: true

      ## The domain for the HELO command, if needed.
      #domain: 'smtp.example.org'

      ## OpenSSL verify mode used when connecting to a SMTP server with TLS.
      ## Set this to 'none' if you have a self-signed certificate. Possible
      ## values: 'none', 'peer'.
      #openssl_verify_mode: 'none'

    ## Ignore if method isn't 'sendmail'
    sendmail: ## Section

      ## The path to the sendmail binary (default='/usr/sbin/sendmail')
      #location: '/usr/sbin/sendmail'

      ## Use exim and sendmail (default=false)
      #exim_fix: false

  ## Administrator settings
  admins: ## Section

    ## Set the admin account.
    ## This doesn't make the user an admin but is used when a generic
    ## admin contact is needed, much like the postmaster role in mail
    ## systems. Set only the username, NOT the full ID.
    #account: "podmaster"

    ## E-mail address to contact the administrator.
    #podmin_email: 'podmin@example.org'

  ## Settings related to relays
  relay: ## Section

    ## Relays are applications that exist to push public posts around to
    ## pods which want to subscribe to them but would not otherwise
    ## receive them due to not having direct contact with the remote pods.
    ##
    ## See more regarding relays: https://wiki.diasporafoundation.org/Relay_servers_for_public_posts

    outbound: ## Section
      ## Enable this setting to send out public posts from this pod to a relay
      #send: false
      ## Change default remote relay url used for sending out here
      #url: 'https://relay.iliketoast.net/receive/public'

    inbound: ## Section
      ## Enable this to receive public posts from relays
      #subscribe: false

      ## Scope is either 'all' or 'tags' (default).
      ## - 'all', means this pod wants to receive all public posts from a relay
      ## - 'tags', means this pod wants only posts tagged with certain tags
      #scope: tags

      ## If scope is 'tags', should we include tags that users on this pod follow?
      ## These are added in addition to 'pod_tags', if set.
      #include_user_tags: false

      ## If scope is 'tags', a comma separated list of tags here can be set.
      ## For example "linux,diaspora", to receive posts related to these tags
      #pod_tags:

## Here you can override settings defined above if you need
## to have them different in different environments.
production: ## Section
  environment: ## Section
    #redis: 'redis://production.example.org:6379'

development: ## Section
  environment: ## Section
    #redis: 'redis://production.example.org:6379'

***** END DOCUMENT COPY *****

4 posts were merged into an existing topic: [FR/EN] Diaspora doesn’t know where your certificate authorities are

That got me past that part, now I’ve got another issue:

***** BEGIN TERMINAL OUTPUT *****

[diaspora@diaspora-pod001 diaspora]$ bin/bundle install --full-index
Using rake 12.3.3
Using concurrent-ruby 1.1.6
Using i18n 1.8.3
Using minitest 5.14.1
Using thread_safe 0.3.6
Using tzinfo 1.2.7
Using activesupport 5.2.4.3
Using builder 3.2.4
Using erubi 1.9.0
Using mini_portile2 2.4.0
Using nokogiri 1.10.9
Using rails-dom-testing 2.0.3
Using crass 1.0.6
Using loofah 2.5.0
Using rails-html-sanitizer 1.3.0
Using actionview 5.2.4.3
Using rack 2.0.9
Using rack-test 1.1.0
Using actionpack 5.2.4.3
Using nio4r 2.5.2
Using websocket-extensions 0.1.5
Using websocket-driver 0.7.2
Using actioncable 5.2.4.3
Using globalid 0.4.2
Using activejob 5.2.4.3
Using mini_mime 1.0.2
Using mail 2.7.1
Using actionmailer 5.2.4.3
Using activemodel 5.2.4.3
Using active_model_serializers 0.9.7
Using arel 9.0.0
Using activerecord 5.2.4.3
Using activerecord-import 1.0.4
Using mimemagic 0.3.5
Using marcel 0.3.3
Using activestorage 5.2.4.3
Using acts-as-taggable-on 6.5.0
Using acts_as_api 1.0.1
Using public_suffix 4.0.3
Using addressable 2.7.0
Using aes_key_wrap 1.0.1
Using excon 0.73.0
Using formatador 0.2.5
Using mime-types-data 3.2019.1009
Using mime-types 3.3.1
Using fog-core 2.2.0
Using unf_ext 0.0.7.6
Using unf 0.1.4
Using asset_sync 2.11.0
Using ast 2.4.0
Using encryptor 3.0.0
Using attr_encrypted 3.1.0
Using attr_required 1.0.1
Using execjs 2.7.0
Using autoprefixer-rails 8.6.5
Using backports 3.17.0
Using bcrypt 3.1.13
Using bindata 2.4.6
Using ffi 1.12.2
Using sassc 2.2.1
Using bootstrap-sass 3.4.1
Using bootstrap-switch-rails 3.3.3
Using buftok 0.2.0
Using bundler 1.17.3
Using byebug 11.1.1
Using regexp_parser 1.7.0
Using xpath 3.2.0
Using capybara 3.15.0
Using carrierwave 1.3.1
Using timers 4.3.0
Using celluloid-essentials 0.20.5
Using celluloid-extras 0.20.5
Using celluloid-fsm 0.20.5
Using celluloid-pool 0.20.5
Using celluloid-supervision 0.20.6
Using celluloid 0.17.4
Using celluloid-io 0.17.3
Using chunky_png 1.3.11
Using cliver 0.3.2
Using coderay 1.1.2
Using multi_json 1.14.1
Using sass 3.4.25
Using compass-core 1.0.3
Using compass-import-once 1.0.5
Using rb-fsevent 0.10.3
Using rb-inotify 0.10.1
Using compass 1.0.3
Using method_source 0.9.2
Using thor 0.20.3
Using railties 5.2.4.3
Using sprockets 3.7.2
Using sprockets-rails 3.2.1
Using tilt 2.0.10
Using sass-rails 5.0.7
Using compass-rails 3.1.0
Using configurate 0.3.1
Using connection_pool 2.2.2
Using json 2.3.0
Using docile 1.3.2
Using simplecov-html 0.10.2
Using simplecov 0.16.1
Using sync 0.5.0
Using tins 1.24.1
Using term-ansicolor 1.7.1
Using coveralls 0.8.23
Using safe_yaml 1.0.5
Using crack 0.4.3
Using cucumber-tag_expressions 1.1.1
Using gherkin 5.1.0
Using cucumber-core 3.2.1
Using cucumber-expressions 6.0.1
Using cucumber-wire 0.0.1
Using diff-lcs 1.3
Using multi_test 0.1.2
Using cucumber 3.1.2
Using to_regexp 0.2.1
Using jsonpath 1.0.5
Using cucumber-api-steps 0.14.0
Using cucumber-rails 2.0.0
Using database_cleaner 1.8.3
Using orm_adapter 0.5.0
Using responders 2.4.1
Using warden 1.2.8
Using devise 4.7.1
Using rotp 2.1.2
Using devise-two-factor 3.0.3
Using rails 5.2.4.3
Using devise_lastseenable 0.0.6
Using diaspora-prosody-config 0.0.7
Using multipart-post 2.1.1
Using faraday 0.15.4
Using faraday_middleware 0.13.1
Using ethon 0.12.0
Using typhoeus 1.3.1
Using valid 1.2.0
Using diaspora_federation 0.2.6
Using diaspora_federation-json_schema 0.2.6
Using diaspora_federation-rails 0.2.6
Using fabrication 2.21.0
Using systemu 2.6.5
Using macaddr 1.7.2
Using uuid 2.3.9
Using diaspora_federation-test 0.2.6
Using domain_name 0.5.20190701
Using entypo-rails 3.0.0
Using equalizer 0.0.11
Using eslintrb 2.1.0
Using et-orbi 1.2.4
Using kostya-sigar 2.0.6
Using state_machines 0.5.0
Using eye 0.10.0
Using factory_girl 4.9.0
Using factory_girl_rails 4.9.0
Using http-cookie 1.0.3
Using faraday-cookie_jar 0.0.6
Using ffi-compiler 1.0.1
Using hashdiff 1.0.1
Using fixture_builder 0.5.2
Using fog-json 1.2.0
Using fog-xml 0.1.3
Using ipaddress 0.8.3
Using fog-aws 3.5.2
Using raabro 1.1.6
Using fugit 1.3.3
Using rspec-support 3.9.2
Using rspec-core 3.9.1
Using ruby-progressbar 1.10.1
Using fuubar 2.5.0
Using get_process_mem 0.2.5
Using multi_xml 0.6.0
Using httparty 0.18.0
Using unicode-display_width 1.6.1
Using terminal-table 1.8.0
Using gitlab 4.14.0
Using request_store 1.5.0
Using gon 6.3.2
Using listen 3.2.1
Using lumberjack 1.2.4
Using nenv 0.3.0
Using shellany 0.0.1
Using notiffany 0.1.3
Using pry 0.12.2
Using guard 2.16.1
Using guard-compat 1.2.1
Using rspec-expectations 3.9.1
Using rspec-mocks 3.9.1
Using rspec 3.9.0
Using guard-rspec 4.7.3
Using jaro_winkler 1.5.4
Using parallel 1.19.1
Using parser 2.7.0.4
Using rainbow 3.0.0
Using rexml 3.2.4
Using rubocop 0.80.1
Using guard-rubocop 1.3.0
Using temple 0.8.2
Using haml 5.1.2
Using sysexits 1.2.0
Using haml_lint 0.35.0
Using hamlit 2.11.0
Using handlebars_assets 0.23.8
Using hashie 4.1.0
Using http-form_data 2.3.0
Using http-parser 1.2.1
Using http 4.3.0
Using http_accept_language 2.1.1
Using http_parser.rb 0.6.0
Using httpclient 2.8.3
Using i18n-inflector 2.6.7
Using i18n-inflector-rails 1.0.7
Using jasmine-core 3.5.0
Using phantomjs 2.1.1.0
Using jasmine 3.5.1
Using jasmine-jquery-rails 2.0.3
Using jquery-rails 4.3.5
Using js-routes 1.4.9
Using js_image_paths 0.1.1
Using json-jwt 1.11.0
Using json-schema 2.8.1
Using json-schema-rspec 0.0.4
Using jwt 2.2.1
Using kgio 2.11.3
Using leaflet-rails 1.6.0
Using little-plugger 1.1.4
Using logging 2.2.2
Using logging-rails 0.6.0
Using markdown-it-html5-embed 1.0.0
Using markerb 1.1.0
Using memoizable 0.4.2
Using mini_magick 4.10.1
Using rack-mobile-detect 0.4.0
Using mobile-fu 1.4.0
Using naught 1.1.0
Using oauth 0.5.4
Using oauth2 1.4.4
Using sawyer 0.8.2
Using octokit 4.18.0
Using omniauth 1.9.1
Using omniauth-oauth 1.1.0
Using omniauth-oauth2 1.6.0
Using omniauth-tumblr 1.2
Using omniauth-twitter 1.4.0
Using omniauth-wordpress 0.2.2
Using open_graph_reader 0.7.0
Using rack-oauth2 1.10.1
Using swd 1.1.2
Using validate_email 0.1.6
Using validate_url 1.0.8
Using webfinger 1.1.0
Using openid_connect 1.1.8
Using pg 1.2.3
Using poltergeist 1.18.1
Using rugged 0.99.0
Using pronto 0.10.0
Using pronto-eslint 0.10.0
Using pronto-haml 0.10.0
Using pronto-rubocop 0.10.0
Using scss_lint 0.55.0
Using pronto-scss 0.10.0
Using pry-byebug 3.8.0
Using rack-cors 1.1.1
Using rack-google-analytics 1.2.0
Using rack-piwik 0.3.0
Using rack-protection 2.0.8.1
Using rack-rewrite 1.5.1
Using rack-ssl 1.4.1
Using rails-assets-autosize 4.0.2
Using rails-assets-underscore 1.9.1
Using rails-assets-backbone 1.3.3
Using rails-assets-blueimp-gallery 2.33.0
Using rails-assets-jquery 3.4.1
Using rails-assets-bootstrap 3.4.1
Using rails-assets-bootstrap-markdown 2.10.0
Using rails-assets-corejs-typeahead 1.2.1
Using rails-assets-emojione 2.0.1
Using rails-assets-favico.js 0.3.10
Using rails-assets-jquery-colorbox 1.6.4
Using rails-assets-jquery-fullscreen-plugin 0.5.0
Using rails-assets-jquery.slimscroll 1.3.8
Using rails-assets-jquery.ui 1.11.4
Using rails-assets-diaspora_jsxc 0.1.5.develop.7
Using rails-assets-fine-uploader 5.13.0
Using rails-assets-highlightjs 9.12.0
Using rails-assets-jasmine 3.4.0
Using rails-assets-jasmine-ajax 4.0.0
Using rails-assets-jquery-placeholder 2.3.1
Using rails-assets-jquery-textchange 0.2.3
Using rails-assets-jquery.are-you-sure 1.9.0
Using rails-assets-markdown-it 8.4.2
Using rails-assets-markdown-it–markdown-it-for-inline 0.1.1
Using rails-assets-markdown-it-diaspora-mention 1.2.0
Using rails-assets-markdown-it-hashtag 0.4.0
Using rails-assets-markdown-it-sanitizer 0.4.3
Using rails-assets-markdown-it-sub 1.0.0
Using rails-assets-markdown-it-sup 1.0.0
Using rails-assets-utatti-perfect-scrollbar 1.4.0
Using rails-controller-testing 1.0.4
Using rails-i18n 5.1.3
Using rails-timeago 2.18.0
Using raindrops 0.19.1
Using redcarpet 3.5.0
Using redis 3.3.5
Using rqrcode_core 0.1.2
Using rqrcode 1.1.2
Using rspec-json_expectations 2.2.0
Using rspec-rails 3.9.1
Using rubocop-rails 2.4.1
Using ruby-oembed 0.12.0
Using rubyzip 1.3.0
Using secure_headers 6.3.0
Using shoulda-matchers 4.0.1
Using sidekiq 5.2.8
Using sidekiq-cron 1.1.0
Using simple_captcha2 0.5.0
Using simple_oauth 0.3.1
Using sinon-rails 1.15.0
Using spring 2.1.0
Using spring-commands-cucumber 1.0.1
Using spring-commands-rspec 1.0.4
Using string-direction 1.2.2
Using timecop 0.9.1
Using turbo_dev_assets 0.0.2
Using twitter 7.0.0
Using twitter-text 1.14.7
Using uglifier 4.2.0
Using unicorn 5.5.3
Using unicorn-worker-killer 0.4.4
Using yard 0.9.24
Using versionist 2.0.1
Using webmock 3.8.3
Using will_paginate 3.3.0
Bundle complete! 142 Gemfile dependencies, 331 gems now installed.
Use bundle info [gemname] to see where a bundled gem is installed.
[diaspora@diaspora-pod001 diaspora]$ RAILS_ENV=production bundle exec rake db:create db:migrate
WARNING: Namespace production not found in /home/diaspora/diaspora/config/diaspora.yml
WARNING: Namespace production not found in /home/diaspora/diaspora/config/diaspora.yml
Rack::SSL is enabled
FATAL: Ident authentication failed for user “diaspora”
Couldn’t create ‘diaspora_production’ database. Please check your configuration.
rake aborted!
PG::ConnectionBad: FATAL: Ident authentication failed for user “diaspora”
/home/diaspora/.rvm/gems/ruby-2.6.5@diaspora/gems/pg-1.2.3/lib/pg.rb:58:in initialize' /home/diaspora/.rvm/gems/ruby-2.6.5@diaspora/gems/pg-1.2.3/lib/pg.rb:58:in new’
/home/diaspora/.rvm/gems/ruby-2.6.5@diaspora/gems/pg-1.2.3/lib/pg.rb:58:in connect' /home/diaspora/.rvm/gems/ruby-2.6.5@diaspora/gems/activerecord-5.2.4.3/lib/active_record/connection_adapters/postgresql_adapter.rb:692:in connect’
/home/diaspora/.rvm/gems/ruby-2.6.5@diaspora/gems/activerecord-5.2.4.3/lib/active_record/connection_adapters/postgresql_adapter.rb:223:in initialize' /home/diaspora/.rvm/gems/ruby-2.6.5@diaspora/gems/activerecord-5.2.4.3/lib/active_record/connection_adapters/postgresql_adapter.rb:48:in new’
/home/diaspora/.rvm/gems/ruby-2.6.5@diaspora/gems/activerecord-5.2.4.3/lib/active_record/connection_adapters/postgresql_adapter.rb:48:in postgresql_connection' /home/diaspora/.rvm/gems/ruby-2.6.5@diaspora/gems/activerecord-5.2.4.3/lib/active_record/connection_adapters/abstract/connection_pool.rb:830:in new_connection’
/home/diaspora/.rvm/gems/ruby-2.6.5@diaspora/gems/activerecord-5.2.4.3/lib/active_record/connection_adapters/abstract/connection_pool.rb:874:in checkout_new_connection' /home/diaspora/.rvm/gems/ruby-2.6.5@diaspora/gems/activerecord-5.2.4.3/lib/active_record/connection_adapters/abstract/connection_pool.rb:853:in try_to_checkout_new_connection’
/home/diaspora/.rvm/gems/ruby-2.6.5@diaspora/gems/activerecord-5.2.4.3/lib/active_record/connection_adapters/abstract/connection_pool.rb:814:in acquire_connection' /home/diaspora/.rvm/gems/ruby-2.6.5@diaspora/gems/activerecord-5.2.4.3/lib/active_record/connection_adapters/abstract/connection_pool.rb:538:in checkout’
/home/diaspora/.rvm/gems/ruby-2.6.5@diaspora/gems/activerecord-5.2.4.3/lib/active_record/connection_adapters/abstract/connection_pool.rb:382:in connection' /home/diaspora/.rvm/gems/ruby-2.6.5@diaspora/gems/activerecord-5.2.4.3/lib/active_record/connection_adapters/abstract/connection_pool.rb:1033:in retrieve_connection’
/home/diaspora/.rvm/gems/ruby-2.6.5@diaspora/gems/activerecord-5.2.4.3/lib/active_record/connection_handling.rb:118:in retrieve_connection' /home/diaspora/.rvm/gems/ruby-2.6.5@diaspora/gems/activerecord-5.2.4.3/lib/active_record/connection_handling.rb:90:in connection’
/home/diaspora/.rvm/gems/ruby-2.6.5@diaspora/gems/activerecord-5.2.4.3/lib/active_record/tasks/postgresql_database_tasks.rb:12:in connection' /home/diaspora/.rvm/gems/ruby-2.6.5@diaspora/gems/activerecord-5.2.4.3/lib/active_record/tasks/postgresql_database_tasks.rb:21:in create’
/home/diaspora/.rvm/gems/ruby-2.6.5@diaspora/gems/activerecord-5.2.4.3/lib/active_record/tasks/database_tasks.rb:119:in create' /home/diaspora/.rvm/gems/ruby-2.6.5@diaspora/gems/activerecord-5.2.4.3/lib/active_record/tasks/database_tasks.rb:139:in block in create_current’
/home/diaspora/.rvm/gems/ruby-2.6.5@diaspora/gems/activerecord-5.2.4.3/lib/active_record/tasks/database_tasks.rb:316:in block in each_current_configuration' /home/diaspora/.rvm/gems/ruby-2.6.5@diaspora/gems/activerecord-5.2.4.3/lib/active_record/tasks/database_tasks.rb:313:in each’
/home/diaspora/.rvm/gems/ruby-2.6.5@diaspora/gems/activerecord-5.2.4.3/lib/active_record/tasks/database_tasks.rb:313:in each_current_configuration' /home/diaspora/.rvm/gems/ruby-2.6.5@diaspora/gems/activerecord-5.2.4.3/lib/active_record/tasks/database_tasks.rb:138:in create_current’
/home/diaspora/.rvm/gems/ruby-2.6.5@diaspora/gems/activerecord-5.2.4.3/lib/active_record/railties/databases.rake:29:in block (2 levels) in <top (required)>' /home/diaspora/.rvm/gems/ruby-2.6.5@diaspora/gems/rake-12.3.3/exe/rake:27:in <top (required)>’
/home/diaspora/.rvm/gems/ruby-2.6.5@diaspora/bin/ruby_executable_hooks:24:in eval' /home/diaspora/.rvm/gems/ruby-2.6.5@diaspora/bin/ruby_executable_hooks:24:in
Tasks: TOP => db:create
(See full trace by running task with --trace)
[diaspora@diaspora-pod001 diaspora]$

***** END TERMINAL OUTPUT *****

It sounds like you didn’t properly setup either your config/database.yml or your PostgreSQL server to let the diaspora user authenticate.

I’ve verified the username and the password in the database.yml, I’ve reset the password in postgresql for the same user (diaspora), and I’m still getting the same error.

***** BEGIN TERMINAL OUTPUT *****

[root@diaspora-pod001 config]# cat database.yml
postgresql: &postgresql
  adapter: postgresql
  host: "localhost"
  port: 5432
#  username: "postgres"
#  password: ""
  username: "diaspora"
  password: "[PASSWORD HAS BEEN REDACTED]"
  encoding: unicode

mysql: &mysql
  adapter: mysql2
  host: "localhost"
  port: 3306
  username: "root"
  password: ""
#  socket: /tmp/mysql.sock
  encoding: utf8mb4
  collation: utf8mb4_bin


# Comment the postgresql line and uncomment the mysql line
# if you want to use mysql
common: &common
  # Choose one of the following
  <<: *postgresql
  #<<: *mysql

  # Should match environment.sidekiq.concurrency
  #pool: 25

##################################################
#### CONFIGURE ABOVE #############################
##################################################

# Normally you don't need to touch anything here

combined: &combined
  <<: *common
development:
  <<: *combined
  database: diaspora_development
production:
  <<: *combined
  database: diaspora_production
test:
  <<: *combined
  database: diaspora_test
integration1:
  <<: *combined
  database: diaspora_integration1
integration2:
  <<: *combined
  database: diaspora_integration2
[root@diaspora-pod001 config]#

[root@diaspora-pod001 config]# sudo -u postgres psql
psql (10.14)
Type "help" for help.

postgres=# \du+
                                          List of roles
 Role name |                         Attributes                         | Member of | Description
-----------+------------------------------------------------------------+-----------+-------------
 diaspora  | Create DB                                                  | {}        |
 postgres  | Superuser, Create role, Create DB, Replication, Bypass RLS | {}        |

postgres=#

***** END TERMINAL OUTPUT *****

Can you see anything that may stand out here?

Maybe your pg_hba.conf does not allow password authentication?

Here's the output of that config file:

***** BEGIN TERMINAL OUTPUT *****

[root@diaspora-pod001 diaspora]# cat /var/lib/pgsql/data/pg_hba.conf
# PostgreSQL Client Authentication Configuration File
# ===================================================
#
# Refer to the "Client Authentication" section in the PostgreSQL
# documentation for a complete description of this file.  A short
# synopsis follows.
#
# This file controls: which hosts are allowed to connect, how clients
# are authenticated, which PostgreSQL user names they can use, which
# databases they can access.  Records take one of these forms:
#
# local      DATABASE  USER  METHOD  [OPTIONS]
# host       DATABASE  USER  ADDRESS  METHOD  [OPTIONS]
# hostssl    DATABASE  USER  ADDRESS  METHOD  [OPTIONS]
# hostnossl  DATABASE  USER  ADDRESS  METHOD  [OPTIONS]
#
# (The uppercase items must be replaced by actual values.)
#
# The first field is the connection type: "local" is a Unix-domain
# socket, "host" is either a plain or SSL-encrypted TCP/IP socket,
# "hostssl" is an SSL-encrypted TCP/IP socket, and "hostnossl" is a
# plain TCP/IP socket.
#
# DATABASE can be "all", "sameuser", "samerole", "replication", a
# database name, or a comma-separated list thereof. The "all"
# keyword does not match "replication". Access to replication
# must be enabled in a separate record (see example below).
#
# USER can be "all", a user name, a group name prefixed with "+", or a
# comma-separated list thereof.  In both the DATABASE and USER fields
# you can also write a file name prefixed with "@" to include names
# from a separate file.
#
# ADDRESS specifies the set of hosts the record matches.  It can be a
# host name, or it is made up of an IP address and a CIDR mask that is
# an integer (between 0 and 32 (IPv4) or 128 (IPv6) inclusive) that
# specifies the number of significant bits in the mask.  A host name
# that starts with a dot (.) matches a suffix of the actual host name.
# Alternatively, you can write an IP address and netmask in separate
# columns to specify the set of hosts.  Instead of a CIDR-address, you
# can write "samehost" to match any of the server's own IP addresses,
# or "samenet" to match any address in any subnet that the server is
# directly connected to.
#
# METHOD can be "trust", "reject", "md5", "password", "scram-sha-256",
# "gss", "sspi", "ident", "peer", "pam", "ldap", "radius" or "cert".
# Note that "password" sends passwords in clear text; "md5" or
# "scram-sha-256" are preferred since they send encrypted passwords.
#
# OPTIONS are a set of options for the authentication in the format
# NAME=VALUE.  The available options depend on the different
# authentication methods -- refer to the "Client Authentication"
# section in the documentation for a list of which options are
# available for which authentication methods.
#
# Database and user names containing spaces, commas, quotes and other
# special characters must be quoted.  Quoting one of the keywords
# "all", "sameuser", "samerole" or "replication" makes the name lose
# its special character, and just match a database or username with
# that name.
#
# This file is read on server startup and when the server receives a
# SIGHUP signal.  If you edit the file on a running system, you have to
# SIGHUP the server for the changes to take effect, run "pg_ctl reload",
# or execute "SELECT pg_reload_conf()".
#
# Put your actual configuration here
# ----------------------------------
#
# If you want to allow non-local connections, you need to add more
# "host" records.  In that case you will also need to make PostgreSQL
# listen on a non-local interface via the listen_addresses
# configuration parameter, or via the -i or -h command line switches.



# TYPE  DATABASE        USER            ADDRESS                 METHOD

# "local" is for Unix domain socket connections only
local   all             all                                     peer
# IPv4 local connections:
host    all             all             127.0.0.1/32            ident
# IPv6 local connections:
host    all             all             ::1/128                 ident
# Allow replication connections from localhost, by a user with the
# replication privilege.
local   replication     all                                     peer
host    replication     all             127.0.0.1/32            ident
host    replication     all             ::1/128                 ident
[root@diaspora-pod001 diaspora]#

***** END TERMINAL OUTPUT *****

See the comments within the file.

I’ve gotta be blind or something…

I’ve tried this one at a time with the following settings, and then restarted the postgresql services. I still get the same error. I’ve even “reset” the password on the database, and reset the password in the local system to match, then verified the database.yml has the same password I’ve reset them all to.

local   all             diaspora                                trust
host    all             all             127.0.0.1/32            password
host    all             diaspora        127.0.0.1/32            password
host    all             diaspora        127.0.0.1/32            trust

What am I missing…? This is my first run with the postgresql database system.

***** BEGIN TERMINAL OUTPUT *****

[root@diaspora-pod001 diaspora]# RAILS_ENV=production bundle exec rake db:create db:migrate --trace
WARNING: Namespace production not found in /home/diaspora/diaspora/config/diaspora.yml
** Invoke db:create (first_time)
** Invoke db:load_config (first_time)
** Invoke environment (first_time)
** Execute environment
Rack::SSL is enabled
** Execute db:load_config
** Execute db:create
FATAL:  Ident authentication failed for user "diaspora"
Couldn't create 'diaspora_production' database. Please check your configuration.
rake aborted!
PG::ConnectionBad: FATAL:  Ident authentication failed for user "diaspora"
/home/diaspora/.rvm/gems/ruby-2.6.5@diaspora/gems/pg-1.2.3/lib/pg.rb:58:in `initialize'
/home/diaspora/.rvm/gems/ruby-2.6.5@diaspora/gems/pg-1.2.3/lib/pg.rb:58:in `new'
/home/diaspora/.rvm/gems/ruby-2.6.5@diaspora/gems/pg-1.2.3/lib/pg.rb:58:in `connect'
/home/diaspora/.rvm/gems/ruby-2.6.5@diaspora/gems/activerecord-5.2.4.3/lib/active_record/connection_adapters/postgresql_adapter.rb:692:in `connect'
/home/diaspora/.rvm/gems/ruby-2.6.5@diaspora/gems/activerecord-5.2.4.3/lib/active_record/connection_adapters/postgresql_adapter.rb:223:in `initialize'
/home/diaspora/.rvm/gems/ruby-2.6.5@diaspora/gems/activerecord-5.2.4.3/lib/active_record/connection_adapters/postgresql_adapter.rb:48:in `new'
/home/diaspora/.rvm/gems/ruby-2.6.5@diaspora/gems/activerecord-5.2.4.3/lib/active_record/connection_adapters/postgresql_adapter.rb:48:in `postgresql_connection'
/home/diaspora/.rvm/gems/ruby-2.6.5@diaspora/gems/activerecord-5.2.4.3/lib/active_record/connection_adapters/abstract/connection_pool.rb:830:in `new_connection'
/home/diaspora/.rvm/gems/ruby-2.6.5@diaspora/gems/activerecord-5.2.4.3/lib/active_record/connection_adapters/abstract/connection_pool.rb:874:in `checkout_new_connection'
/home/diaspora/.rvm/gems/ruby-2.6.5@diaspora/gems/activerecord-5.2.4.3/lib/active_record/connection_adapters/abstract/connection_pool.rb:853:in `try_to_checkout_new_connection'
/home/diaspora/.rvm/gems/ruby-2.6.5@diaspora/gems/activerecord-5.2.4.3/lib/active_record/connection_adapters/abstract/connection_pool.rb:814:in `acquire_connection'
/home/diaspora/.rvm/gems/ruby-2.6.5@diaspora/gems/activerecord-5.2.4.3/lib/active_record/connection_adapters/abstract/connection_pool.rb:538:in `checkout'
/home/diaspora/.rvm/gems/ruby-2.6.5@diaspora/gems/activerecord-5.2.4.3/lib/active_record/connection_adapters/abstract/connection_pool.rb:382:in `connection'
/home/diaspora/.rvm/gems/ruby-2.6.5@diaspora/gems/activerecord-5.2.4.3/lib/active_record/connection_adapters/abstract/connection_pool.rb:1033:in `retrieve_connection'
/home/diaspora/.rvm/gems/ruby-2.6.5@diaspora/gems/activerecord-5.2.4.3/lib/active_record/connection_handling.rb:118:in `retrieve_connection'
/home/diaspora/.rvm/gems/ruby-2.6.5@diaspora/gems/activerecord-5.2.4.3/lib/active_record/connection_handling.rb:90:in `connection'
/home/diaspora/.rvm/gems/ruby-2.6.5@diaspora/gems/activerecord-5.2.4.3/lib/active_record/tasks/postgresql_database_tasks.rb:12:in `connection'
/home/diaspora/.rvm/gems/ruby-2.6.5@diaspora/gems/activerecord-5.2.4.3/lib/active_record/tasks/postgresql_database_tasks.rb:21:in `create'
/home/diaspora/.rvm/gems/ruby-2.6.5@diaspora/gems/activerecord-5.2.4.3/lib/active_record/tasks/database_tasks.rb:119:in `create'
/home/diaspora/.rvm/gems/ruby-2.6.5@diaspora/gems/activerecord-5.2.4.3/lib/active_record/tasks/database_tasks.rb:139:in `block in create_current'
/home/diaspora/.rvm/gems/ruby-2.6.5@diaspora/gems/activerecord-5.2.4.3/lib/active_record/tasks/database_tasks.rb:316:in `block in each_current_configuration'
/home/diaspora/.rvm/gems/ruby-2.6.5@diaspora/gems/activerecord-5.2.4.3/lib/active_record/tasks/database_tasks.rb:313:in `each'
/home/diaspora/.rvm/gems/ruby-2.6.5@diaspora/gems/activerecord-5.2.4.3/lib/active_record/tasks/database_tasks.rb:313:in `each_current_configuration'
/home/diaspora/.rvm/gems/ruby-2.6.5@diaspora/gems/activerecord-5.2.4.3/lib/active_record/tasks/database_tasks.rb:138:in `create_current'
/home/diaspora/.rvm/gems/ruby-2.6.5@diaspora/gems/activerecord-5.2.4.3/lib/active_record/railties/databases.rake:29:in `block (2 levels) in <top (required)>'
/home/diaspora/.rvm/gems/ruby-2.6.5@diaspora/gems/rake-12.3.3/lib/rake/task.rb:273:in `block in execute'
/home/diaspora/.rvm/gems/ruby-2.6.5@diaspora/gems/rake-12.3.3/lib/rake/task.rb:273:in `each'
/home/diaspora/.rvm/gems/ruby-2.6.5@diaspora/gems/rake-12.3.3/lib/rake/task.rb:273:in `execute'
/home/diaspora/.rvm/gems/ruby-2.6.5@diaspora/gems/rake-12.3.3/lib/rake/task.rb:214:in `block in invoke_with_call_chain'
/home/diaspora/.rvm/rubies/ruby-2.6.5/lib/ruby/2.6.0/monitor.rb:235:in `mon_synchronize'
/home/diaspora/.rvm/gems/ruby-2.6.5@diaspora/gems/rake-12.3.3/lib/rake/task.rb:194:in `invoke_with_call_chain'
/home/diaspora/.rvm/gems/ruby-2.6.5@diaspora/gems/rake-12.3.3/lib/rake/task.rb:183:in `invoke'
/home/diaspora/.rvm/gems/ruby-2.6.5@diaspora/gems/rake-12.3.3/lib/rake/application.rb:160:in `invoke_task'
/home/diaspora/.rvm/gems/ruby-2.6.5@diaspora/gems/rake-12.3.3/lib/rake/application.rb:116:in `block (2 levels) in top_level'
/home/diaspora/.rvm/gems/ruby-2.6.5@diaspora/gems/rake-12.3.3/lib/rake/application.rb:116:in `each'
/home/diaspora/.rvm/gems/ruby-2.6.5@diaspora/gems/rake-12.3.3/lib/rake/application.rb:116:in `block in top_level'
/home/diaspora/.rvm/gems/ruby-2.6.5@diaspora/gems/rake-12.3.3/lib/rake/application.rb:125:in `run_with_threads'
/home/diaspora/.rvm/gems/ruby-2.6.5@diaspora/gems/rake-12.3.3/lib/rake/application.rb:110:in `top_level'
/home/diaspora/.rvm/gems/ruby-2.6.5@diaspora/gems/rake-12.3.3/lib/rake/application.rb:83:in `block in run'
/home/diaspora/.rvm/gems/ruby-2.6.5@diaspora/gems/rake-12.3.3/lib/rake/application.rb:186:in `standard_exception_handling'
/home/diaspora/.rvm/gems/ruby-2.6.5@diaspora/gems/rake-12.3.3/lib/rake/application.rb:80:in `run'
/home/diaspora/.rvm/gems/ruby-2.6.5@diaspora/gems/rake-12.3.3/exe/rake:27:in `<top (required)>'
/home/diaspora/.rvm/gems/ruby-2.6.5@diaspora/bin/rake:23:in `load'
/home/diaspora/.rvm/gems/ruby-2.6.5@diaspora/bin/rake:23:in `<main>'
/home/diaspora/.rvm/gems/ruby-2.6.5@diaspora/bin/ruby_executable_hooks:24:in `eval'
/home/diaspora/.rvm/gems/ruby-2.6.5@diaspora/bin/ruby_executable_hooks:24:in `<main>'
Tasks: TOP => db:create
[root@diaspora-pod001 diaspora]#

***** END TERMINAL OUTPUT *****

HA! Got it!!!

I had to do this:
Change all ‘ident’ to ‘md5’ in the file. So it now looks like this:

    # "local" is for Unix domain socket connections only
    local   all             all                                     peer
    # IPv4 local connections:
    #host    all             all             127.0.0.1/32            ident
    host    all             all             127.0.0.1/32            md5
    # IPv6 local connections:
    #host    all             all             ::1/128                 ident
    host    all             all             ::1/128                 md5
    # Allow replication connections from localhost, by a user with the
    # replication privilege.
    local   replication     all                                     peer
    #host    replication     all             127.0.0.1/32            ident
    host    replication     all             ::1/128                 md5
    #host    replication     all             127.0.0.1/32            ident
    host    replication     all             ::1/128                 md5
1 Like