Okay, so I got it working. Apparently having 192.168.1.111 and localhost in the listen_address was causing a problem.
So current settings:
listen_address = "*"
local all all md5
host all all 127.0.0.1/32 md5
host all all 0.0.0.0/0 password
host all all ::1/128 md5
database.yml changes reverted
ctl.sh changes reverted
Metasploit works fine, and I can connect to the server remotely. However, I do not have any credentials to login with. The msf user role is not acceptable for logging in from a remote machine, and I do not know the default password for user postgres, so I cannot login as postgres unless I change the line in pg_hba.conf to "host all all 0.0.0.0/0 trust". And that's far from ideal, it leaves the database open to anyone who might come across it.
So, what's the default postgres password in backtrack 5 R2? (It's not toortoor)