robin.thoni
/
docker-postgres-builder
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Browse Source

init

master
Robin Thoni 6 years ago
commit
e7710ef2ca
2 changed files with 214 additions and 0 deletions
Split View Show Diff Stats
  1. 69
    0
      Dockerfile
  2. 145
    0
      docker-entrypoint.sh

+ 69
- 0
Dockerfile View File 

@@ -0,0 +1,69 @@
1 
+FROM robinthoni/debian-multiarch:jessie
2 
+
3 
+MAINTAINER Robin Thoni <robin@rthoni.com>
4 
+
5 
+ARG PG_VERSION=9.6.3
6 
+ARG PG_MAJOR=9.6
7 
+ARG PG_VERSION_=9_6_3
8 
+
9 
+RUN apt-get update && apt-get -y install\
10 
+        wget\
11 
+        bison\
12 
+        flex\
13 
+        tar\
14 
+        gzip\
15 
+        libreadline-dev\
16 
+        git &&\
17 
+        apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
18 
+
19 
+RUN wget "https://github.com/postgres/postgres/archive/REL${PG_VERSION_}.tar.gz" &&\
20 
+    tar xf REL${PG_VERSION_}.tar.gz
21 
+
22 
+RUN apt-get update
23 
+
24 
+RUN apt-get -y install\
25 
+        zlib1g-dev\
26 
+        make
27 
+
28 
+RUN cd postgres-REL${PG_VERSION_} &&\
29 
+    ./configure --prefix=/usr/ &&\
30 
+    make &&\
31 
+    make install
32 
+
33 
+RUN groupadd -r postgres --gid=999 && useradd -r -g postgres --uid=999 postgres
34 
+
35 
+ENV GOSU_VERSION 1.7
36 
+RUN set -x \
37 
+  && apt-get update && apt-get install -y --no-install-recommends ca-certificates wget && rm -rf /var/lib/apt/lists/* \
38 
+  && wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$(dpkg --print-architecture)" \
39 
+  && wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$(dpkg --print-architecture).asc" \
40 
+  && export GNUPGHOME="$(mktemp -d)" \
41 
+  && gpg --keyserver ha.pool.sks-keyservers.net --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4 \
42 
+  && gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu \
43 
+  && rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc \
44 
+  && chmod +x /usr/local/bin/gosu \
45 
+  && gosu nobody true \
46 
+  && apt-get purge -y --auto-remove ca-certificates wget
47 
+
48 
+RUN apt-get update && apt-get install -y locales && rm -rf /var/lib/apt/lists/* \
49 
+  && localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8
50 
+ENV LANG en_US.utf8
51 
+
52 
+RUN mkdir -p /docker-entrypoint-initdb.d /usr/share/postgresql/
53 
+
54 
+RUN sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/share/postgresql/postgresql.conf.sample
55 
+
56 
+RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 2777 /var/run/postgresql
57 
+
58 
+ENV PATH /usr/lib/postgresql/$PG_MAJOR/bin:$PATH
59 
+ENV PGDATA /var/lib/postgresql/data
60 
+RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 777 "$PGDATA" # this 777 will be replaced by 700 at runtime (allows semi-arbitrary "--user" values)
61 
+VOLUME /var/lib/postgresql/data
62 
+
63 
+
64 
+COPY docker-entrypoint.sh /usr/local/bin/
65 
+RUN ln -s usr/local/bin/docker-entrypoint.sh /
66 
+ENTRYPOINT ["docker-entrypoint.sh"]
67 
+
68 
+EXPOSE 5432
69 
+CMD ["postgres"]

+ 145
- 0
docker-entrypoint.sh View File 

@@ -0,0 +1,145 @@
1 
+#!/bin/bash
2 
+set -e
3 
+
4 
+# usage: file_env VAR [DEFAULT]
5 
+#    ie: file_env 'XYZ_DB_PASSWORD' 'example'
6 
+# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of
7 
+#  "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature)
8 
+file_env() {
9 
+	local var="$1"
10 
+	local fileVar="${var}_FILE"
11 
+	local def="${2:-}"
12 
+	if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then
13 
+		echo >&2 "error: both $var and $fileVar are set (but are exclusive)"
14 
+		exit 1
15 
+	fi
16 
+	local val="$def"
17 
+	if [ "${!var:-}" ]; then
18 
+		val="${!var}"
19 
+	elif [ "${!fileVar:-}" ]; then
20 
+		val="$(< "${!fileVar}")"
21 
+	fi
22 
+	export "$var"="$val"
23 
+	unset "$fileVar"
24 
+}
25 
+
26 
+if [ "${1:0:1}" = '-' ]; then
27 
+	set -- postgres "$@"
28 
+fi
29 
+
30 
+# allow the container to be started with `--user`
31 
+if [ "$1" = 'postgres' ] && [ "$(id -u)" = '0' ]; then
32 
+	mkdir -p "$PGDATA"
33 
+	chown -R postgres "$PGDATA"
34 
+	chmod 700 "$PGDATA"
35 
+
36 
+	mkdir -p /var/run/postgresql
37 
+	chown -R postgres /var/run/postgresql
38 
+	chmod 775 /var/run/postgresql
39 
+
40 
+	# Create the transaction log directory before initdb is run (below) so the directory is owned by the correct user
41 
+	if [ "$POSTGRES_INITDB_XLOGDIR" ]; then
42 
+		mkdir -p "$POSTGRES_INITDB_XLOGDIR"
43 
+		chown -R postgres "$POSTGRES_INITDB_XLOGDIR"
44 
+		chmod 700 "$POSTGRES_INITDB_XLOGDIR"
45 
+	fi
46 
+
47 
+	exec gosu postgres "$BASH_SOURCE" "$@"
48 
+fi
49 
+
50 
+if [ "$1" = 'postgres' ]; then
51 
+	mkdir -p "$PGDATA"
52 
+	chown -R "$(id -u)" "$PGDATA" 2>/dev/null || :
53 
+	chmod 700 "$PGDATA" 2>/dev/null || :
54 
+
55 
+	# look specifically for PG_VERSION, as it is expected in the DB dir
56 
+	if [ ! -s "$PGDATA/PG_VERSION" ]; then
57 
+		file_env 'POSTGRES_INITDB_ARGS'
58 
+		if [ "$POSTGRES_INITDB_XLOGDIR" ]; then
59 
+			export POSTGRES_INITDB_ARGS="$POSTGRES_INITDB_ARGS --xlogdir $POSTGRES_INITDB_XLOGDIR"
60 
+		fi
61 
+		eval "initdb --username=postgres $POSTGRES_INITDB_ARGS"
62 
+
63 
+		# check password first so we can output the warning before postgres
64 
+		# messes it up
65 
+		file_env 'POSTGRES_PASSWORD'
66 
+		if [ "$POSTGRES_PASSWORD" ]; then
67 
+			pass="PASSWORD '$POSTGRES_PASSWORD'"
68 
+			authMethod=md5
69 
+		else
70 
+			# The - option suppresses leading tabs but *not* spaces. :)
71 
+			cat >&2 <<-'EOWARN'
72 
+				****************************************************
73 
+				WARNING: No password has been set for the database.
74 
+				         This will allow anyone with access to the
75 
+				         Postgres port to access your database. In
76 
+				         Docker's default configuration, this is
77 
+				         effectively any other container on the same
78 
+				         system.
79 
+
80 
+				         Use "-e POSTGRES_PASSWORD=password" to set
81 
+				         it in "docker run".
82 
+				****************************************************
83 
+			EOWARN
84 
+
85 
+			pass=
86 
+			authMethod=trust
87 
+		fi
88 
+
89 
+		{
90 
+			echo
91 
+			echo "host all all all $authMethod"
92 
+		} >> "$PGDATA/pg_hba.conf"
93 
+
94 
+		# internal start of server in order to allow set-up using psql-client
95 
+		# does not listen on external TCP/IP and waits until start finishes
96 
+		PGUSER="${PGUSER:-postgres}" \
97 
+		pg_ctl -D "$PGDATA" \
98 
+			-o "-c listen_addresses='localhost'" \
99 
+			-w start
100 
+
101 
+		file_env 'POSTGRES_USER' 'postgres'
102 
+		file_env 'POSTGRES_DB' "$POSTGRES_USER"
103 
+
104 
+		psql=( psql -v ON_ERROR_STOP=1 )
105 
+
106 
+		if [ "$POSTGRES_DB" != 'postgres' ]; then
107 
+			"${psql[@]}" --username postgres <<-EOSQL
108 
+				CREATE DATABASE "$POSTGRES_DB" ;
109 
+			EOSQL
110 
+			echo
111 
+		fi
112 
+
113 
+		if [ "$POSTGRES_USER" = 'postgres' ]; then
114 
+			op='ALTER'
115 
+		else
116 
+			op='CREATE'
117 
+		fi
118 
+		"${psql[@]}" --username postgres <<-EOSQL
119 
+			$op USER "$POSTGRES_USER" WITH SUPERUSER $pass ;
120 
+		EOSQL
121 
+		echo
122 
+
123 
+		psql+=( --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" )
124 
+
125 
+		echo
126 
+		for f in /docker-entrypoint-initdb.d/*; do
127 
+			case "$f" in
128 
+				*.sh)     echo "$0: running $f"; . "$f" ;;
129 
+				*.sql)    echo "$0: running $f"; "${psql[@]}" -f "$f"; echo ;;
130 
+				*.sql.gz) echo "$0: running $f"; gunzip -c "$f" | "${psql[@]}"; echo ;;
131 
+				*)        echo "$0: ignoring $f" ;;
132 
+			esac
133 
+			echo
134 
+		done
135 
+
136 
+		PGUSER="${PGUSER:-postgres}" \
137 
+		pg_ctl -D "$PGDATA" -m fast -w stop
138 
+
139 
+		echo
140 
+		echo 'PostgreSQL init process complete; ready for start up.'
141 
+		echo
142 
+	fi
143 
+fi
144 
+
145 
+exec "$@"

Write Preview
Loading…
Cancel
Save