From 364aac9c995888918d247fe1a99db2e998f087e2 Mon Sep 17 00:00:00 2001 From: Njagi Mwaniki Date: Mon, 23 Jan 2017 09:06:55 +0300 Subject: [PATCH] Dockerfile for postgres-9.6 with postgis. Signed-off-by: Njagi Mwaniki --- postgresql/Dockerfile | 62 ++++++++++++++++++++ postgresql/docker-entrypoint.sh | 100 ++++++++++++++++++++++++++++++++ 2 files changed, 162 insertions(+) create mode 100644 postgresql/Dockerfile create mode 100755 postgresql/docker-entrypoint.sh diff --git a/postgresql/Dockerfile b/postgresql/Dockerfile new file mode 100644 index 0000000..271dc52 --- /dev/null +++ b/postgresql/Dockerfile @@ -0,0 +1,62 @@ +# vim:set ft=dockerfile: +FROM debian:jessie + +# explicitly set user/group IDs +RUN groupadd -r postgres --gid=999 && useradd -r -g postgres --uid=999 postgres + +# grab gosu for easy step-down from root +ENV GOSU_VERSION 1.7 +RUN set -x \ + && apt-get update && apt-get install -y --no-install-recommends ca-certificates wget && rm -rf /var/lib/apt/lists/* \ + && wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$(dpkg --print-architecture)" \ + && wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$(dpkg --print-architecture).asc" \ + && export GNUPGHOME="$(mktemp -d)" \ + && gpg --keyserver ha.pool.sks-keyservers.net --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4 \ + && gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu \ + && rm -r "$GNUPGHOME" /usr/local/bin/gosu.asc \ + && chmod +x /usr/local/bin/gosu \ + && gosu nobody true \ + && apt-get purge -y --auto-remove ca-certificates wget + +# make the "en_US.UTF-8" locale so postgres will be utf-8 enabled by default +RUN apt-get update && apt-get install -y locales && rm -rf /var/lib/apt/lists/* \ + && localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8 +ENV LANG en_US.utf8 + +RUN mkdir /docker-entrypoint-initdb.d + +RUN apt-key adv --keyserver ha.pool.sks-keyservers.net --recv-keys B97B0AFCAA1A47F044F244A07FCC7D46ACCC4CF8 + +ENV PG_MAJOR 9.6 +ENV PG_VERSION 9.6.0-1.pgdg80+1 + +RUN echo 'deb http://apt.postgresql.org/pub/repos/apt/ jessie-pgdg main' $PG_MAJOR > /etc/apt/sources.list.d/pgdg.list + +RUN apt-get update \ + && apt-get install -y postgresql-common \ + && sed -ri 's/#(create_main_cluster) .*$/\1 = false/' /etc/postgresql-common/createcluster.conf \ + && apt-get install -y \ + postgresql-$PG_MAJOR=$PG_VERSION \ + postgresql-contrib-$PG_MAJOR=$PG_VERSION \ + && rm -rf /var/lib/apt/lists/* + +# install postgis for onadata +RUN apt-get update && apt-get install postgis -y + +# make the sample config easier to munge (and "correct by default") +RUN mv -v /usr/share/postgresql/$PG_MAJOR/postgresql.conf.sample /usr/share/postgresql/ \ + && ln -sv ../postgresql.conf.sample /usr/share/postgresql/$PG_MAJOR/ \ + && sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/share/postgresql/postgresql.conf.sample + +RUN mkdir -p /var/run/postgresql && chown -R postgres /var/run/postgresql + +ENV PATH /usr/lib/postgresql/$PG_MAJOR/bin:$PATH +ENV PGDATA /var/lib/postgresql/data +VOLUME /var/lib/postgresql/data + +COPY docker-entrypoint.sh / + +ENTRYPOINT ["/docker-entrypoint.sh"] + +EXPOSE 5432 +CMD ["postgres"] diff --git a/postgresql/docker-entrypoint.sh b/postgresql/docker-entrypoint.sh new file mode 100755 index 0000000..75c449d --- /dev/null +++ b/postgresql/docker-entrypoint.sh @@ -0,0 +1,100 @@ +#!/bin/bash +set -e + +if [ "${1:0:1}" = '-' ]; then + set -- postgres "$@" +fi + +if [ "$1" = 'postgres' ]; then + mkdir -p "$PGDATA" + chmod 700 "$PGDATA" + chown -R postgres "$PGDATA" + + mkdir -p /run/postgresql + chmod g+s /run/postgresql + chown -R postgres /run/postgresql + + # look specifically for PG_VERSION, as it is expected in the DB dir + if [ ! -s "$PGDATA/PG_VERSION" ]; then + eval "gosu postgres initdb $POSTGRES_INITDB_ARGS" + + # check password first so we can output the warning before postgres + # messes it up + if [ "$POSTGRES_PASSWORD" ]; then + pass="PASSWORD '$POSTGRES_PASSWORD'" + authMethod=md5 + else + # The - option suppresses leading tabs but *not* spaces. :) + cat >&2 <<-'EOWARN' + **************************************************** + WARNING: No password has been set for the database. + This will allow anyone with access to the + Postgres port to access your database. In + Docker's default configuration, this is + effectively any other container on the same + system. + + Use "-e POSTGRES_PASSWORD=password" to set + it in "docker run". + **************************************************** + EOWARN + + pass= + authMethod=trust + fi + + { echo; echo "host all all 0.0.0.0/0 $authMethod"; } | gosu postgres tee -a "$PGDATA/pg_hba.conf" > /dev/null + + # internal start of server in order to allow set-up using psql-client + # does not listen on external TCP/IP and waits until start finishes + gosu postgres pg_ctl -D "$PGDATA" \ + -o "-c listen_addresses='localhost'" \ + -w start + + : ${POSTGRES_USER:=postgres} + : ${POSTGRES_DB:=$POSTGRES_USER} + export POSTGRES_USER POSTGRES_DB + + psql=( psql -v ON_ERROR_STOP=1 ) + + if [ "$POSTGRES_DB" != 'postgres' ]; then + "${psql[@]}" --username postgres <<-EOSQL + CREATE DATABASE "$POSTGRES_DB" ; + EOSQL + echo + fi + + if [ "$POSTGRES_USER" = 'postgres' ]; then + op='ALTER' + else + op='CREATE' + fi + "${psql[@]}" --username postgres <<-EOSQL + $op USER "$POSTGRES_USER" WITH SUPERUSER $pass ; + EOSQL + echo + + psql+=( --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" ) + + echo + for f in /docker-entrypoint-initdb.d/*; do + case "$f" in + *.sh) echo "$0: running $f"; . "$f" ;; + *.sql) echo "$0: running $f"; "${psql[@]}" < "$f"; echo ;; + *.sql.gz) echo "$0: running $f"; gunzip -c "$f" | "${psql[@]}"; echo ;; + *) echo "$0: ignoring $f" ;; + esac + echo + done + + gosu postgres pg_ctl -D "$PGDATA" -m fast -w stop + + echo + echo 'PostgreSQL init process complete; ready for start up.' + echo + fi + + exec gosu postgres "$@" +fi + +exec "$@"