mirror
/
docker-postgis
kopia lustrzana https://github.com/kartoza/docker-postgis
1
0
Forkuj 0
Kod Zgłoszenia Packages Projekty Wydania Wiki Aktywność

Merge pull request #290 from kalbasit/update-pg10

10.0-2.4
mazano 2021-01-28 22:43:38 +02:00 zatwierdzone przez GitHub
rodzic 93af1dd0f1 a53b440f83
commit 1d4f5a3f21
Nie znaleziono w bazie danych klucza dla tego podpisu
ID klucza GPG: 4AEE18F83AFDEB23
19 zmienionych plików z 1090 dodań i 414 usunięć
Pokaż statystyki Ściągnij plik aktualizacji Ściągnij plik porównania Expand all files Collapse all files

38
Dockerfile
Wyświetl plik

@ -6,10 +6,21 @@ RUN export DEBIAN_FRONTEND=noninteractive
ENV DEBIAN_FRONTEND noninteractive
RUN dpkg-divert --local --rename --add /sbin/initctl
RUN apt-get -y update; apt-get -y install lsb-release gnupg2 wget ca-certificates rpl pwgen
RUN apt-get -y update; apt-get -y install lsb-release gnupg2 wget ca-certificates rpl pwgen locales
RUN sh -c 'echo "deb http://apt.postgresql.org/pub/repos/apt/ `lsb_release -cs`-pgdg main" >> /etc/apt/sources.list.d/pgdg.list'
RUN wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | apt-key add -
# Generating locales takes a long time. Utilize caching by runnig it by itself
# early in the build process.
COPY scripts/locale.gen /etc/locale.gen
RUN set -eux \
&& /usr/sbin/locale-gen
ENV LANG=en_US.UTF-8 \
LANGUAGE=en_US:en \
LC_ALL=en_US.UTF-8
RUN update-locale ${LANG}
#-------------Application Specific Stuff ----------------------------------------------------
# We add postgis as well to prevent build errors (that we dont see on local builds)
@ -20,23 +31,16 @@ RUN apt-get update; apt-get install -y postgresql-client-10 postgresql-common po
# Open port 5432 so linked containers can see them
EXPOSE 5432
# Copy scripts
ADD scripts /scripts
WORKDIR /scripts
RUN chmod +x *.sh
# Run any additional tasks here that are too tedious to put in
# this dockerfile directly.
ADD env-data.sh /env-data.sh
ADD setup.sh /setup.sh
RUN chmod +x /setup.sh
RUN /setup.sh
RUN set -eux \
&& /scripts/setup.sh
# We will run any commands in this when the container starts
ADD docker-entrypoint.sh /docker-entrypoint.sh
ADD setup-conf.sh /
ADD setup-database.sh /
ADD setup-pg_hba.sh /
ADD setup-replication.sh /
ADD setup-ssl.sh /
ADD setup-user.sh /
ADD postgresql.conf /tmp/postgresql.conf
RUN chmod +x /docker-entrypoint.sh
VOLUME /var/lib/postgresql
ENTRYPOINT /docker-entrypoint.sh
ENTRYPOINT /scripts/docker-entrypoint.sh

88
docker-entrypoint.sh
Wyświetl plik

@ -1,88 +0,0 @@
#!/usr/bin/env bash
# This script will run as the postgres user due to the Dockerfile USER directive
set -e
# Setup postgres CONF file
source /setup-conf.sh
# Setup ssl
source /setup-ssl.sh
# Setup pg_hba.conf
source /setup-pg_hba.sh
# Running extended script or sql if provided.
# Useful for people who extends the image.
function entry_point_script {
SETUP_LOCKFILE="/docker-entrypoint-initdb.d/.entry_point.lock"
if [[ -f "${SETUP_LOCKFILE}" ]]; then
return 0
else
if find "/docker-entrypoint-initdb.d" -mindepth 1 -print -quit 2>/dev/null | grep -q .; then
for f in /docker-entrypoint-initdb.d/*; do
export PGPASSWORD=${POSTGRES_PASS}
list=(`echo ${POSTGRES_DBNAME} | tr ',' ' '`)
arr=(${list})
SINGLE_DB=${arr[0]}
case "$f" in
*.sql) echo "$0: running $f"; psql ${SINGLE_DB} -U ${POSTGRES_USER} -p 5432 -h localhost -f ${f} || true ;;
*.sql.gz) echo "$0: running $f"; gunzip < "$f" | psql ${SINGLE_DB} -U ${POSTGRES_USER} -p 5432 -h localhost || true ;;
*) echo "$0: ignoring $f" ;;
esac
echo
done
# Put lock file to make sure entry point scripts were run
touch ${SETUP_LOCKFILE}
else
return 0
fi
fi
}
function kill_postgres {
PID=`cat ${PG_PID}`
kill -TERM ${PID}
# Wait for background postgres main process to exit
while [[ "$(ls -A ${PG_PID} 2>/dev/null)" ]]; do
sleep 1
done
}
if [[ -z "$REPLICATE_FROM" ]]; then
# This means this is a master instance. We check that database exists
echo "Setup master database"
source /setup-database.sh
entry_point_script
kill_postgres
else
# This means this is a slave/replication instance.
echo "Setup slave database"
source /setup-replication.sh
fi
# If no arguments passed to entrypoint, then run postgres by default
if [ $# -eq 0 ];
then
echo "Postgres initialisation process completed .... restarting in foreground"
cat /tmp/postgresql.conf > ${CONF}
su - postgres -c "$SETVARS $POSTGRES -D $DATADIR -c config_file=$CONF"
fi
# If arguments passed, run postgres with these arguments
# This will make sure entrypoint will always be executed
if [ "${1:0:1}" = '-' ]; then
# append postgres into the arguments
set -- postgres "$@"
fi
exec su - "$@"

72
env-data.sh
Wyświetl plik

@ -1,72 +0,0 @@
#!/usr/bin/env bash
DATADIR="/var/lib/postgresql/10/main"
ROOT_CONF="/etc/postgresql/10/main"
CONF="$ROOT_CONF/postgresql.conf"
WAL_ARCHIVE="/opt/archivedir"
RECOVERY_CONF="$ROOT_CONF/recovery.conf"
POSTGRES="/usr/lib/postgresql/10/bin/postgres"
INITDB="/usr/lib/postgresql/10/bin/initdb"
SQLDIR="/usr/share/postgresql/10/contrib/postgis-2.4/"
SETVARS="POSTGIS_ENABLE_OUTDB_RASTERS=1 POSTGIS_GDAL_ENABLED_DRIVERS=ENABLE_ALL"
LOCALONLY="-c listen_addresses='127.0.0.1'"
PG_BASEBACKUP="/usr/bin/pg_basebackup"
PROMOTE_FILE="/tmp/pg_promote_master"
PGSTAT_TMP="/var/run/postgresql/"
PG_PID="/var/run/postgresql/10-main.pid"
# Make sure we have a user set up
if [ -z "${POSTGRES_USER}" ]; then
POSTGRES_USER=docker
fi
if [ -z "${POSTGRES_PASS}" ]; then
POSTGRES_PASS=docker
fi
if [ -z "${POSTGRES_DBNAME}" ]; then
POSTGRES_DBNAME=gis
fi
# SSL mode
if [ -z "${PGSSLMODE}" ]; then
PGSSLMODE=require
fi
# Enable hstore and topology by default
if [ -z "${HSTORE}" ]; then
HSTORE=true
fi
if [ -z "${TOPOLOGY}" ]; then
TOPOLOGY=true
fi
# Replication settings
if [ -z "${REPLICATE_PORT}" ]; then
REPLICATE_PORT=5432
fi
if [ -z "${DESTROY_DATABASE_ON_RESTART}" ]; then
DESTROY_DATABASE_ON_RESTART=true
fi
if [ -z "${PG_MAX_WAL_SENDERS}" ]; then
PG_MAX_WAL_SENDERS=8
fi
if [ -z "${PG_WAL_KEEP_SEGMENTS}" ]; then
PG_WAL_KEEP_SEGMENTS=100
fi
if [ -z "${IP_LIST}" ]; then
IP_LIST='*'
fi
# Compatibility with official postgres variable
# Official postgres variable gets priority
if [ ! -z "${POSTGRES_PASSWORD}" ]; then
POSTGRES_PASS=${POSTGRES_PASSWORD}
fi
if [ ! -z "${PGDATA}" ]; then
DATADIR=${PGDATA}
fi
if [ ! -z "$POSTGRES_DB" ]; then
POSTGRES_DBNAME=${POSTGRES_DB}
fi
if [ -z "$EXTRA_CONF" ]; then
EXTRA_CONF=""
fi

6
sample/replication/tests/replication_test_master.sh
Wyświetl plik

@ -1,9 +1,9 @@
#!/bin/sh
. /env-data.sh
#!/usr/bin/env bash
set -e
source /scripts/env-data.sh
echo "Check master replication"
# Create a new table

6
sample/replication/tests/replication_test_slave.sh
Wyświetl plik

@ -1,9 +1,9 @@
#!/bin/sh
. /env-data.sh
#!/usr/bin/env bash
set -e
source /scripts/env-data.sh
echo "Check slave replication"
# Check table exists in slave

46
scripts/docker-entrypoint.sh 100755
Wyświetl plik

@ -0,0 +1,46 @@
#!/usr/bin/env bash
set -e
source /scripts/env-data.sh
# Setup postgres CONF file
source /scripts/setup-conf.sh
# Setup ssl
source /scripts/setup-ssl.sh
# Setup pg_hba.conf
source /scripts/setup-pg_hba.sh
if [[ -z "$REPLICATE_FROM" ]]; then
# This means this is a master instance. We check that database exists
echo "Setup master database"
source /scripts/setup-database.sh
entry_point_script
kill_postgres
else
# This means this is a slave/replication instance.
echo "Setup slave database"
source /scripts/setup-replication.sh
fi
# If no arguments passed to entrypoint, then run postgres by default
if [[ $# -eq 0 ]];
then
echo "Postgres initialisation process completed .... restarting in foreground"
su - postgres -c "$SETVARS $POSTGRES -D $DATADIR -c config_file=$CONF"
fi
# If arguments passed, run postgres with these arguments
# This will make sure entrypoint will always be executed
if [[ "${1:0:1}" = '-' ]]; then
# append postgres into the arguments
set -- postgres "$@"
fi
exec su - "$@"

259
scripts/env-data.sh 100644
Wyświetl plik

@ -0,0 +1,259 @@
#!/usr/bin/env bash
DATADIR="/var/lib/postgresql/10/main"
ROOT_CONF="/etc/postgresql/10/main"
PG_ENV="$ROOT_CONF/environment"
CONF="$ROOT_CONF/postgresql.conf"
WAL_ARCHIVE="/opt/archivedir"
RECOVERY_CONF="$ROOT_CONF/recovery.conf"
POSTGRES="/usr/lib/postgresql/10/bin/postgres"
INITDB="/usr/lib/postgresql/10/bin/initdb"
SQLDIR="/usr/share/postgresql/10/contrib/postgis-2.4/"
SETVARS="POSTGIS_ENABLE_OUTDB_RASTERS=1 POSTGIS_GDAL_ENABLED_DRIVERS=ENABLE_ALL"
LOCALONLY="-c listen_addresses='127.0.0.1'"
PG_BASEBACKUP="/usr/bin/pg_basebackup"
PROMOTE_FILE="/tmp/pg_promote_master"
PGSTAT_TMP="/var/run/postgresql/"
PG_PID="/var/run/postgresql/10-main.pid"
# Read data from secrets into env variables.
# usage: file_env VAR [DEFAULT]
# ie: file_env 'XYZ_DB_PASSWORD' 'example'
# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of
# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature)
function file_env {
local var="$1"
local fileVar="${var}_FILE"
local def="${2:-}"
if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then
echo >&2 "error: both $var and $fileVar are set (but are exclusive)"
exit 1
fi
local val="$def"
if [ "${!var:-}" ]; then
val="${!var}"
elif [ "${!fileVar:-}" ]; then
val="$(< "${!fileVar}")"
fi
export "$var"="$val"
unset "$fileVar"
}
function boolean() {
case $1 in
[Tt][Rr][Uu][Ee] | [Yy][Ee][Ss])
echo 'TRUE'
;;
*)
echo 'FALSE'
;;
esac
}
file_env 'POSTGRES_PASS'
file_env 'POSTGRES_USER'
file_env 'POSTGRES_DBNAME'
# Make sure we have a user set up
if [ -z "${POSTGRES_USER}" ]; then
POSTGRES_USER=docker
fi
if [ -z "${POSTGRES_PASS}" ]; then
POSTGRES_PASS=docker
fi
if [ -z "${POSTGRES_DBNAME}" ]; then
POSTGRES_DBNAME=gis
fi
# If datadir is not defined, then use this
if [ -z "${DATADIR}" ]; then
DATADIR=${DEFAULT_DATADIR}
fi
# RECREATE_DATADIR flag default value
# Always assume that we don't want to recreate datadir if not explicitly defined
# For issue: https://github.com/kartoza/docker-postgis/issues/226
if [ -z "${RECREATE_DATADIR}" ]; then
RECREATE_DATADIR=FALSE
else
RECREATE_DATADIR=$(boolean ${RECREATE_DATADIR})
fi
# SSL mode
if [ -z "${PGSSLMODE}" ]; then
PGSSLMODE=require
fi
# Enable hstore and topology by default
if [ -z "${HSTORE}" ]; then
HSTORE=true
fi
if [ -z "${TOPOLOGY}" ]; then
TOPOLOGY=true
fi
# Replication settings
if [ -z "${REPLICATE_PORT}" ]; then
REPLICATE_PORT=5432
fi
if [ -z "${DESTROY_DATABASE_ON_RESTART}" ]; then
DESTROY_DATABASE_ON_RESTART=true
fi
if [ -z "${PG_MAX_WAL_SENDERS}" ]; then
PG_MAX_WAL_SENDERS=10
fi
if [ -z "${PG_WAL_KEEP_SEGMENTS}" ]; then
PG_WAL_KEEP_SEGMENTS=250
fi
if [ -z "${IP_LIST}" ]; then
IP_LIST='*'
fi
if [ -z "${WAL_SIZE}" ]; then
WAL_SIZE=4GB
fi
if [ -z "${MIN_WAL_SIZE}" ]; then
MIN_WAL_SIZE=2048MB
fi
if [ -z "${CHECK_POINT_TIMEOUT}" ]; then
CHECK_POINT_TIMEOUT=30min
fi
if [ -z "${MAX_WORKERS}" ]; then
MAX_WORKERS=4
fi
if [ -z "${MAINTAINANCE_WORK_MEM}" ]; then
MAINTAINANCE_WORK_MEM=128MB
fi
if [ -z "${SSL_CERT_FILE}" ]; then
SSL_CERT_FILE='/etc/ssl/certs/ssl-cert-snakeoil.pem'
fi
if [ -z "${SSL_KEY_FILE}" ]; then
SSL_KEY_FILE='/etc/ssl/private/ssl-cert-snakeoil.key'
fi
if [ -z "${POSTGRES_MULTIPLE_EXTENSIONS}" ]; then
POSTGRES_MULTIPLE_EXTENSIONS='postgis,hstore,postgis_topology,pgrouting'
fi
if [ -z "${ALLOW_IP_RANGE}" ]; then
ALLOW_IP_RANGE='0.0.0.0/0'
fi
if [ -z "${DEFAULT_ENCODING}" ]; then
DEFAULT_ENCODING="UTF8"
fi
if [ -z "${PGCLIENTENCODING}" ]; then
PGCLIENTENCODING="UTF8"
fi
if [ -z "${DEFAULT_COLLATION}" ]; then
DEFAULT_COLLATION="en_US.UTF-8"
fi
if [ -z "${DEFAULT_CTYPE}" ]; then
DEFAULT_CTYPE="en_US.UTF-8"
fi
if [ -z "${REPLICATION_USER}" ]; then
REPLICATION_USER=replicator
fi
if [ -z "${REPLICATION_PASS}" ]; then
REPLICATION_PASS=replicator
fi
if [ -z "$EXTRA_CONF" ]; then
EXTRA_CONF=""
fi
if [ -z "$PASSWORD_AUTHENTICATION" ]; then
PASSWORD_AUTHENTICATION="md5"
fi
# Compatibility with official postgres variable
# Official postgres variable gets priority
if [ -n "${POSTGRES_PASSWORD}" ]; then
POSTGRES_PASS=${POSTGRES_PASSWORD}
fi
if [ -n "${PGDATA}" ]; then
DATADIR=${PGDATA}
fi
if [ -n "${POSTGRES_DB}" ]; then
POSTGRES_DBNAME=${POSTGRES_DB}
fi
if [ -n "${POSTGRES_INITDB_ARGS}" ]; then
INITDB_EXTRA_ARGS=${POSTGRES_INITDB_ARGS}
fi
list=(`echo ${POSTGRES_DBNAME} | tr ',' ' '`)
arr=(${list})
SINGLE_DB=${arr[0]}
if [ -z "${TIMEZONE}" ]; then
TIMEZONE='Etc/UTC'
fi
# usable function definitions
function kill_postgres {
PID=`cat ${PG_PID}`
kill -TERM ${PID}
# Wait for background postgres main process to exit
# wait until PID file gets deleted
while ls -A ${PG_PID} 2> /dev/null; do
sleep 1
done
return 0
}
function restart_postgres {
kill_postgres
# Brought postgres back up again
source /env-data.sh
su - postgres -c "$SETVARS $POSTGRES -D $DATADIR -c config_file=$CONF &"
# wait for postgres to come up
until su - postgres -c "pg_isready"; do
sleep 1
done
echo "postgres ready"
return 0
}
# Running extended script or sql if provided.
# Useful for people who extends the image.
function entry_point_script {
SETUP_LOCKFILE="/docker-entrypoint-initdb.d/.entry_point.lock"
# If lockfile doesn't exists, proceed.
if [[ ! -f "${SETUP_LOCKFILE}" ]]; then
if find "/docker-entrypoint-initdb.d" -mindepth 1 -print -quit 2>/dev/null | grep -q .; then
for f in /docker-entrypoint-initdb.d/*; do
export PGPASSWORD=${POSTGRES_PASS}
case "$f" in
*.sql) echo "$0: running $f"; psql ${SINGLE_DB} -U ${POSTGRES_USER} -p 5432 -h localhost -f ${f} || true ;;
*.sql.gz) echo "$0: running $f"; gunzip < "$f" | psql ${SINGLE_DB} -U ${POSTGRES_USER} -p 5432 -h localhost || true ;;
*.sh) echo "$0: running $f"; . $f || true;;
*) echo "$0: ignoring $f" ;;
esac
echo
done
# Put lock file to make sure entry point scripts were run
touch ${SETUP_LOCKFILE}
fi
fi
return 0
}

484
scripts/locale.gen 100644
Wyświetl plik

@ -0,0 +1,484 @@
# This file lists locales that you wish to have built. You can find a list
# of valid supported locales at /usr/share/i18n/SUPPORTED, and you can add
# user defined locales to /usr/local/share/i18n/SUPPORTED. If you change
# this file, you need to rerun locale-gen.
aa_DJ ISO-8859-1
aa_DJ.UTF-8 UTF-8
aa_ER UTF-8
aa_ER@saaho UTF-8
aa_ET UTF-8
af_ZA ISO-8859-1
af_ZA.UTF-8 UTF-8
ak_GH UTF-8
am_ET UTF-8
an_ES ISO-8859-15
an_ES.UTF-8 UTF-8
anp_IN UTF-8
ar_AE ISO-8859-6
ar_AE.UTF-8 UTF-8
ar_BH ISO-8859-6
ar_BH.UTF-8 UTF-8
ar_DZ ISO-8859-6
ar_DZ.UTF-8 UTF-8
ar_EG ISO-8859-6
ar_EG.UTF-8 UTF-8
ar_IN UTF-8
ar_IQ ISO-8859-6
ar_IQ.UTF-8 UTF-8
ar_JO ISO-8859-6
ar_JO.UTF-8 UTF-8
ar_KW ISO-8859-6
ar_KW.UTF-8 UTF-8
ar_LB ISO-8859-6
ar_LB.UTF-8 UTF-8
ar_LY ISO-8859-6
ar_LY.UTF-8 UTF-8
ar_MA ISO-8859-6
ar_MA.UTF-8 UTF-8
ar_OM ISO-8859-6
ar_OM.UTF-8 UTF-8
ar_QA ISO-8859-6
ar_QA.UTF-8 UTF-8
ar_SA ISO-8859-6
ar_SA.UTF-8 UTF-8
ar_SD ISO-8859-6
ar_SD.UTF-8 UTF-8
ar_SS UTF-8
ar_SY ISO-8859-6
ar_SY.UTF-8 UTF-8
ar_TN ISO-8859-6
ar_TN.UTF-8 UTF-8
ar_YE ISO-8859-6
ar_YE.UTF-8 UTF-8
as_IN UTF-8
ast_ES ISO-8859-15
ast_ES.UTF-8 UTF-8
ayc_PE UTF-8
az_AZ UTF-8
be_BY CP1251
be_BY.UTF-8 UTF-8
be_BY@latin UTF-8
bem_ZM UTF-8
ber_DZ UTF-8
ber_MA UTF-8
bg_BG CP1251
bg_BG.UTF-8 UTF-8
bhb_IN.UTF-8 UTF-8
bho_IN UTF-8
bn_BD UTF-8
bn_IN UTF-8
bo_CN UTF-8
bo_IN UTF-8
br_FR ISO-8859-1
br_FR.UTF-8 UTF-8
br_FR@euro ISO-8859-15
brx_IN UTF-8
bs_BA ISO-8859-2
bs_BA.UTF-8 UTF-8
byn_ER UTF-8
ca_AD ISO-8859-15
ca_AD.UTF-8 UTF-8
ca_ES ISO-8859-1
ca_ES.UTF-8 UTF-8
ca_ES.UTF-8@valencia UTF-8
ca_ES@euro ISO-8859-15
ca_ES@valencia ISO-8859-15
ca_FR ISO-8859-15
ca_FR.UTF-8 UTF-8
ca_IT ISO-8859-15
ca_IT.UTF-8 UTF-8
ce_RU UTF-8
chr_US UTF-8
cmn_TW UTF-8
crh_UA UTF-8
cs_CZ ISO-8859-2
cs_CZ.UTF-8 UTF-8
csb_PL UTF-8
cv_RU UTF-8
cy_GB ISO-8859-14
cy_GB.UTF-8 UTF-8
da_DK ISO-8859-1
da_DK.UTF-8 UTF-8
de_AT ISO-8859-1
de_AT.UTF-8 UTF-8
de_AT@euro ISO-8859-15
de_BE ISO-8859-1
de_BE.UTF-8 UTF-8
de_BE@euro ISO-8859-15
de_CH ISO-8859-1
de_CH.UTF-8 UTF-8
de_DE ISO-8859-1
de_DE.UTF-8 UTF-8
de_DE@euro ISO-8859-15
de_IT ISO-8859-1
de_IT.UTF-8 UTF-8
de_LI.UTF-8 UTF-8
de_LU ISO-8859-1
de_LU.UTF-8 UTF-8
de_LU@euro ISO-8859-15
doi_IN UTF-8
dv_MV UTF-8
dz_BT UTF-8
el_CY ISO-8859-7
el_CY.UTF-8 UTF-8
el_GR ISO-8859-7
el_GR.UTF-8 UTF-8
en_AG UTF-8
en_AU ISO-8859-1
en_AU.UTF-8 UTF-8
en_BW ISO-8859-1
en_BW.UTF-8 UTF-8
en_CA ISO-8859-1
en_CA.UTF-8 UTF-8
en_DK ISO-8859-1
en_DK.ISO-8859-15 ISO-8859-15
en_DK.UTF-8 UTF-8
en_GB ISO-8859-1
en_GB.ISO-8859-15 ISO-8859-15
en_GB.UTF-8 UTF-8
en_HK ISO-8859-1
en_HK.UTF-8 UTF-8
en_IE ISO-8859-1
en_IE.UTF-8 UTF-8
en_IE@euro ISO-8859-15
en_IL UTF-8
en_IN UTF-8
en_NG UTF-8
en_NZ ISO-8859-1
en_NZ.UTF-8 UTF-8
en_PH ISO-8859-1
en_PH.UTF-8 UTF-8
en_SG ISO-8859-1
en_SG.UTF-8 UTF-8
en_US ISO-8859-1
en_US.ISO-8859-15 ISO-8859-15
en_US.UTF-8 UTF-8
en_ZA ISO-8859-1
en_ZA.UTF-8 UTF-8
en_ZM UTF-8
en_ZW ISO-8859-1
en_ZW.UTF-8 UTF-8
eo UTF-8
es_AR ISO-8859-1
es_AR.UTF-8 UTF-8
es_BO ISO-8859-1
es_BO.UTF-8 UTF-8
es_CL ISO-8859-1
es_CL.UTF-8 UTF-8
es_CO ISO-8859-1
es_CO.UTF-8 UTF-8
es_CR ISO-8859-1
es_CR.UTF-8 UTF-8
es_CU UTF-8
es_DO ISO-8859-1
es_DO.UTF-8 UTF-8
es_EC ISO-8859-1
es_EC.UTF-8 UTF-8
es_ES ISO-8859-1
es_ES.UTF-8 UTF-8
es_ES@euro ISO-8859-15
es_GT ISO-8859-1
es_GT.UTF-8 UTF-8
es_HN ISO-8859-1
es_HN.UTF-8 UTF-8
es_MX ISO-8859-1
es_MX.UTF-8 UTF-8
es_NI ISO-8859-1
es_NI.UTF-8 UTF-8
es_PA ISO-8859-1
es_PA.UTF-8 UTF-8
es_PE ISO-8859-1
es_PE.UTF-8 UTF-8
es_PR ISO-8859-1
es_PR.UTF-8 UTF-8
es_PY ISO-8859-1
es_PY.UTF-8 UTF-8
es_SV ISO-8859-1
es_SV.UTF-8 UTF-8
es_US ISO-8859-1
es_US.UTF-8 UTF-8
es_UY ISO-8859-1
es_UY.UTF-8 UTF-8
es_VE ISO-8859-1
es_VE.UTF-8 UTF-8
et_EE ISO-8859-1
et_EE.ISO-8859-15 ISO-8859-15
et_EE.UTF-8 UTF-8
eu_ES ISO-8859-1
eu_ES.UTF-8 UTF-8
eu_ES@euro ISO-8859-15
eu_FR ISO-8859-1
eu_FR.UTF-8 UTF-8
eu_FR@euro ISO-8859-15
fa_IR UTF-8
ff_SN UTF-8
fi_FI ISO-8859-1
fi_FI.UTF-8 UTF-8
fi_FI@euro ISO-8859-15
fil_PH UTF-8
fo_FO ISO-8859-1
fo_FO.UTF-8 UTF-8
fr_BE ISO-8859-1
fr_BE.UTF-8 UTF-8
fr_BE@euro ISO-8859-15
fr_CA ISO-8859-1
fr_CA.UTF-8 UTF-8
fr_CH ISO-8859-1
fr_CH.UTF-8 UTF-8
fr_FR ISO-8859-1
fr_FR.UTF-8 UTF-8
fr_FR@euro ISO-8859-15
fr_LU ISO-8859-1
fr_LU.UTF-8 UTF-8
fr_LU@euro ISO-8859-15
fur_IT UTF-8
fy_DE UTF-8
fy_NL UTF-8
ga_IE ISO-8859-1
ga_IE.UTF-8 UTF-8
ga_IE@euro ISO-8859-15
gd_GB ISO-8859-15
gd_GB.UTF-8 UTF-8
gez_ER UTF-8
gez_ER@abegede UTF-8
gez_ET UTF-8
gez_ET@abegede UTF-8
gl_ES ISO-8859-1
gl_ES.UTF-8 UTF-8
gl_ES@euro ISO-8859-15
gu_IN UTF-8
gv_GB ISO-8859-1
gv_GB.UTF-8 UTF-8
ha_NG UTF-8
hak_TW UTF-8
he_IL ISO-8859-8
he_IL.UTF-8 UTF-8
hi_IN UTF-8
hne_IN UTF-8
hr_HR ISO-8859-2
hr_HR.UTF-8 UTF-8
hsb_DE ISO-8859-2
hsb_DE.UTF-8 UTF-8
ht_HT UTF-8
hu_HU ISO-8859-2
hu_HU.UTF-8 UTF-8
hy_AM UTF-8
hy_AM.ARMSCII-8 ARMSCII-8
ia_FR UTF-8
id_ID ISO-8859-1
id_ID.UTF-8 UTF-8
ig_NG UTF-8
ik_CA UTF-8
is_IS ISO-8859-1
is_IS.UTF-8 UTF-8
it_CH ISO-8859-1
it_CH.UTF-8 UTF-8
it_IT ISO-8859-1
it_IT.UTF-8 UTF-8
it_IT@euro ISO-8859-15
iu_CA UTF-8
ja_JP.EUC-JP EUC-JP
ja_JP.UTF-8 UTF-8
ka_GE GEORGIAN-PS
ka_GE.UTF-8 UTF-8
kk_KZ PT154
kk_KZ.RK1048 RK1048
kk_KZ.UTF-8 UTF-8
kl_GL ISO-8859-1
kl_GL.UTF-8 UTF-8
km_KH UTF-8
kn_IN UTF-8
ko_KR.EUC-KR EUC-KR
ko_KR.UTF-8 UTF-8
kok_IN UTF-8
ks_IN UTF-8
ks_IN@devanagari UTF-8
ku_TR ISO-8859-9
ku_TR.UTF-8 UTF-8
kw_GB ISO-8859-1
kw_GB.UTF-8 UTF-8
ky_KG UTF-8
lb_LU UTF-8
lg_UG ISO-8859-10
lg_UG.UTF-8 UTF-8
li_BE UTF-8
li_NL UTF-8
lij_IT UTF-8
ln_CD UTF-8
lo_LA UTF-8
lt_LT ISO-8859-13
lt_LT.UTF-8 UTF-8
lv_LV ISO-8859-13
lv_LV.UTF-8 UTF-8
lzh_TW UTF-8
mag_IN UTF-8
mai_IN UTF-8
mg_MG ISO-8859-15
mg_MG.UTF-8 UTF-8
mhr_RU UTF-8
mi_NZ ISO-8859-13
mi_NZ.UTF-8 UTF-8
mk_MK ISO-8859-5
mk_MK.UTF-8 UTF-8
ml_IN UTF-8
mn_MN UTF-8
mni_IN UTF-8
mr_IN UTF-8
ms_MY ISO-8859-1
ms_MY.UTF-8 UTF-8
mt_MT ISO-8859-3
mt_MT.UTF-8 UTF-8
my_MM UTF-8
nan_TW UTF-8
nan_TW@latin UTF-8
nb_NO ISO-8859-1
nb_NO.UTF-8 UTF-8
nds_DE UTF-8
nds_NL UTF-8
ne_NP UTF-8
nhn_MX UTF-8
niu_NU UTF-8
niu_NZ UTF-8
nl_AW UTF-8
nl_BE ISO-8859-1
nl_BE.UTF-8 UTF-8
nl_BE@euro ISO-8859-15
nl_NL ISO-8859-1
nl_NL.UTF-8 UTF-8
nl_NL@euro ISO-8859-15
nn_NO ISO-8859-1
nn_NO.UTF-8 UTF-8
nr_ZA UTF-8
nso_ZA UTF-8
oc_FR ISO-8859-1
oc_FR.UTF-8 UTF-8
om_ET UTF-8
om_KE ISO-8859-1
om_KE.UTF-8 UTF-8
or_IN UTF-8
os_RU UTF-8
pa_IN UTF-8
pa_PK UTF-8
pap_AW UTF-8
pap_CW UTF-8
pl_PL ISO-8859-2
pl_PL.UTF-8 UTF-8
ps_AF UTF-8
pt_BR ISO-8859-1
pt_BR.UTF-8 UTF-8
pt_PT ISO-8859-1
pt_PT.UTF-8 UTF-8
pt_PT@euro ISO-8859-15
quz_PE UTF-8
raj_IN UTF-8
ro_RO ISO-8859-2
ro_RO.UTF-8 UTF-8
ru_RU ISO-8859-5
ru_RU.CP1251 CP1251
ru_RU.KOI8-R KOI8-R
ru_RU.UTF-8 UTF-8
ru_UA KOI8-U
ru_UA.UTF-8 UTF-8
rw_RW UTF-8
sa_IN UTF-8
sat_IN UTF-8
sc_IT UTF-8
sd_IN UTF-8
sd_IN@devanagari UTF-8
se_NO UTF-8
sgs_LT UTF-8
shs_CA UTF-8
si_LK UTF-8
sid_ET UTF-8
sk_SK ISO-8859-2
sk_SK.UTF-8 UTF-8
sl_SI ISO-8859-2
sl_SI.UTF-8 UTF-8
so_DJ ISO-8859-1
so_DJ.UTF-8 UTF-8
so_ET UTF-8
so_KE ISO-8859-1
so_KE.UTF-8 UTF-8
so_SO ISO-8859-1
so_SO.UTF-8 UTF-8
sq_AL ISO-8859-1
sq_AL.UTF-8 UTF-8
sq_MK UTF-8
sr_ME UTF-8
sr_RS UTF-8
sr_RS@latin UTF-8
ss_ZA UTF-8
st_ZA ISO-8859-1
st_ZA.UTF-8 UTF-8
sv_FI ISO-8859-1
sv_FI.UTF-8 UTF-8
sv_FI@euro ISO-8859-15
sv_SE ISO-8859-1
sv_SE.ISO-8859-15 ISO-8859-15
sv_SE.UTF-8 UTF-8
sw_KE UTF-8
sw_TZ UTF-8
szl_PL UTF-8
ta_IN UTF-8
ta_LK UTF-8
tcy_IN.UTF-8 UTF-8
te_IN UTF-8
tg_TJ KOI8-T
tg_TJ.UTF-8 UTF-8
th_TH TIS-620
th_TH.UTF-8 UTF-8
the_NP UTF-8
ti_ER UTF-8
ti_ET UTF-8
tig_ER UTF-8
tk_TM UTF-8
tl_PH ISO-8859-1
tl_PH.UTF-8 UTF-8
tn_ZA UTF-8
tr_CY ISO-8859-9
tr_CY.UTF-8 UTF-8
tr_TR ISO-8859-9
tr_TR.UTF-8 UTF-8
ts_ZA UTF-8
tt_RU UTF-8
tt_RU@iqtelif UTF-8
ug_CN UTF-8
uk_UA KOI8-U
uk_UA.UTF-8 UTF-8
unm_US UTF-8
ur_IN UTF-8
ur_PK UTF-8
uz_UZ ISO-8859-1
uz_UZ.UTF-8 UTF-8
uz_UZ@cyrillic UTF-8
ve_ZA UTF-8
vi_VN UTF-8
wa_BE ISO-8859-1
wa_BE.UTF-8 UTF-8
wa_BE@euro ISO-8859-15
wae_CH UTF-8
wal_ET UTF-8
wo_SN UTF-8
xh_ZA ISO-8859-1
xh_ZA.UTF-8 UTF-8
yi_US CP1255
yi_US.UTF-8 UTF-8
yo_NG UTF-8
yue_HK UTF-8
zh_CN GB2312
zh_CN.GB18030 GB18030
zh_CN.GBK GBK
zh_CN.UTF-8 UTF-8
zh_HK BIG5-HKSCS
zh_HK.UTF-8 UTF-8
zh_SG GB2312
zh_SG.GBK GBK
zh_SG.UTF-8 UTF-8
zh_TW BIG5
zh_TW.EUC-TW EUC-TW
zh_TW.UTF-8 UTF-8
zu_ZA ISO-8859-1
zu_ZA.UTF-8 UTF-8
zu_ZA.UTF-8 UTF-8

56
scripts/setup-conf.sh 100644
Wyświetl plik

@ -0,0 +1,56 @@
#!/usr/bin/env bash
source /scripts/env-data.sh
SETUP_LOCKFILE="${ROOT_CONF}/.postgresql.conf.lock"
if [ -f "${SETUP_LOCKFILE}" ]; then
return 0
fi
list=(`echo ${POSTGRES_DBNAME} | tr ',' ' '`)
arr=(${list})
SINGLE_DB=${arr[0]}
# This script will setup necessary configuration to enable replications
# Refresh configuration in case environment settings changed.
cat $CONF.template > $CONF
# Reflect DATADIR loaction
# Delete any data_dir declarations
sed -i '/data_directory/d' $CONF
echo "data_directory = '${DATADIR}'" >> $CONF
# This script will setup necessary configuration to optimise for PostGIS and to enable replications
cat >> $CONF <<EOF
wal_level = hot_standby
max_wal_senders = ${PG_MAX_WAL_SENDERS}
wal_keep_segments = ${PG_WAL_KEEP_SEGMENTS}
superuser_reserved_connections= 10
min_wal_size = ${MIN_WAL_SIZE}
max_wal_size = ${WAL_SIZE}
hot_standby = on
listen_addresses = '${IP_LIST}'
shared_buffers = 500MB
work_mem = 16MB
maintenance_work_mem = ${MAINTAINANCE_WORK_MEM}
wal_buffers = 1MB
random_page_cost = 2.0
xmloption = 'document'
max_parallel_workers = ${MAX_WORKERS}
checkpoint_timeout = ${CHECK_POINT_TIMEOUT}
cron.database_name = '${SINGLE_DB}'
password_encryption= '${PASSWORD_AUTHENTICATION}'
timezone='${TIMEZONE}'
EOF
echo -e $EXTRA_CONF >> $CONF
# Optimise PostgreSQL shared memory for PostGIS
# shmall units are pages and shmmax units are bytes(?) equivalent to the desired shared_buffer size set in setup_conf.sh - in this case 500MB
echo "kernel.shmmax=543252480" >> /etc/sysctl.conf
echo "kernel.shmall=2097152" >> /etc/sysctl.conf
# Put lock file to make sure conf was not reinitialized
touch ${SETUP_LOCKFILE}

79
scripts/setup-database.sh 100644
Wyświetl plik

@ -0,0 +1,79 @@
#!/usr/bin/env bash
source /scripts/env-data.sh
# test if DATADIR has content
# Do initialization if DATADIR is empty, or RECREATE_DATADIR is true
if [[ -z "$(ls -A ${DATADIR} 2> /dev/null)" || "${RECREATE_DATADIR}" == 'TRUE' ]]; then
# Only attempt reinitializations if ${RECREATE_DATADIR} is true
# No Replicate From settings. Assume that this is a master database.
# Initialise db
echo "Initializing Postgres Database at ${DATADIR}"
mkdir -p ${DATADIR}
rm -rf ${DATADIR}/*
chown -R postgres:postgres ${DATADIR}
echo "Initializing with command:"
echo "postgres" > /tmp/superuser_pass.txt
command="$INITDB -U postgres --pwfile "/tmp/superuser_pass.txt" -E ${DEFAULT_ENCODING} --lc-collate=${DEFAULT_COLLATION} --lc-ctype=${DEFAULT_CTYPE} --auth=${PASSWORD_AUTHENTICATION} -D ${DATADIR} ${INITDB_EXTRA_ARGS}"
su - postgres -c "$command"
rm /tmp/superuser_pass.txt
fi;
# Set proper permissions
# needs to be done as root:
chown -R postgres:postgres ${DATADIR}
# test database existing
trap "echo \"Sending SIGTERM to postgres\"; killall -s SIGTERM postgres" SIGTERM
# Run as local only for config setup phase to avoid outside access
su - postgres -c "${POSTGRES} -D ${DATADIR} -c config_file=${CONF} ${LOCALONLY} &"
# wait for postgres to come up
until su - postgres -c "pg_isready"; do
sleep 1
done
echo "postgres ready"
# Setup user
source /scripts/setup-user.sh
# enable extensions in template1 if env variable set to true
if [[ "$(boolean ${POSTGRES_TEMPLATE_EXTENSIONS})" == TRUE ]] ; then
for ext in $(echo ${POSTGRES_MULTIPLE_EXTENSIONS} | tr ',' ' '); do
echo "Enabling ${ext} in the database template1"
su - postgres -c "psql -c 'CREATE EXTENSION IF NOT EXISTS ${ext} cascade;' template1"
done
fi
# Create a default db called 'gis' or $POSTGRES_DBNAME that you can use to get up and running quickly
# It will be owned by the docker db user
# Since we now pass a comma separated list in database creation we need to search for all databases as a test
touch custom.sql
cat >> custom.sql <<EOF
ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT ON TABLES TO ${REPLICATION_USER}
EOF
for db in $(echo ${POSTGRES_DBNAME} | tr ',' ' '); do
RESULT=`su - postgres -c "psql -t -c \"SELECT count(1) from pg_database where datname='${db}';\""`
if [[ ${RESULT} -eq 0 ]]; then
echo "Create db ${db}"
su - postgres -c "createdb -O ${POSTGRES_USER} ${db}"
for ext in $(echo ${POSTGRES_MULTIPLE_EXTENSIONS} | tr ',' ' '); do
echo "Enabling ${ext} in the database ${db}"
su - postgres -c "psql -c 'CREATE EXTENSION IF NOT EXISTS ${ext} cascade;' $db"
done
echo "Loading legacy sql"
su - postgres -c "psql ${db} -f ${SQLDIR}/legacy_minimal.sql" || true
su - postgres -c "psql ${db} -f ${SQLDIR}/legacy_gist.sql" || true
PGPASSWORD=${POSTGRES_PASS} psql ${db} -U ${POSTGRES_USER} -p 5432 -h localhost -f custom.sql
else
echo "${db} db already exists"
fi
done
rm custom.sql
# This should show up in docker logs afterwards
su - postgres -c "psql -l 2>&1"

26
setup-pg_hba.sh → scripts/setup-pg_hba.sh
Wyświetl plik

@ -1,25 +1,30 @@
#!/usr/bin/env bash
source /env-data.sh
source /scripts/env-data.sh
SETUP_LOCKFILE="${ROOT_CONF}/.pg_hba.conf.lock"
if [ -f "${SETUP_LOCKFILE}" ]; then
return 0
fi
# This script will setup pg_hba.conf
# Reconfigure pg_hba if environment settings changed
cat $ROOT_CONF/pg_hba.conf.template > $ROOT_CONF/pg_hba.conf
cat ${ROOT_CONF}/pg_hba.conf.template > ${ROOT_CONF}/pg_hba.conf
# Custom IP range via docker run -e (https://docs.docker.com/engine/reference/run/#env-environment-variables)
# Usage is: docker run [...] -e ALLOW_IP_RANGE='192.168.0.0/16'
if [ "$ALLOW_IP_RANGE" ]
if [[ "$ALLOW_IP_RANGE" ]]
then
echo "Add rule to pg_hba: $ALLOW_IP_RANGE"
echo "host all all $ALLOW_IP_RANGE md5" >> $ROOT_CONF/pg_hba.conf
echo "host all all $ALLOW_IP_RANGE ${PASSWORD_AUTHENTICATION}" >> ${ROOT_CONF}/pg_hba.conf
fi
# check password first so we can output the warning before postgres
# messes it up
if [ "$POSTGRES_PASS" ]; then
if [[ "$POSTGRES_PASS" ]]; then
pass="PASSWORD '$POSTGRES_PASS'"
authMethod=md5
authMethod=${PASSWORD_AUTHENTICATION}
else
# The - option suppresses leading tabs but *not* spaces. :)
cat >&2 <<-'EOWARN'
@ -40,9 +45,12 @@ else
authMethod=trust
fi
if [ -z "$REPLICATE_FROM" ]; then
if [[ -z "$REPLICATE_FROM" ]]; then
# if env not set, then assume this is master instance
# add rules to pg_hba.conf to allow replication from all
echo "Add rule to pg_hba: replication user"
echo "host replication all 0.0.0.0/0 $authMethod" >> $ROOT_CONF/pg_hba.conf
echo "Add rule to pg_hba: replication ${REPLICATION_USER} "
echo "host replication ${REPLICATION_USER} ${ALLOW_IP_RANGE} $authMethod" >> ${ROOT_CONF}/pg_hba.conf
fi
# Put lock file to make sure conf was not reinitialized
touch ${SETUP_LOCKFILE}

74
scripts/setup-replication.sh 100755
Wyświetl plik

@ -0,0 +1,74 @@
#!/usr/bin/env bash
source /scripts/env-data.sh
# This script will setup slave instance to use standby replication
# Adapted from https://github.com/DanielDent/docker-postgres-replication
# To set up replication
mkdir -p ${DATADIR}
chown -R postgres:postgres ${DATADIR}
chmod -R 700 ${DATADIR}
# No content yet - but this is a slave database
until ping -c 1 -W 1 ${REPLICATE_FROM}
do
echo "Waiting for master to ping..."
sleep 1s
done
function configure_replication_permissions {
echo "Setup data permissions"
echo "----------------------"
chown -R postgres:postgres $(getent passwd postgres | cut -d: -f6)
su - postgres -c "echo \"${REPLICATE_FROM}:${REPLICATE_PORT}:*:${REPLICATION_USER}:${REPLICATION_PASS}\" > ~/.pgpass"
su - postgres -c "chmod 0600 ~/.pgpass"
}
function streaming_replication {
until su - postgres -c "${PG_BASEBACKUP} -X stream -h ${REPLICATE_FROM} -p ${REPLICATE_PORT} -D ${DATADIR} -U ${REPLICATION_USER} -vP -w --label=gis_pg_custer"
do
echo "Waiting for master to connect..."
sleep 1s
if [[ "$(ls -A ${DATADIR})" ]]; then
echo "Need empty folder. Cleaning directory..."
rm -rf ${DATADIR}/*
fi
done
}
if [[ "$DESTROY_DATABASE_ON_RESTART" =~ [Tt][Rr][Uu][Ee] ]]; then
echo "Get initial database from master"
configure_replication_permissions
if [ -f "${DATADIR}/backup_label.old" ]; then
echo "PG Basebackup already exists so proceed to start the DB"
else
streaming_replication
fi
fi
# Setup recovery.conf, a configuration file for slave
cat > ${DATADIR}/recovery.conf <<EOF
standby_mode = on
primary_conninfo = 'host=${REPLICATE_FROM} port=${REPLICATE_PORT} user=${REPLICATION_USER} password=${REPLICATION_PASS} sslmode=${PGSSLMODE}'
trigger_file = '${PROMOTE_FILE}'
recovery_target_timeline='latest'
recovery_target_action='promote'
#restore_command = 'cp /opt/archive/%f "%p"' Use if you are syncing the wal segments from master
EOF
# Setup permissions. Postgres won't start without this.
chown postgres ${DATADIR}/recovery.conf
chmod 600 ${DATADIR}/recovery.conf
# Promote to master if desired
if [[ ! -z "${PROMOTE_MASTER}" ]]; then
touch ${PROMOTE_FILE}
fi

36
scripts/setup-ssl.sh 100644
Wyświetl plik

@ -0,0 +1,36 @@
#!/usr/bin/env bash
source /scripts/env-data.sh
SETUP_LOCKFILE="${ROOT_CONF}/.ssl.conf.lock"
if [ -f "${SETUP_LOCKFILE}" ]; then
return 0
fi
# This script will setup default SSL config
# /etc/ssl/private can't be accessed from within container for some reason
# (@andrewgodwin says it's something AUFS related) - taken from https://github.com/orchardup/docker-postgresql/blob/master/Dockerfile
cp -r /etc/ssl /tmp/ssl-copy/
chmod -R 0700 /etc/ssl
chown -R postgres /tmp/ssl-copy
rm -r /etc/ssl
mv /tmp/ssl-copy /etc/ssl
# Needed under debian, wasnt needed under ubuntu
mkdir -p ${PGSTAT_TMP}
chmod 0777 ${PGSTAT_TMP}
# moved from setup.sh
echo "ssl = true" >> $CONF
#echo "ssl_ciphers = 'DEFAULT:!LOW:!EXP:!MD5:@STRENGTH' " >> $CONF
#echo "ssl_renegotiation_limit = 512MB " >> $CONF
echo "ssl_cert_file = '${SSL_CERT_FILE}'" >> $CONF
echo "ssl_key_file = '${SSL_KEY_FILE}'" >> $CONF
if [ ! -z "${SSL_CA_FILE}" ]; then
echo "ssl_ca_file = '${SSL_CA_FILE}' # (change requires restart)" >> $CONF
fi
#echo "ssl_crl_file = ''" >> $CONF
# Put lock file to make sure conf was not reinitialized
touch ${SETUP_LOCKFILE}

12
setup-user.sh → scripts/setup-user.sh
Wyświetl plik

@ -1,6 +1,6 @@
#!/usr/bin/env bash
source /env-data.sh
source /scripts/env-data.sh
# This script will setup new configured user
@ -19,9 +19,19 @@ echo "postgresql user: $POSTGRES_USER" > /tmp/PGPASSWORD.txt
echo "postgresql password: $POSTGRES_PASS" >> /tmp/PGPASSWORD.txt
# Check user already exists
echo "Creating superuser $POSTGRES_USER"
RESULT=`su - postgres -c "psql postgres -t -c \"SELECT 1 FROM pg_roles WHERE rolname = '$POSTGRES_USER'\""`
COMMAND="ALTER"
if [ -z "$RESULT" ]; then
COMMAND="CREATE"
fi
su - postgres -c "psql postgres -c \"$COMMAND USER $POSTGRES_USER WITH SUPERUSER ENCRYPTED PASSWORD '$POSTGRES_PASS';\""
echo "Creating replication user $REPLICATION_USER"
RESULT_REPLICATION=`su - postgres -c "psql postgres -t -c \"SELECT 1 FROM pg_roles WHERE rolname = '$REPLICATION_USER'\""`
COMMANDS="ALTER"
if [ -z "$RESULT_REPLICATION" ]; then
COMMANDS="CREATE"
fi
su - postgres -c "psql postgres -c \"$COMMANDS USER $REPLICATION_USER WITH REPLICATION ENCRYPTED PASSWORD '$REPLICATION_PASS';\""

11
setup.sh → scripts/setup.sh
Wyświetl plik

@ -3,7 +3,7 @@
chmod 600 /etc/ssl/private/ssl-cert-snakeoil.key
# These tasks are run as root
source /env-data.sh
source /scripts/env-data.sh
# Restrict subnet to docker private network
@ -14,15 +14,6 @@ echo "host all all 192.168.0.0/16 md5"
echo "listen_addresses = '*'" >> $CONF
echo "port = 5432" >> $CONF
# Enable ssl
echo "ssl = true" >> $CONF
#echo "ssl_ciphers = 'DEFAULT:!LOW:!EXP:!MD5:@STRENGTH' " >> $CONF
#echo "ssl_renegotiation_limit = 512MB " >> $CONF
echo "ssl_cert_file = '/etc/ssl/certs/ssl-cert-snakeoil.pem'" >> $CONF
echo "ssl_key_file = '/etc/ssl/private/ssl-cert-snakeoil.key'" >> $CONF
#echo "ssl_ca_file = '' # (change requires restart)" >> $CONF
#echo "ssl_crl_file = ''" >> $CONF
# Create backup template for conf
cat $CONF > $CONF.template

34
setup-conf.sh
Wyświetl plik

@ -1,34 +0,0 @@
#!/usr/bin/env bash
source /env-data.sh
# This script will setup necessary configuration to enable replications
# Refresh configuration in case environment settings changed.
cat $CONF.template > $CONF
# This script will setup necessary configuration to optimise for PostGIS and to enable replications
cat >> $CONF <<EOF
wal_level = hot_standby
max_wal_senders = $PG_MAX_WAL_SENDERS
wal_keep_segments = $PG_WAL_KEEP_SEGMENTS
hot_standby = on
listen_addresses = '${IP_LIST}'
shared_buffers = 500MB
work_mem = 16MB
maintenance_work_mem = 128MB
wal_buffers = 1MB
# uncomment checkpoint_segments below if postgresql <= 9.4
# checkpoint_segments = 6
random_page_cost = 2.0
xmloption = 'document'
#archive_mode=on
#archive_command = 'test ! -f ${WAL_ARCHIVE}/%f && cp -r %p ${WAL_ARCHIVE}/%f'
EOF
# Optimise PostgreSQL shared memory for PostGIS
# shmall units are pages and shmmax units are bytes(?) equivalent to the desired shared_buffer size set in setup_conf.sh - in this case 500MB
echo "kernel.shmmax=543252480" >> /etc/sysctl.conf
echo "kernel.shmall=2097152" >> /etc/sysctl.conf
echo -e $EXTRA_CONF >> $CONF

104
setup-database.sh
Wyświetl plik

@ -1,104 +0,0 @@
#!/usr/bin/env bash
source /env-data.sh
# This script will setup the necessary folder for database
# test if DATADIR is existent
if [ ! -d ${DATADIR} ]; then
echo "Creating Postgres data at ${DATADIR}"
mkdir -p ${DATADIR}
fi
# Set proper permissions
# needs to be done as root:
chown -R postgres:postgres ${DATADIR}
# test if DATADIR has content
if [ ! "$(ls -A ${DATADIR})" ]; then
# No content yet - first time pg is being run!
# No Replicate From settings. Assume that this is a master database.
# Initialise db
echo "Initializing Postgres Database at ${DATADIR}"
#chown -R postgres $DATADIR
su - postgres -c "$INITDB ${DATADIR}"
fi
# test database existing
trap "echo \"Sending SIGTERM to postgres\"; killall -s SIGTERM postgres" SIGTERM
echo "Use modified postgresql.conf for greater speed (spatial and replication)"
cat /tmp/postgresql.conf > ${CONF}
su - postgres -c "${POSTGRES} -D ${DATADIR} -c config_file=${CONF} ${LOCALONLY} &"
# wait for postgres to come up
until su - postgres -c "psql -l"; do
sleep 1
done
echo "postgres ready"
RESULT=`su - postgres -c "psql -l | grep -w template_postgis | wc -l"`
if [[ ${RESULT} == '1' ]]
then
echo 'Postgis Already There'
if [[ ${HSTORE} == "true" ]]; then
echo 'HSTORE is only useful when you create the postgis database.'
fi
if [[ ${TOPOLOGY} == "true" ]]; then
echo 'TOPOLOGY is only useful when you create the postgis database.'
fi
else
echo "Postgis is missing, installing now"
# Note the dockerfile must have put the postgis.sql and spatialrefsys.sql scripts into /root/
# We use template0 since we want different encoding to template1
echo "Creating template postgis"
su - postgres -c "createdb template_postgis -E UTF8 -T template0"
echo "Enabling template_postgis as a template"
CMD="UPDATE pg_database SET datistemplate = TRUE WHERE datname = 'template_postgis';"
su - postgres -c "psql -c \"$CMD\""
echo "Loading postgis extension"
su - postgres -c "psql template_postgis -c 'CREATE EXTENSION postgis;'"
if [[ ${HSTORE} == "true" ]]
then
echo "Enabling hstore in the template"
su - postgres -c "psql template_postgis -c 'CREATE EXTENSION hstore;'"
fi
if [[ ${TOPOLOGY} == "true" ]]
then
echo "Enabling topology in the template"
su - postgres -c "psql template_postgis -c 'CREATE EXTENSION postgis_topology;'"
fi
# Needed when importing old dumps using e.g ndims for constraints
# Ignore error if it doesn't exists
echo "Loading legacy sql"
su - postgres -c "psql template_postgis -f ${SQLDIR}/legacy_minimal.sql" || true
su - postgres -c "psql template_postgis -f ${SQLDIR}/legacy_gist.sql" || true
fi
# Setup user
source /setup-user.sh
# Create a default db called 'gis' or $POSTGRES_DBNAME that you can use to get up and running quickly
# It will be owned by the docker db user
RESULT=`su - postgres -c "psql -t -c \"SELECT count(1) from pg_database where datname='${POSTGRES_DBNAME}';\""`
echo "Check default db exists"
if [[ ${RESULT} -eq 0 ]]; then
echo "Create default db ${POSTGRES_DBNAME}"
su - postgres -c "createdb -O ${POSTGRES_USER} -T template_postgis ${POSTGRES_DBNAME}"
else
echo "${POSTGRES_DBNAME} db already exists"
fi
# This should show up in docker logs afterwards
su - postgres -c "psql -l"

56
setup-replication.sh
Wyświetl plik

@ -1,56 +0,0 @@
#!/usr/bin/env bash
source /env-data.sh
# This script will setup slave instance to use standby replication
# Adapted from https://github.com/DanielDent/docker-postgres-replication
# To set up replication
if [[ "$DESTROY_DATABASE_ON_RESTART" =~ [Tt][Rr][Uu][Ee] ]]; then
echo "Destroy initial database, if any."
rm -rf $DATADIR
fi
mkdir -p $DATADIR
chown -R postgres:postgres $DATADIR
chmod -R 700 $DATADIR
# No content yet - but this is a slave database
until ping -c 1 -W 1 ${REPLICATE_FROM}
do
echo "Waiting for master to ping..."
sleep 1s
done
if [[ "$DESTROY_DATABASE_ON_RESTART" =~ [Tt][Rr][Uu][Ee] ]]; then
echo "Get initial database from master"
chown -R postgres:postgres $(getent passwd postgres | cut -d: -f6)
su - postgres -c "echo \"${REPLICATE_FROM}:${REPLICATE_PORT}:*:${POSTGRES_USER}:${POSTGRES_PASS}\" > ~/.pgpass"
su - postgres -c "chmod 0600 ~/.pgpass"
until su - postgres -c "${PG_BASEBACKUP} -X stream -h ${REPLICATE_FROM} -p ${REPLICATE_PORT} -D ${DATADIR} -U ${POSTGRES_USER} -vP -w"
do
echo "Waiting for master to connect..."
sleep 1s
if [ "$(ls -A $DATADIR)" ]; then
echo "Need empty folder. Cleaning directory..."
rm -rf $DATADIR/*
fi
done
fi
# Setup recovery.conf, a configuration file for slave
cat > ${DATADIR}/recovery.conf <<EOF
standby_mode = on
primary_conninfo = 'host=${REPLICATE_FROM} port=${REPLICATE_PORT} user=${POSTGRES_USER} password=${POSTGRES_PASS} sslmode=${PGSSLMODE}'
trigger_file = '${PROMOTE_FILE}'
EOF
# Setup permissions. Postgres won't start without this.
chown postgres ${DATADIR}/recovery.conf
chmod 600 ${DATADIR}/recovery.conf
# Promote to master if desired
if [ ! -z "$PROMOTE_MASTER" ]; then
touch $PROMOTE_FILE
fi

17
setup-ssl.sh
Wyświetl plik

@ -1,17 +0,0 @@
#!/usr/bin/env bash
source /env-data.sh
# This script will setup default SSL config
# /etc/ssl/private can't be accessed from within container for some reason
# (@andrewgodwin says it's something AUFS related) - taken from https://github.com/orchardup/docker-postgresql/blob/master/Dockerfile
cp -r /etc/ssl /tmp/ssl-copy/
chmod -R 0700 /etc/ssl
chown -R postgres /tmp/ssl-copy
rm -r /etc/ssl
mv /tmp/ssl-copy /etc/ssl
# Needed under debian, wasnt needed under ubuntu
mkdir -p ${PGSTAT_TMP}
chmod 0777 ${PGSTAT_TMP}