mirror
/
docker-postgis
kopia lustrzana https://github.com/kartoza/docker-postgis
1
0
Forkuj 0
Kod Zgłoszenia Packages Projekty Wydania Wiki Aktywność

wip - passwords

pull/312/head
admire 2021-06-10 18:27:48 +02:00
rodzic 1d1560733c
commit 22550cdb1d
5 zmienionych plików z 17 dodań i 8 usunięć
Pokaż statystyki Ściągnij plik aktualizacji Ściągnij plik porównania Expand all files Collapse all files

2
Dockerfile
Wyświetl plik

@ -128,7 +128,7 @@ RUN chmod +x *.sh
# this dockerfile directly.
RUN set -eux \
&& /scripts/setup.sh
RUN echo 'figlet -t "Kartoza Docker PostGIS"' >> ~/.bashrc
VOLUME /var/lib/postgresql
ENTRYPOINT /scripts/docker-entrypoint.sh

1
scripts/docker-entrypoint.sh
Wyświetl plik

@ -15,7 +15,6 @@ source /scripts/setup-ssl.sh
source /scripts/setup-pg_hba.sh
# Function to add figlet
advertise
figlet -t "Kartoza Docker PostGIS"
POSTGRES_PASS=$(cat /tmp/PGPASSWORD.txt)

18
scripts/env-data.sh
Wyświetl plik

@ -20,6 +20,7 @@ PGSTAT_TMP="/var/run/postgresql/"
PG_PID="/var/run/postgresql/${POSTGRES_MAJOR_VERSION}-main.pid"
# Read data from secrets into env variables.
# usage: file_env VAR [DEFAULT]
@ -386,7 +387,7 @@ until su - postgres -c "${PG_BASEBACKUP} -X stream -h ${REPLICATE_FROM} -p ${REP
}
function pg_password() {
SETUP_LOCKFILE="${EXTRA_CONF_DIR}/.pass.lock"
SETUP_LOCKFILE="/settings/.pgpasspass.lock"
if [ -z "${POSTGRES_PASS}" ] && [ ! -f ${SETUP_LOCKFILE} ]; then
POSTGRES_PASS=$(openssl rand -base64 15)
touch ${SETUP_LOCKFILE}
@ -397,10 +398,15 @@ function pg_password() {
}
function advertise() {
SETUP_LOCKFILE="${EXTRA_CONF_DIR}/.bash.lock"
if [[ ! -f ${SETUP_LOCKFILE} ]]; then
echo 'figlet -t "Kartoza Docker PostGIS"' >> ~/.bashrc
touch ${SETUP_LOCKFILE}
function replication_password() {
SETUP_LOCKFILE="/settings/.replicationpass.lock"
if [ -z "${REPLICATION_PASS}" ] && [ ! -f ${SETUP_LOCKFILE} ]; then
REPLICATION_PASS=$(openssl rand -base64 15)
touch ${SETUP_LOCKFILE}
echo "$REPLICATION_PASS" >> /tmp/REPLPASSWORD.txt
else
echo "$REPLICATION_PASS" >> /tmp/REPLPASSWORD.txt
fi
}

1
scripts/setup-conf.sh
Wyświetl plik

@ -3,6 +3,7 @@
source /scripts/env-data.sh
SETUP_LOCKFILE="${ROOT_CONF}/.postgresql.conf.lock"
create_dir /settings
if [ -f "${SETUP_LOCKFILE}" ]; then
return 0
fi

3
scripts/setup-user.sh
Wyświetl plik

@ -27,6 +27,9 @@ if [ -z "$RESULT" ]; then
fi
su - postgres -c "psql postgres -c \"$COMMAND USER $POSTGRES_USER WITH SUPERUSER ENCRYPTED PASSWORD '$POSTGRES_PASS';\""
replication_password
REPLICATION_PASS=$(cat /tmp/REPLPASSWORD.txt)
echo "Creating replication user $REPLICATION_USER"
RESULT_REPLICATION=`su - postgres -c "psql postgres -t -c \"SELECT 1 FROM pg_roles WHERE rolname = '$REPLICATION_USER'\""`
COMMANDS="ALTER"