From f3bf10222dd7a682a80ffcc2423ccaf410dff661 Mon Sep 17 00:00:00 2001
From: Tim Sutton <tim@linfiniti.com>
Date: Mon, 18 Aug 2014 12:06:50 +0200
Subject: [PATCH 1/4] Enable cache in my fork

---
 71-apt-cacher-ng | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/71-apt-cacher-ng b/71-apt-cacher-ng
index b439cae..32a06d4 100644
--- a/71-apt-cacher-ng
+++ b/71-apt-cacher-ng
@@ -3,5 +3,5 @@
 # use apt-cacher in your image build out (and the 
 # Subsequent running container.
 
-#Acquire::http { Proxy "http://192.168.2.9:3142"; };
+Acquire::http { Proxy "http://192.168.2.9:3142"; };
 #Acquire::http { Proxy "http://192.168.1.13:3142"; };

From e25232a1a57e13b557f6bf924ac41bd3eff31138 Mon Sep 17 00:00:00 2001
From: Tim Sutton <tim@linfiniti.com>
Date: Mon, 20 Oct 2014 07:46:56 +0200
Subject: [PATCH 2/4] Updated container contact info

---
 Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index 14004c2..c0e3320 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,6 +1,6 @@
 #--------- Generic stuff all our Dockerfiles should start with so we get caching ------------
 FROM ubuntu:trusty
-MAINTAINER Tim Sutton<tim@linfiniti.com>
+MAINTAINER Tim Sutton<tim@kartoza.com>
 
 RUN  export DEBIAN_FRONTEND=noninteractive
 ENV  DEBIAN_FRONTEND noninteractive

From df5c53f892cca31d46cd01254bca5e8d4a378ac3 Mon Sep 17 00:00:00 2001
From: Anentropic <ego@anentropic.com>
Date: Thu, 4 Dec 2014 19:39:55 +0000
Subject: [PATCH 3/4] add a step to chown the postgres data dir

---
 Dockerfile       | 6 ++++--
 perms_wrapper.sh | 7 +++++++
 2 files changed, 11 insertions(+), 2 deletions(-)
 create mode 100644 perms_wrapper.sh

diff --git a/Dockerfile b/Dockerfile
index c0e3320..2c608ea 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -38,5 +38,7 @@ RUN /setup.sh
 ADD start-postgis.sh /start-postgis.sh
 RUN chmod 0755 /start-postgis.sh
 
-USER postgres
-CMD /start-postgis.sh
+ADD perms_wrapper.sh /perms_wrapper.sh
+RUN chmod 0755 /perms_wrapper.sh
+
+CMD /perms_wrapper.sh
diff --git a/perms_wrapper.sh b/perms_wrapper.sh
new file mode 100644
index 0000000..c6ce165
--- /dev/null
+++ b/perms_wrapper.sh
@@ -0,0 +1,7 @@
+#!/bin/bash
+
+# needs to be done as root:
+chown -R postgres:postgres /var/lib/postgresql
+
+# everything else needs to be done as non-root (i.e. postgres)
+sudo -u postgres /start-postgis.sh
\ No newline at end of file

From 5116a31255ba9ff62c3892e4b4691bc043fde553 Mon Sep 17 00:00:00 2001
From: Tim Sutton <tim@linfiniti.com>
Date: Sat, 6 Dec 2014 11:33:36 +0700
Subject: [PATCH 4/4] Move permissions for ssl to be run as root

---
 71-apt-cacher-ng |  3 ++-
 perms_wrapper.sh | 10 +++++++++-
 setup.sh         |  8 --------
 3 files changed, 11 insertions(+), 10 deletions(-)

diff --git a/71-apt-cacher-ng b/71-apt-cacher-ng
index 32a06d4..c2b91ac 100644
--- a/71-apt-cacher-ng
+++ b/71-apt-cacher-ng
@@ -3,5 +3,6 @@
 # use apt-cacher in your image build out (and the 
 # Subsequent running container.
 
-Acquire::http { Proxy "http://192.168.2.9:3142"; };
+#Acquire::http { Proxy "http://192.168.2.9:3142"; };
+#Acquire::http { Proxy "http://192.168.0.131:3142"; };
 #Acquire::http { Proxy "http://192.168.1.13:3142"; };
diff --git a/perms_wrapper.sh b/perms_wrapper.sh
index c6ce165..89d9873 100644
--- a/perms_wrapper.sh
+++ b/perms_wrapper.sh
@@ -1,7 +1,15 @@
 #!/bin/bash
 
+# /etc/ssl/private can't be accessed from within container for some reason
+# (@andrewgodwin says it's something AUFS related)  - taken from https://github.com/orchardup/docker-postgresql/blob/master/Dockerfile
+cp -r /etc/ssl /tmp/ssl-copy/
+chmod -R 0700 /etc/ssl
+chown -R postgres /tmp/ssl-copy
+rm -r /etc/ssl
+mv /tmp/ssl-copy /etc/ssl
+
 # needs to be done as root:
 chown -R postgres:postgres /var/lib/postgresql
 
 # everything else needs to be done as non-root (i.e. postgres)
-sudo -u postgres /start-postgis.sh
\ No newline at end of file
+sudo -u postgres /start-postgis.sh
diff --git a/setup.sh b/setup.sh
index f2b3804..52ea0fd 100755
--- a/setup.sh
+++ b/setup.sh
@@ -3,14 +3,6 @@
 # These tasks are run as root
 CONF="/etc/postgresql/9.3/main/postgresql.conf"
 
-# /etc/ssl/private can't be accessed from within container for some reason
-# (@andrewgodwin says it's something AUFS related)  - taken from https://github.com/orchardup/docker-postgresql/blob/master/Dockerfile
-cp -r /etc/ssl /tmp/ssl-copy/
-chmod -R 0700 /etc/ssl
-chown -R postgres /tmp/ssl-copy
-rm -r /etc/ssl
-mv /tmp/ssl-copy /etc/ssl
-
 # Restrict subnet to docker private network
 echo "host    all             all             172.17.0.0/16               md5" >> /etc/postgresql/9.3/main/pg_hba.conf
 # Listen on all ip addresses