kopia lustrzana https://github.com/kartoza/docker-postgis
Merge pull request #10 from timlinux/master
Attempt to fix issue with ssl perms when using hosted repopull/12/head
Tim Sutton
commit
9db4e2e383
|
|
@ -4,4 +4,5 @@
|
||||||
# Subsequent running container.
|
# Subsequent running container.
|
||||||
|
|
||||||
#Acquire::http { Proxy "http://192.168.2.9:3142"; };
|
#Acquire::http { Proxy "http://192.168.2.9:3142"; };
|
||||||
|
#Acquire::http { Proxy "http://192.168.0.131:3142"; };
|
||||||
#Acquire::http { Proxy "http://192.168.1.13:3142"; };
|
#Acquire::http { Proxy "http://192.168.1.13:3142"; };
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
#--------- Generic stuff all our Dockerfiles should start with so we get caching ------------
|
#--------- Generic stuff all our Dockerfiles should start with so we get caching ------------
|
||||||
FROM ubuntu:trusty
|
FROM ubuntu:trusty
|
||||||
MAINTAINER Tim Sutton<tim@linfiniti.com>
|
MAINTAINER Tim Sutton<tim@kartoza.com>
|
||||||
|
|
||||||
RUN export DEBIAN_FRONTEND=noninteractive
|
RUN export DEBIAN_FRONTEND=noninteractive
|
||||||
ENV DEBIAN_FRONTEND noninteractive
|
ENV DEBIAN_FRONTEND noninteractive
|
||||||
|
|
@ -38,5 +38,7 @@ RUN /setup.sh
|
||||||
ADD start-postgis.sh /start-postgis.sh
|
ADD start-postgis.sh /start-postgis.sh
|
||||||
RUN chmod 0755 /start-postgis.sh
|
RUN chmod 0755 /start-postgis.sh
|
||||||
|
|
||||||
USER postgres
|
ADD perms_wrapper.sh /perms_wrapper.sh
|
||||||
CMD /start-postgis.sh
|
RUN chmod 0755 /perms_wrapper.sh
|
||||||
|
|
||||||
|
CMD /perms_wrapper.sh
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,15 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
# /etc/ssl/private can't be accessed from within container for some reason
|
||||||
|
# (@andrewgodwin says it's something AUFS related) - taken from https://github.com/orchardup/docker-postgresql/blob/master/Dockerfile
|
||||||
|
cp -r /etc/ssl /tmp/ssl-copy/
|
||||||
|
chmod -R 0700 /etc/ssl
|
||||||
|
chown -R postgres /tmp/ssl-copy
|
||||||
|
rm -r /etc/ssl
|
||||||
|
mv /tmp/ssl-copy /etc/ssl
|
||||||
|
|
||||||
|
# needs to be done as root:
|
||||||
|
chown -R postgres:postgres /var/lib/postgresql
|
||||||
|
|
||||||
|
# everything else needs to be done as non-root (i.e. postgres)
|
||||||
|
sudo -u postgres /start-postgis.sh
|
||||||
8
setup.sh
8
setup.sh
|
|
@ -3,14 +3,6 @@
|
||||||
# These tasks are run as root
|
# These tasks are run as root
|
||||||
CONF="/etc/postgresql/9.3/main/postgresql.conf"
|
CONF="/etc/postgresql/9.3/main/postgresql.conf"
|
||||||
|
|
||||||
# /etc/ssl/private can't be accessed from within container for some reason
|
|
||||||
# (@andrewgodwin says it's something AUFS related) - taken from https://github.com/orchardup/docker-postgresql/blob/master/Dockerfile
|
|
||||||
cp -r /etc/ssl /tmp/ssl-copy/
|
|
||||||
chmod -R 0700 /etc/ssl
|
|
||||||
chown -R postgres /tmp/ssl-copy
|
|
||||||
rm -r /etc/ssl
|
|
||||||
mv /tmp/ssl-copy /etc/ssl
|
|
||||||
|
|
||||||
# Restrict subnet to docker private network
|
# Restrict subnet to docker private network
|
||||||
echo "host all all 172.17.0.0/16 md5" >> /etc/postgresql/9.3/main/pg_hba.conf
|
echo "host all all 172.17.0.0/16 md5" >> /etc/postgresql/9.3/main/pg_hba.conf
|
||||||
# Listen on all ip addresses
|
# Listen on all ip addresses
|
||||||
|
|
|
||||||
Ładowanie…
Reference in New Issue