kopia lustrzana https://github.com/kartoza/docker-postgis
In progress ssl support
rodzic
ae48998330
commit
e594cb19b8
|
@ -3,5 +3,5 @@
|
|||
# use apt-cacher in your image build out (and the
|
||||
# Subsequent running container.
|
||||
|
||||
#Acquire::http { Proxy "http://192.168.2.9:3142"; };
|
||||
Acquire::http { Proxy "http://192.168.2.9:3142"; };
|
||||
#Acquire::http { Proxy "http://192.168.1.13:3142"; };
|
||||
|
|
|
@ -20,11 +20,7 @@ RUN apt-get -y install ca-certificates rpl pwgen
|
|||
|
||||
# Next line a workaround for https://github.com/dotcloud/docker/issues/963
|
||||
RUN apt-get install -y postgresql-9.3-postgis-2.1
|
||||
RUN echo "host all all 172.17.0.0/16 md5" >> /etc/postgresql/9.3/main/pg_hba.conf
|
||||
RUN service postgresql start && /bin/su postgres -c "createuser -d -s -r -l docker" && /bin/su postgres -c "psql postgres -c \"ALTER USER docker WITH ENCRYPTED PASSWORD 'docker'\"" && service postgresql stop
|
||||
# Listen on all ip addresses
|
||||
RUN echo "listen_addresses = '*'" >> /etc/postgresql/9.3/main/postgresql.conf
|
||||
RUN echo "port = 5432" >> /etc/postgresql/9.3/main/postgresql.conf
|
||||
|
||||
# Start with supervisor
|
||||
ADD postgres.conf /etc/supervisor/conf.d/postgres.conf
|
||||
|
|
|
@ -23,6 +23,36 @@ fi
|
|||
|
||||
# test if DATADIR has content
|
||||
if [ ! "$(ls -A $DATADIR)" ]; then
|
||||
|
||||
# No content yet - first time pg is being run!
|
||||
|
||||
|
||||
# /etc/ssl/private can't be accessed from within container for some reason
|
||||
# (@andrewgodwin says it's something AUFS related) - taken from https://github.com/orchardup/docker-postgresql/blob/master/Dockerfile
|
||||
mkdir /etc/ssl/private-copy
|
||||
mv /etc/ssl/private/* /etc/ssl/private-copy/
|
||||
rm -r /etc/ssl/private
|
||||
mv /etc/ssl/private-copy /etc/ssl/private
|
||||
chmod -R 0700 /etc/ssl/private
|
||||
chown -R postgres /etc/ssl/private
|
||||
|
||||
echo "host all all 172.17.0.0/16 md5" >> /etc/postgresql/9.3/main/pg_hba.conf
|
||||
# Listen on all ip addresses
|
||||
echo "listen_addresses = '*'" >> /etc/postgresql/9.3/main/postgresql.conf
|
||||
echo "port = 5432" >> /etc/postgresql/9.3/main/postgresql.conf
|
||||
|
||||
# Enable ssl
|
||||
|
||||
echo "ssl = true" >> $CONF
|
||||
#echo "ssl_ciphers = 'DEFAULT:!LOW:!EXP:!MD5:@STRENGTH' " >> $CONF
|
||||
#echo "ssl_renegotiation_limit = 512MB " >> $CONF
|
||||
echo "ssl_cert_file = '/etc/ssl/certs/ssl-cert-snakeoil.pem'" >> $CONF
|
||||
echo "ssl_key_file = '/etc/ssl/private/ssl-cert-snakeoil.key'" >> $CONF
|
||||
#echo "ssl_ca_file = '' # (change requires restart)" >> $CONF
|
||||
#echo "ssl_crl_file = ''" >> $CONF
|
||||
|
||||
# Initialise db
|
||||
|
||||
echo "Initializing Postgres Database at $DATADIR"
|
||||
chown -R postgres $DATADIR
|
||||
su postgres sh -c "$INITDB $DATADIR"
|
||||
|
@ -59,14 +89,25 @@ else
|
|||
echo "Postgis is missing, installing now"
|
||||
# Note the dockerfile must have put the postgis.sql and spatialrefsys.sql scripts into /root/
|
||||
# We use template0 since we want t different encoding to template1
|
||||
echo "Creating template postgis"
|
||||
su postgres sh -c "createdb template_postgis -E UTF8 -T template0"
|
||||
set -x
|
||||
echo "Enabling template_postgis as a template"
|
||||
su postgres sh -c "psql template0 -c 'UPDATE pg_database SET datistemplate = TRUE WHERE datname = \'template_postgis\';'"
|
||||
echo "Loading postgis.sql"
|
||||
su postgres sh -c "psql template_postgis -f $SQLDIR/postgis.sql"
|
||||
set +x
|
||||
echo "Loading spatial_ref_sys.sql"
|
||||
su postgres sh -c "psql template_postgis -f $SQLDIR/spatial_ref_sys.sql"
|
||||
|
||||
# Needed when importing old dumps using e.g ndims for constraints
|
||||
echo "Loading legacy sql"
|
||||
su postgres sh -c "psql template_postgis -f $SQLDIR/legacy_minimal.sql"
|
||||
echo "Granting on geometry columns"
|
||||
su postgres sh -c "psql template_postgis -c 'GRANT ALL ON geometry_columns TO PUBLIC;'"
|
||||
echo "Granting on geography columns"
|
||||
su postgres sh -c "psql template_postgis -c 'GRANT ALL ON geography_columns TO PUBLIC;'"
|
||||
echo "Granting on spatial ref sys"
|
||||
su postgres sh -c "psql template_postgis -c 'GRANT ALL ON spatial_ref_sys TO PUBLIC;'"
|
||||
# This should show up in docker logs afterwards
|
||||
fi
|
||||
|
|
Ładowanie…
Reference in New Issue