kopia lustrzana https://github.com/kartoza/docker-postgis
Merge pull request #273 from NyakudyaA/user-create
Fix passwords to use all characterspull/291/head
commit
e6bc0fb17d
|
@ -148,7 +148,7 @@ In addition to that, we have another parameter: `RECREATE_DATADIR` that can be u
|
||||||
If this parameter is specified as `TRUE` it will act as explicit consent to delete `DATADIR` and create
|
If this parameter is specified as `TRUE` it will act as explicit consent to delete `DATADIR` and create
|
||||||
new db cluster.
|
new db cluster.
|
||||||
|
|
||||||
* `RECREATE_DATADIR`: Force database reinitializations in the location `DATADIR`
|
* `RECREATE_DATADIR`: Force database reinitialization in the location `DATADIR`
|
||||||
|
|
||||||
If you used `RECREATE_DATADIR` and successfully created new cluster. Remember
|
If you used `RECREATE_DATADIR` and successfully created new cluster. Remember
|
||||||
that you should remove this parameter afterwards. Because, if it was not omitted,
|
that you should remove this parameter afterwards. Because, if it was not omitted,
|
||||||
|
@ -190,6 +190,9 @@ user name, password and/or default database name(or multiple databases comma sep
|
||||||
|
|
||||||
* `-e POSTGRES_USER=<PGUSER>`
|
* `-e POSTGRES_USER=<PGUSER>`
|
||||||
* `-e POSTGRES_PASS=<PGPASSWORD>`
|
* `-e POSTGRES_PASS=<PGPASSWORD>`
|
||||||
|
**NB** You should use a strong passwords. If you are using docker-compose make sure
|
||||||
|
docker can interpolate the password. Example using a password with a `$` you will
|
||||||
|
need to escape it ie `$$`
|
||||||
* `-e POSTGRES_DBNAME=<PGDBNAME>`
|
* `-e POSTGRES_DBNAME=<PGDBNAME>`
|
||||||
* `-e POSTGRES_MULTIPLE_EXTENSIONS=postgis,hstore,postgis_topology,postgis_raster,pgrouting`
|
* `-e POSTGRES_MULTIPLE_EXTENSIONS=postgis,hstore,postgis_topology,postgis_raster,pgrouting`
|
||||||
|
|
||||||
|
|
|
@ -14,24 +14,44 @@ source /scripts/env-data.sh
|
||||||
|
|
||||||
# Only create credentials if this is a master database
|
# Only create credentials if this is a master database
|
||||||
# Slave database will just mirror from master users
|
# Slave database will just mirror from master users
|
||||||
echo "Setup postgres User:Password"
|
|
||||||
echo "postgresql user: $POSTGRES_USER" > /tmp/PGPASSWORD.txt
|
|
||||||
echo "postgresql password: $POSTGRES_PASS" >> /tmp/PGPASSWORD.txt
|
|
||||||
|
|
||||||
# Check user already exists
|
echo "$POSTGRES_PASS" >> /tmp/PGPASSWORD.txt
|
||||||
echo "Creating superuser $POSTGRES_USER"
|
# Check super user already exists
|
||||||
RESULT=`su - postgres -c "psql postgres -t -c \"SELECT 1 FROM pg_roles WHERE rolname = '$POSTGRES_USER'\""`
|
RESULT=`su - postgres -c "psql postgres -t -c \"SELECT 1 FROM pg_roles WHERE rolname = '$POSTGRES_USER'\""`
|
||||||
COMMAND="ALTER"
|
COMMAND="ALTER"
|
||||||
if [ -z "$RESULT" ]; then
|
if [ -z "$RESULT" ]; then
|
||||||
COMMAND="CREATE"
|
COMMAND="CREATE"
|
||||||
fi
|
fi
|
||||||
su - postgres -c "psql postgres -c \"$COMMAND USER $POSTGRES_USER WITH SUPERUSER ENCRYPTED PASSWORD '$POSTGRES_PASS';\""
|
|
||||||
|
|
||||||
echo "Creating replication user $REPLICATION_USER"
|
echo "Creating superuser user $POSTGRES_USER using $PASSWORD_AUTHENTICATION authentication "
|
||||||
|
if [ PASSWORD_AUTHENTICATION="md5" ]; then
|
||||||
|
PG_PASS=$(U=$POSTGRES_USER; P=$(cat /tmp/PGPASSWORD.txt); echo -n md5; echo -n $P$U | md5sum | cut -d' ' -f1)
|
||||||
|
su - postgres -c "psql postgres -c \"$COMMAND USER $POSTGRES_USER WITH SUPERUSER PASSWORD '$PG_PASS';\""
|
||||||
|
elif [ PASSWORD_AUTHENTICATION="scram-sha-256" ]; then
|
||||||
|
PG_PASS=$(U=$POSTGRES_USER; P=$(cat /tmp/PGPASSWORD.txt); echo -n sha256; echo -n $P$U | sha256sum | cut -d' ' -f1)
|
||||||
|
su - postgres -c "psql postgres -c \"$COMMAND USER $POSTGRES_USER WITH SUPERUSER PASSWORD '$PG_PASS';\""
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo "$REPLICATION_PASS" >> /tmp/REPLICATION_PASS.txt
|
||||||
|
|
||||||
|
# Check replication user already exists
|
||||||
RESULT_REPLICATION=`su - postgres -c "psql postgres -t -c \"SELECT 1 FROM pg_roles WHERE rolname = '$REPLICATION_USER'\""`
|
RESULT_REPLICATION=`su - postgres -c "psql postgres -t -c \"SELECT 1 FROM pg_roles WHERE rolname = '$REPLICATION_USER'\""`
|
||||||
COMMANDS="ALTER"
|
COMMANDS="ALTER"
|
||||||
if [ -z "$RESULT_REPLICATION" ]; then
|
if [ -z "$RESULT_REPLICATION" ]; then
|
||||||
COMMANDS="CREATE"
|
COMMANDS="CREATE"
|
||||||
fi
|
fi
|
||||||
su - postgres -c "psql postgres -c \"$COMMANDS USER $REPLICATION_USER WITH REPLICATION ENCRYPTED PASSWORD '$REPLICATION_PASS';\""
|
|
||||||
|
|
||||||
|
if [ -z "$RESULT" ]; then
|
||||||
|
COMMAND="CREATE"
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo "Creating replication user $REPLICATION_USER using $PASSWORD_AUTHENTICATION authentication "
|
||||||
|
if [ PASSWORD_AUTHENTICATION="md5" ]; then
|
||||||
|
REP_PASS=$(U=$REPLICATION_USER; P=$(cat /tmp/REPLICATION_PASS.txt); echo -n md5; echo -n $P$U | md5sum | cut -d' ' -f1)
|
||||||
|
su - postgres -c "psql postgres -c \"$COMMANDS USER $REPLICATION_USER WITH REPLICATION PASSWORD '$REP_PASS';\""
|
||||||
|
elif [ PASSWORD_AUTHENTICATION="scram-sha-256" ]; then
|
||||||
|
REP_PASS=$(U=$REPLICATION_USER; P=$(cat /tmp/REPLICATION_PASS.txt); echo -n sha256; echo -n $P$U | sha256sum | cut -d' ' -f1)
|
||||||
|
su - postgres -c "psql postgres -c \"$COMMANDS USER $REPLICATION_USER WITH REPLICATION PASSWORD '$REP_PASS';\""
|
||||||
|
fi
|
||||||
|
|
||||||
|
rm /tmp/PGPASSWORD.txt /tmp/REPLICATION_PASS.txt
|
Ładowanie…
Reference in New Issue