Merge remote-tracking branch 'upstream/develop'

Dockerfile

@@ -1,6 +1,6 @@
 #--------- Generic stuff all our Dockerfiles should start with so we get caching ------------
 FROM ubuntu:trusty
-MAINTAINER Tim Sutton<tim@linfiniti.com>
+MAINTAINER Tim Sutton<tim@kartoza.com>
 
 RUN  export DEBIAN_FRONTEND=noninteractive
 ENV  DEBIAN_FRONTEND noninteractive
@@ -38,5 +38,7 @@ RUN /setup.sh
 ADD start-postgis.sh /start-postgis.sh
 RUN chmod 0755 /start-postgis.sh
 
-USER postgres
-CMD /start-postgis.sh
+ADD perms_wrapper.sh /perms_wrapper.sh
+RUN chmod 0755 /perms_wrapper.sh
+
+CMD /perms_wrapper.sh

README.md

@@ -18,20 +18,33 @@ environment (though probably not for heavy load databases).
 **Note:** We recommend using ``apt-cacher-ng`` to speed up package fetching -
 you should configure the host for it in the provided 71-apt-cacher-ng file.
 
-## Build
+## Getting the image
 
-To build the image without apt-cacher do:
+There are various ways to get the image onto your system:
+
+
+The preferred way (but using most bandwidth for the initial image) is to
+get our docker trusted build like this:
+
+
+```
+docker pull kartoza/postgis
+```
+
+To build the image yourself without apt-cacher (also consumes more bandwidth
+since deb packages need to be refetched each time you build) do:
 
 ```
 docker build -t kartoza/postgis git://github.com/kartoza/docker-postgis
 ```
 
-To build with apt-cache do you need to clone this repo locally first and 
-modify the contents of 71-apt-cacher-ng to match your cacher host. Then 
-build using a local url instead of directly from github.
+To build with apt-cache (and minimised download requirements) do you need to
+clone this repo locally first and modify the contents of 71-apt-cacher-ng to
+match your cacher host. Then build using a local url instead of directly from
+github.
 
 ```
-git clone git://github.com/timlinux/docker-postgis
+git clone git://github.com/kartoza/docker-postgis
 ```
 
 Now edit ``71-apt-cacher-ng`` then do:
@@ -49,9 +62,39 @@ To create a running container do:
 sudo docker run --name "postgis" -p 25432:5432 -d -t kartoza/postgis
 ```
 
-## Connect via psql
+You can also use the following environment variables to pass a 
+user name and password. 
 
-To log in to your container do:
+* -e USERNAME=<PGUSER> 
+* -e PASS=<PGPASSWORD>
+
+These will be used to create a new superuser with
+your preferred credentials. If these are not specified then the postgresql 
+user is set to 'docker' with password 'docker'.
+
+## Convenience run script
+
+For convenience we have provided a bash script for running this container
+that lets you specify a volume mount point and a username / password 
+for the new instance superuser. It takes these options:
+
+```
+OPTIONS:
+   -h      Show this message
+   -n      Container name
+   -v      Volume to mount the Postgres cluster into
+   -u      Postgres user name (defaults to 'docker')
+   -p      Postgres password  (defaults to 'docker')
+```
+
+Example usage:
+
+```
+./run-postgis-docker.sh -v /tmp/foo/ -n postgis -u foo -p bar
+
+```
+
+## Connect via psql
 
 Connect with psql (make sure you first install postgresql client tools on your
 host / client):

perms_wrapper.sh

@@ -0,0 +1,7 @@
+#!/bin/bash
+
+# needs to be done as root:
+chown -R postgres:postgres /var/lib/postgresql
+
+# everything else needs to be done as non-root (i.e. postgres)
+sudo -u postgres /start-postgis.sh

run-postgis-docker.sh

@@ -1,43 +1,83 @@
 #!/bin/bash
 # Commit and redeploy the user map container
 
-# Note this script hosts the postgis cluster on the host filesystem
-# If you want to use the container with the cluster embedded
-# In the container, run it like this:
+usage()
+{
+cat << EOF
+usage: $0 options
+
+This script runs a new docker postgis instance for you.
+
+OPTIONS:
+   -h      Show this message
+   -n      Container name
+   -v      Volume to mount the Postgres cluster into
+   -u      Postgres user name (defaults to 'docker')
+   -p      Postgres password  (defaults to 'docker')
+EOF
+}
+
+while getopts ":h:n:v:u:p:" OPTION
+do
+     case $OPTION in
+         n)
+             CONTAINER_NAME=${OPTARG}
+             ;;
+         v)
+             VOLUME=${OPTARG}
+             ;;
+         u)
+             PGUSER=${OPTARG}
+             ;;
+         p)
+             PGPASSWORD=${OPTARG}
+             ;;
+         *)
+             usage
+             exit 1
+             ;;
+     esac
+done
 
 
-#
-if [ $# -ne 1 ]; then
-    echo "Deploy the postgis container."
-    echo "Usage:"
-    echo "$0 <version>"
-    echo "e.g.:"
-    echo "$0 2.1"
-    echo "Will run the container using tag version 2.1"
-    echo "Once it is running see the commit-and-deploy.sh script if you"
-    echo "wish to save new snapshots."
-    exit 1
+if [[ -z $VOLUME ]] || [[ -z $CONTAINER_NAME ]] || [[ -z $PGUSER ]] || [[ -z $PGPASSWORD ]] 
+then
+     usage
+     exit 1
 fi
-VERSION=$1
-HOST_DATA_DIR=/var/docker-data/postgres-dat
-PGUSER=qgis
-PGPASS=qgis
 
-IDFILE=/home/timlinux/postgis-current-container.id
+if [[ ! -z $VOLUME ]]
+then
+    VOLUME_OPTION="-v ${VOLUME}:/var/lib/postgresql"
+else
+    VOLUME_OPTION=""
+fi
 
 if [ ! -d $HOST_DATA_DIR ]
 then
     mkdir $HOST_DATA_DIR
 fi
-CMD="docker run -cidfile="$IDFILE" -name="postgis" -e USERNAME=$PGUSER -e PASS=$PGPASS -d -v $HOST_DATA_DIR:/var/lib/postgresql -t qgis/postgis:$VERSION /start.sh"
-echo 'Running:'
+chmod a+w $HOST_DATA_DIR
+
+docker kill ${CONTAINER_NAME}
+docker rm ${CONTAINER_NAME}
+
+CMD="docker run --name="${CONTAINER_NAME}" \
+        --hostname="${CONTAINER_NAME}" \
+        --restart=always \
+	-e USERNAME=${PGUSER} \
+	-e PASS=${PGPASSWORD} \
+	-d -t \
+        ${VOLUME_OPTION} \
+	kartoza/postgis /start-postgis.sh"
+
+echo 'Running\n'
 echo $CMD
 eval $CMD
-NEWID=`cat $IDFILE`
-echo "Postgis has been deployed as $NEWID"
-docker ps -a | grep $NEWID
-echo "If there was no pre-existing database, you can access this using"
-IPADDRESS=`docker inspect postgis | grep IPAddress | grep -o '[0-9\.]*'`
+
+docker ps | grep ${CONTAINER_NAME}
+
+echo "Connect using:"
 echo "psql -l -p 5432 -h $IPADDRESS -U $PGUSER"
 echo "and password $PGPASS"
 echo

setup.sh

@@ -5,12 +5,11 @@ CONF="/etc/postgresql/9.3/main/postgresql.conf"
 
 # /etc/ssl/private can't be accessed from within container for some reason
 # (@andrewgodwin says it's something AUFS related)  - taken from https://github.com/orchardup/docker-postgresql/blob/master/Dockerfile
-mkdir -p /etc/ssl/private-copy
-mv /etc/ssl/private/* /etc/ssl/private-copy/
-rm -r /etc/ssl/private
-mv /etc/ssl/private-copy /etc/ssl/private
-chmod -R 0700 /etc/ssl/private
-chown -R postgres /etc/ssl/private
+cp -r /etc/ssl /tmp/ssl-copy/
+chmod -R 0700 /etc/ssl
+chown -R postgres /tmp/ssl-copy
+rm -r /etc/ssl
+mv /tmp/ssl-copy /etc/ssl
 
 # Restrict subnet to docker private network
 echo "host    all             all             172.17.0.0/16               md5" >> /etc/postgresql/9.3/main/pg_hba.conf

start-postgis.sh

@@ -35,18 +35,17 @@ fi
 
 # Make sure we have a user set up
 if [ -z "$USERNAME" ]; then
-  USERNAME=postgis
+  USERNAME=docker
 fi  
 if [ -z "$PASS" ]; then
-  PASS=postgis
-  #PASS=`pwgen -c -n -1 12`
+  PASS=docker
 fi  
 # redirect user/pass into a file so we can echo it into
 # docker logs when container starts
 # so that we can tell user their password
 echo "postgresql user: $USERNAME" > /tmp/PGPASSWORD.txt
 echo "postgresql password: $PASS" >> /tmp/PGPASSWORD.txt
-$POSTGRES --single -D $DATADIR -c config_file=$CONF" <<< "CREATE USER $USERNAME WITH SUPERUSER ENCRYPTED PASSWORD '$PASS';
+$POSTGRES --single -D $DATADIR -c config_file=$CONF <<< "CREATE USER $USERNAME WITH SUPERUSER ENCRYPTED PASSWORD '$PASS';"
 
 trap "echo \"Sending SIGTERM to postgres\"; killall -s SIGTERM postgres" SIGTERM
 
@@ -76,6 +75,7 @@ else
     # Needed when importing old dumps using e.g ndims for constraints
     echo "Loading legacy sql"
     psql template_postgis -f $SQLDIR/legacy_minimal.sql
+    psql template_postgis -f $SQLDIR/legacy_gist.sql
     echo "Granting on geometry columns"
     psql template_postgis -c 'GRANT ALL ON geometry_columns TO PUBLIC;'
     echo "Granting on geography columns"