mirror
/
docker-postgis
kopia lustrzana https://github.com/kartoza/docker-postgis
1
0
Forkuj 0
Kod Zgłoszenia Packages Projekty Wydania Wiki Aktywność

Merge develop to master to align with PostgreSQL 11 (#117) 

* Added note about version number

* README update

* Revert to using pg 9.3 in latest build - prevent breaking downstream apps for now

* Revert to pg 9.3

* Fix references to 9.4 to make them 9.3 rather

* Fix incorrect version in 9.4 branch

* Fix TOPOLOGY conditional typo

* Update run-postgis-docker.sh

* Update run-postgis-docker.sh

added IPADDRESS

* Updates from Marco

* Allow connections from 192.168 private network too

* start temporary server in local-only mode, poll instead of blind wait, preserve pid 1

* Enable PostGIS Out DB raster support

http://postgis.net/2015/05/02/tip_enable_raster_drivers/
http://postgis.net/docs/postgis_installation.html#install_short_version

* Remove hardcoded reference to container name "docker"

* upgrade postgres to 9.5 and postgis to 2.2

* Added flexible IP range as arg on docker run

* Added better description to docker env vars

* Updated references to pg and postgis versions in readme

* Followup 0745c488, fix references to 9.4

* problem version

postgresql version is 9.4, instead of 9.5

* Added note about allowing external ports.

* Update README.md

* Cleanups to 9.5 branch - remove old supervisor files

* Fix for README

* 9.5 2.2 (#49)

* Allow connections from 192.168 private network too

* Updated references to pg and postgis versions in readme

* Cleanups to 9.5 branch - remove old supervisor files

* Fix for README

* Dont add supervisor stuff which is deprecated

* Fix 9.4 reference

* Allow changing the default database name (#50)

* Allow changing the default database name (#50)

* Allow changing the default database name (#50) (#52)

* Commented out legacy scripts since it seems they are removed in 2.2

* 9.5 2.2 (#58)

* Allow changing the default database name (#50)

* Commented out legacy scripts since it seems they are removed in 2.2

* 9.5 2.2 (#59)

* Allow changing the default database name (#50)

* Commented out legacy scripts since it seems they are removed in 2.2

* Improve start (#57)

* Make initial dir optional

* Improve termination of background initial process #56

* Merge improvements from 9.5 branch (#60)

* Allow changing the default database name (#50)

* Commented out legacy scripts since it seems they are removed in 2.2

* 9.5 2.2 (#59)

* Allow changing the default database name (#50)

* Commented out legacy scripts since it seems they are removed in 2.2

* Improve start (#57)

* Make initial dir optional

* Improve termination of background initial process #56

* Added more options to convenience run script

* Added missing l from getopts

* Added missing l from getopts

* 9.5 2.2 (#61)

* Allow changing the default database name (#50)

* Allow changing the default database name (#50)

* Allow changing the default database name (#50) (#52)

* Commented out legacy scripts since it seems they are removed in 2.2

* Added more options to convenience run script

* Added missing l from getopts

* Added missing l from getopts

* Tweak convenience scripts (#62)


* Added missing l from getopts

* allow connection when using docker compose (#65)

see https://github.com/docker/compose/issues/4336
and https://github.com/kartoza/docker-postgis/issues/40

* Install gnupg for fetching keys first

* Fix key fetching

* Updated to 9.6 and postgis 2.4

* Ditch apt-cacher stuff

* Upgraded to PG 10

* change version from postgresql-10.0 to 10 and fix typo in run-postgis… (#76)

* change version from postgresql-10.0 to 10 and fix typo in run-postgis file

* edit setup.sh to version 10

* Change from version 10.0 to 10 in Dockerfile (#75)

I checked that postgresql-10.0 is an invalid name. It should be just postgresql-10

* Fixes for pg 10 to start nicely

* Port 9.6 to develop (#89)

* Part one of porting work from 9.6 to 10

* Backported more scripts from 9.6 branch

* Added missing apt update in dockerfile

* Updates to entrypoint to reference image and update docker-compose to reference 10 pg

* Added sample and docs from 9.6 branch

* Removed my diagram as Rizky had already added one

* Fix env paths for pg 10

* Fixes for backporting work from 9.6 to 10 - dbb now spins up and accepts connections properly

* Update README.md

* Fix #90 and replace references to slave with replicant

(Slave is a pejorative term)

* Backport from branch: 9.6-2.4

Fix default datadir

- Change into default datadir
- Add small unittest

* Merge branch 10 into develop (#113)

* Fix typo in helper script

* Port work in develop to 10 branch (#90)

* Port 9.6 to develop (#89)

* Part one of porting work from 9.6 to 10

* Backported more scripts from 9.6 branch

* Added missing apt update in dockerfile

* Updates to entrypoint to reference image and update docker-compose to reference 10 pg

* Added sample and docs from 9.6 branch

* Removed my diagram as Rizky had already added one

* Fix env paths for pg 10

* Fixes for backporting work from 9.6 to 10 - dbb now spins up and accepts connections properly

* Update README.md

* Backport from branch: 9.6-2.4

Fix default datadir

- Change into default datadir
- Add small unittest

* Optimise PostgreSQL performance and align with the changes done in 9.6
version

* Fix version numbers

* Minor change to correct env file

* Merged 10 branch into develop

* Remove reduntant conf file from dockerfile

* Remove reduntant conf file directive from setup script

* Remove reduntant conf file directive from  script

* Port changes for Postgres version 11 (#114)

* Fix typo in helper script

* Port work in develop to 10 branch (#90)

* Port 9.6 to develop (#89)

* Part one of porting work from 9.6 to 10

* Backported more scripts from 9.6 branch

* Added missing apt update in dockerfile

* Updates to entrypoint to reference image and update docker-compose to reference 10 pg

* Added sample and docs from 9.6 branch

* Removed my diagram as Rizky had already added one

* Fix env paths for pg 10

* Fixes for backporting work from 9.6 to 10 - dbb now spins up and accepts connections properly

* Update README.md

* Backport from branch: 9.6-2.4

Fix default datadir

- Change into default datadir
- Add small unittest

* Optimise PostgreSQL performance and align with the changes done in 9.6
version

* Fix version numbers

* Minor change to correct env file

* Merged 10 branch into develop

* Remove reduntant conf file from dockerfile

* Remove reduntant conf file directive from setup script

* Remove reduntant conf file directive from  script

* Migrate settings to be compatible with PostgreSQL version 11

* fix ssl setup

* Port changes to 11 branch (#115)

* Fix typo in helper script

* Port work in develop to 10 branch (#90)

* Port 9.6 to develop (#89)

* Part one of porting work from 9.6 to 10

* Backported more scripts from 9.6 branch

* Added missing apt update in dockerfile

* Updates to entrypoint to reference image and update docker-compose to reference 10 pg

* Added sample and docs from 9.6 branch

* Removed my diagram as Rizky had already added one

* Fix env paths for pg 10

* Fixes for backporting work from 9.6 to 10 - dbb now spins up and accepts connections properly

* Update README.md

* Backport from branch: 9.6-2.4

Fix default datadir

- Change into default datadir
- Add small unittest

* Optimise PostgreSQL performance and align with the changes done in 9.6
version

* Fix version numbers

* Minor change to correct env file

* Merged 10 branch into develop

* Remove reduntant conf file from dockerfile

* Remove reduntant conf file directive from setup script

* Remove reduntant conf file directive from  script

* Migrate settings to be compatible with PostgreSQL version 11

* fix ssl setup

* Align changes to postgresql version 11

* Set destroy database to false

* Commented out code for destroy database

* Fix version number for build

* Implement conf lock file check (#116)

It will make sure that the conf file will only be generated once
for a given container.
pull/118/head
mazano 2019-02-01 17:14:01 +02:00 zatwierdzone przez GitHub
rodzic 8e0ca93712
commit ff3116928d
Nie znaleziono w bazie danych klucza dla tego podpisu
ID klucza GPG: 4AEE18F83AFDEB23
27 zmienionych plików z 928 dodań i 289 usunięć
Pokaż statystyki Ściągnij plik aktualizacji Ściągnij plik porównania Expand all files Collapse all files

1
.dockerignore 120000
Wyświetl plik

@ -0,0 +1 @@
.gitignore

3
.gitignore vendored
Wyświetl plik

@ -1,2 +1,5 @@
.idea
*.*~
*/replication/pg-*
*/replication/docker-compose.override.yml
.DS_Store

27
.travis.yml 100644
Wyświetl plik

@ -0,0 +1,27 @@
sudo: required
language: python
services:
- docker
virtualenv:
system_site_packages: true
python:
- '2.7'
script:
- ./build.sh
- pushd sample/replication
- make up
- make status
# Check for database status
- until make check-master-running; do echo "Retrying"; sleep 5; done
- until make check-slave-running; do echo "Retrying"; sleep 5; done
# Check replications
- until make check-master-replication; do echo "Retrying"; make master-log-tail; sleep 5; done
- sleep 60 # Wait replication finished
- until make check-slave-replication; do echo "Retrying"; make slave-log-tail; sleep 5; done
- popd

8
71-apt-cacher-ng
Wyświetl plik

@ -1,8 +0,0 @@
# Uncomment the Acquire line below and then
# Modify the host to match your needs if you wish to
# use apt-cacher in your image build out (and the
# Subsequent running container.
#Acquire::http { Proxy "http://192.168.2.9:3142"; };
#Acquire::http { Proxy "http://192.168.0.131:3142"; };
#Acquire::http { Proxy "http://192.168.1.13:3142"; };

32
Dockerfile
Wyświetl plik

@ -5,38 +5,38 @@ MAINTAINER Tim Sutton<tim@kartoza.com>
RUN export DEBIAN_FRONTEND=noninteractive
ENV DEBIAN_FRONTEND noninteractive
RUN dpkg-divert --local --rename --add /sbin/initctl
#RUN ln -s /bin/true /sbin/initctl
# Use local cached debs from host (saves your bandwidth!)
# Change ip below to that of your apt-cacher-ng host
# Or comment this line out if you do not with to use caching
ADD 71-apt-cacher-ng /etc/apt/apt.conf.d/71-apt-cacher-ng
RUN apt-get -y update; apt-get -y install gnupg2 wget ca-certificates rpl pwgen
#RUN echo "deb http://archive.ubuntu.com/ubuntu trusty main universe" > /etc/apt/sources.list
RUN apt-get -y update
RUN apt-get -y install ca-certificates rpl pwgen
RUN sh -c 'echo "deb http://apt.postgresql.org/pub/repos/apt/ stretch-pgdg main" > /etc/apt/sources.list.d/pgdg.list'
RUN wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | apt-key add -
#-------------Application Specific Stuff ----------------------------------------------------
# We add postgis as well to prevent build errors (that we dont see on local builds)
# on docker hub e.g.
# The following packages have unmet dependencies:
# postgresql-9.3-postgis-2.1 : Depends: libgdal1h (>= 1.9.0) but it is not going to be installed
# Recommends: postgis but it is not going to be installed
RUN apt-get install -y postgresql-9.4-postgis-2.1 postgis
ADD postgres.conf /etc/supervisor/conf.d/postgres.conf
RUN apt-get update; apt-get install -y postgresql-client-11 postgresql-common postgresql-11 postgresql-11-postgis-2.5 postgresql-11-pgrouting netcat
# Open port 5432 so linked containers can see them
EXPOSE 5432
# Run any additional tasks here that are too tedious to put in
# this dockerfile directly.
ADD env-data.sh /env-data.sh
ADD setup.sh /setup.sh
RUN chmod 0755 /setup.sh
RUN chmod +x /setup.sh
RUN /setup.sh
# We will run any commands in this when the container starts
ADD start-postgis.sh /start-postgis.sh
RUN chmod 0755 /start-postgis.sh
ADD docker-entrypoint.sh /docker-entrypoint.sh
ADD setup-conf.sh /
ADD setup-database.sh /
ADD setup-pg_hba.sh /
ADD setup-replication.sh /
ADD setup-ssl.sh /
ADD setup-user.sh /
RUN chmod +x /docker-entrypoint.sh
CMD /start-postgis.sh
ENTRYPOINT /docker-entrypoint.sh

201
README.md
Wyświetl plik

@ -1,8 +1,10 @@
# docker-postgis
A simple docker container that runs PostGIS
Visit our page on the docker hub at: https://registry.hub.docker.com/u/kartoza/postgis/
Visit our page on the docker hub at: https://hub.docker.com/r/kartoza/postgis/
There are a number of other docker postgis containers out there. This one
differentiates itself by:
@ -10,15 +12,33 @@ differentiates itself by:
* provides ssl support out of the box
* connections are restricted to the docker subnet
* template_postgis database template is created for you
* a database 'gis' is created for you so you can use this container 'out of the
* a default database 'gis' is created for you so you can use this container 'out of the
box' when it runs with e.g. QGIS
* replication support included
We will work to add more security features to this container in the future with
the aim of making a PostGIS image that is ready to be used in a production
environment (though probably not for heavy load databases).
**Note:** We recommend using ``apt-cacher-ng`` to speed up package fetching -
you should configure the host for it in the provided 71-apt-cacher-ng file.
There is a nice 'from scratch' tutorial on using this docker image on Alex Urquhart's
blog [here](https://alexurquhart.com/post/set-up-postgis-with-docker/) - if you are
just getting started with docker, PostGIS and QGIS, we really recommend that you use it.
## Tagged versions
The following convention is used for tagging the images we build:
kartoza/postgis:[postgres_version]-[postgis-version]
So for example:
``kartoza/postgis:9.6-2.4`` Provides PostgreSQL 9.6, PostGIS 2.4
**Note:** We highly recommend that you use tagged versions because
successive minor versions of PostgreSQL write their database clusters
into different database directories - which will cause your database
to appear to be empty if you are using persistent volumes for your
database storage.
## Getting the image
@ -40,7 +60,7 @@ since deb packages need to be refetched each time you build) do:
docker build -t kartoza/postgis git://github.com/kartoza/docker-postgis
```
To build with apt-cache (and minimised download requirements) do you need to
To build with apt-cacher (and minimise download requirements) you need to
clone this repo locally first and modify the contents of 71-apt-cacher-ng to
match your cacher host. Then build using a local url instead of directly from
github.
@ -64,38 +84,50 @@ To create a running container do:
sudo docker run --name "postgis" -p 25432:5432 -d -t kartoza/postgis
```
## Environment variables
You can also use the following environment variables to pass a
user name and password.
user name, password and/or default database name.
* -e POSTGRES_USER=<PGUSER>
* -e POSTGRES_PASS=<PGPASSWORD>
* -e POSTGRES_DBNAME=<PGDBNAME>
These will be used to create a new superuser with
your preferred credentials. If these are not specified then the postgresql
user is set to 'docker' with password 'docker'.
## Convenience run script
You can open up the PG port by using the following environment variable. By default
the container will allow connections only from the docker private subnet.
For convenience we have provided a bash script for running this container
that lets you specify a volume mount point and a username / password
for the new instance superuser. It takes these options:
* -e ALLOW_IP_RANGE=<0.0.0.0/0> By default
t
```
OPTIONS:
-h Show this message
-n Container name
-v Volume to mount the Postgres cluster into
-u Postgres user name (defaults to 'docker')
-p Postgres password (defaults to 'docker')
```
Postgres conf is setup to listen to all connections and if a user needs to restrict which IP address
PostgreSQL listens to you can define it with the following environment variable. The default is set to listen to
all connections.
* -e IP_LIST=<*>
## Convenience docker-compose.yml
For convenience we have provided a ``docker-compose.yml`` that will run a
copy of the database image and also our related database backup image (see
[https://github.com/kartoza/docker-pg-backup](https://github.com/kartoza/docker-pg-backup)).
The docker compose recipe will expose PostgreSQL on port 25432 (to prevent
potential conflicts with any local database instance you may have).
Example usage:
```
./run-postgis-docker.sh -v /tmp/foo/ -n postgis -u foo -p bar
docker-compose up -d
```
**Note:** The docker-compose recipe above will not persist your data on your local
disk, only in a docker volume.
## Connect via psql
Connect with psql (make sure you first install postgresql client tools on your
@ -110,10 +142,10 @@ psql -h localhost -U docker -p 25432 -l
You can then go on to use any normal postgresql commands against the container.
Under ubuntu 14.04 the postgresql client can be installed like this:
Under ubuntu 16.04 the postgresql client can be installed like this:
```
sudo apt-get install postgresql-client-9.3
sudo apt-get install postgresql-client-9.6
```
@ -130,9 +162,132 @@ docker run -d -v $HOME/postgres_data:/var/lib/postgresql kartoza/postgis`
You need to ensure the ``postgres_data`` directory has sufficient permissions
for the docker process to read / write it.
## Postgres Replication Setup
Replication allows you to maintain two or more synchronised copies of a database, with a
single **master** copy and one or more **replicant** copies. The animation below illustrates
this - the layer with the red boundary is accessed from the master database and the layer
with the green fill is accessed from the replicant database. When edits to the master
layer are saved, they are automatically propagated to the replicant. Note also that the
replicant is read-only.
![qgis](https://user-images.githubusercontent.com/178003/37755610-dd3b774a-2dae-11e8-9fa1-4877e2034675.gif)
This image is provided with replication abilities. We can
categorize an instance of the container as `master` or `replicant`. A `master`
instance means that a particular container has a role as a single point of
database write. A `replicant` instance means that a particular container will
mirror database content from a designated master. This replication scheme allows
us to sync databases. However a `replicant` is only for read-only transaction, thus
we can't write new data to it. The whole database cluster will be replicated.
To experiment with the replication abilities, you can see a (docker-compose.yml)[sample/replication/docker-compose.yml]
sample. There are several environment variables that you can set, such as:
Master settings:
- **ALLOW_IP_RANGE**: A pg_hba.conf domain format which will allow specified host(s)
to connect into the container. This is needed to allow the `slave` to connect
into `master`, so specifically this settings should allow `slave` address. It is also needed to allow clients on other hosts to connect to either the slave or the master.
- Both POSTGRES_USER and POSTGRES_PASS will be used as credentials for the slave to
connect, so make sure you change this into something secure.
Slave settings:
- **REPLICATE_FROM**: This should be the domain name or IP address of the `master`
instance. It can be anything from the docker resolved name like that written in the sample,
or the IP address of the actual machine where you expose `master`. This is
useful to create cross machine replication, or cross stack/server.
- **REPLICATE_PORT**: This should be the port number of `master` postgres instance.
Will default to 5432 (default postgres port), if not specified.
- **DESTROY_DATABASE_ON_RESTART**: Default is `True`. Set to 'False' to prevent
this behaviour. A replicant will always destroy its current database on
restart, because it will try to sync again from `master` and avoid inconsistencies.
- **PROMOTE_MASTER**: Default none. If set to any value then the current replicant
will be promoted to master.
In some cases when the `master` container has failed, we might want to use our `replicant`
as `master` for a while. However, the promoted replicant will break consistencies and
is not able to revert to replicant anymore, unless it is destroyed and resynced
with the new master.
To run the sample replication, follow these instructions:
Do a manual image build by executing the `build.sh` script
```
./build.sh
```
Go into the `sample/replication` directory and experiment with the following Make
command to run both master and slave services.
```
make up
```
To shutdown services, execute:
```
make down
```
To view logs for master and slave respectively, use the following command:
```
make master-log
make slave-log
```
You can try experiment with several scenarios to see how replication works
### Sync changes from master to replicant
You can use any postgres database tools to create new tables in master, by
connecting using POSTGRES_USER and POSTGRES_PASS credentials using exposed port.
In the sample, the master database was exposed on port 7777.
Or you can do it via command line, by entering the shell:
```
make master-shell
```
Then made any database changes using psql.
After that, you can see that the replicant follows the changes by inspecting the
slave database. You can, again, use database management tools using connection
credentials, hostname, and ports for replicant. Or you can do it via command line,
by entering the shell:
```
make slave-shell
```
Then view your changes using psql.
### Promoting replicant to master
You will notice that you cannot make changes in replicant, because it is read-only.
If somehow you want to promote it to master, you can specify `PROMOTE_MASTER: 'True'`
into slave environment and set `DESTROY_DATABASE_ON_RESTART: 'False'`.
After this, you can make changes to your replicant, but master and replicant will not
be in sync anymore. This is useful if the replicant needs to take over a failover master.
However it is recommended to take additional action, such as creating a backup from the
slave so a dedicated master can be created again.
### Preventing replicant database destroy on restart
You can optionally set `DESTROY_DATABASE_ON_RESTART: 'False'` after successful sync
to prevent the database from being destroyed on restart. With this setting you can
shut down your replicant and restart it later and it will continue to sync using the existing
database (as long as there are no consistencies conflicts).
However, you should note that this option doesn't mean anything if you didn't
persist your database volume. Because if it is not persisted, then it will be lost
on restart because docker will recreate the container.
## Credits
Tim Sutton (tim@kartoza.com)
May 2014
Gavin Fleming (gavin@kartoza.com)
Risky Maulana (rizky@kartoza.com)
Admire Nyakudya (admire@kartoza.com)
December 2018

4
build.sh
Wyświetl plik

@ -1 +1,3 @@
docker build -t kartoza/postgis .
#!/usr/bin/env bash
docker build -t kartoza/postgis:manual-build .
docker build -t kartoza/postgis:11.0-2.5 .

38
docker-compose.yml 100644
Wyświetl plik

@ -0,0 +1,38 @@
# docker-compose build
# docker-compose up -d web
version: '2'
volumes:
dbbackups:
postgis-data:
services:
db:
image: kartoza/postgis:10.0-2.4
volumes:
- 'postgis-data:/var/lib/postgresql'
- 'dbbackups:/backups'
environment:
- POSTGRES_DB=gis
- POSTGRES_USER=docker
- POSTGRES_PASS=docker
- ALLOW_IP_RANGE=0.0.0.0/0
ports:
- 25432:5432
restart: unless-stopped
dbbackups:
image: kartoza/pg-backup:10.0
hostname: pg-backups
volumes:
- dbbackups:/backups
links:
- db:db
environment:
- DUMPPREFIX=demo
- PGUSER=docker
- PGPASSWORD=docker
- PGDATABASE=gis
- PGPORT=5432
- PGHOST=db
restart: unless-stopped

57
docker-entrypoint.sh 100755
Wyświetl plik

@ -0,0 +1,57 @@
#!/usr/bin/env bash
# This script will run as the postgres user due to the Dockerfile USER directive
set -e
#TODO Prepare lock files that prevent running the setup-conf,setup-pg_hba,setup-ssl.sh on each restart
# Setup postgres CONF file
source /setup-conf.sh
# Setup ssl
source /setup-ssl.sh
# Setup pg_hba.conf
source /setup-pg_hba.sh
if [[ -z "$REPLICATE_FROM" ]]; then
# This means this is a master instance. We check that database exists
echo "Setup master database"
source /setup-database.sh
else
# This means this is a slave/replication instance.
echo "Setup slave database"
source /setup-replication.sh
fi
# Running extended script or sql if provided.
# Useful for people who extends the image.
echo
for f in /docker-entrypoint-initdb.d/*; do
case "$f" in
*.sh) echo "$0: running $f"; . "$f" ;;
*.sql) echo "$0: running $f"; "${psql[@]}" < "$f"; echo ;;
*.sql.gz) echo "$0: running $f"; gunzip -c "$f" | "${psql[@]}"; echo ;;
*) echo "$0: ignoring $f" ;;
esac
echo
done
# If no arguments passed to entrypoint, then run postgres by default
if [[ $# -eq 0 ]];
then
echo "Postgres initialisation process completed .... restarting in foreground"
su - postgres -c "$SETVARS $POSTGRES -D $DATADIR -c config_file=$CONF"
fi
# If arguments passed, run postgres with these arguments
# This will make sure entrypoint will always be executed
if [[ "${1:0:1}" = '-' ]]; then
# append postgres into the arguments
set -- postgres "$@"
fi
exec su - "$@"

BIN
docs/diagram.graffle 100644
Wyświetl plik

Plik binarny nie jest wyświetlany.

BIN
docs/execution_flow.png 100644
Wyświetl plik

Plik binarny nie jest wyświetlany.
Side by Side

Po

Szerokość:  |  Wysokość:  |  Rozmiar: 115 KiB

68
env-data.sh 100644
Wyświetl plik

@ -0,0 +1,68 @@
#!/usr/bin/env bash
DATADIR="/var/lib/postgresql/11/main"
ROOT_CONF="/etc/postgresql/11/main"
CONF="$ROOT_CONF/postgresql.conf"
WAL_ARCHIVE="/opt/archivedir"
RECOVERY_CONF="$ROOT_CONF/recovery.conf"
POSTGRES="/usr/lib/postgresql/11/bin/postgres"
INITDB="/usr/lib/postgresql/11/bin/initdb"
SQLDIR="/usr/share/postgresql/11/contrib/postgis-2.5/"
SETVARS="POSTGIS_ENABLE_OUTDB_RASTERS=1 POSTGIS_GDAL_ENABLED_DRIVERS=ENABLE_ALL"
LOCALONLY="-c listen_addresses='127.0.0.1'"
PG_BASEBACKUP="/usr/bin/pg_basebackup"
PROMOTE_FILE="/tmp/pg_promote_master"
PGSTAT_TMP="/var/run/postgresql/"
PG_PID="/var/run/postgresql/11-main.pid"
# Make sure we have a user set up
if [ -z "${POSTGRES_USER}" ]; then
POSTGRES_USER=docker
fi
if [ -z "${POSTGRES_PASS}" ]; then
POSTGRES_PASS=docker
fi
if [ -z "${POSTGRES_DBNAME}" ]; then
POSTGRES_DBNAME=gis
fi
# SSL mode
if [ -z "${PGSSLMODE}" ]; then
PGSSLMODE=require
fi
# Enable hstore and topology by default
if [ -z "${HSTORE}" ]; then
HSTORE=true
fi
if [ -z "${TOPOLOGY}" ]; then
TOPOLOGY=true
fi
# Replication settings
if [ -z "${REPLICATE_PORT}" ]; then
REPLICATE_PORT=5432
fi
if [ -z "${DESTROY_DATABASE_ON_RESTART}" ]; then
DESTROY_DATABASE_ON_RESTART=true
fi
if [ -z "${PG_MAX_WAL_SENDERS}" ]; then
PG_MAX_WAL_SENDERS=8
fi
if [ -z "${PG_WAL_KEEP_SEGMENTS}" ]; then
PG_WAL_KEEP_SEGMENTS=100
fi
if [ -z "${IP_LIST}" ]; then
IP_LIST='*'
fi
# Compatibility with official postgres variable
# Official postgres variable gets priority
if [ ! -z "${POSTGRES_PASSWORD}" ]; then
POSTGRES_PASS=${POSTGRES_PASSWORD}
fi
if [ ! -z "${PGDATA}" ]; then
DATADIR=${PGDATA}
fi
if [ ! -z "$POSTGRES_DB" ]; then
POSTGRES_DBNAME=${POSTGRES_DB}
fi

5
postgres.conf
Wyświetl plik

@ -1,5 +0,0 @@
[program:postgres]
user=root
command=/start-postgis.sh
autorestart=true
stopsignal=INT

90
run-postgis-docker.sh
Wyświetl plik

@ -1,90 +0,0 @@
#!/bin/bash
# Commit and redeploy the user map container
usage()
{
cat << EOF
usage: $0 options
This script runs a new docker postgis instance for you.
OPTIONS:
-h Show this message
-n Container name
-v Volume to mount the Postgres cluster into
-u Postgres user name (defaults to 'docker')
-p Postgres password (defaults to 'docker')
EOF
}
while getopts ":h:n:v:u:p:" OPTION
do
case $OPTION in
n)
CONTAINER_NAME=${OPTARG}
;;
v)
VOLUME=${OPTARG}
;;
u)
PGUSER=${OPTARG}
;;
p)
PGPASSWORD=${OPTARG}
;;
*)
usage
exit 1
;;
esac
done
if [[ -z $VOLUME ]] || [[ -z $CONTAINER_NAME ]] || [[ -z $PGUSER ]] || [[ -z $PGPASSWORD ]]
then
usage
exit 1
fi
if [[ ! -z $VOLUME ]]
then
VOLUME_OPTION="-v ${VOLUME}:/var/lib/postgresql"
else
VOLUME_OPTION=""
fi
if [ ! -d $VOLUME ]
then
mkdir $VOLUME
fi
chmod a+w $VOLUME
docker kill ${CONTAINER_NAME}
docker rm ${CONTAINER_NAME}
CMD="docker run --name="${CONTAINER_NAME}" \
--hostname="${CONTAINER_NAME}" \
--restart=always \
-e POSTGRES_USER=${PGUSER} \
-e POSTGRES_PASS=${PGPASSWORD} \
-d -t \
${VOLUME_OPTION} \
kartoza/postgis /start-postgis.sh"
echo 'Running\n'
echo $CMD
eval $CMD
docker ps | grep ${CONTAINER_NAME}
echo "Connect using:"
echo "psql -l -p 5432 -h $IPADDRESS -U $PGUSER"
echo "and password $PGPASSWORD"
echo
echo "Alternatively link to this container from another to access it"
echo "e.g. docker run -link postgis:pg .....etc"
echo "Will make the connection details to the postgis server available"
echo "in your app container as $PG_PORT_5432_TCP_ADDR (for the ip address)"
echo "and $PG_PORT_5432_TCP_PORT (for the port number)."

50
sample/replication/Makefile 100644
Wyświetl plik

@ -0,0 +1,50 @@
up:
docker-compose up -d
down:
docker-compose down
scale:
docker-compose up -d --scale pg-slave=3
unscale:
docker-compose up -d --scale pg-slave=1
status:
docker-compose ps
master-shell:
docker-compose exec pg-master /bin/bash
slave-shell:
docker-compose exec pg-slave /bin/bash
master-log:
docker-compose logs -f --tail=30 pg-master
slave-log:
docker-compose logs -f --tail=30 pg-slave
# These commands were used for travis
master-log-tail :
docker-compose logs --tail=30 pg-master
slave-log-tail:
docker-compose logs --tail=30 pg-slave
check-master-running:
@echo "Check master is running"
@docker-compose logs --tail=1 pg-master | grep 'database system is ready to accept connections' &> /dev/null
check-master-replication:
@docker-compose exec pg-master /bin/sh -c "su - postgres -c \"/tests/replication_test_master.sh\""
check-slave-running:
@echo "Check slave is running"
@docker-compose logs pg-slave | grep 'database system is ready to accept read only connections' &> /dev/null
@docker-compose logs pg-slave | grep 'started streaming WAL from primary' &> /dev/null
check-slave-replication:
@docker-compose exec pg-slave /bin/sh -c "su - postgres -c \"/tests/replication_test_slave.sh\""

88
sample/replication/docker-compose.yml 100644
Wyświetl plik

@ -0,0 +1,88 @@
version: '2.1'
volumes:
pg-master-data-dir:
pg-slave-data-dir:
services:
pg-master:
image: 'kartoza/postgis:manual-build'
restart: 'always'
# You can optionally mount to volume, to play with the persistence and
# observe how the slave will behave after restarts.
volumes:
- pg-master-data-dir:/var/lib/postgresql
- ./tests:/tests
environment:
# ALLOW_IP_RANGE option is used to specify additionals allowed domains
# in pg_hba.
# This range should allow slaves to connect to master
ALLOW_IP_RANGE: '0.0.0.0/0'
# We can specify optional credentials
POSTGRES_USER: 'docker'
POSTGRES_PASS: 'docker'
# You can expose the port to observe it in your local machine
ports:
- "7777:5432"
healthcheck:
test: "exit 0"
pg-slave:
image: 'kartoza/postgis:manual-build'
restart: 'always'
# You can optionally mount to volume, but we're not able to scale it
# in that case.
# The slave will always destroy its database and copy from master at
# runtime
volumes:
- pg-slave-data-dir:/var/lib/postgresql
- ./tests:/tests
environment:
# ALLOW_IP_RANGE option is used to specify additionals allowed domains
# in pg_hba.
# Not really needed in slaves for the replication, but optionally can
# be put when slaves are needed to be a failover server when master
# is down. The IP Range are generally needed if other services wants to
# connect to this slave
ALLOW_IP_RANGE: '0.0.0.0/0'
# REPLICATE_FROM options accepts domain-name or IP address
# with this in mind, you can also put docker service name, because it
# will be resolved as host name.
REPLICATE_FROM: 'pg-master'
# REPLICATE_PORT will default to 5432 if not specified.
# REPLICATE_PORT: '5432'
# In the case where you need to replicate from outside service,
# you can put the server address and port here, as long as the target
# where configured as master, and replicable.
# REPLICATE_FROM: '192.168.1.8'
# REPLICATE_PORT: '7777'
# DESTROY_DATABASE_ON_RESTART will default to True if not specified.
# If specified other than True, it will prevent slave from destroying
# database on restart
DESTROY_DATABASE_ON_RESTART: 'True'
# PROMOTE_MASTER Default empty.
# If specified with any value, then it will convert current slave into
# a writable state. Useful if master is down and the current slave needs
# to be promoted until manual recovery.
# PROMOTE_MASTER: 'True'
# For now we don't support different credentials for replication
# so we use the same credentials as master's superuser, or anything that
# have replication role.
POSTGRES_USER: 'docker'
POSTGRES_PASS: 'docker'
depends_on:
pg-master:
condition: service_healthy
# You can expose the port to observe it in your local machine
# For this sample, it was disabled by default to allow scaling test
ports:
- "7776:5432"

19
sample/replication/tests/replication_test_master.sh 100755
Wyświetl plik

@ -0,0 +1,19 @@
#!/bin/sh
. /env-data.sh
set -e
echo "Check master replication"
# Create a new table
echo "Create new table"
psql -d ${POSTGRES_DBNAME} -c "CREATE TABLE test_replication_table ();"
# Check table exists in master
echo "Check table exists"
psql -d ${POSTGRES_DBNAME} -c "\dt" | grep test_replication_table
exit $?

14
sample/replication/tests/replication_test_slave.sh 100755
Wyświetl plik

@ -0,0 +1,14 @@
#!/bin/sh
. /env-data.sh
set -e
echo "Check slave replication"
# Check table exists in slave
echo "Check table exists"
psql -d ${POSTGRES_DBNAME} -c "\dt" | grep test_replication_table
exit $?

41
setup-conf.sh 100644
Wyświetl plik

@ -0,0 +1,41 @@
#!/usr/bin/env bash
source /env-data.sh
SETUP_LOCKFILE="${ROOT_CONF}/.postgresql.conf.lock"
if [ -f "${SETUP_LOCKFILE}" ]; then
return 0
fi
# This script will setup necessary configuration to enable replications
# Refresh configuration in case environment settings changed.
cat $CONF.template > $CONF
# This script will setup necessary configuration to optimise for PostGIS and to enable replications
cat >> $CONF <<EOF
wal_level = hot_standby
max_wal_senders = $PG_MAX_WAL_SENDERS
wal_keep_segments = $PG_WAL_KEEP_SEGMENTS
hot_standby = on
listen_addresses = '${IP_LIST}'
shared_buffers = 500MB
work_mem = 16MB
maintenance_work_mem = 128MB
wal_buffers = 1MB
# uncomment checkpoint_segments below if postgresql <= 9.4
# checkpoint_segments = 6
random_page_cost = 2.0
xmloption = 'document'
#archive_mode=on
#archive_command = 'test ! -f ${WAL_ARCHIVE}/%f && cp -r %p ${WAL_ARCHIVE}/%f'
#user-settings
EOF
# Optimise PostgreSQL shared memory for PostGIS
# shmall units are pages and shmmax units are bytes(?) equivalent to the desired shared_buffer size set in setup_conf.sh - in this case 500MB
echo "kernel.shmmax=543252480" >> /etc/sysctl.conf
echo "kernel.shmall=2097152" >> /etc/sysctl.conf
# Put lock file to make sure conf was not reinitialized
touch ${SETUP_LOCKFILE}

110
setup-database.sh 100644
Wyświetl plik

@ -0,0 +1,110 @@
#!/usr/bin/env bash
source /env-data.sh
# This script will setup the necessary folder for database
# test if DATADIR is existent
if [[ ! -d ${DATADIR} ]]; then
echo "Creating Postgres data at ${DATADIR}"
mkdir -p ${DATADIR}
fi
# Set proper permissions
# needs to be done as root:
chown -R postgres:postgres ${DATADIR}
# test if DATADIR has content
if [[ ! "$(ls -A ${DATADIR})" ]]; then
# No content yet - first time pg is being run!
# No Replicate From settings. Assume that this is a master database.
# Initialise db
echo "Initializing Postgres Database at ${DATADIR}"
#chown -R postgres $DATADIR
su - postgres -c "$INITDB ${DATADIR}"
fi
# test database existing
trap "echo \"Sending SIGTERM to postgres\"; killall -s SIGTERM postgres" SIGTERM
su - postgres -c "${POSTGRES} -D ${DATADIR} -c config_file=${CONF} ${LOCALONLY} &"
# wait for postgres to come up
until su - postgres -c "psql -l"; do
sleep 1
done
echo "postgres ready"
RESULT=`su - postgres -c "psql -l | grep -w template_postgis | wc -l"`
if [[ ${RESULT} == '1' ]]
then
echo 'Postgis Already There'
if [[ ${HSTORE} == "true" ]]; then
echo 'HSTORE is only useful when you create the postgis database.'
fi
if [[ ${TOPOLOGY} == "true" ]]; then
echo 'TOPOLOGY is only useful when you create the postgis database.'
fi
else
echo "Postgis is missing, installing now"
# Note the dockerfile must have put the postgis.sql and spatialrefsys.sql scripts into /root/
# We use template0 since we want different encoding to template1
echo "Creating template postgis"
su - postgres -c "createdb template_postgis -E UTF8 -T template0"
echo "Enabling template_postgis as a template"
CMD="UPDATE pg_database SET datistemplate = TRUE WHERE datname = 'template_postgis';"
su - postgres -c "psql -c \"$CMD\""
echo "Loading postgis extension"
su - postgres -c "psql template_postgis -c 'CREATE EXTENSION postgis;'"
if [[ ${HSTORE} == "true" ]]
then
echo "Enabling hstore in the template"
su - postgres -c "psql template_postgis -c 'CREATE EXTENSION hstore;'"
fi
if [[ ${TOPOLOGY} == "true" ]]
then
echo "Enabling topology in the template"
su - postgres -c "psql template_postgis -c 'CREATE EXTENSION postgis_topology;'"
fi
# Needed when importing old dumps using e.g ndims for constraints
# Ignore error if it doesn't exists
echo "Loading legacy sql"
su - postgres -c "psql template_postgis -f ${SQLDIR}/legacy_minimal.sql" || true
su - postgres -c "psql template_postgis -f ${SQLDIR}/legacy_gist.sql" || true
fi
# Setup user
source /setup-user.sh
# Create a default db called 'gis' or $POSTGRES_DBNAME that you can use to get up and running quickly
# It will be owned by the docker db user
RESULT=`su - postgres -c "psql -l | grep -w ${POSTGRES_DBNAME} | wc -l"`
echo "Check default db exists"
if [[ ! ${RESULT} == '1' ]]; then
echo "Create default db ${POSTGRES_DBNAME}"
su - postgres -c "createdb -O ${POSTGRES_USER} -T template_postgis ${POSTGRES_DBNAME}"
else
echo "${POSTGRES_DBNAME} db already exists"
fi
# This should show up in docker logs afterwards
su - postgres -c "psql -l"
# Kill postgres
PID=`cat ${PG_PID}`
kill -TERM ${PID}
# Wait for background postgres main process to exit
while [[ "$(ls -A ${PG_PID} 2>/dev/null)" ]]; do
sleep 1
done

56
setup-pg_hba.sh 100644
Wyświetl plik

@ -0,0 +1,56 @@
#!/usr/bin/env bash
source /env-data.sh
SETUP_LOCKFILE="${ROOT_CONF}/.pg_hba.conf.lock"
if [ -f "${SETUP_LOCKFILE}" ]; then
return 0
fi
# This script will setup pg_hba.conf
# Reconfigure pg_hba if environment settings changed
cat ${ROOT_CONF}/pg_hba.conf.template > ${ROOT_CONF}/pg_hba.conf
# Custom IP range via docker run -e (https://docs.docker.com/engine/reference/run/#env-environment-variables)
# Usage is: docker run [...] -e ALLOW_IP_RANGE='192.168.0.0/16'
if [[ "$ALLOW_IP_RANGE" ]]
then
echo "Add rule to pg_hba: $ALLOW_IP_RANGE"
echo "host all all $ALLOW_IP_RANGE md5" >> ${ROOT_CONF}/pg_hba.conf
fi
# check password first so we can output the warning before postgres
# messes it up
if [[ "$POSTGRES_PASS" ]]; then
pass="PASSWORD '$POSTGRES_PASS'"
authMethod=md5
else
# The - option suppresses leading tabs but *not* spaces. :)
cat >&2 <<-'EOWARN'
****************************************************
WARNING: No password has been set for the database.
This will allow anyone with access to the
Postgres port to access your database. In
Docker's default configuration, this is
effectively any other container on the same
system.
Use "-e POSTGRES_PASS=password" to set
it in "docker run".
****************************************************
EOWARN
pass=
authMethod=trust
fi
if [[ -z "$REPLICATE_FROM" ]]; then
# if env not set, then assume this is master instance
# add rules to pg_hba.conf to allow replication from all
echo "Add rule to pg_hba: replication user"
echo "host replication all 0.0.0.0/0 $authMethod" >> ${ROOT_CONF}/pg_hba.conf
fi
# Put lock file to make sure conf was not reinitialized
touch ${SETUP_LOCKFILE}

86
setup-replication.sh 100755
Wyświetl plik

@ -0,0 +1,86 @@
#!/usr/bin/env bash
source /env-data.sh
# This script will setup slave instance to use standby replication
# Adapted from https://github.com/DanielDent/docker-postgres-replication
# To set up replication
mkdir -p ${DATADIR}
chown -R postgres:postgres ${DATADIR}
chmod -R 700 ${DATADIR}
# No content yet - but this is a slave database
until ping -c 1 -W 1 ${REPLICATE_FROM}
do
echo "Waiting for master to ping..."
sleep 1s
done
function configure_replication_permissions {
echo "Setup data permissions"
echo "----------------------"
chown -R postgres:postgres $(getent passwd postgres | cut -d: -f6)
su - postgres -c "echo \"${REPLICATE_FROM}:${REPLICATE_PORT}:*:${POSTGRES_USER}:${POSTGRES_PASS}\" > ~/.pgpass"
su - postgres -c "chmod 0600 ~/.pgpass"
}
function streaming_replication {
until su - postgres -c "${PG_BASEBACKUP} -X stream -h ${REPLICATE_FROM} -p ${REPLICATE_PORT} -D ${DATADIR} -U ${POSTGRES_USER} -vP -w"
do
echo "Waiting for master to connect..."
sleep 1s
if [[ "$(ls -A ${DATADIR})" ]]; then
echo "Need empty folder. Cleaning directory..."
rm -rf ${DATADIR}/*
fi
done
}
if [[ "$DESTROY_DATABASE_ON_RESTART" =~ [Tt][Rr][Uu][Ee] ]]; then
echo "Get initial database from master"
configure_replication_permissions
streaming_replication
fi
#TODO We need a clever way to identify if base backup exists - Incoperate it as an else statement in destroy logic
#configure_replication_permissions
#var=`du -sh /var/lib/postgresql/11/main/pg_wal | awk '{print $1}'`
#var_size=${var:0:2}
#if [[ "${var_size} -gt 33 " ]]; then
#echo ${var_size}
#echo "Base directory exist - Please startup the database"
#else
#echo "Base directory does not exists- Create a new one"
#streaming_replication
#fi
# Setup recovery.conf, a configuration file for slave
cat > ${DATADIR}/recovery.conf <<EOF
standby_mode = on
primary_conninfo = 'host=${REPLICATE_FROM} port=${REPLICATE_PORT} user=${POSTGRES_USER} password=${POSTGRES_PASS} sslmode=${PGSSLMODE}'
trigger_file = '${PROMOTE_FILE}'
#restore_command = 'cp /opt/archive/%f "%p"' Use if you are syncing the wal segments from master
EOF
# Setup permissions. Postgres won't start without this.
chown postgres ${DATADIR}/recovery.conf
chmod 600 ${DATADIR}/recovery.conf
# Promote to master if desired
if [[ ! -z "${PROMOTE_MASTER}" ]]; then
touch ${PROMOTE_FILE}
fi

34
setup-ssl.sh 100644
Wyświetl plik

@ -0,0 +1,34 @@
#!/usr/bin/env bash
source /env-data.sh
SETUP_LOCKFILE="${ROOT_CONF}/.ssl.conf.lock"
if [ -f "${SETUP_LOCKFILE}" ]; then
return 0
fi
# This script will setup default SSL config
# /etc/ssl/private can't be accessed from within container for some reason
# (@andrewgodwin says it's something AUFS related) - taken from https://github.com/orchardup/docker-postgresql/blob/master/Dockerfile
cp -r /etc/ssl /tmp/ssl-copy/
chmod -R 0700 /etc/ssl
chown -R postgres /tmp/ssl-copy
rm -r /etc/ssl
mv /tmp/ssl-copy /etc/ssl
# Needed under debian, wasnt needed under ubuntu
mkdir -p ${PGSTAT_TMP}
chmod 0777 ${PGSTAT_TMP}
# moved from setup.sh
echo "ssl = true" >> $CONF
#echo "ssl_ciphers = 'DEFAULT:!LOW:!EXP:!MD5:@STRENGTH' " >> $CONF
#echo "ssl_renegotiation_limit = 512MB " >> $CONF
echo "ssl_cert_file = '/etc/ssl/certs/ssl-cert-snakeoil.pem'" >> $CONF
echo "ssl_key_file = '/etc/ssl/private/ssl-cert-snakeoil.key'" >> $CONF
#echo "ssl_ca_file = '' # (change requires restart)" >> $CONF
#echo "ssl_crl_file = ''" >> $CONF
# Put lock file to make sure conf was not reinitialized
touch ${SETUP_LOCKFILE}

27
setup-user.sh 100644
Wyświetl plik

@ -0,0 +1,27 @@
#!/usr/bin/env bash
source /env-data.sh
# This script will setup new configured user
# Note that $POSTGRES_USER and $POSTGRES_PASS below are optional parameters that can be passed
# via docker run e.g.
#docker run --name="postgis" -e POSTGRES_USER=qgis -e POSTGRES_PASS=qgis -d -v
#/var/docker-data/postgres-dat:/var/lib/postgresql -t qgis/postgis:6
# If you dont specify a user/password in docker run, we will generate one
# here and create a user called 'docker' to go with it.
# Only create credentials if this is a master database
# Slave database will just mirror from master users
echo "Setup postgres User:Password"
echo "postgresql user: $POSTGRES_USER" > /tmp/PGPASSWORD.txt
echo "postgresql password: $POSTGRES_PASS" >> /tmp/PGPASSWORD.txt
# Check user already exists
RESULT=`su - postgres -c "psql postgres -t -c \"SELECT 1 FROM pg_roles WHERE rolname = '$POSTGRES_USER'\""`
COMMAND="ALTER"
if [ -z "$RESULT" ]; then
COMMAND="CREATE"
fi
su - postgres -c "psql postgres -c \"$COMMAND USER $POSTGRES_USER WITH SUPERUSER ENCRYPTED PASSWORD '$POSTGRES_PASS';\""

24
setup.sh
Wyświetl plik

@ -1,20 +1,20 @@
#!/usr/bin/env bash
# Add any additional setup tasks here
chmod 600 /etc/ssl/private/ssl-cert-snakeoil.key
# These tasks are run as root
CONF="/etc/postgresql/9.4/main/postgresql.conf"
source /env-data.sh
# Restrict subnet to docker private network
echo "host all all 172.17.0.0/16 md5" >> /etc/postgresql/9.4/main/pg_hba.conf
echo "host all all 172.0.0.0/8 md5" >> $ROOT_CONF/pg_hba.conf
# And allow access from DockerToolbox / Boottodocker on OSX
echo "host all all 192.168.0.0/16 md5" >> $ROOT_CONF/pg_hba.conf
# Listen on all ip addresses
echo "listen_addresses = '*'" >> /etc/postgresql/9.4/main/postgresql.conf
echo "port = 5432" >> /etc/postgresql/9.4/main/postgresql.conf
echo "listen_addresses = '*'" >> $CONF
echo "port = 5432" >> $CONF
# Enable ssl
echo "ssl = true" >> $CONF
#echo "ssl_ciphers = 'DEFAULT:!LOW:!EXP:!MD5:@STRENGTH' " >> $CONF
#echo "ssl_renegotiation_limit = 512MB " >> $CONF
echo "ssl_cert_file = '/etc/ssl/certs/ssl-cert-snakeoil.pem'" >> $CONF
echo "ssl_key_file = '/etc/ssl/private/ssl-cert-snakeoil.key'" >> $CONF
#echo "ssl_ca_file = '' # (change requires restart)" >> $CONF
#echo "ssl_crl_file = ''" >> $CONF
# Create backup template for conf
cat $CONF > $CONF.template
cat $ROOT_CONF/pg_hba.conf > $ROOT_CONF/pg_hba.conf.template

5
sshd.conf
Wyświetl plik

@ -1,5 +0,0 @@
[program:sshd]
user=root
command=/usr/sbin/sshd -D
autorestart=true
stopsignal=INT

129
start-postgis.sh
Wyświetl plik

@ -1,129 +0,0 @@
#!/bin/bash
# This script will run as the postgres user due to the Dockerfile USER directive
DATADIR="/var/lib/postgresql/9.4/main"
CONF="/etc/postgresql/9.4/main/postgresql.conf"
POSTGRES="/usr/lib/postgresql/9.4/bin/postgres"
INITDB="/usr/lib/postgresql/9.4/bin/initdb"
SQLDIR="/usr/share/postgresql/9.4/contrib/postgis-2.1/"
# /etc/ssl/private can't be accessed from within container for some reason
# (@andrewgodwin says it's something AUFS related) - taken from https://github.com/orchardup/docker-postgresql/blob/master/Dockerfile
cp -r /etc/ssl /tmp/ssl-copy/
chmod -R 0700 /etc/ssl
chown -R postgres /tmp/ssl-copy
rm -r /etc/ssl
mv /tmp/ssl-copy /etc/ssl
# Needed under debian, wasnt needed under ubuntu
mkdir /var/run/postgresql/9.4-main.pg_stat_tmp
chmod 0777 /var/run/postgresql/9.4-main.pg_stat_tmp
# test if DATADIR is existent
if [ ! -d $DATADIR ]; then
echo "Creating Postgres data at $DATADIR"
mkdir -p $DATADIR
fi
# needs to be done as root:
chown -R postgres:postgres $DATADIR
# Note that $POSTGRES_USER and $POSTGRES_PASS below are optional paramters that can be passed
# via docker run e.g.
#docker run --name="postgis" -e POSTGRES_USER=qgis -e POSTGRES_PASS=qgis -d -v
#/var/docker-data/postgres-dat:/var/lib/postgresql -t qgis/postgis:6
# If you dont specify a user/password in docker run, we will generate one
# here and create a user called 'docker' to go with it.
# test if DATADIR has content
if [ ! "$(ls -A $DATADIR)" ]; then
# No content yet - first time pg is being run!
# Initialise db
echo "Initializing Postgres Database at $DATADIR"
#chown -R postgres $DATADIR
su - postgres -c "$INITDB $DATADIR"
fi
# Make sure we have a user set up
if [ -z "$POSTGRES_USER" ]; then
POSTGRES_USER=docker
fi
if [ -z "$POSTGRES_PASS" ]; then
POSTGRES_PASS=docker
fi
# Enable hstore and topology by default
if [ -z "$HSTORE" ]; then
HSTORE=true
fi
if [ -z "$TOPOLOGY" ]; then
TOPOLOGY=true
fi
# redirect user/pass into a file so we can echo it into
# docker logs when container starts
# so that we can tell user their password
echo "postgresql user: $POSTGRES_USER" > /tmp/PGPASSWORD.txt
echo "postgresql password: $POSTGRES_PASS" >> /tmp/PGPASSWORD.txt
su - postgres -c "$POSTGRES --single -D $DATADIR -c config_file=$CONF <<< \"CREATE USER $POSTGRES_USER WITH SUPERUSER ENCRYPTED PASSWORD '$POSTGRES_PASS';\""
trap "echo \"Sending SIGTERM to postgres\"; killall -s SIGTERM postgres" SIGTERM
su - postgres -c "$POSTGRES -D $DATADIR -c config_file=$CONF &"
# Wait for the db to start up before trying to use it....
sleep 10
RESULT=`su - postgres -c "psql -l | grep postgis | wc -l"`
if [[ ${RESULT} == '1' ]]
then
echo 'Postgis Already There'
if [[ ${HSTORE} == "true" ]]; then
echo 'HSTORE is only useful when you create the postgis database.'
fi
if [[] ${TOPOLOGY} == "true" ]]; then
echo 'TOPOLOGY is only useful when you create the postgis database.'
fi
else
echo "Postgis is missing, installing now"
# Note the dockerfile must have put the postgis.sql and spatialrefsys.sql scripts into /root/
# We use template0 since we want t different encoding to template1
echo "Creating template postgis"
su - postgres -c "createdb template_postgis -E UTF8 -T template0"
echo "Enabling template_postgis as a template"
CMD="UPDATE pg_database SET datistemplate = TRUE WHERE datname = 'template_postgis';"
su - postgres -c "psql -c \"$CMD\""
echo "Loading postgis extension"
su - postgres -c "psql template_postgis -c 'CREATE EXTENSION postgis;'"
if [[ ${HSTORE} == "true" ]]
then
echo "Enabling hstore in the template"
su - postgres -c "psql template_postgis -c 'CREATE EXTENSION hstore;'"
fi
if [[ ${TOPOLOGY} == "true" ]]
then
echo "Enabling topology in the template"
su - postgres -c "psql template_postgis -c 'CREATE EXTENSION postgis_topology;'"
fi
# Needed when importing old dumps using e.g ndims for constraints
echo "Loading legacy sql"
su - postgres -c "psql template_postgis -f $SQLDIR/legacy_minimal.sql"
su - postgres -c "psql template_postgis -f $SQLDIR/legacy_gist.sql"
# Create a default db called 'gis' that you can use to get up and running quickly
# It will be owned by the docker db user
su - postgres -c "createdb -O $POSTGRES_USER -T template_postgis gis"
fi
# This should show up in docker logs afterwards
su - postgres -c "psql -l"
PID=`cat /var/run/postgresql/9.4-main.pid`
kill -9 ${PID}
echo "Postgres initialisation process completed .... restarting in foreground"
su - postgres -c "$POSTGRES -D $DATADIR -c config_file=$CONF"