docker-images/postgres
1
0
Fork 0
mirror of https://github.com/docker-library/postgres.git synced 2025-07-28 10:42:06 +03:00
Code Activity

Allow arbitrary --user values (mostly)

Browse Source 
One special case is that `initdb` _requires_ the current user to exist in `/etc/passwd`, but running PostgreSQL itself does not require that.
This commit is contained in:
Tianon Gravi
2017-01-19 14:57:19 -08:00
parent 03a6cb67df
commit 3706d4c456
23 changed files with 177 additions and 89 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
9.2/Dockerfile
View File

@ -58,7 +58,7 @@ RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgres
ENV PATH /usr/lib/postgresql/$PG_MAJOR/bin:$PATH ENV PATH /usr/lib/postgresql/$PG_MAJOR/bin:$PATH
ENV PGDATA /var/lib/postgresql/data ENV PGDATA /var/lib/postgresql/data
RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 700 "$PGDATA" RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 777 "$PGDATA" # this 777 will be replaced by 700 at runtime (allows semi-arbitrary "--user" values)
VOLUME /var/lib/postgresql/data VOLUME /var/lib/postgresql/data
COPY docker-entrypoint.sh / COPY docker-entrypoint.sh /

2
9.2/alpine/Dockerfile
View File

@ -122,7 +122,7 @@ RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgres
ENV PATH /usr/lib/postgresql/$PG_MAJOR/bin:$PATH ENV PATH /usr/lib/postgresql/$PG_MAJOR/bin:$PATH
ENV PGDATA /var/lib/postgresql/data ENV PGDATA /var/lib/postgresql/data
RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 700 "$PGDATA" RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 777 "$PGDATA" # this 777 will be replaced by 700 at runtime (allows semi-arbitrary "--user" values)
VOLUME /var/lib/postgresql/data VOLUME /var/lib/postgresql/data
COPY docker-entrypoint.sh / COPY docker-entrypoint.sh /

22
9.2/alpine/docker-entrypoint.sh
View File

@ -27,7 +27,8 @@ if [ "${1:0:1}" = '-' ]; then
set -- postgres "$@" set -- postgres "$@"
fi fi
if [ "$1" = 'postgres' ]; then # allow the container to be started with `--user`
if [ "$1" = 'postgres' ] && [ "$(id -u)" = '0' ]; then
mkdir -p "$PGDATA" mkdir -p "$PGDATA"
chown -R postgres "$PGDATA" chown -R postgres "$PGDATA"
chmod 700 "$PGDATA" chmod 700 "$PGDATA"
@ -36,11 +37,18 @@ if [ "$1" = 'postgres' ]; then
chown -R postgres /var/run/postgresql chown -R postgres /var/run/postgresql
chmod g+s /var/run/postgresql chmod g+s /var/run/postgresql
exec su-exec postgres "$BASH_SOURCE" "$@"
fi
if [ "$1" = 'postgres' ]; then
mkdir -p "$PGDATA"
# look specifically for PG_VERSION, as it is expected in the DB dir # look specifically for PG_VERSION, as it is expected in the DB dir
if [ ! -s "$PGDATA/PG_VERSION" ]; then if [ ! -s "$PGDATA/PG_VERSION" ]; then
chown -R "$(id -u)" "$PGDATA" 2>/dev/null || :
file_env 'POSTGRES_INITDB_ARGS' file_env 'POSTGRES_INITDB_ARGS'
eval "su-exec postgres initdb $POSTGRES_INITDB_ARGS" eval "initdb --username=postgres $POSTGRES_INITDB_ARGS"
# check password first so we can output the warning before postgres # check password first so we can output the warning before postgres
# messes it up # messes it up
@ -68,11 +76,12 @@ if [ "$1" = 'postgres' ]; then
authMethod=trust authMethod=trust
fi fi
{ echo; echo "host all all all $authMethod"; } | su-exec postgres tee -a "$PGDATA/pg_hba.conf" > /dev/null { echo; echo "host all all all $authMethod"; } | tee -a "$PGDATA/pg_hba.conf" > /dev/null
# internal start of server in order to allow set-up using psql-client # internal start of server in order to allow set-up using psql-client
# does not listen on external TCP/IP and waits until start finishes # does not listen on external TCP/IP and waits until start finishes
su-exec postgres pg_ctl -D "$PGDATA" \ PGUSER="${PGUSER:-postgres}" \
pg_ctl -D "$PGDATA" \
-o "-c listen_addresses='localhost'" \ -o "-c listen_addresses='localhost'" \
-w start -w start
@ -111,14 +120,13 @@ if [ "$1" = 'postgres' ]; then
echo echo
done done
su-exec postgres pg_ctl -D "$PGDATA" -m fast -w stop PGUSER="${PGUSER:-postgres}" \
pg_ctl -D "$PGDATA" -m fast -w stop
echo echo
echo 'PostgreSQL init process complete; ready for start up.' echo 'PostgreSQL init process complete; ready for start up.'
echo echo
fi fi
exec su-exec postgres "$@"
fi fi
exec "$@" exec "$@"

22
9.2/docker-entrypoint.sh
View File

@ -27,7 +27,8 @@ if [ "${1:0:1}" = '-' ]; then
set -- postgres "$@" set -- postgres "$@"
fi fi
if [ "$1" = 'postgres' ]; then # allow the container to be started with `--user`
if [ "$1" = 'postgres' ] && [ "$(id -u)" = '0' ]; then
mkdir -p "$PGDATA" mkdir -p "$PGDATA"
chown -R postgres "$PGDATA" chown -R postgres "$PGDATA"
chmod 700 "$PGDATA" chmod 700 "$PGDATA"
@ -36,11 +37,18 @@ if [ "$1" = 'postgres' ]; then
chown -R postgres /var/run/postgresql chown -R postgres /var/run/postgresql
chmod g+s /var/run/postgresql chmod g+s /var/run/postgresql
exec gosu postgres "$BASH_SOURCE" "$@"
fi
if [ "$1" = 'postgres' ]; then
mkdir -p "$PGDATA"
# look specifically for PG_VERSION, as it is expected in the DB dir # look specifically for PG_VERSION, as it is expected in the DB dir
if [ ! -s "$PGDATA/PG_VERSION" ]; then if [ ! -s "$PGDATA/PG_VERSION" ]; then
chown -R "$(id -u)" "$PGDATA" 2>/dev/null || :
file_env 'POSTGRES_INITDB_ARGS' file_env 'POSTGRES_INITDB_ARGS'
eval "gosu postgres initdb $POSTGRES_INITDB_ARGS" eval "initdb --username=postgres $POSTGRES_INITDB_ARGS"
# check password first so we can output the warning before postgres # check password first so we can output the warning before postgres
# messes it up # messes it up
@ -68,11 +76,12 @@ if [ "$1" = 'postgres' ]; then
authMethod=trust authMethod=trust
fi fi
{ echo; echo "host all all all $authMethod"; } | gosu postgres tee -a "$PGDATA/pg_hba.conf" > /dev/null { echo; echo "host all all all $authMethod"; } | tee -a "$PGDATA/pg_hba.conf" > /dev/null
# internal start of server in order to allow set-up using psql-client # internal start of server in order to allow set-up using psql-client
# does not listen on external TCP/IP and waits until start finishes # does not listen on external TCP/IP and waits until start finishes
gosu postgres pg_ctl -D "$PGDATA" \ PGUSER="${PGUSER:-postgres}" \
pg_ctl -D "$PGDATA" \
-o "-c listen_addresses='localhost'" \ -o "-c listen_addresses='localhost'" \
-w start -w start
@ -111,14 +120,13 @@ if [ "$1" = 'postgres' ]; then
echo echo
done done
gosu postgres pg_ctl -D "$PGDATA" -m fast -w stop PGUSER="${PGUSER:-postgres}" \
pg_ctl -D "$PGDATA" -m fast -w stop
echo echo
echo 'PostgreSQL init process complete; ready for start up.' echo 'PostgreSQL init process complete; ready for start up.'
echo echo
fi fi
exec gosu postgres "$@"
fi fi
exec "$@" exec "$@"

2
9.3/Dockerfile
View File

@ -58,7 +58,7 @@ RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgres
ENV PATH /usr/lib/postgresql/$PG_MAJOR/bin:$PATH ENV PATH /usr/lib/postgresql/$PG_MAJOR/bin:$PATH
ENV PGDATA /var/lib/postgresql/data ENV PGDATA /var/lib/postgresql/data
RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 700 "$PGDATA" RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 777 "$PGDATA" # this 777 will be replaced by 700 at runtime (allows semi-arbitrary "--user" values)
VOLUME /var/lib/postgresql/data VOLUME /var/lib/postgresql/data
COPY docker-entrypoint.sh / COPY docker-entrypoint.sh /

2
9.3/alpine/Dockerfile
View File

@ -122,7 +122,7 @@ RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgres
ENV PATH /usr/lib/postgresql/$PG_MAJOR/bin:$PATH ENV PATH /usr/lib/postgresql/$PG_MAJOR/bin:$PATH
ENV PGDATA /var/lib/postgresql/data ENV PGDATA /var/lib/postgresql/data
RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 700 "$PGDATA" RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 777 "$PGDATA" # this 777 will be replaced by 700 at runtime (allows semi-arbitrary "--user" values)
VOLUME /var/lib/postgresql/data VOLUME /var/lib/postgresql/data
COPY docker-entrypoint.sh / COPY docker-entrypoint.sh /

22
9.3/alpine/docker-entrypoint.sh
View File

@ -27,7 +27,8 @@ if [ "${1:0:1}" = '-' ]; then
set -- postgres "$@" set -- postgres "$@"
fi fi
if [ "$1" = 'postgres' ]; then # allow the container to be started with `--user`
if [ "$1" = 'postgres' ] && [ "$(id -u)" = '0' ]; then
mkdir -p "$PGDATA" mkdir -p "$PGDATA"
chown -R postgres "$PGDATA" chown -R postgres "$PGDATA"
chmod 700 "$PGDATA" chmod 700 "$PGDATA"
@ -36,11 +37,18 @@ if [ "$1" = 'postgres' ]; then
chown -R postgres /var/run/postgresql chown -R postgres /var/run/postgresql
chmod g+s /var/run/postgresql chmod g+s /var/run/postgresql
exec su-exec postgres "$BASH_SOURCE" "$@"
fi
if [ "$1" = 'postgres' ]; then
mkdir -p "$PGDATA"
# look specifically for PG_VERSION, as it is expected in the DB dir # look specifically for PG_VERSION, as it is expected in the DB dir
if [ ! -s "$PGDATA/PG_VERSION" ]; then if [ ! -s "$PGDATA/PG_VERSION" ]; then
chown -R "$(id -u)" "$PGDATA" 2>/dev/null || :
file_env 'POSTGRES_INITDB_ARGS' file_env 'POSTGRES_INITDB_ARGS'
eval "su-exec postgres initdb $POSTGRES_INITDB_ARGS" eval "initdb --username=postgres $POSTGRES_INITDB_ARGS"
# check password first so we can output the warning before postgres # check password first so we can output the warning before postgres
# messes it up # messes it up
@ -68,11 +76,12 @@ if [ "$1" = 'postgres' ]; then
authMethod=trust authMethod=trust
fi fi
{ echo; echo "host all all all $authMethod"; } | su-exec postgres tee -a "$PGDATA/pg_hba.conf" > /dev/null { echo; echo "host all all all $authMethod"; } | tee -a "$PGDATA/pg_hba.conf" > /dev/null
# internal start of server in order to allow set-up using psql-client # internal start of server in order to allow set-up using psql-client
# does not listen on external TCP/IP and waits until start finishes # does not listen on external TCP/IP and waits until start finishes
su-exec postgres pg_ctl -D "$PGDATA" \ PGUSER="${PGUSER:-postgres}" \
pg_ctl -D "$PGDATA" \
-o "-c listen_addresses='localhost'" \ -o "-c listen_addresses='localhost'" \
-w start -w start
@ -111,14 +120,13 @@ if [ "$1" = 'postgres' ]; then
echo echo
done done
su-exec postgres pg_ctl -D "$PGDATA" -m fast -w stop PGUSER="${PGUSER:-postgres}" \
pg_ctl -D "$PGDATA" -m fast -w stop
echo echo
echo 'PostgreSQL init process complete; ready for start up.' echo 'PostgreSQL init process complete; ready for start up.'
echo echo
fi fi
exec su-exec postgres "$@"
fi fi
exec "$@" exec "$@"

22
9.3/docker-entrypoint.sh
View File

@ -27,7 +27,8 @@ if [ "${1:0:1}" = '-' ]; then
set -- postgres "$@" set -- postgres "$@"
fi fi
if [ "$1" = 'postgres' ]; then # allow the container to be started with `--user`
if [ "$1" = 'postgres' ] && [ "$(id -u)" = '0' ]; then
mkdir -p "$PGDATA" mkdir -p "$PGDATA"
chown -R postgres "$PGDATA" chown -R postgres "$PGDATA"
chmod 700 "$PGDATA" chmod 700 "$PGDATA"
@ -36,11 +37,18 @@ if [ "$1" = 'postgres' ]; then
chown -R postgres /var/run/postgresql chown -R postgres /var/run/postgresql
chmod g+s /var/run/postgresql chmod g+s /var/run/postgresql
exec gosu postgres "$BASH_SOURCE" "$@"
fi
if [ "$1" = 'postgres' ]; then
mkdir -p "$PGDATA"
# look specifically for PG_VERSION, as it is expected in the DB dir # look specifically for PG_VERSION, as it is expected in the DB dir
if [ ! -s "$PGDATA/PG_VERSION" ]; then if [ ! -s "$PGDATA/PG_VERSION" ]; then
chown -R "$(id -u)" "$PGDATA" 2>/dev/null || :
file_env 'POSTGRES_INITDB_ARGS' file_env 'POSTGRES_INITDB_ARGS'
eval "gosu postgres initdb $POSTGRES_INITDB_ARGS" eval "initdb --username=postgres $POSTGRES_INITDB_ARGS"
# check password first so we can output the warning before postgres # check password first so we can output the warning before postgres
# messes it up # messes it up
@ -68,11 +76,12 @@ if [ "$1" = 'postgres' ]; then
authMethod=trust authMethod=trust
fi fi
{ echo; echo "host all all all $authMethod"; } | gosu postgres tee -a "$PGDATA/pg_hba.conf" > /dev/null { echo; echo "host all all all $authMethod"; } | tee -a "$PGDATA/pg_hba.conf" > /dev/null
# internal start of server in order to allow set-up using psql-client # internal start of server in order to allow set-up using psql-client
# does not listen on external TCP/IP and waits until start finishes # does not listen on external TCP/IP and waits until start finishes
gosu postgres pg_ctl -D "$PGDATA" \ PGUSER="${PGUSER:-postgres}" \
pg_ctl -D "$PGDATA" \
-o "-c listen_addresses='localhost'" \ -o "-c listen_addresses='localhost'" \
-w start -w start
@ -111,14 +120,13 @@ if [ "$1" = 'postgres' ]; then
echo echo
done done
gosu postgres pg_ctl -D "$PGDATA" -m fast -w stop PGUSER="${PGUSER:-postgres}" \
pg_ctl -D "$PGDATA" -m fast -w stop
echo echo
echo 'PostgreSQL init process complete; ready for start up.' echo 'PostgreSQL init process complete; ready for start up.'
echo echo
fi fi
exec gosu postgres "$@"
fi fi
exec "$@" exec "$@"

2
9.4/Dockerfile
View File

@ -58,7 +58,7 @@ RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgres
ENV PATH /usr/lib/postgresql/$PG_MAJOR/bin:$PATH ENV PATH /usr/lib/postgresql/$PG_MAJOR/bin:$PATH
ENV PGDATA /var/lib/postgresql/data ENV PGDATA /var/lib/postgresql/data
RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 700 "$PGDATA" RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 777 "$PGDATA" # this 777 will be replaced by 700 at runtime (allows semi-arbitrary "--user" values)
VOLUME /var/lib/postgresql/data VOLUME /var/lib/postgresql/data
COPY docker-entrypoint.sh / COPY docker-entrypoint.sh /

2
9.4/alpine/Dockerfile
View File

@ -122,7 +122,7 @@ RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgres
ENV PATH /usr/lib/postgresql/$PG_MAJOR/bin:$PATH ENV PATH /usr/lib/postgresql/$PG_MAJOR/bin:$PATH
ENV PGDATA /var/lib/postgresql/data ENV PGDATA /var/lib/postgresql/data
RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 700 "$PGDATA" RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 777 "$PGDATA" # this 777 will be replaced by 700 at runtime (allows semi-arbitrary "--user" values)
VOLUME /var/lib/postgresql/data VOLUME /var/lib/postgresql/data
COPY docker-entrypoint.sh / COPY docker-entrypoint.sh /

22
9.4/alpine/docker-entrypoint.sh
View File

@ -27,7 +27,8 @@ if [ "${1:0:1}" = '-' ]; then
set -- postgres "$@" set -- postgres "$@"
fi fi
if [ "$1" = 'postgres' ]; then # allow the container to be started with `--user`
if [ "$1" = 'postgres' ] && [ "$(id -u)" = '0' ]; then
mkdir -p "$PGDATA" mkdir -p "$PGDATA"
chown -R postgres "$PGDATA" chown -R postgres "$PGDATA"
chmod 700 "$PGDATA" chmod 700 "$PGDATA"
@ -36,11 +37,18 @@ if [ "$1" = 'postgres' ]; then
chown -R postgres /var/run/postgresql chown -R postgres /var/run/postgresql
chmod g+s /var/run/postgresql chmod g+s /var/run/postgresql
exec su-exec postgres "$BASH_SOURCE" "$@"
fi
if [ "$1" = 'postgres' ]; then
mkdir -p "$PGDATA"
# look specifically for PG_VERSION, as it is expected in the DB dir # look specifically for PG_VERSION, as it is expected in the DB dir
if [ ! -s "$PGDATA/PG_VERSION" ]; then if [ ! -s "$PGDATA/PG_VERSION" ]; then
chown -R "$(id -u)" "$PGDATA" 2>/dev/null || :
file_env 'POSTGRES_INITDB_ARGS' file_env 'POSTGRES_INITDB_ARGS'
eval "su-exec postgres initdb $POSTGRES_INITDB_ARGS" eval "initdb --username=postgres $POSTGRES_INITDB_ARGS"
# check password first so we can output the warning before postgres # check password first so we can output the warning before postgres
# messes it up # messes it up
@ -68,11 +76,12 @@ if [ "$1" = 'postgres' ]; then
authMethod=trust authMethod=trust
fi fi
{ echo; echo "host all all all $authMethod"; } | su-exec postgres tee -a "$PGDATA/pg_hba.conf" > /dev/null { echo; echo "host all all all $authMethod"; } | tee -a "$PGDATA/pg_hba.conf" > /dev/null
# internal start of server in order to allow set-up using psql-client # internal start of server in order to allow set-up using psql-client
# does not listen on external TCP/IP and waits until start finishes # does not listen on external TCP/IP and waits until start finishes
su-exec postgres pg_ctl -D "$PGDATA" \ PGUSER="${PGUSER:-postgres}" \
pg_ctl -D "$PGDATA" \
-o "-c listen_addresses='localhost'" \ -o "-c listen_addresses='localhost'" \
-w start -w start
@ -111,14 +120,13 @@ if [ "$1" = 'postgres' ]; then
echo echo
done done
su-exec postgres pg_ctl -D "$PGDATA" -m fast -w stop PGUSER="${PGUSER:-postgres}" \
pg_ctl -D "$PGDATA" -m fast -w stop
echo echo
echo 'PostgreSQL init process complete; ready for start up.' echo 'PostgreSQL init process complete; ready for start up.'
echo echo
fi fi
exec su-exec postgres "$@"
fi fi
exec "$@" exec "$@"

22
9.4/docker-entrypoint.sh
View File

@ -27,7 +27,8 @@ if [ "${1:0:1}" = '-' ]; then
set -- postgres "$@" set -- postgres "$@"
fi fi
if [ "$1" = 'postgres' ]; then # allow the container to be started with `--user`
if [ "$1" = 'postgres' ] && [ "$(id -u)" = '0' ]; then
mkdir -p "$PGDATA" mkdir -p "$PGDATA"
chown -R postgres "$PGDATA" chown -R postgres "$PGDATA"
chmod 700 "$PGDATA" chmod 700 "$PGDATA"
@ -36,11 +37,18 @@ if [ "$1" = 'postgres' ]; then
chown -R postgres /var/run/postgresql chown -R postgres /var/run/postgresql
chmod g+s /var/run/postgresql chmod g+s /var/run/postgresql
exec gosu postgres "$BASH_SOURCE" "$@"
fi
if [ "$1" = 'postgres' ]; then
mkdir -p "$PGDATA"
# look specifically for PG_VERSION, as it is expected in the DB dir # look specifically for PG_VERSION, as it is expected in the DB dir
if [ ! -s "$PGDATA/PG_VERSION" ]; then if [ ! -s "$PGDATA/PG_VERSION" ]; then
chown -R "$(id -u)" "$PGDATA" 2>/dev/null || :
file_env 'POSTGRES_INITDB_ARGS' file_env 'POSTGRES_INITDB_ARGS'
eval "gosu postgres initdb $POSTGRES_INITDB_ARGS" eval "initdb --username=postgres $POSTGRES_INITDB_ARGS"
# check password first so we can output the warning before postgres # check password first so we can output the warning before postgres
# messes it up # messes it up
@ -68,11 +76,12 @@ if [ "$1" = 'postgres' ]; then
authMethod=trust authMethod=trust
fi fi
{ echo; echo "host all all all $authMethod"; } | gosu postgres tee -a "$PGDATA/pg_hba.conf" > /dev/null { echo; echo "host all all all $authMethod"; } | tee -a "$PGDATA/pg_hba.conf" > /dev/null
# internal start of server in order to allow set-up using psql-client # internal start of server in order to allow set-up using psql-client
# does not listen on external TCP/IP and waits until start finishes # does not listen on external TCP/IP and waits until start finishes
gosu postgres pg_ctl -D "$PGDATA" \ PGUSER="${PGUSER:-postgres}" \
pg_ctl -D "$PGDATA" \
-o "-c listen_addresses='localhost'" \ -o "-c listen_addresses='localhost'" \
-w start -w start
@ -111,14 +120,13 @@ if [ "$1" = 'postgres' ]; then
echo echo
done done
gosu postgres pg_ctl -D "$PGDATA" -m fast -w stop PGUSER="${PGUSER:-postgres}" \
pg_ctl -D "$PGDATA" -m fast -w stop
echo echo
echo 'PostgreSQL init process complete; ready for start up.' echo 'PostgreSQL init process complete; ready for start up.'
echo echo
fi fi
exec gosu postgres "$@"
fi fi
exec "$@" exec "$@"

2
9.5/Dockerfile
View File

@ -58,7 +58,7 @@ RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgres
ENV PATH /usr/lib/postgresql/$PG_MAJOR/bin:$PATH ENV PATH /usr/lib/postgresql/$PG_MAJOR/bin:$PATH
ENV PGDATA /var/lib/postgresql/data ENV PGDATA /var/lib/postgresql/data
RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 700 "$PGDATA" RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 777 "$PGDATA" # this 777 will be replaced by 700 at runtime (allows semi-arbitrary "--user" values)
VOLUME /var/lib/postgresql/data VOLUME /var/lib/postgresql/data
COPY docker-entrypoint.sh / COPY docker-entrypoint.sh /

2
9.5/alpine/Dockerfile
View File

@ -122,7 +122,7 @@ RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgres
ENV PATH /usr/lib/postgresql/$PG_MAJOR/bin:$PATH ENV PATH /usr/lib/postgresql/$PG_MAJOR/bin:$PATH
ENV PGDATA /var/lib/postgresql/data ENV PGDATA /var/lib/postgresql/data
RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 700 "$PGDATA" RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 777 "$PGDATA" # this 777 will be replaced by 700 at runtime (allows semi-arbitrary "--user" values)
VOLUME /var/lib/postgresql/data VOLUME /var/lib/postgresql/data
COPY docker-entrypoint.sh / COPY docker-entrypoint.sh /

22
9.5/alpine/docker-entrypoint.sh
View File

@ -27,7 +27,8 @@ if [ "${1:0:1}" = '-' ]; then
set -- postgres "$@" set -- postgres "$@"
fi fi
if [ "$1" = 'postgres' ]; then # allow the container to be started with `--user`
if [ "$1" = 'postgres' ] && [ "$(id -u)" = '0' ]; then
mkdir -p "$PGDATA" mkdir -p "$PGDATA"
chown -R postgres "$PGDATA" chown -R postgres "$PGDATA"
chmod 700 "$PGDATA" chmod 700 "$PGDATA"
@ -36,11 +37,18 @@ if [ "$1" = 'postgres' ]; then
chown -R postgres /var/run/postgresql chown -R postgres /var/run/postgresql
chmod g+s /var/run/postgresql chmod g+s /var/run/postgresql
exec su-exec postgres "$BASH_SOURCE" "$@"
fi
if [ "$1" = 'postgres' ]; then
mkdir -p "$PGDATA"
# look specifically for PG_VERSION, as it is expected in the DB dir # look specifically for PG_VERSION, as it is expected in the DB dir
if [ ! -s "$PGDATA/PG_VERSION" ]; then if [ ! -s "$PGDATA/PG_VERSION" ]; then
chown -R "$(id -u)" "$PGDATA" 2>/dev/null || :
file_env 'POSTGRES_INITDB_ARGS' file_env 'POSTGRES_INITDB_ARGS'
eval "su-exec postgres initdb $POSTGRES_INITDB_ARGS" eval "initdb --username=postgres $POSTGRES_INITDB_ARGS"
# check password first so we can output the warning before postgres # check password first so we can output the warning before postgres
# messes it up # messes it up
@ -68,11 +76,12 @@ if [ "$1" = 'postgres' ]; then
authMethod=trust authMethod=trust
fi fi
{ echo; echo "host all all all $authMethod"; } | su-exec postgres tee -a "$PGDATA/pg_hba.conf" > /dev/null { echo; echo "host all all all $authMethod"; } | tee -a "$PGDATA/pg_hba.conf" > /dev/null
# internal start of server in order to allow set-up using psql-client # internal start of server in order to allow set-up using psql-client
# does not listen on external TCP/IP and waits until start finishes # does not listen on external TCP/IP and waits until start finishes
su-exec postgres pg_ctl -D "$PGDATA" \ PGUSER="${PGUSER:-postgres}" \
pg_ctl -D "$PGDATA" \
-o "-c listen_addresses='localhost'" \ -o "-c listen_addresses='localhost'" \
-w start -w start
@ -111,14 +120,13 @@ if [ "$1" = 'postgres' ]; then
echo echo
done done
su-exec postgres pg_ctl -D "$PGDATA" -m fast -w stop PGUSER="${PGUSER:-postgres}" \
pg_ctl -D "$PGDATA" -m fast -w stop
echo echo
echo 'PostgreSQL init process complete; ready for start up.' echo 'PostgreSQL init process complete; ready for start up.'
echo echo
fi fi
exec su-exec postgres "$@"
fi fi
exec "$@" exec "$@"

22
9.5/docker-entrypoint.sh
View File

@ -27,7 +27,8 @@ if [ "${1:0:1}" = '-' ]; then
set -- postgres "$@" set -- postgres "$@"
fi fi
if [ "$1" = 'postgres' ]; then # allow the container to be started with `--user`
if [ "$1" = 'postgres' ] && [ "$(id -u)" = '0' ]; then
mkdir -p "$PGDATA" mkdir -p "$PGDATA"
chown -R postgres "$PGDATA" chown -R postgres "$PGDATA"
chmod 700 "$PGDATA" chmod 700 "$PGDATA"
@ -36,11 +37,18 @@ if [ "$1" = 'postgres' ]; then
chown -R postgres /var/run/postgresql chown -R postgres /var/run/postgresql
chmod g+s /var/run/postgresql chmod g+s /var/run/postgresql
exec gosu postgres "$BASH_SOURCE" "$@"
fi
if [ "$1" = 'postgres' ]; then
mkdir -p "$PGDATA"
# look specifically for PG_VERSION, as it is expected in the DB dir # look specifically for PG_VERSION, as it is expected in the DB dir
if [ ! -s "$PGDATA/PG_VERSION" ]; then if [ ! -s "$PGDATA/PG_VERSION" ]; then
chown -R "$(id -u)" "$PGDATA" 2>/dev/null || :
file_env 'POSTGRES_INITDB_ARGS' file_env 'POSTGRES_INITDB_ARGS'
eval "gosu postgres initdb $POSTGRES_INITDB_ARGS" eval "initdb --username=postgres $POSTGRES_INITDB_ARGS"
# check password first so we can output the warning before postgres # check password first so we can output the warning before postgres
# messes it up # messes it up
@ -68,11 +76,12 @@ if [ "$1" = 'postgres' ]; then
authMethod=trust authMethod=trust
fi fi
{ echo; echo "host all all all $authMethod"; } | gosu postgres tee -a "$PGDATA/pg_hba.conf" > /dev/null { echo; echo "host all all all $authMethod"; } | tee -a "$PGDATA/pg_hba.conf" > /dev/null
# internal start of server in order to allow set-up using psql-client # internal start of server in order to allow set-up using psql-client
# does not listen on external TCP/IP and waits until start finishes # does not listen on external TCP/IP and waits until start finishes
gosu postgres pg_ctl -D "$PGDATA" \ PGUSER="${PGUSER:-postgres}" \
pg_ctl -D "$PGDATA" \
-o "-c listen_addresses='localhost'" \ -o "-c listen_addresses='localhost'" \
-w start -w start
@ -111,14 +120,13 @@ if [ "$1" = 'postgres' ]; then
echo echo
done done
gosu postgres pg_ctl -D "$PGDATA" -m fast -w stop PGUSER="${PGUSER:-postgres}" \
pg_ctl -D "$PGDATA" -m fast -w stop
echo echo
echo 'PostgreSQL init process complete; ready for start up.' echo 'PostgreSQL init process complete; ready for start up.'
echo echo
fi fi
exec gosu postgres "$@"
fi fi
exec "$@" exec "$@"

2
9.6/Dockerfile
View File

@ -58,7 +58,7 @@ RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgres
ENV PATH /usr/lib/postgresql/$PG_MAJOR/bin:$PATH ENV PATH /usr/lib/postgresql/$PG_MAJOR/bin:$PATH
ENV PGDATA /var/lib/postgresql/data ENV PGDATA /var/lib/postgresql/data
RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 700 "$PGDATA" RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 777 "$PGDATA" # this 777 will be replaced by 700 at runtime (allows semi-arbitrary "--user" values)
VOLUME /var/lib/postgresql/data VOLUME /var/lib/postgresql/data
COPY docker-entrypoint.sh / COPY docker-entrypoint.sh /

2
9.6/alpine/Dockerfile
View File

@ -122,7 +122,7 @@ RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgres
ENV PATH /usr/lib/postgresql/$PG_MAJOR/bin:$PATH ENV PATH /usr/lib/postgresql/$PG_MAJOR/bin:$PATH
ENV PGDATA /var/lib/postgresql/data ENV PGDATA /var/lib/postgresql/data
RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 700 "$PGDATA" RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 777 "$PGDATA" # this 777 will be replaced by 700 at runtime (allows semi-arbitrary "--user" values)
VOLUME /var/lib/postgresql/data VOLUME /var/lib/postgresql/data
COPY docker-entrypoint.sh / COPY docker-entrypoint.sh /

22
9.6/alpine/docker-entrypoint.sh
View File

@ -27,7 +27,8 @@ if [ "${1:0:1}" = '-' ]; then
set -- postgres "$@" set -- postgres "$@"
fi fi
if [ "$1" = 'postgres' ]; then # allow the container to be started with `--user`
if [ "$1" = 'postgres' ] && [ "$(id -u)" = '0' ]; then
mkdir -p "$PGDATA" mkdir -p "$PGDATA"
chown -R postgres "$PGDATA" chown -R postgres "$PGDATA"
chmod 700 "$PGDATA" chmod 700 "$PGDATA"
@ -36,11 +37,18 @@ if [ "$1" = 'postgres' ]; then
chown -R postgres /var/run/postgresql chown -R postgres /var/run/postgresql
chmod g+s /var/run/postgresql chmod g+s /var/run/postgresql
exec su-exec postgres "$BASH_SOURCE" "$@"
fi
if [ "$1" = 'postgres' ]; then
mkdir -p "$PGDATA"
# look specifically for PG_VERSION, as it is expected in the DB dir # look specifically for PG_VERSION, as it is expected in the DB dir
if [ ! -s "$PGDATA/PG_VERSION" ]; then if [ ! -s "$PGDATA/PG_VERSION" ]; then
chown -R "$(id -u)" "$PGDATA" 2>/dev/null || :
file_env 'POSTGRES_INITDB_ARGS' file_env 'POSTGRES_INITDB_ARGS'
eval "su-exec postgres initdb $POSTGRES_INITDB_ARGS" eval "initdb --username=postgres $POSTGRES_INITDB_ARGS"
# check password first so we can output the warning before postgres # check password first so we can output the warning before postgres
# messes it up # messes it up
@ -68,11 +76,12 @@ if [ "$1" = 'postgres' ]; then
authMethod=trust authMethod=trust
fi fi
{ echo; echo "host all all all $authMethod"; } | su-exec postgres tee -a "$PGDATA/pg_hba.conf" > /dev/null { echo; echo "host all all all $authMethod"; } | tee -a "$PGDATA/pg_hba.conf" > /dev/null
# internal start of server in order to allow set-up using psql-client # internal start of server in order to allow set-up using psql-client
# does not listen on external TCP/IP and waits until start finishes # does not listen on external TCP/IP and waits until start finishes
su-exec postgres pg_ctl -D "$PGDATA" \ PGUSER="${PGUSER:-postgres}" \
pg_ctl -D "$PGDATA" \
-o "-c listen_addresses='localhost'" \ -o "-c listen_addresses='localhost'" \
-w start -w start
@ -111,14 +120,13 @@ if [ "$1" = 'postgres' ]; then
echo echo
done done
su-exec postgres pg_ctl -D "$PGDATA" -m fast -w stop PGUSER="${PGUSER:-postgres}" \
pg_ctl -D "$PGDATA" -m fast -w stop
echo echo
echo 'PostgreSQL init process complete; ready for start up.' echo 'PostgreSQL init process complete; ready for start up.'
echo echo
fi fi
exec su-exec postgres "$@"
fi fi
exec "$@" exec "$@"

22
9.6/docker-entrypoint.sh
View File

@ -27,7 +27,8 @@ if [ "${1:0:1}" = '-' ]; then
set -- postgres "$@" set -- postgres "$@"
fi fi
if [ "$1" = 'postgres' ]; then # allow the container to be started with `--user`
if [ "$1" = 'postgres' ] && [ "$(id -u)" = '0' ]; then
mkdir -p "$PGDATA" mkdir -p "$PGDATA"
chown -R postgres "$PGDATA" chown -R postgres "$PGDATA"
chmod 700 "$PGDATA" chmod 700 "$PGDATA"
@ -36,11 +37,18 @@ if [ "$1" = 'postgres' ]; then
chown -R postgres /var/run/postgresql chown -R postgres /var/run/postgresql
chmod g+s /var/run/postgresql chmod g+s /var/run/postgresql
exec gosu postgres "$BASH_SOURCE" "$@"
fi
if [ "$1" = 'postgres' ]; then
mkdir -p "$PGDATA"
# look specifically for PG_VERSION, as it is expected in the DB dir # look specifically for PG_VERSION, as it is expected in the DB dir
if [ ! -s "$PGDATA/PG_VERSION" ]; then if [ ! -s "$PGDATA/PG_VERSION" ]; then
chown -R "$(id -u)" "$PGDATA" 2>/dev/null || :
file_env 'POSTGRES_INITDB_ARGS' file_env 'POSTGRES_INITDB_ARGS'
eval "gosu postgres initdb $POSTGRES_INITDB_ARGS" eval "initdb --username=postgres $POSTGRES_INITDB_ARGS"
# check password first so we can output the warning before postgres # check password first so we can output the warning before postgres
# messes it up # messes it up
@ -68,11 +76,12 @@ if [ "$1" = 'postgres' ]; then
authMethod=trust authMethod=trust
fi fi
{ echo; echo "host all all all $authMethod"; } | gosu postgres tee -a "$PGDATA/pg_hba.conf" > /dev/null { echo; echo "host all all all $authMethod"; } | tee -a "$PGDATA/pg_hba.conf" > /dev/null
# internal start of server in order to allow set-up using psql-client # internal start of server in order to allow set-up using psql-client
# does not listen on external TCP/IP and waits until start finishes # does not listen on external TCP/IP and waits until start finishes
gosu postgres pg_ctl -D "$PGDATA" \ PGUSER="${PGUSER:-postgres}" \
pg_ctl -D "$PGDATA" \
-o "-c listen_addresses='localhost'" \ -o "-c listen_addresses='localhost'" \
-w start -w start
@ -111,14 +120,13 @@ if [ "$1" = 'postgres' ]; then
echo echo
done done
gosu postgres pg_ctl -D "$PGDATA" -m fast -w stop PGUSER="${PGUSER:-postgres}" \
pg_ctl -D "$PGDATA" -m fast -w stop
echo echo
echo 'PostgreSQL init process complete; ready for start up.' echo 'PostgreSQL init process complete; ready for start up.'
echo echo
fi fi
exec gosu postgres "$@"
fi fi
exec "$@" exec "$@"

2
Dockerfile-alpine.template
View File

@ -122,7 +122,7 @@ RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgres
ENV PATH /usr/lib/postgresql/$PG_MAJOR/bin:$PATH ENV PATH /usr/lib/postgresql/$PG_MAJOR/bin:$PATH
ENV PGDATA /var/lib/postgresql/data ENV PGDATA /var/lib/postgresql/data
RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 700 "$PGDATA" RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 777 "$PGDATA" # this 777 will be replaced by 700 at runtime (allows semi-arbitrary "--user" values)
VOLUME /var/lib/postgresql/data VOLUME /var/lib/postgresql/data
COPY docker-entrypoint.sh / COPY docker-entrypoint.sh /

2
Dockerfile-debian.template
View File

@ -58,7 +58,7 @@ RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgres
ENV PATH /usr/lib/postgresql/$PG_MAJOR/bin:$PATH ENV PATH /usr/lib/postgresql/$PG_MAJOR/bin:$PATH
ENV PGDATA /var/lib/postgresql/data ENV PGDATA /var/lib/postgresql/data
RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 700 "$PGDATA" RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 777 "$PGDATA" # this 777 will be replaced by 700 at runtime (allows semi-arbitrary "--user" values)
VOLUME /var/lib/postgresql/data VOLUME /var/lib/postgresql/data
COPY docker-entrypoint.sh / COPY docker-entrypoint.sh /

22
docker-entrypoint.sh
View File

@ -27,7 +27,8 @@ if [ "${1:0:1}" = '-' ]; then
set -- postgres "$@" set -- postgres "$@"
fi fi
if [ "$1" = 'postgres' ]; then # allow the container to be started with `--user`
if [ "$1" = 'postgres' ] && [ "$(id -u)" = '0' ]; then
mkdir -p "$PGDATA" mkdir -p "$PGDATA"
chown -R postgres "$PGDATA" chown -R postgres "$PGDATA"
chmod 700 "$PGDATA" chmod 700 "$PGDATA"
@ -36,11 +37,18 @@ if [ "$1" = 'postgres' ]; then
chown -R postgres /var/run/postgresql chown -R postgres /var/run/postgresql
chmod g+s /var/run/postgresql chmod g+s /var/run/postgresql
exec gosu postgres "$BASH_SOURCE" "$@"
fi
if [ "$1" = 'postgres' ]; then
mkdir -p "$PGDATA"
# look specifically for PG_VERSION, as it is expected in the DB dir # look specifically for PG_VERSION, as it is expected in the DB dir
if [ ! -s "$PGDATA/PG_VERSION" ]; then if [ ! -s "$PGDATA/PG_VERSION" ]; then
chown -R "$(id -u)" "$PGDATA" 2>/dev/null || :
file_env 'POSTGRES_INITDB_ARGS' file_env 'POSTGRES_INITDB_ARGS'
eval "gosu postgres initdb $POSTGRES_INITDB_ARGS" eval "initdb --username=postgres $POSTGRES_INITDB_ARGS"
# check password first so we can output the warning before postgres # check password first so we can output the warning before postgres
# messes it up # messes it up
@ -68,11 +76,12 @@ if [ "$1" = 'postgres' ]; then
authMethod=trust authMethod=trust
fi fi
{ echo; echo "host all all all $authMethod"; } | gosu postgres tee -a "$PGDATA/pg_hba.conf" > /dev/null { echo; echo "host all all all $authMethod"; } | tee -a "$PGDATA/pg_hba.conf" > /dev/null
# internal start of server in order to allow set-up using psql-client # internal start of server in order to allow set-up using psql-client
# does not listen on external TCP/IP and waits until start finishes # does not listen on external TCP/IP and waits until start finishes
gosu postgres pg_ctl -D "$PGDATA" \ PGUSER="${PGUSER:-postgres}" \
pg_ctl -D "$PGDATA" \
-o "-c listen_addresses='localhost'" \ -o "-c listen_addresses='localhost'" \
-w start -w start
@ -111,14 +120,13 @@ if [ "$1" = 'postgres' ]; then
echo echo
done done
gosu postgres pg_ctl -D "$PGDATA" -m fast -w stop PGUSER="${PGUSER:-postgres}" \
pg_ctl -D "$PGDATA" -m fast -w stop
echo echo
echo 'PostgreSQL init process complete; ready for start up.' echo 'PostgreSQL init process complete; ready for start up.'
echo echo
fi fi
exec gosu postgres "$@"
fi fi
exec "$@" exec "$@"