docker-images/postgres
1
0
Fork 0
mirror of https://github.com/docker-library/postgres.git synced 2025-07-26 23:21:10 +03:00
Code Activity

Adjust POSTGRES_HOST_AUTH_METHOD to automatically match configured password_encryption

Browse Source
This commit is contained in:
Joe Ferguson
2021-10-14 15:23:29 -07:00
parent 48a0a3600d
commit c6329e3bf2
16 changed files with 256 additions and 48 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
10/alpine/docker-entrypoint.sh generated
View File

@ -220,8 +220,7 @@ docker_setup_env() {
file_env 'POSTGRES_USER' 'postgres' file_env 'POSTGRES_USER' 'postgres'
file_env 'POSTGRES_DB' "$POSTGRES_USER" file_env 'POSTGRES_DB' "$POSTGRES_USER"
file_env 'POSTGRES_INITDB_ARGS' file_env 'POSTGRES_INITDB_ARGS'
# default authentication method is md5 : "${POSTGRES_HOST_AUTH_METHOD:=}"
: "${POSTGRES_HOST_AUTH_METHOD:=md5}"
declare -g DATABASE_ALREADY_EXISTS declare -g DATABASE_ALREADY_EXISTS
# look specifically for PG_VERSION, as it is expected in the DB dir # look specifically for PG_VERSION, as it is expected in the DB dir
@ -231,7 +230,21 @@ docker_setup_env() {
} }
# append POSTGRES_HOST_AUTH_METHOD to pg_hba.conf for "host" connections # append POSTGRES_HOST_AUTH_METHOD to pg_hba.conf for "host" connections
# all arguments will be passed along as arguments to `postgres` for getting the value of 'password_encryption'
pg_setup_hba_conf() { pg_setup_hba_conf() {
# default authentication method is md5 on versions before 14
# https://www.postgresql.org/about/news/postgresql-14-released-2318/
if [ "$1" = 'postgres' ]; then
shift
fi
local auth
# check the default/configured encryption and use that as the auth method
auth="$(postgres -C password_encryption "$@")"
# postgres 9 only reports "on" and not "md5"
if [ "$auth" = 'on' ]; then
auth='md5'
fi
: "${POSTGRES_HOST_AUTH_METHOD:=$auth}"
{ {
echo echo
if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
@ -305,7 +318,7 @@ _main() {
ls /docker-entrypoint-initdb.d/ > /dev/null ls /docker-entrypoint-initdb.d/ > /dev/null
docker_init_database_dir docker_init_database_dir
pg_setup_hba_conf pg_setup_hba_conf "$@"
# PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
# e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS

19
10/bullseye/docker-entrypoint.sh generated
View File

@ -220,8 +220,7 @@ docker_setup_env() {
file_env 'POSTGRES_USER' 'postgres' file_env 'POSTGRES_USER' 'postgres'
file_env 'POSTGRES_DB' "$POSTGRES_USER" file_env 'POSTGRES_DB' "$POSTGRES_USER"
file_env 'POSTGRES_INITDB_ARGS' file_env 'POSTGRES_INITDB_ARGS'
# default authentication method is md5 : "${POSTGRES_HOST_AUTH_METHOD:=}"
: "${POSTGRES_HOST_AUTH_METHOD:=md5}"
declare -g DATABASE_ALREADY_EXISTS declare -g DATABASE_ALREADY_EXISTS
# look specifically for PG_VERSION, as it is expected in the DB dir # look specifically for PG_VERSION, as it is expected in the DB dir
@ -231,7 +230,21 @@ docker_setup_env() {
} }
# append POSTGRES_HOST_AUTH_METHOD to pg_hba.conf for "host" connections # append POSTGRES_HOST_AUTH_METHOD to pg_hba.conf for "host" connections
# all arguments will be passed along as arguments to `postgres` for getting the value of 'password_encryption'
pg_setup_hba_conf() { pg_setup_hba_conf() {
# default authentication method is md5 on versions before 14
# https://www.postgresql.org/about/news/postgresql-14-released-2318/
if [ "$1" = 'postgres' ]; then
shift
fi
local auth
# check the default/configured encryption and use that as the auth method
auth="$(postgres -C password_encryption "$@")"
# postgres 9 only reports "on" and not "md5"
if [ "$auth" = 'on' ]; then
auth='md5'
fi
: "${POSTGRES_HOST_AUTH_METHOD:=$auth}"
{ {
echo echo
if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
@ -305,7 +318,7 @@ _main() {
ls /docker-entrypoint-initdb.d/ > /dev/null ls /docker-entrypoint-initdb.d/ > /dev/null
docker_init_database_dir docker_init_database_dir
pg_setup_hba_conf pg_setup_hba_conf "$@"
# PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
# e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS

19
10/stretch/docker-entrypoint.sh generated
View File

@ -220,8 +220,7 @@ docker_setup_env() {
file_env 'POSTGRES_USER' 'postgres' file_env 'POSTGRES_USER' 'postgres'
file_env 'POSTGRES_DB' "$POSTGRES_USER" file_env 'POSTGRES_DB' "$POSTGRES_USER"
file_env 'POSTGRES_INITDB_ARGS' file_env 'POSTGRES_INITDB_ARGS'
# default authentication method is md5 : "${POSTGRES_HOST_AUTH_METHOD:=}"
: "${POSTGRES_HOST_AUTH_METHOD:=md5}"
declare -g DATABASE_ALREADY_EXISTS declare -g DATABASE_ALREADY_EXISTS
# look specifically for PG_VERSION, as it is expected in the DB dir # look specifically for PG_VERSION, as it is expected in the DB dir
@ -231,7 +230,21 @@ docker_setup_env() {
} }
# append POSTGRES_HOST_AUTH_METHOD to pg_hba.conf for "host" connections # append POSTGRES_HOST_AUTH_METHOD to pg_hba.conf for "host" connections
# all arguments will be passed along as arguments to `postgres` for getting the value of 'password_encryption'
pg_setup_hba_conf() { pg_setup_hba_conf() {
# default authentication method is md5 on versions before 14
# https://www.postgresql.org/about/news/postgresql-14-released-2318/
if [ "$1" = 'postgres' ]; then
shift
fi
local auth
# check the default/configured encryption and use that as the auth method
auth="$(postgres -C password_encryption "$@")"
# postgres 9 only reports "on" and not "md5"
if [ "$auth" = 'on' ]; then
auth='md5'
fi
: "${POSTGRES_HOST_AUTH_METHOD:=$auth}"
{ {
echo echo
if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
@ -305,7 +318,7 @@ _main() {
ls /docker-entrypoint-initdb.d/ > /dev/null ls /docker-entrypoint-initdb.d/ > /dev/null
docker_init_database_dir docker_init_database_dir
pg_setup_hba_conf pg_setup_hba_conf "$@"
# PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
# e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS

19
11/alpine/docker-entrypoint.sh generated
View File

@ -220,8 +220,7 @@ docker_setup_env() {
file_env 'POSTGRES_USER' 'postgres' file_env 'POSTGRES_USER' 'postgres'
file_env 'POSTGRES_DB' "$POSTGRES_USER" file_env 'POSTGRES_DB' "$POSTGRES_USER"
file_env 'POSTGRES_INITDB_ARGS' file_env 'POSTGRES_INITDB_ARGS'
# default authentication method is md5 : "${POSTGRES_HOST_AUTH_METHOD:=}"
: "${POSTGRES_HOST_AUTH_METHOD:=md5}"
declare -g DATABASE_ALREADY_EXISTS declare -g DATABASE_ALREADY_EXISTS
# look specifically for PG_VERSION, as it is expected in the DB dir # look specifically for PG_VERSION, as it is expected in the DB dir
@ -231,7 +230,21 @@ docker_setup_env() {
} }
# append POSTGRES_HOST_AUTH_METHOD to pg_hba.conf for "host" connections # append POSTGRES_HOST_AUTH_METHOD to pg_hba.conf for "host" connections
# all arguments will be passed along as arguments to `postgres` for getting the value of 'password_encryption'
pg_setup_hba_conf() { pg_setup_hba_conf() {
# default authentication method is md5 on versions before 14
# https://www.postgresql.org/about/news/postgresql-14-released-2318/
if [ "$1" = 'postgres' ]; then
shift
fi
local auth
# check the default/configured encryption and use that as the auth method
auth="$(postgres -C password_encryption "$@")"
# postgres 9 only reports "on" and not "md5"
if [ "$auth" = 'on' ]; then
auth='md5'
fi
: "${POSTGRES_HOST_AUTH_METHOD:=$auth}"
{ {
echo echo
if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
@ -305,7 +318,7 @@ _main() {
ls /docker-entrypoint-initdb.d/ > /dev/null ls /docker-entrypoint-initdb.d/ > /dev/null
docker_init_database_dir docker_init_database_dir
pg_setup_hba_conf pg_setup_hba_conf "$@"
# PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
# e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS

19
11/bullseye/docker-entrypoint.sh generated
View File

@ -220,8 +220,7 @@ docker_setup_env() {
file_env 'POSTGRES_USER' 'postgres' file_env 'POSTGRES_USER' 'postgres'
file_env 'POSTGRES_DB' "$POSTGRES_USER" file_env 'POSTGRES_DB' "$POSTGRES_USER"
file_env 'POSTGRES_INITDB_ARGS' file_env 'POSTGRES_INITDB_ARGS'
# default authentication method is md5 : "${POSTGRES_HOST_AUTH_METHOD:=}"
: "${POSTGRES_HOST_AUTH_METHOD:=md5}"
declare -g DATABASE_ALREADY_EXISTS declare -g DATABASE_ALREADY_EXISTS
# look specifically for PG_VERSION, as it is expected in the DB dir # look specifically for PG_VERSION, as it is expected in the DB dir
@ -231,7 +230,21 @@ docker_setup_env() {
} }
# append POSTGRES_HOST_AUTH_METHOD to pg_hba.conf for "host" connections # append POSTGRES_HOST_AUTH_METHOD to pg_hba.conf for "host" connections
# all arguments will be passed along as arguments to `postgres` for getting the value of 'password_encryption'
pg_setup_hba_conf() { pg_setup_hba_conf() {
# default authentication method is md5 on versions before 14
# https://www.postgresql.org/about/news/postgresql-14-released-2318/
if [ "$1" = 'postgres' ]; then
shift
fi
local auth
# check the default/configured encryption and use that as the auth method
auth="$(postgres -C password_encryption "$@")"
# postgres 9 only reports "on" and not "md5"
if [ "$auth" = 'on' ]; then
auth='md5'
fi
: "${POSTGRES_HOST_AUTH_METHOD:=$auth}"
{ {
echo echo
if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
@ -305,7 +318,7 @@ _main() {
ls /docker-entrypoint-initdb.d/ > /dev/null ls /docker-entrypoint-initdb.d/ > /dev/null
docker_init_database_dir docker_init_database_dir
pg_setup_hba_conf pg_setup_hba_conf "$@"
# PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
# e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS

19
11/stretch/docker-entrypoint.sh generated
View File

@ -220,8 +220,7 @@ docker_setup_env() {
file_env 'POSTGRES_USER' 'postgres' file_env 'POSTGRES_USER' 'postgres'
file_env 'POSTGRES_DB' "$POSTGRES_USER" file_env 'POSTGRES_DB' "$POSTGRES_USER"
file_env 'POSTGRES_INITDB_ARGS' file_env 'POSTGRES_INITDB_ARGS'
# default authentication method is md5 : "${POSTGRES_HOST_AUTH_METHOD:=}"
: "${POSTGRES_HOST_AUTH_METHOD:=md5}"
declare -g DATABASE_ALREADY_EXISTS declare -g DATABASE_ALREADY_EXISTS
# look specifically for PG_VERSION, as it is expected in the DB dir # look specifically for PG_VERSION, as it is expected in the DB dir
@ -231,7 +230,21 @@ docker_setup_env() {
} }
# append POSTGRES_HOST_AUTH_METHOD to pg_hba.conf for "host" connections # append POSTGRES_HOST_AUTH_METHOD to pg_hba.conf for "host" connections
# all arguments will be passed along as arguments to `postgres` for getting the value of 'password_encryption'
pg_setup_hba_conf() { pg_setup_hba_conf() {
# default authentication method is md5 on versions before 14
# https://www.postgresql.org/about/news/postgresql-14-released-2318/
if [ "$1" = 'postgres' ]; then
shift
fi
local auth
# check the default/configured encryption and use that as the auth method
auth="$(postgres -C password_encryption "$@")"
# postgres 9 only reports "on" and not "md5"
if [ "$auth" = 'on' ]; then
auth='md5'
fi
: "${POSTGRES_HOST_AUTH_METHOD:=$auth}"
{ {
echo echo
if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
@ -305,7 +318,7 @@ _main() {
ls /docker-entrypoint-initdb.d/ > /dev/null ls /docker-entrypoint-initdb.d/ > /dev/null
docker_init_database_dir docker_init_database_dir
pg_setup_hba_conf pg_setup_hba_conf "$@"
# PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
# e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS

19
12/alpine/docker-entrypoint.sh generated
View File

@ -220,8 +220,7 @@ docker_setup_env() {
file_env 'POSTGRES_USER' 'postgres' file_env 'POSTGRES_USER' 'postgres'
file_env 'POSTGRES_DB' "$POSTGRES_USER" file_env 'POSTGRES_DB' "$POSTGRES_USER"
file_env 'POSTGRES_INITDB_ARGS' file_env 'POSTGRES_INITDB_ARGS'
# default authentication method is md5 : "${POSTGRES_HOST_AUTH_METHOD:=}"
: "${POSTGRES_HOST_AUTH_METHOD:=md5}"
declare -g DATABASE_ALREADY_EXISTS declare -g DATABASE_ALREADY_EXISTS
# look specifically for PG_VERSION, as it is expected in the DB dir # look specifically for PG_VERSION, as it is expected in the DB dir
@ -231,7 +230,21 @@ docker_setup_env() {
} }
# append POSTGRES_HOST_AUTH_METHOD to pg_hba.conf for "host" connections # append POSTGRES_HOST_AUTH_METHOD to pg_hba.conf for "host" connections
# all arguments will be passed along as arguments to `postgres` for getting the value of 'password_encryption'
pg_setup_hba_conf() { pg_setup_hba_conf() {
# default authentication method is md5 on versions before 14
# https://www.postgresql.org/about/news/postgresql-14-released-2318/
if [ "$1" = 'postgres' ]; then
shift
fi
local auth
# check the default/configured encryption and use that as the auth method
auth="$(postgres -C password_encryption "$@")"
# postgres 9 only reports "on" and not "md5"
if [ "$auth" = 'on' ]; then
auth='md5'
fi
: "${POSTGRES_HOST_AUTH_METHOD:=$auth}"
{ {
echo echo
if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
@ -305,7 +318,7 @@ _main() {
ls /docker-entrypoint-initdb.d/ > /dev/null ls /docker-entrypoint-initdb.d/ > /dev/null
docker_init_database_dir docker_init_database_dir
pg_setup_hba_conf pg_setup_hba_conf "$@"
# PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
# e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS

19
12/bullseye/docker-entrypoint.sh generated
View File

@ -220,8 +220,7 @@ docker_setup_env() {
file_env 'POSTGRES_USER' 'postgres' file_env 'POSTGRES_USER' 'postgres'
file_env 'POSTGRES_DB' "$POSTGRES_USER" file_env 'POSTGRES_DB' "$POSTGRES_USER"
file_env 'POSTGRES_INITDB_ARGS' file_env 'POSTGRES_INITDB_ARGS'
# default authentication method is md5 : "${POSTGRES_HOST_AUTH_METHOD:=}"
: "${POSTGRES_HOST_AUTH_METHOD:=md5}"
declare -g DATABASE_ALREADY_EXISTS declare -g DATABASE_ALREADY_EXISTS
# look specifically for PG_VERSION, as it is expected in the DB dir # look specifically for PG_VERSION, as it is expected in the DB dir
@ -231,7 +230,21 @@ docker_setup_env() {
} }
# append POSTGRES_HOST_AUTH_METHOD to pg_hba.conf for "host" connections # append POSTGRES_HOST_AUTH_METHOD to pg_hba.conf for "host" connections
# all arguments will be passed along as arguments to `postgres` for getting the value of 'password_encryption'
pg_setup_hba_conf() { pg_setup_hba_conf() {
# default authentication method is md5 on versions before 14
# https://www.postgresql.org/about/news/postgresql-14-released-2318/
if [ "$1" = 'postgres' ]; then
shift
fi
local auth
# check the default/configured encryption and use that as the auth method
auth="$(postgres -C password_encryption "$@")"
# postgres 9 only reports "on" and not "md5"
if [ "$auth" = 'on' ]; then
auth='md5'
fi
: "${POSTGRES_HOST_AUTH_METHOD:=$auth}"
{ {
echo echo
if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
@ -305,7 +318,7 @@ _main() {
ls /docker-entrypoint-initdb.d/ > /dev/null ls /docker-entrypoint-initdb.d/ > /dev/null
docker_init_database_dir docker_init_database_dir
pg_setup_hba_conf pg_setup_hba_conf "$@"
# PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
# e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS

19
13/alpine/docker-entrypoint.sh generated
View File

@ -220,8 +220,7 @@ docker_setup_env() {
file_env 'POSTGRES_USER' 'postgres' file_env 'POSTGRES_USER' 'postgres'
file_env 'POSTGRES_DB' "$POSTGRES_USER" file_env 'POSTGRES_DB' "$POSTGRES_USER"
file_env 'POSTGRES_INITDB_ARGS' file_env 'POSTGRES_INITDB_ARGS'
# default authentication method is md5 : "${POSTGRES_HOST_AUTH_METHOD:=}"
: "${POSTGRES_HOST_AUTH_METHOD:=md5}"
declare -g DATABASE_ALREADY_EXISTS declare -g DATABASE_ALREADY_EXISTS
# look specifically for PG_VERSION, as it is expected in the DB dir # look specifically for PG_VERSION, as it is expected in the DB dir
@ -231,7 +230,21 @@ docker_setup_env() {
} }
# append POSTGRES_HOST_AUTH_METHOD to pg_hba.conf for "host" connections # append POSTGRES_HOST_AUTH_METHOD to pg_hba.conf for "host" connections
# all arguments will be passed along as arguments to `postgres` for getting the value of 'password_encryption'
pg_setup_hba_conf() { pg_setup_hba_conf() {
# default authentication method is md5 on versions before 14
# https://www.postgresql.org/about/news/postgresql-14-released-2318/
if [ "$1" = 'postgres' ]; then
shift
fi
local auth
# check the default/configured encryption and use that as the auth method
auth="$(postgres -C password_encryption "$@")"
# postgres 9 only reports "on" and not "md5"
if [ "$auth" = 'on' ]; then
auth='md5'
fi
: "${POSTGRES_HOST_AUTH_METHOD:=$auth}"
{ {
echo echo
if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
@ -305,7 +318,7 @@ _main() {
ls /docker-entrypoint-initdb.d/ > /dev/null ls /docker-entrypoint-initdb.d/ > /dev/null
docker_init_database_dir docker_init_database_dir
pg_setup_hba_conf pg_setup_hba_conf "$@"
# PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
# e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS

19
13/bullseye/docker-entrypoint.sh generated
View File

@ -220,8 +220,7 @@ docker_setup_env() {
file_env 'POSTGRES_USER' 'postgres' file_env 'POSTGRES_USER' 'postgres'
file_env 'POSTGRES_DB' "$POSTGRES_USER" file_env 'POSTGRES_DB' "$POSTGRES_USER"
file_env 'POSTGRES_INITDB_ARGS' file_env 'POSTGRES_INITDB_ARGS'
# default authentication method is md5 : "${POSTGRES_HOST_AUTH_METHOD:=}"
: "${POSTGRES_HOST_AUTH_METHOD:=md5}"
declare -g DATABASE_ALREADY_EXISTS declare -g DATABASE_ALREADY_EXISTS
# look specifically for PG_VERSION, as it is expected in the DB dir # look specifically for PG_VERSION, as it is expected in the DB dir
@ -231,7 +230,21 @@ docker_setup_env() {
} }
# append POSTGRES_HOST_AUTH_METHOD to pg_hba.conf for "host" connections # append POSTGRES_HOST_AUTH_METHOD to pg_hba.conf for "host" connections
# all arguments will be passed along as arguments to `postgres` for getting the value of 'password_encryption'
pg_setup_hba_conf() { pg_setup_hba_conf() {
# default authentication method is md5 on versions before 14
# https://www.postgresql.org/about/news/postgresql-14-released-2318/
if [ "$1" = 'postgres' ]; then
shift
fi
local auth
# check the default/configured encryption and use that as the auth method
auth="$(postgres -C password_encryption "$@")"
# postgres 9 only reports "on" and not "md5"
if [ "$auth" = 'on' ]; then
auth='md5'
fi
: "${POSTGRES_HOST_AUTH_METHOD:=$auth}"
{ {
echo echo
if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
@ -305,7 +318,7 @@ _main() {
ls /docker-entrypoint-initdb.d/ > /dev/null ls /docker-entrypoint-initdb.d/ > /dev/null
docker_init_database_dir docker_init_database_dir
pg_setup_hba_conf pg_setup_hba_conf "$@"
# PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
# e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS

19
14/alpine/docker-entrypoint.sh generated
View File

@ -220,8 +220,7 @@ docker_setup_env() {
file_env 'POSTGRES_USER' 'postgres' file_env 'POSTGRES_USER' 'postgres'
file_env 'POSTGRES_DB' "$POSTGRES_USER" file_env 'POSTGRES_DB' "$POSTGRES_USER"
file_env 'POSTGRES_INITDB_ARGS' file_env 'POSTGRES_INITDB_ARGS'
# default authentication method is md5 : "${POSTGRES_HOST_AUTH_METHOD:=}"
: "${POSTGRES_HOST_AUTH_METHOD:=md5}"
declare -g DATABASE_ALREADY_EXISTS declare -g DATABASE_ALREADY_EXISTS
# look specifically for PG_VERSION, as it is expected in the DB dir # look specifically for PG_VERSION, as it is expected in the DB dir
@ -231,7 +230,21 @@ docker_setup_env() {
} }
# append POSTGRES_HOST_AUTH_METHOD to pg_hba.conf for "host" connections # append POSTGRES_HOST_AUTH_METHOD to pg_hba.conf for "host" connections
# all arguments will be passed along as arguments to `postgres` for getting the value of 'password_encryption'
pg_setup_hba_conf() { pg_setup_hba_conf() {
# default authentication method is md5 on versions before 14
# https://www.postgresql.org/about/news/postgresql-14-released-2318/
if [ "$1" = 'postgres' ]; then
shift
fi
local auth
# check the default/configured encryption and use that as the auth method
auth="$(postgres -C password_encryption "$@")"
# postgres 9 only reports "on" and not "md5"
if [ "$auth" = 'on' ]; then
auth='md5'
fi
: "${POSTGRES_HOST_AUTH_METHOD:=$auth}"
{ {
echo echo
if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
@ -305,7 +318,7 @@ _main() {
ls /docker-entrypoint-initdb.d/ > /dev/null ls /docker-entrypoint-initdb.d/ > /dev/null
docker_init_database_dir docker_init_database_dir
pg_setup_hba_conf pg_setup_hba_conf "$@"
# PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
# e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS

19
14/bullseye/docker-entrypoint.sh generated
View File

@ -220,8 +220,7 @@ docker_setup_env() {
file_env 'POSTGRES_USER' 'postgres' file_env 'POSTGRES_USER' 'postgres'
file_env 'POSTGRES_DB' "$POSTGRES_USER" file_env 'POSTGRES_DB' "$POSTGRES_USER"
file_env 'POSTGRES_INITDB_ARGS' file_env 'POSTGRES_INITDB_ARGS'
# default authentication method is md5 : "${POSTGRES_HOST_AUTH_METHOD:=}"
: "${POSTGRES_HOST_AUTH_METHOD:=md5}"
declare -g DATABASE_ALREADY_EXISTS declare -g DATABASE_ALREADY_EXISTS
# look specifically for PG_VERSION, as it is expected in the DB dir # look specifically for PG_VERSION, as it is expected in the DB dir
@ -231,7 +230,21 @@ docker_setup_env() {
} }
# append POSTGRES_HOST_AUTH_METHOD to pg_hba.conf for "host" connections # append POSTGRES_HOST_AUTH_METHOD to pg_hba.conf for "host" connections
# all arguments will be passed along as arguments to `postgres` for getting the value of 'password_encryption'
pg_setup_hba_conf() { pg_setup_hba_conf() {
# default authentication method is md5 on versions before 14
# https://www.postgresql.org/about/news/postgresql-14-released-2318/
if [ "$1" = 'postgres' ]; then
shift
fi
local auth
# check the default/configured encryption and use that as the auth method
auth="$(postgres -C password_encryption "$@")"
# postgres 9 only reports "on" and not "md5"
if [ "$auth" = 'on' ]; then
auth='md5'
fi
: "${POSTGRES_HOST_AUTH_METHOD:=$auth}"
{ {
echo echo
if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
@ -305,7 +318,7 @@ _main() {
ls /docker-entrypoint-initdb.d/ > /dev/null ls /docker-entrypoint-initdb.d/ > /dev/null
docker_init_database_dir docker_init_database_dir
pg_setup_hba_conf pg_setup_hba_conf "$@"
# PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
# e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS

19
9.6/alpine/docker-entrypoint.sh generated
View File

@ -220,8 +220,7 @@ docker_setup_env() {
file_env 'POSTGRES_USER' 'postgres' file_env 'POSTGRES_USER' 'postgres'
file_env 'POSTGRES_DB' "$POSTGRES_USER" file_env 'POSTGRES_DB' "$POSTGRES_USER"
file_env 'POSTGRES_INITDB_ARGS' file_env 'POSTGRES_INITDB_ARGS'
# default authentication method is md5 : "${POSTGRES_HOST_AUTH_METHOD:=}"
: "${POSTGRES_HOST_AUTH_METHOD:=md5}"
declare -g DATABASE_ALREADY_EXISTS declare -g DATABASE_ALREADY_EXISTS
# look specifically for PG_VERSION, as it is expected in the DB dir # look specifically for PG_VERSION, as it is expected in the DB dir
@ -231,7 +230,21 @@ docker_setup_env() {
} }
# append POSTGRES_HOST_AUTH_METHOD to pg_hba.conf for "host" connections # append POSTGRES_HOST_AUTH_METHOD to pg_hba.conf for "host" connections
# all arguments will be passed along as arguments to `postgres` for getting the value of 'password_encryption'
pg_setup_hba_conf() { pg_setup_hba_conf() {
# default authentication method is md5 on versions before 14
# https://www.postgresql.org/about/news/postgresql-14-released-2318/
if [ "$1" = 'postgres' ]; then
shift
fi
local auth
# check the default/configured encryption and use that as the auth method
auth="$(postgres -C password_encryption "$@")"
# postgres 9 only reports "on" and not "md5"
if [ "$auth" = 'on' ]; then
auth='md5'
fi
: "${POSTGRES_HOST_AUTH_METHOD:=$auth}"
{ {
echo echo
if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
@ -305,7 +318,7 @@ _main() {
ls /docker-entrypoint-initdb.d/ > /dev/null ls /docker-entrypoint-initdb.d/ > /dev/null
docker_init_database_dir docker_init_database_dir
pg_setup_hba_conf pg_setup_hba_conf "$@"
# PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
# e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS

19
9.6/bullseye/docker-entrypoint.sh generated
View File

@ -220,8 +220,7 @@ docker_setup_env() {
file_env 'POSTGRES_USER' 'postgres' file_env 'POSTGRES_USER' 'postgres'
file_env 'POSTGRES_DB' "$POSTGRES_USER" file_env 'POSTGRES_DB' "$POSTGRES_USER"
file_env 'POSTGRES_INITDB_ARGS' file_env 'POSTGRES_INITDB_ARGS'
# default authentication method is md5 : "${POSTGRES_HOST_AUTH_METHOD:=}"
: "${POSTGRES_HOST_AUTH_METHOD:=md5}"
declare -g DATABASE_ALREADY_EXISTS declare -g DATABASE_ALREADY_EXISTS
# look specifically for PG_VERSION, as it is expected in the DB dir # look specifically for PG_VERSION, as it is expected in the DB dir
@ -231,7 +230,21 @@ docker_setup_env() {
} }
# append POSTGRES_HOST_AUTH_METHOD to pg_hba.conf for "host" connections # append POSTGRES_HOST_AUTH_METHOD to pg_hba.conf for "host" connections
# all arguments will be passed along as arguments to `postgres` for getting the value of 'password_encryption'
pg_setup_hba_conf() { pg_setup_hba_conf() {
# default authentication method is md5 on versions before 14
# https://www.postgresql.org/about/news/postgresql-14-released-2318/
if [ "$1" = 'postgres' ]; then
shift
fi
local auth
# check the default/configured encryption and use that as the auth method
auth="$(postgres -C password_encryption "$@")"
# postgres 9 only reports "on" and not "md5"
if [ "$auth" = 'on' ]; then
auth='md5'
fi
: "${POSTGRES_HOST_AUTH_METHOD:=$auth}"
{ {
echo echo
if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
@ -305,7 +318,7 @@ _main() {
ls /docker-entrypoint-initdb.d/ > /dev/null ls /docker-entrypoint-initdb.d/ > /dev/null
docker_init_database_dir docker_init_database_dir
pg_setup_hba_conf pg_setup_hba_conf "$@"
# PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
# e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS

19
9.6/stretch/docker-entrypoint.sh generated
View File

@ -220,8 +220,7 @@ docker_setup_env() {
file_env 'POSTGRES_USER' 'postgres' file_env 'POSTGRES_USER' 'postgres'
file_env 'POSTGRES_DB' "$POSTGRES_USER" file_env 'POSTGRES_DB' "$POSTGRES_USER"
file_env 'POSTGRES_INITDB_ARGS' file_env 'POSTGRES_INITDB_ARGS'
# default authentication method is md5 : "${POSTGRES_HOST_AUTH_METHOD:=}"
: "${POSTGRES_HOST_AUTH_METHOD:=md5}"
declare -g DATABASE_ALREADY_EXISTS declare -g DATABASE_ALREADY_EXISTS
# look specifically for PG_VERSION, as it is expected in the DB dir # look specifically for PG_VERSION, as it is expected in the DB dir
@ -231,7 +230,21 @@ docker_setup_env() {
} }
# append POSTGRES_HOST_AUTH_METHOD to pg_hba.conf for "host" connections # append POSTGRES_HOST_AUTH_METHOD to pg_hba.conf for "host" connections
# all arguments will be passed along as arguments to `postgres` for getting the value of 'password_encryption'
pg_setup_hba_conf() { pg_setup_hba_conf() {
# default authentication method is md5 on versions before 14
# https://www.postgresql.org/about/news/postgresql-14-released-2318/
if [ "$1" = 'postgres' ]; then
shift
fi
local auth
# check the default/configured encryption and use that as the auth method
auth="$(postgres -C password_encryption "$@")"
# postgres 9 only reports "on" and not "md5"
if [ "$auth" = 'on' ]; then
auth='md5'
fi
: "${POSTGRES_HOST_AUTH_METHOD:=$auth}"
{ {
echo echo
if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
@ -305,7 +318,7 @@ _main() {
ls /docker-entrypoint-initdb.d/ > /dev/null ls /docker-entrypoint-initdb.d/ > /dev/null
docker_init_database_dir docker_init_database_dir
pg_setup_hba_conf pg_setup_hba_conf "$@"
# PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
# e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS

19
docker-entrypoint.sh
View File

@ -220,8 +220,7 @@ docker_setup_env() {
file_env 'POSTGRES_USER' 'postgres' file_env 'POSTGRES_USER' 'postgres'
file_env 'POSTGRES_DB' "$POSTGRES_USER" file_env 'POSTGRES_DB' "$POSTGRES_USER"
file_env 'POSTGRES_INITDB_ARGS' file_env 'POSTGRES_INITDB_ARGS'
# default authentication method is md5 : "${POSTGRES_HOST_AUTH_METHOD:=}"
: "${POSTGRES_HOST_AUTH_METHOD:=md5}"
declare -g DATABASE_ALREADY_EXISTS declare -g DATABASE_ALREADY_EXISTS
# look specifically for PG_VERSION, as it is expected in the DB dir # look specifically for PG_VERSION, as it is expected in the DB dir
@ -231,7 +230,21 @@ docker_setup_env() {
} }
# append POSTGRES_HOST_AUTH_METHOD to pg_hba.conf for "host" connections # append POSTGRES_HOST_AUTH_METHOD to pg_hba.conf for "host" connections
# all arguments will be passed along as arguments to `postgres` for getting the value of 'password_encryption'
pg_setup_hba_conf() { pg_setup_hba_conf() {
# default authentication method is md5 on versions before 14
# https://www.postgresql.org/about/news/postgresql-14-released-2318/
if [ "$1" = 'postgres' ]; then
shift
fi
local auth
# check the default/configured encryption and use that as the auth method
auth="$(postgres -C password_encryption "$@")"
# postgres 9 only reports "on" and not "md5"
if [ "$auth" = 'on' ]; then
auth='md5'
fi
: "${POSTGRES_HOST_AUTH_METHOD:=$auth}"
{ {
echo echo
if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
@ -305,7 +318,7 @@ _main() {
ls /docker-entrypoint-initdb.d/ > /dev/null ls /docker-entrypoint-initdb.d/ > /dev/null
docker_init_database_dir docker_init_database_dir
pg_setup_hba_conf pg_setup_hba_conf "$@"
# PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
# e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS