This allows for a more graceful error message for the case of users who need to update their volume path.
I tested this with 17 and `--env PGDATA=/var/lib/postgresql/17/docker` (to make sure it still works fine and doesn't complain about the extra volume provided by Docker/`VOLUME`) and 18 with `-v /var/lib/postgresql/data` (where it appropriately errors and explains to me what I should be doing instead).
I also did a reflow on some text in the error message that's designed to fit in 80 columns but was taking 81. 😂
This is a bit complicated to use in Docker (because `io_uring` has a long and storied security story), but it is a new feature of 18+ that we should probably explicitly support for users who want to jump through the hoops to use it despite the security risk.
Additionally, this re-alphabetizes our `--with-xxx` flags.
When we added these lines, we needed newer files than PostgreSQL had upstream, but the situation has changed and we were pinned to a specific commit from 2017 - the _oldest_ PostgreSQL release version has a file from 2020.
* Unset NOTIFY_SOCKET when running the temporary server.
Postgres has native support for this notification socket and will write a `READY=1` message once it is ready and accepting connections. Unfortunately, the temporary server used by the `docker-entrypoint.sh` also sends a message on the socket, making it appear as though the container is ready and serving connections when it is not.
* Remove inaccurate references to corruption, remove SEGTERM suggestion, update information links to current docs. Postgres is carefully designed such that data is not corrupted on crashes or unclean shutdowns - the main tradeoff is that WAL replay is needed on startup. In practice, SIGTERM can cause unexpected long delays to shutdowns - often during maintenance windows - so best not to actively suggest this. The links back to official Postgres documentation seem sufficient.
There's a major issue with `su-exec` whose fix has gone unreleased for 5 years (typos leading to running code as root, the opposite of the purpose of the program).
This also decreases our Debian vs Alpine variance.
Due to user scripts/downstream code potentially using `su-exec`, I have included a compatibility symlink to `su-exec` for all versions less than the 17 pre-release.
This mimics the behavior of `docker-entrypoint.sh` before it starts the PostgreSQL server.
It has three main goals/uses:
1. (most importantly) as an example of how to use "docker-entrypoint.sh" to extend/reuse the initialization behavior
2. ("docker-ensure-initdb.sh") as a Kubernetes "init container" to ensure the provided database directory is initialized; see also "startup probes" for an alternative solution
(no-op if database is already initialized)
3. ("docker-enforce-initdb.sh") as part of CI to ensure the database is fully initialized before use
(error if database is already initialized)
The use of manually calling localdef caused any future update to the
locales package to remove the manually installed locales, since
locale-gen takes precendence. This would usually be encountered when
a downstream Dockerfile added additional packages, and as a side effect
caused an upgrade to the locales package.
Fix by relying on the /etc/locale.gen file, which is the official place
to specify which locales should be installed.
Fixes#1112
I somehow missed Debian in 25b3034e9b (only updated Alpine), so this updates Debian in the same way.
> This still supports the "arbitrary user" use case but with slightly tighter permissions on the end result.
>
> This one is a little bit more "special" other images (due to the existing runtime/entrypoint modification of the directory modes) so I've tried to pick reasonable values for both halves.
