* log more for auditing * log to syslog * support several versions * extract configuration * only init database; users, databases and privileges are set using deployment tools
This commit is contained in:
f
parent
95a7bb6915
commit
2d01fb2d12
6 changed files with 60 additions and 57 deletions
|
|
@ -4,10 +4,12 @@ pipeline:
|
|||
registry: registry.nulo.in
|
||||
repo: registry.nulo.in/sutty/postgresql
|
||||
tags:
|
||||
- ${ALPINE_VERSION}
|
||||
- ${ALPINE_VERSION}-${PG_VERSION}
|
||||
- latest
|
||||
build_args:
|
||||
- ALPINE_VERSION=${ALPINE_VERSION}
|
||||
- PG_VERSION=${PG_VERSION}
|
||||
- PG_VERSION_APPENDED=${PG_VERSION_APPENDED}
|
||||
- BASE_IMAGE=registry.nulo.in/sutty/monit
|
||||
username: sutty
|
||||
secrets:
|
||||
|
|
@ -15,8 +17,15 @@ pipeline:
|
|||
when:
|
||||
branch: antifascista
|
||||
event: push
|
||||
|
||||
matrix:
|
||||
ALPINE_VERSION:
|
||||
- 3.13.6
|
||||
- 3.14.2
|
||||
include:
|
||||
- ALPINE_VERSION: 3.13.7
|
||||
PG_VERSION: 13
|
||||
- ALPINE_VERSION: 3.14.3
|
||||
PG_VERSION: 13
|
||||
- ALPINE_VERSION: 3.15.0
|
||||
PG_VERSION: 13
|
||||
PG_VERSION_APPENDED: 13
|
||||
- ALPINE_VERSION: 3.15.0
|
||||
PG_VERSION: 14
|
||||
PG_VERSION_APPENDED: 14
|
||||
|
|
|
|||
24
Dockerfile
24
Dockerfile
|
|
@ -2,22 +2,22 @@ ARG ALPINE_VERSION=3.13.6
|
|||
ARG BASE_IMAGE=sutty/monit
|
||||
FROM ${BASE_IMAGE}:${ALPINE_VERSION}
|
||||
MAINTAINER "f <f@sutty.nl>"
|
||||
ARG PG_VERSION=13
|
||||
ARG PG_VERSION_APPENDED
|
||||
|
||||
ENV PGBASE /var/lib/postgresql
|
||||
ENV PGDATA $PGBASE/13/data
|
||||
ENV LANG en_US.utf8
|
||||
ENV PGUSER sutty
|
||||
ENV PGDB sutty
|
||||
ENV PGVER 13
|
||||
ENV PGCLIENT sutty
|
||||
ENV PAGER "less -niSFX"
|
||||
ENV PGVER=$PG_VERSION
|
||||
ENV PGBASE=/var/lib/postgresql
|
||||
ENV PGDATA=${PGBASE}/${PGVER}/data
|
||||
ENV PAGER="less -niSFX"
|
||||
|
||||
RUN apk add --no-cache postgresql postgresql-contrib daemonize less
|
||||
# Starting from Alpine 3.15 there are several PostgreSQL versions
|
||||
# supported.
|
||||
RUN apk add --no-cache postgresql${PG_VERSION_APPENDED} postgresql${PG_VERSION_APPENDED}-contrib daemonize less
|
||||
RUN install -dm 750 -o postgres -g postgres /etc/postgres.d
|
||||
|
||||
COPY ./postgresql.sh /usr/local/bin/postgresql
|
||||
COPY ./monit.conf /etc/monit.d/postgresql.conf
|
||||
|
||||
RUN chmod 750 /usr/local/bin/postgresql
|
||||
COPY ./postgresqld.sh /usr/local/bin/postgresqld
|
||||
COPY ./postgresql.conf /etc/postgres.d/postgresql.conf
|
||||
|
||||
EXPOSE 5432
|
||||
VOLUME $PGBASE
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
check process postgresql with pidfile /tmp/postgresql.pid
|
||||
start program = "/usr/local/bin/postgresql start"
|
||||
stop program = "/usr/local/bin/postgresql stop"
|
||||
check process postgresql with pidfile /run/postgresql.pid
|
||||
start program = "/usr/local/bin/postgresqld start"
|
||||
stop program = "/usr/local/bin/postgresqld stop"
|
||||
if failed port 5432 protocol pgsql for 3 times within 5 cycles then restart
|
||||
|
|
|
|||
7
postgresql.conf
Normal file
7
postgresql.conf
Normal file
|
|
@ -0,0 +1,7 @@
|
|||
listen_addresses = '*'
|
||||
external_pid_file = '/run/postgresql.pid'
|
||||
log_destination = 'syslog'
|
||||
log_checkpoints = on
|
||||
log_connections = on
|
||||
log_disconnections = on
|
||||
log_hostname = on
|
||||
|
|
@ -1,37 +0,0 @@
|
|||
#!/bin/sh
|
||||
set -e
|
||||
|
||||
case $1 in
|
||||
stop)
|
||||
/bin/su postgres -c "pg_ctl stop -D ${PGDATA}" ;;
|
||||
reload)
|
||||
/bin/su postgres -c "pg_ctl reload -D ${PGDATA}" ;;
|
||||
*)
|
||||
pid=/tmp/postgresql.pid
|
||||
user=postgres
|
||||
log=${PGDATA}/postgresql.log
|
||||
|
||||
install -dm 2750 -o postgres -g postgres /run/postgresql
|
||||
chown -R postgres:postgres ${PGBASE}
|
||||
|
||||
if test ! -f ${PGDATA}/PG_VERSION ; then
|
||||
su - postgres -c "/usr/bin/initdb --locale ${LANG} -E UTF8 -D ${PGDATA}"
|
||||
su - postgres -c "/usr/bin/pg_ctl start --pgdata ${PGDATA}"
|
||||
su - postgres -c "/usr/bin/createuser --login ${PGUSER}"
|
||||
su - postgres -c "/usr/bin/createdb --owner ${PGUSER} ${PGDB}"
|
||||
su - postgres -c "/usr/bin/pg_ctl stop --pgdata ${PGDATA}"
|
||||
|
||||
echo "host ${PGDB} ${PGUSER} ${PGCLIENT} trust" >> ${PGDATA}/pg_hba.conf
|
||||
echo "host ${PGDB}_test ${PGUSER} ${PGCLIENT} trust" >> ${PGDATA}/pg_hba.conf
|
||||
|
||||
echo "listen_addresses = '*'" >> ${PGDATA}/postgresql.conf
|
||||
echo "external_pid_file = '${pid}'" >> ${PGDATA}/postgresql.conf
|
||||
fi
|
||||
|
||||
rm -f ${pid}
|
||||
daemonize -u ${user} -c ${PGDATA} -o ${log} -a -e ${log} \
|
||||
/usr/bin/postgres
|
||||
|
||||
su - postgres -c "echo 'create extension if not exists pgcrypto;' | psql -U postgres"
|
||||
;;
|
||||
esac
|
||||
24
postgresqld.sh
Normal file
24
postgresqld.sh
Normal file
|
|
@ -0,0 +1,24 @@
|
|||
#!/bin/sh
|
||||
set -e
|
||||
|
||||
case $1 in
|
||||
stop)
|
||||
su postgres -c "pg_ctl stop -D ${PGDATA}" ;;
|
||||
reload)
|
||||
su postgres -c "pg_ctl reload -D ${PGDATA}" ;;
|
||||
*)
|
||||
pid=/run/postgresql.pid
|
||||
|
||||
install -dm 2750 -o ${user} -g ${user} /run/postgresql
|
||||
chown -R ${user}:${user} ${PGBASE}
|
||||
|
||||
if test ! -f ${PGDATA}/PG_VERSION ; then
|
||||
su postgres -c "/usr/bin/initdb -D ${PGDATA}"
|
||||
|
||||
echo "include_dir = '/etc/postgres.d'" >> ${PGDATA}/postgresql.conf
|
||||
fi
|
||||
|
||||
rm -f ${pid}
|
||||
daemonize -u postgres -c ${PGDATA} /usr/bin/postgres
|
||||
;;
|
||||
esac
|
||||
Loading…
Reference in a new issue