-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Added new versions: 16.5, 16.6, 17.1, 17.2.
Signed-off-by: Hermann Mayer <[email protected]>
- Loading branch information
Showing
34 changed files
with
1,038 additions
and
2 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,33 @@ | ||
FROM postgres:16.5 | ||
LABEL org.opencontainers.image.authors="[email protected]" | ||
|
||
# You can change this environment variable on run's with -e | ||
ENV MDNS_HOSTNAME=postgres.local | ||
ENV POSTGRES_USER=postgres | ||
ENV POSTGRES_PASSWORD=postgres | ||
|
||
# Install system certificates for verifications | ||
RUN apt-get update -yqqq && apt-get install -y ca-certificates | ||
|
||
# Configure extra postgres/debian archive repository | ||
RUN echo 'deb [ signed-by=/usr/local/share/keyrings/postgres.gpg.asc ] \ | ||
https://apt-archive.postgresql.org/pub/repos/apt bookworm-pgdg-archive main' \ | ||
>> /etc/apt/sources.list.d/pgdg.list | ||
|
||
# Install system packages | ||
RUN apt-get update -yqqq && \ | ||
apt-cache policy postgresql-16-postgis-3 && \ | ||
apt-get install -y \ | ||
dbus avahi-daemon avahi-utils libnss-mdns supervisor \ | ||
postgresql-16-postgis-3=3.5.0+dfsg-1.pgdg120+1 | ||
|
||
# Copy custom scripts | ||
COPY config/*.sh /usr/local/bin/ | ||
RUN chmod +x /usr/local/bin/* | ||
|
||
# Configure supervisord | ||
COPY config/supervisor/* /etc/supervisor/conf.d/ | ||
RUN mkdir -p /var/log/supervisor | ||
|
||
# Define the command to run per default | ||
CMD ["/usr/bin/supervisord", "-nc", "/etc/supervisor/supervisord.conf"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,64 @@ | ||
MAKEFLAGS += --warn-undefined-variables | ||
SHELL := bash | ||
.SHELLFLAGS := -eu -o pipefail -c | ||
.DEFAULT_GOAL := all | ||
.DELETE_ON_ERROR: | ||
.SUFFIXES: | ||
.PHONY: | ||
|
||
# Environment switches | ||
REGISTRY ?= | ||
CANONICAL_NAME ?= postgres | ||
IMAGE_NAME ?= hausgold/$(CANONICAL_NAME) | ||
IMAGE_REF ?= 16.5 | ||
IMAGE_URI := $(IMAGE_NAME):$(IMAGE_REF) | ||
TEST_CONTAINER_NAME ?= $(CANONICAL_NAME)-test | ||
|
||
# Host binaries | ||
CURL ?= curl | ||
DOCKER ?= docker | ||
EXIT ?= exit | ||
GREP ?= grep | ||
SLEEP ?= sleep | ||
TEST ?= test | ||
TIME ?= time | ||
|
||
# Define a retry helper | ||
define retry | ||
if eval "$(1)"; then exit 0; fi; \ | ||
for i in 1; do sleep 10s; echo "Retrying $$i..."; \ | ||
if eval "$(1)"; then exit 0; fi; \ | ||
done; \ | ||
exit 1 | ||
endef | ||
|
||
all: | ||
# mDNS enabled official/postgres | ||
# | ||
# build Build a development snapshot of the image | ||
# test Test the built Docker image | ||
# publish Push the new Docker image to the registry | ||
# | ||
# shell You can start an individual session of the image for tests | ||
# clean Clean the current development snapshot | ||
|
||
build: clean | ||
# Build the Docker image | ||
@$(TIME) $(DOCKER) build --no-cache -t "$(IMAGE_URI)" . | ||
|
||
test: | ||
# Test the built Docker image | ||
# | ||
# Not yet implemented. | ||
|
||
publish: | ||
# Push the new Docker image to the registry | ||
@$(call retry,$(TIME) $(SHELL) -c '$(DOCKER) push $(IMAGE_URI)') | ||
|
||
shell: | ||
# Start an individual test session of the image | ||
@$(DOCKER) run --rm -it "$(IMAGE_URI)" bash | ||
|
||
clean: | ||
# Clean the current development snapshot | ||
@$(DOCKER) rmi --force "$(IMAGE_URI)" || true |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,88 @@ | ||
#!/bin/bash | ||
|
||
NSS_MDNS=$(dpkg -s libnss-mdns | grep Version: \ | ||
| cut -d: -f2 | cut -d- -f1 | tr -d ' ') | ||
|
||
if [ "${NSS_MDNS}" != '0.10' ]; then | ||
# After nss-mdns >0.10 we need to reconfigure the allowed hosts to support | ||
# multiple sub-domain resolution | ||
cat > /etc/mdns.allow <<EOF | ||
.local. | ||
.local | ||
EOF | ||
|
||
# And we need to make use of the +mdns+ nss module, not the minimal one so | ||
# that the above configuration will be used (see: | ||
# https://github.com/lathiat/nss-mdns) | ||
sed -i 's/mdns4_minimal/mdns4/' /etc/nsswitch.conf | ||
fi | ||
|
||
# Configure the mDNS hostname on avahi | ||
if [ -n "${MDNS_HOSTNAME}" ]; then | ||
|
||
# MDNS_HOSTNAME could be postgres.local or postgres.sub.local | ||
IFS='.' read -ra MDNS_HOSTNAME_PARTS <<< "${MDNS_HOSTNAME}" | ||
|
||
# Save the first part as host part | ||
HOST_PART="${MDNS_HOSTNAME_PARTS[0]}" | ||
|
||
# Shift the first part | ||
MDNS_HOSTNAME_PARTS=("${MDNS_HOSTNAME_PARTS[@]:1}") | ||
|
||
# Join the rest to the domain part | ||
DOMAIN_PART=$(IFS='.'; echo "${MDNS_HOSTNAME_PARTS[*]}") | ||
|
||
# Set the host and domain part on the avahi config | ||
sed \ | ||
-e "s/.*\(host-name=\).*/\1${HOST_PART}/g" \ | ||
-e "s/.*\(domain-name=\).*/\1${DOMAIN_PART}/g" \ | ||
-e "s/.*\(enable-dbus=\).*/\1yes/g" \ | ||
-i /etc/avahi/avahi-daemon.conf | ||
|
||
echo "Configured mDNS hostname to ${MDNS_HOSTNAME}" | ||
fi | ||
|
||
# Configure all mDNS CNAMEs on avahi | ||
if [ -n "${MDNS_CNAMES}" ]; then | ||
|
||
# MDNS_CNAMES could be a single domain, or a comma-separated list | ||
IFS=',' read -ra CNAMES <<< "${MDNS_CNAMES}" | ||
|
||
for CNAME in "${CNAMES[@]}"; do | ||
# Construct the command | ||
COMMAND='/usr/bin/avahi-publish -f -a -R' | ||
COMMAND+=" \"${CNAME}\" \`hostname -i\`" | ||
|
||
# Write a new supervisord unit file | ||
cat > "/etc/supervisor/conf.d/${CNAME}.conf" <<EOF | ||
[program:${CNAME}] | ||
priority=20 | ||
directory=/tmp | ||
command=/bin/sh -c '${COMMAND}' | ||
user=root | ||
autostart=false | ||
autorestart=true | ||
stopsignal=KILL | ||
stopwaitsecs=1 | ||
EOF | ||
|
||
# Reload the supervisord config files and start | ||
# the current publish service | ||
supervisorctl update | ||
supervisorctl start "${CNAME}" | ||
done | ||
fi | ||
|
||
# Disable the rlimits from default debian | ||
sed \ | ||
-e 's/^\(rlimit\)/#\1/g' \ | ||
-i /etc/avahi/avahi-daemon.conf | ||
|
||
# If a avahi daemon is running, kill it | ||
avahi-daemon -c && avahi-daemon -k | ||
|
||
# Clean up orphans | ||
rm -rf /run/avahi-daemon/{pid,socket} | ||
|
||
# Start avahi | ||
exec avahi-daemon --no-rlimits |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,28 @@ | ||
#!/bin/bash | ||
|
||
# dbus-daemon tries to reads passwd/group data, and on an non-systemd system, | ||
# where systemd is configured for NSS it causes a 90 second hang. So we drop | ||
# the systemd configuration for NSS. | ||
# | ||
# See: https://github.com/systemd/systemd/issues/16471#issuecomment-662377106 | ||
sed -i 's/ systemd//g' /etc/nsswitch.conf | ||
|
||
# Prepare the environment for dbus | ||
rm -rf /var/run/dbus /run/dbus | ||
mkdir -p /var/run/dbus/ /run/dbus | ||
chmod ugo+rwx /var/run/dbus/ /run/dbus | ||
|
||
# systemd service activation makes no sense on a non-systemd system. | ||
# Looks like this is not needed currently/anymore. | ||
# cat >/etc/dbus-1/system.d/no-systemd.conf <<EOF | ||
# <!DOCTYPE busconfig PUBLIC | ||
# "-//freedesktop//DTD D-Bus Bus Configuration 1.0//EN" | ||
# "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd"> | ||
# <busconfig> | ||
# <limit name="service_start_timeout">1</limit> | ||
# <servicehelper>/bin/true</servicehelper> | ||
# </busconfig> | ||
# EOF | ||
|
||
# Start dbus | ||
exec /usr/bin/dbus-daemon --system --nofork |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
#!/usr/bin/env bash | ||
|
||
# Enable logical replication by default. This allows tools like Debezium | ||
# directly to add an replication slot to stream events. | ||
export POSTGRES_ARGS=${POSTGRES_ARGS:-'-c wal_level=logical'} | ||
|
||
exec /usr/local/bin/docker-entrypoint.sh postgres ${POSTGRES_ARGS} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,14 @@ | ||
[program:avahi] | ||
priority=10 | ||
startretries=20 | ||
directory=/tmp | ||
command=/usr/local/bin/avahi.sh | ||
user=root | ||
autostart=true | ||
autorestart=true | ||
stdout_logfile=/dev/stdout | ||
stdout_logfile_maxbytes=0 | ||
stderr_logfile=/dev/stderr | ||
stderr_logfile_maxbytes=0 | ||
stopsignal=KILL | ||
stopwaitsecs=1 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,13 @@ | ||
[program:dbus] | ||
priority=0 | ||
directory=/tmp | ||
command=/bin/sh -c "rm -rf /var/run/dbus/pid && mkdir -p /var/run/dbus/ && exec /usr/bin/dbus-daemon --system --nofork" | ||
user=root | ||
autostart=true | ||
autorestart=true | ||
stdout_logfile=/dev/stdout | ||
stdout_logfile_maxbytes=0 | ||
stderr_logfile=/dev/stderr | ||
stderr_logfile_maxbytes=0 | ||
stopsignal=KILL | ||
stopwaitsecs=1 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,11 @@ | ||
[program:postgres] | ||
priority=20 | ||
directory=/tmp | ||
command=/usr/local/bin/postgres.sh | ||
user=root | ||
autostart=true | ||
autorestart=true | ||
stdout_logfile=/dev/stdout | ||
stdout_logfile_maxbytes=0 | ||
stderr_logfile=/dev/stderr | ||
stderr_logfile_maxbytes=0 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,33 @@ | ||
FROM postgres:16.6 | ||
LABEL org.opencontainers.image.authors="[email protected]" | ||
|
||
# You can change this environment variable on run's with -e | ||
ENV MDNS_HOSTNAME=postgres.local | ||
ENV POSTGRES_USER=postgres | ||
ENV POSTGRES_PASSWORD=postgres | ||
|
||
# Install system certificates for verifications | ||
RUN apt-get update -yqqq && apt-get install -y ca-certificates | ||
|
||
# Configure extra postgres/debian archive repository | ||
RUN echo 'deb [ signed-by=/usr/local/share/keyrings/postgres.gpg.asc ] \ | ||
https://apt-archive.postgresql.org/pub/repos/apt bookworm-pgdg-archive main' \ | ||
>> /etc/apt/sources.list.d/pgdg.list | ||
|
||
# Install system packages | ||
RUN apt-get update -yqqq && \ | ||
apt-cache policy postgresql-16-postgis-3 && \ | ||
apt-get install -y \ | ||
dbus avahi-daemon avahi-utils libnss-mdns supervisor \ | ||
postgresql-16-postgis-3=3.5.0+dfsg-1.pgdg120+1 | ||
|
||
# Copy custom scripts | ||
COPY config/*.sh /usr/local/bin/ | ||
RUN chmod +x /usr/local/bin/* | ||
|
||
# Configure supervisord | ||
COPY config/supervisor/* /etc/supervisor/conf.d/ | ||
RUN mkdir -p /var/log/supervisor | ||
|
||
# Define the command to run per default | ||
CMD ["/usr/bin/supervisord", "-nc", "/etc/supervisor/supervisord.conf"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,64 @@ | ||
MAKEFLAGS += --warn-undefined-variables | ||
SHELL := bash | ||
.SHELLFLAGS := -eu -o pipefail -c | ||
.DEFAULT_GOAL := all | ||
.DELETE_ON_ERROR: | ||
.SUFFIXES: | ||
.PHONY: | ||
|
||
# Environment switches | ||
REGISTRY ?= | ||
CANONICAL_NAME ?= postgres | ||
IMAGE_NAME ?= hausgold/$(CANONICAL_NAME) | ||
IMAGE_REF ?= 16.6 | ||
IMAGE_URI := $(IMAGE_NAME):$(IMAGE_REF) | ||
TEST_CONTAINER_NAME ?= $(CANONICAL_NAME)-test | ||
|
||
# Host binaries | ||
CURL ?= curl | ||
DOCKER ?= docker | ||
EXIT ?= exit | ||
GREP ?= grep | ||
SLEEP ?= sleep | ||
TEST ?= test | ||
TIME ?= time | ||
|
||
# Define a retry helper | ||
define retry | ||
if eval "$(1)"; then exit 0; fi; \ | ||
for i in 1; do sleep 10s; echo "Retrying $$i..."; \ | ||
if eval "$(1)"; then exit 0; fi; \ | ||
done; \ | ||
exit 1 | ||
endef | ||
|
||
all: | ||
# mDNS enabled official/postgres | ||
# | ||
# build Build a development snapshot of the image | ||
# test Test the built Docker image | ||
# publish Push the new Docker image to the registry | ||
# | ||
# shell You can start an individual session of the image for tests | ||
# clean Clean the current development snapshot | ||
|
||
build: clean | ||
# Build the Docker image | ||
@$(TIME) $(DOCKER) build --no-cache -t "$(IMAGE_URI)" . | ||
|
||
test: | ||
# Test the built Docker image | ||
# | ||
# Not yet implemented. | ||
|
||
publish: | ||
# Push the new Docker image to the registry | ||
@$(call retry,$(TIME) $(SHELL) -c '$(DOCKER) push $(IMAGE_URI)') | ||
|
||
shell: | ||
# Start an individual test session of the image | ||
@$(DOCKER) run --rm -it "$(IMAGE_URI)" bash | ||
|
||
clean: | ||
# Clean the current development snapshot | ||
@$(DOCKER) rmi --force "$(IMAGE_URI)" || true |
Oops, something went wrong.