diff --git a/postgres/16.2/22.03-lts-sp3/Dockerfile b/postgres/16.2/22.03-lts-sp3/Dockerfile new file mode 100644 index 0000000000000000000000000000000000000000..b72df400ddbcf3c6e320da9e39173c306f9c444b --- /dev/null +++ b/postgres/16.2/22.03-lts-sp3/Dockerfile @@ -0,0 +1,34 @@ +ARG BASE=openeuler/openeuler:22.03-lts-sp3 +FROM ${BASE} + +ARG TARGETARCH +ARG VERSION=16_2 +ARG GOSU_VERSION=1.17 + +RUN yum -y install wget make gcc icu libicu-devel readline-devel zlib-devel \ + perl bison m4 flex && \ + yum clean all && \ + groupadd --system --gid 1000 postgres && \ + useradd --system --gid postgres --uid 1000 postgres && \ + wget -O /usr/local/bin/gosu_${TARGETARCH} https://github.com/tianon/gosu/releases/download/${GOSU_VERSION}/gosu-${TARGETARCH} && \ + chmod +x /usr/local/bin/gosu_${TARGETARCH} && \ + wget -O /tmp/postgres.tar.gz https://github.com/postgres/postgres/archive/refs/tags/REL_${VERSION}.tar.gz && \ + tar -zxvf /tmp/postgres.tar.gz -C /tmp && \ + cd /tmp/postgres-REL_${VERSION} && \ + ./configure && \ + make -j "$(nproc)" && make install && \ + mkdir /docker-entrypoint-initdb.d && \ + chown postgres:postgres /docker-entrypoint-initdb.d && \ + rm -rf /tmp/postgres.tar.gz /tmp/postgres-REL_${VERSION} + +VOLUME /var/lib/pgsql/data + +ENV PGDATA /var/lib/pgsql/data +COPY entrypoint.sh /var/lib/pgsql/ +RUN chmod 755 /var/lib/pgsql/entrypoint.sh + +WORKDIR /usr/local/pgsql/bin/ + +ENTRYPOINT ["/var/lib/pgsql/entrypoint.sh"] +EXPOSE 5432 +CMD [ "postgres" ] \ No newline at end of file diff --git a/postgres/16.2/22.03-lts-sp3/entrypoint.sh b/postgres/16.2/22.03-lts-sp3/entrypoint.sh new file mode 100644 index 0000000000000000000000000000000000000000..543fa7d75c6f8acf4529faeddb228539a95f86d3 --- /dev/null +++ b/postgres/16.2/22.03-lts-sp3/entrypoint.sh @@ -0,0 +1,364 @@ +#!/usr/bin/env bash +set -Eeo pipefail + +export PATH="/usr/local/pgsql/bin:$PATH" + +arch=$(case $(uname -m) in i386) echo "386" ;; i686) echo "386" ;; x86_64) echo "amd64";; aarch64)echo "arm64";; esac) +if [ "${arch}" = "amd64" ]; then + GOSU_EXEC=/usr/local/bin/gosu_amd64 +else + GOSU_EXEC=/usr/local/bin/gosu_arm64 +fi +if [ ! -f /usr/local/bin/gosu ]; then + ln -s ${GOSU_EXEC} /usr/local/bin/gosu +fi + +# usage: file_env VAR [DEFAULT] +# ie: file_env 'XYZ_DB_PASSWORD' 'example' +# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of +# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature) +file_env() { + local var="$1" + local fileVar="${var}_FILE" + local def="${2:-}" + if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then + echo >&2 "error: both $var and $fileVar are set (but are exclusive)" + exit 1 + fi + local val="$def" + if [ "${!var:-}" ]; then + val="${!var}" + elif [ "${!fileVar:-}" ]; then + val="$(< "${!fileVar}")" + fi + export "$var"="$val" + unset "$fileVar" +} + +# check to see if this file is being run or sourced from another script +_is_sourced() { + [ "${#FUNCNAME[@]}" -ge 2 ] \ + && [ "${FUNCNAME[0]}" = '_is_sourced' ] \ + && [ "${FUNCNAME[1]}" = 'source' ] +} + +# used to create initial postgres directories and if run as root, ensure ownership to the "postgres" user +docker_create_db_directories() { + local user; user="$(id -u)" + + mkdir -p "$PGDATA" + # ignore failure since there are cases where we can't chmod (and PostgreSQL might fail later anyhow - it's picky about permissions of this directory) + chmod 700 "$PGDATA" || : + + # ignore failure since it will be fine when using the image provided directory; see also https://github.com/docker-library/postgres/pull/289 + mkdir -p /var/run/postgresql || : + chmod 775 /var/run/postgresql || : + + # Create the transaction log directory before initdb is run so the directory is owned by the correct user + if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then + mkdir -p "$POSTGRES_INITDB_WALDIR" + if [ "$user" = '0' ]; then + find "$POSTGRES_INITDB_WALDIR" \! -user postgres -exec chown postgres '{}' + + fi + chmod 700 "$POSTGRES_INITDB_WALDIR" + fi + + # allow the container to be started with `--user` + if [ "$user" = '0' ]; then + find "$PGDATA" \! -user postgres -exec chown postgres '{}' + + find /var/run/postgresql \! -user postgres -exec chown postgres '{}' + + fi +} + +# initialize empty PGDATA directory with new database via 'initdb' +# arguments to `initdb` can be passed via POSTGRES_INITDB_ARGS or as arguments to this function +# `initdb` automatically creates the "postgres", "template0", and "template1" dbnames +# this is also where the database user is created, specified by `POSTGRES_USER` env +docker_init_database_dir() { + # "initdb" is particular about the current user existing in "/etc/passwd", so we use "nss_wrapper" to fake that if necessary + # see https://github.com/docker-library/postgres/pull/253, https://github.com/docker-library/postgres/issues/359, https://cwrap.org/nss_wrapper.html + local uid; uid="$(id -u)" + if ! getent passwd "$uid" &> /dev/null; then + # see if we can find a suitable "libnss_wrapper.so" (https://salsa.debian.org/sssd-team/nss-wrapper/-/commit/b9925a653a54e24d09d9b498a2d913729f7abb15) + local wrapper + for wrapper in {/usr,}/lib{/*,}/libnss_wrapper.so; do + if [ -s "$wrapper" ]; then + NSS_WRAPPER_PASSWD="$(mktemp)" + NSS_WRAPPER_GROUP="$(mktemp)" + export LD_PRELOAD="$wrapper" NSS_WRAPPER_PASSWD NSS_WRAPPER_GROUP + local gid; gid="$(id -g)" + echo "postgres:x:$uid:$gid:PostgreSQL:$PGDATA:/bin/false" > "$NSS_WRAPPER_PASSWD" + echo "postgres:x:$gid:" > "$NSS_WRAPPER_GROUP" + break + fi + done + fi + + if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then + set -- --waldir "$POSTGRES_INITDB_WALDIR" "$@" + fi + + eval 'initdb --username="$POSTGRES_USER" --pwfile=<(echo "$POSTGRES_PASSWORD") '"$POSTGRES_INITDB_ARGS"' "$@"' + + # unset/cleanup "nss_wrapper" bits + if [[ "${LD_PRELOAD:-}" == */libnss_wrapper.so ]]; then + rm -f "$NSS_WRAPPER_PASSWD" "$NSS_WRAPPER_GROUP" + unset LD_PRELOAD NSS_WRAPPER_PASSWD NSS_WRAPPER_GROUP + fi +} + +# print large warning if POSTGRES_PASSWORD is long +# error if both POSTGRES_PASSWORD is empty and POSTGRES_HOST_AUTH_METHOD is not 'trust' +# print large warning if POSTGRES_HOST_AUTH_METHOD is set to 'trust' +# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ] +docker_verify_minimum_env() { + # check password first so we can output the warning before postgres + # messes it up + if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then + cat >&2 <<-'EOWARN' + + WARNING: The supplied POSTGRES_PASSWORD is 100+ characters. + + This will not work if used via PGPASSWORD with "psql". + + https://www.postgresql.org/message-id/flat/E1Rqxp2-0004Qt-PL%40wrigleys.postgresql.org (BUG #6412) + https://github.com/docker-library/postgres/issues/507 + + EOWARN + fi + if [ -z "$POSTGRES_PASSWORD" ] && [ 'trust' != "$POSTGRES_HOST_AUTH_METHOD" ]; then + # The - option suppresses leading tabs but *not* spaces. :) + cat >&2 <<-'EOE' + Error: Database is uninitialized and superuser password is not specified. + You must specify POSTGRES_PASSWORD to a non-empty value for the + superuser. For example, "-e POSTGRES_PASSWORD=password" on "docker run". + + You may also use "POSTGRES_HOST_AUTH_METHOD=trust" to allow all + connections without a password. This is *not* recommended. + + See PostgreSQL documentation about "trust": + https://www.postgresql.org/docs/current/auth-trust.html + EOE + exit 1 + fi + if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then + cat >&2 <<-'EOWARN' + ******************************************************************************** + WARNING: POSTGRES_HOST_AUTH_METHOD has been set to "trust". This will allow + anyone with access to the Postgres port to access your database without + a password, even if POSTGRES_PASSWORD is set. See PostgreSQL + documentation about "trust": + https://www.postgresql.org/docs/current/auth-trust.html + In Docker's default configuration, this is effectively any other + container on the same system. + + It is not recommended to use POSTGRES_HOST_AUTH_METHOD=trust. Replace + it with "-e POSTGRES_PASSWORD=password" instead to set a password in + "docker run". + ******************************************************************************** + EOWARN + fi +} + +# usage: docker_process_init_files [file [file [...]]] +# ie: docker_process_init_files /always-initdb.d/* +# process initializer files, based on file extensions and permissions +docker_process_init_files() { + # psql here for backwards compatibility "${psql[@]}" + psql=( docker_process_sql ) + + echo + local f + for f; do + case "$f" in + *.sh) + # https://github.com/docker-library/postgres/issues/450#issuecomment-393167936 + # https://github.com/docker-library/postgres/pull/452 + if [ -x "$f" ]; then + echo "$0: running $f" + "$f" + else + echo "$0: sourcing $f" + . "$f" + fi + ;; + *.sql) echo "$0: running $f"; docker_process_sql -f "$f"; echo ;; + *.sql.gz) echo "$0: running $f"; gunzip -c "$f" | docker_process_sql; echo ;; + *.sql.xz) echo "$0: running $f"; xzcat "$f" | docker_process_sql; echo ;; + *.sql.zst) echo "$0: running $f"; zstd -dc "$f" | docker_process_sql; echo ;; + *) echo "$0: ignoring $f" ;; + esac + echo + done +} + +# Execute sql script, passed via stdin (or -f flag of pqsl) +# usage: docker_process_sql [psql-cli-args] +# ie: docker_process_sql --dbname=mydb <<<'INSERT ...' +# ie: docker_process_sql -f my-file.sql +# ie: docker_process_sql > "$PGDATA/pg_hba.conf" +} + +pg_setup_postgresql_conf() { + { + echo "listen_addresses = '*'" + } >> "$PGDATA/postgresql.conf" +} + + +# start socket-only postgresql server for setting up or running scripts +# all arguments will be passed along as arguments to `postgres` (via pg_ctl) +docker_temp_server_start() { + if [ "$1" = 'postgres' ]; then + shift + fi + + # internal start of server in order to allow setup using psql client + # does not listen on external TCP/IP and waits until start finishes + set -- "$@" -c listen_addresses='' -p "${PGPORT:-5432}" + + PGUSER="${PGUSER:-$POSTGRES_USER}" \ + pg_ctl -D "$PGDATA" \ + -o "$(printf '%q ' "$@")" \ + -w start +} + +# stop postgresql server after done setting up user and running scripts +docker_temp_server_stop() { + PGUSER="${PGUSER:-postgres}" \ + pg_ctl -D "$PGDATA" -m fast -w stop +} + +# check arguments for an option that would cause postgres to stop +# return true if there is one +_pg_want_help() { + local arg + for arg; do + case "$arg" in + # postgres --help | grep 'then exit' + # leaving out -C on purpose since it always fails and is unhelpful: + # postgres: could not access the server configuration file "/var/lib/pgsql/data/postgresql.conf": No such file or directory + -'?'|--help|--describe-config|-V|--version) + return 0 + ;; + esac + done + return 1 +} + +_main() { + # if first arg looks like a flag, assume we want to run postgres server + if [ "${1:0:1}" = '-' ]; then + set -- postgres "$@" + fi + + if [ "$1" = 'postgres' ] && ! _pg_want_help "$@"; then + docker_setup_env + # setup data directories and permissions (when run as root) + docker_create_db_directories + if [ "$(id -u)" = '0' ]; then + # then restart script as postgres user + exec gosu postgres "$BASH_SOURCE" "$@" + fi + + # only run initialization on an empty data directory + if [ -z "$DATABASE_ALREADY_EXISTS" ]; then + docker_verify_minimum_env + + # check dir permissions to reduce likelihood of half-initialized database + ls /docker-entrypoint-initdb.d/ > /dev/null + + docker_init_database_dir + pg_setup_hba_conf "$@" + pg_setup_postgresql_conf + + # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless + # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS + export PGPASSWORD="${PGPASSWORD:-$POSTGRES_PASSWORD}" + docker_temp_server_start "$@" + + docker_setup_db + docker_process_init_files /docker-entrypoint-initdb.d/* + + docker_temp_server_stop + unset PGPASSWORD + + echo + echo 'PostgreSQL init process complete; ready for start up.' + echo + else + echo + echo 'PostgreSQL Database directory appears to contain a database; Skipping initialization' + echo + fi + fi + + exec "$@" +} + +if ! _is_sourced; then + _main "$@" +fi diff --git a/postgres/doc/image-info.yml b/postgres/doc/image-info.yml new file mode 100644 index 0000000000000000000000000000000000000000..fac7248a56e6d2b74b4a9d48b1e0b5a703da8f45 --- /dev/null +++ b/postgres/doc/image-info.yml @@ -0,0 +1,97 @@ +name: postgres +category: database +description: postgres是一个功能强大、灵活且高度可定制的数据库管理系统,广泛应用于金融、物流、制造、电信等领域。 +environment: " + 本应用以容器镜像的方式供用户使用,运行于预置docker的Linux环境。Docker的推荐安装方式如下: + ## apt安装 + ### 1.更新系统软件包依赖 + ``` + sudo spt update + sudo apt install ca-certificates curl gnupg lsb-release + ``` + ### 2.添加Docker官方GPG密钥 + ``` + sudo mkdir -p /etc/apt/keyrings + curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg + sudo chmod a+r /etc/apt/keyrings/docker.gpg + ``` + ### 3.添加Docker官方APT源 + ``` + echo \"deb [arch=$(dpkg --print-architecture) signed-by=/usr/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable\" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null + ``` + ### 4.再次更新软件包索引 + ``` + sudo apt update + ``` + ### 5.安装Docker + ``` + sudo apt install docker-ce docker-ce-cli containerd.io + ``` + + ## yum安装 + ### 1.安装yum-utils + ``` + sudo yum install -y yum-utils + ``` + ### 2.添加Docker源 + ``` + sudo yum-config-manager \ + > --add-repo \ + > https://download.docker.com/linux/centos/docker-ce.repo + ``` + ### 3.安装Docker + ``` + sudo yum install -y docker-ce docker-ce-cli containerd.io + ``` + + 注意,在openEuler环境安装docker时,可执行如下命令一键安装 + ``` + yum install -y docker + ``` + + ## 脚本安装 + ### 1.下载安装脚本 + ``` + curl -fsSL https://get.docker.com -o get-docker.sh + ``` + ### 2.使用root权限执行脚本 + ``` + sudo sh get-docker.sh + ``` + 使用脚本安装方式时,如果用户要指定安装的docker版本,需要自行修改`get-docker.sh`的源码内容。 + + ## 验证 + ``` + sudo docker run hello-world + ``` + " +download: " + 获取容器镜像 + ``` + docker pull openeuler/postgres:latest + ``` + " +install: " + 启动容器 + ``` + docker run --name postgres -d openeuler/postgres:latest + ``` + 用户可根据自身需求,自定义启动选项。 + " +license: PostgreSQL license +similar_packages: + - MySQL: 一个广泛使用的开源关系型数据库管理系统。它提供了高性能、稳定性和易用性,适用于各种规模的应用程序。 + - Oracle Database: 一款商业关系型数据库管理系统。它提供了强大的性能和高级功能,适用于大型企业级应用。 + - SQLite: 一款轻量级的关系型数据库管理系统,常用于嵌入式系统和移动应用。它占用资源少,性能稳定,且无需独立的服务器进程。 +dependency: + - gcc + - make + - libevent-devel + - icu + - libicu-devel + - readline-devel + - zlib-devel + - perl + - bison + - m4 + - flex \ No newline at end of file diff --git a/postgres/doc/picture/postgres.png b/postgres/doc/picture/postgres.png new file mode 100644 index 0000000000000000000000000000000000000000..94612cfef332ce82c70e7da22ce1ebee96805f4d Binary files /dev/null and b/postgres/doc/picture/postgres.png differ