Skip to content

Commit 5bf68da

Browse files
muratgozelmuratgozel
committed
fixed pgbackrest permission error.
1 parent ed2e9dd commit 5bf68da

File tree

2 files changed

+20
-23
lines changed

2 files changed

+20
-23
lines changed

Dockerfile

Lines changed: 13 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -10,23 +10,24 @@ ENV PGPORT=5432
1010
ENV PGUSER=postgres
1111
ENV PGDATA=/usr/local/pgsql/data
1212
ENV PG_BACKREST_VERSION=2.35
13-
ENV PGUSER_UID=2001
14-
ENV PGUSER_GID=2001
13+
ENV PGUSER_UID=70
14+
ENV PGUSER_GID=70
1515

1616
COPY ./entrypoint.sh /entrypoint.sh
1717

18+
RUN addgroup --gid $PGUSER_GID $PGUSER && \
19+
adduser --disabled-password --uid $PGUSER_UID --ingroup $PGUSER --gecos "" -s /bin/bash $PGUSER
20+
1821
# install dependencies
1922
RUN apk add --no-cache --virtual .build-deps gcc g++ make wget pkgconf dpkg-dev pcre-dev \
2023
openssl-dev zlib-dev icu-dev readline-dev libxslt-dev libxml2-dev \
2124
bzip2-dev zlib-dev libuuid linux-headers \
2225
tzdata yaml-dev util-linux-dev && \
2326
apk add --no-cache git bash python3 py3-pip icu libxml2 lz4-dev zstd-dev \
24-
postgresql-dev shadow && \
27+
postgresql-dev shadow su-exec && \
2528
# configure dependencies
2629
ln -sf python3 /usr/bin/python && \
2730
mkdir -p /downloads && \
28-
addgroup --gid $PGUSER_GID $PGUSER && \
29-
adduser --disabled-password --uid $PGUSER_UID --ingroup $PGUSER --gecos "" -s /bin/bash $PGUSER && \
3031
# download pgbackrest
3132
cd /downloads && \
3233
wget https://github.com/pgbackrest/pgbackrest/archive/release/$PG_BACKREST_VERSION.tar.gz && \
@@ -36,11 +37,6 @@ RUN apk add --no-cache --virtual .build-deps gcc g++ make wget pkgconf dpkg-dev
3637
cd /downloads/pgbackrest-release-$PG_BACKREST_VERSION/src && \
3738
./configure && make && cp pgbackrest /usr/bin/ && \
3839
rm -r /downloads/pgbackrest-release-$PG_BACKREST_VERSION && \
39-
# configure pgbackrest
40-
chmod 755 /usr/bin/pgbackrest && \
41-
mkdir -p -m 750 /var/log/pgbackrest && chown -R $PGUSER:$PGUSER /var/log/pgbackrest && \
42-
mkdir -p -m 750 /var/lib/pgbackrest && chown -R $PGUSER:$PGUSER /var/lib/pgbackrest && \
43-
mkdir -p -m 750 /var/spool/pgbackrest && chown -R $PGUSER:$PGUSER /var/spool/pgbackrest && \
4440
# download postgresql
4541
cd /downloads && \
4642
wget https://ftp.postgresql.org/pub/source/v$PGVERSION/postgresql-$PGVERSION.tar.gz && \
@@ -53,12 +49,16 @@ RUN apk add --no-cache --virtual .build-deps gcc g++ make wget pkgconf dpkg-dev
5349
rm -r /downloads/postgresql-$PGVERSION && \
5450
# configure postgresql
5551
cd / && \
56-
mkdir -p -m 775 /var/run/postgresql && chown $PGUSER:$PGUSER /var/run/postgresql && \
57-
mkdir -p -m 750 $PGDATA && chown $PGUSER:$PGUSER $PGDATA && \
5852
chmod +x /entrypoint.sh && \
5953
apk del --no-network .build-deps
6054

61-
#USER $PGUSER
55+
# configure file and folder permissions
56+
RUN chmod 755 /usr/bin/pgbackrest && \
57+
mkdir -p /var/log/pgbackrest && chown -R $PGUSER:$PGUSER /var/log/pgbackrest && chmod 750 /var/log/pgbackrest && \
58+
mkdir -p /var/lib/pgbackrest && chown -R $PGUSER:$PGUSER /var/lib/pgbackrest && chmod 750 /var/lib/pgbackrest && \
59+
mkdir -p /var/spool/pgbackrest && chown -R $PGUSER:$PGUSER /var/spool/pgbackrest && chmod 750 /var/spool/pgbackrest && \
60+
mkdir -p /var/run/postgresql && chown -R $PGUSER:$PGUSER /var/run/postgresql && chmod 775 /var/run/postgresql && \
61+
mkdir -p $PGDATA && chown -R $PGUSER:$PGUSER $PGDATA && chmod 750 $PGDATA
6262

6363
STOPSIGNAL SIGINT
6464

entrypoint.sh

Lines changed: 7 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -1,14 +1,11 @@
11
#!/usr/bin/env bash
22

3-
sudo usermod -u $PGUSER_UID $PGUSER
4-
sudo groupmod -g $PGUSER_GID $PGUSER
5-
63
pgconf="$PGDATA/postgresql.conf"
74
hbaconf="$PGDATA/pg_hba.conf"
85

96
# create db cluster if it's not exist
107
if [[ ! -f $PGDATA/PG_VERSION ]]; then
11-
initdb --encoding=UTF8 --locale=C -D $PGDATA
8+
su-exec $PGUSER initdb --encoding=UTF8 --locale=C -D $PGDATA
129

1310
echo "listen_addresses = '*'" >> $pgconf
1411
echo "port = $PGPORT" >> $pgconf
@@ -21,7 +18,7 @@ fi
2118

2219
# init pgbackrest
2320
if ! grep -q "pgbackrest" "$pgconf"; then
24-
pg_ctl start -o "-p $PGPORT -k /var/run/postgresql" -D $PGDATA
21+
su-exec $PGUSER pg_ctl start -o "-p $PGPORT -k /var/run/postgresql" -D $PGDATA
2522

2623
echo "wal_level = replica" >> $pgconf
2724
echo "max_wal_size = 1GB" >> $pgconf
@@ -32,19 +29,19 @@ if ! grep -q "pgbackrest" "$pgconf"; then
3229
echo "log_line_prefix = ''" >> $pgconf
3330
echo "log_timezone = 'Etc/UTC'" >> $pgconf
3431

35-
pgbackrest --stanza=app --pg1-port=$PGPORT --log-level-console=info stanza-create
36-
pg_ctl restart -o "-p $PGPORT -k /var/run/postgresql" -D $PGDATA
32+
su-exec $PGUSER pgbackrest --stanza=app --pg1-port=$PGPORT --log-level-console=info stanza-create
33+
su-exec $PGUSER pg_ctl restart -o "-p $PGPORT -k /var/run/postgresql" -D $PGDATA
3734

38-
pgbackrest --stanza=app --pg1-port=$PGPORT --log-level-console=info check
35+
su-exec $PGUSER pgbackrest --stanza=app --pg1-port=$PGPORT --log-level-console=info check
3936
pgbackrest_check_result=$?
4037

4138
if [ $pgbackrest_check_result -ne 0 ]; then
4239
echo "pgbackrest check failed."
4340
exit $pgbackrest_check_result
4441
fi
4542

46-
pg_ctl stop -o "-p $PGPORT -k /var/run/postgresql" -D $PGDATA
43+
su-exec $PGUSER pg_ctl stop -o "-p $PGPORT -k /var/run/postgresql" -D $PGDATA
4744
fi
4845

4946
# start postgresql server
50-
exec "$@"
47+
su-exec $PGUSER "$@"

0 commit comments

Comments
 (0)