我正在尝试在标准的postgres:12 docker镜像中启用流式复制,这需要更改pg_hba.conf
文件。我已经通过强制使数据库使用它(在docker-compose中传递-c config_file="<>"
标志而不是通过init脚本)成功更新了postgresql.conf
文件。
但是,即使在启动脚本中尝试复制到docker-entrypoint-initdb.d
中,我仍然找不到一个参数或标志选项来让数据库使用我的pg_hba.conf
文件。
有任何想法吗?
Docker-compose
version: "2"
services:
postgres:
build:
context: ./docker
environment:
- POSTGRES_DB=postgres
- POSTGRES_USER=postgres
- POSTGRES_PASSWORD=postgres
command:
- "postgres"
- "-c"
- "config_file=/etc/postgresql/postgresql.conf"
ports:
- 5432:5433
Dockerfile:
FROM postgres:12
ENV VERSION 1_0
RUN buildDeps="curl build-essential ca-certificates git pkg-config glib2.0 postgresql-server-dev-$PG_MAJOR" \
&& apt-get update \
&& apt-get install -y --no-install-recommends ${buildDeps} \
&& echo "deb http://apt.postgresql.org/pub/repos/apt/ stretch-pgdg main" > /etc/apt/sources.list.d/pgdg.list \
&& curl https://www.postgresql.org/media/keys/ACCC4CF8.asc | apt-key add - \
&& apt-get update \
&& apt-get install -y --no-install-recommends libc++1 postgresql-server-dev-$PG_MAJOR \
&& mkdir -p /tmp/build \
&& curl -o /tmp/build/${VERSIONN}.tar.gz -SL "https://github.com/eulerto/wal2json/archive/wal2json_${VERSION}.tar.gz" \
&& cd /tmp/build/ \
&& tar -xzf /tmp/build/${VERSIONN}.tar.gz -C /tmp/build/ \
&& cd /tmp/build/wal2json-wal2json_${VERSION} \
&& make && make install \
&& cp wal2json.so /usr/lib/postgresql/12/lib/ \
&& cd / \
&& rm -rf /tmp/build \
&& apt-get remove -y --purge ${buildDeps} \
&& apt-get autoremove -y --purge \
&& rm -rf /var/lib/apt/lists/
COPY . /
RUN ./sql_setup.sh
RUN mv setup.sql /docker-entrypoint-initdb.d/
sql_setup.sh
#!/bin/bash
set -e
cat > "$PGDATA/server.key" <<-EOKEY
-----BEGIN RSA PRIVATE KEY-----
...
-----END RSA PRIVATE KEY-----
EOKEY
chmod 0600 "$PGDATA/server.key"
cat > "$PGDATA/server.crt" <<-EOCERT
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
EOCERT
cat << EOF >> /var/lib/postgresql/data/postgresql.conf
port = 5433
ssl = on
ssl_cert_file = 'server.crt'
ssl_key_file = 'server.key'
max_wal_senders = 1
max_replication_slots = 1
wal_level = logical
shared_preload_libraries = wal2json
EOF
cat << EOF >> /var/lib/postgresql/data/pg_hba.conf
# TYPE DATABASE USER ADDRESS METHOD
host all pass_user 0.0.0.0/0 password
host all md5_user 0.0.0.0/0 md5
host all scram_user 0.0.0.0/0 scram-sha-256
host all pass_user ::0/0 password
host all md5_user ::0/0 md5
host all scram_user ::0/0 scram-sha-256
hostssl all ssl_user 0.0.0.0/0 trust
hostssl all ssl_user ::0/0 trust
host all ssl_user 0.0.0.0/0 reject
host all ssl_user ::0/0 reject
# IPv4 local connections:
host all postgres 0.0.0.0/0 trust
# IPv6 local connections:
host all postgres ::0/0 trust
# Unix socket connections:
local all postgres trust
# Enable streaming replication with wal2json:
host replication all 127.0.0.1/32 trust
EOF
setup.sql
CREATE ROLE pass_user PASSWORD 'password' LOGIN;
CREATE ROLE md5_user PASSWORD 'password' LOGIN;
SET password_encryption TO 'scram-sha-256';
CREATE ROLE scram_user PASSWORD 'password' LOGIN;
CREATE ROLE ssl_user LOGIN;
CREATE EXTENSION hstore;
CREATE EXTENSION citext;