docker/pgpool
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

wip

Browse Source
This commit is contained in:
Bernhard Radermacher
2026-02-27 10:48:28 +01:00
parent d0d230d2cd
commit 095849cf5c
4 changed files with 68 additions and 51 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
Dockerfile
View File

@@ -1,4 +1,4 @@
FROM debian:trixie-slim FROM pendragon.zone/docker/pg15
RUN apt-get update && \ RUN apt-get update && \
apt-get install -y --no-install-recommends \ apt-get install -y --no-install-recommends \
@@ -8,26 +8,6 @@ RUN apt-get update && \
&& \ && \
rm -rf /var/lib/apt/lists/* rm -rf /var/lib/apt/lists/*
RUN apt-get update && \
apt-get install -y --no-install-recommends \
openssh-server \
sudo \
&& \
rm -rf /var/lib/apt/lists/* && \
echo "postgres ALL = (ALL) NOPASSWD:ALL" >> /etc/sudoers && \
echo "X11Forwarding no" >> /etc/ssh/sshd_config && \
echo "PasswordAuthentication no" >> /etc/ssh/sshd_config && \
echo "StrictHostKeyChecking no" >> /etc/ssh/ssh_config && \
mkdir -p /var/lib/postgresql/.ssh && \
chmod 700 /var/lib/postgresql/.ssh && \
chown postgres: /var/lib/postgresql/.ssh && \
chmod g-w,o-w /var/lib/postgresql
COPY --chmod=600 --chown=postgres:postgres authorized_keys id_ed25519 /var/lib/postgresql/.ssh/
COPY --chmod=600 --chown=postgres:postgres pool_hba.conf /etc/pgpool2/
# COPY --chmod=600 --chown=postgres:postgres pgpool.conf /etc/pgpool2/
COPY --chmod=755 entrypoint.sh /usr/local/bin/ COPY --chmod=755 entrypoint.sh /usr/local/bin/
ENTRYPOINT ["entrypoint.sh"] ENTRYPOINT ["entrypoint.sh"]

1
authorized_keys
View File

@@ -1 +0,0 @@
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILfsb4w8ZYhu/A1HFR/e59WpbKxejE8DkbdCpj6y/mbO postgres docker swarm

89
entrypoint.sh
View File

@@ -2,32 +2,77 @@
set -Eeo pipefail set -Eeo pipefail
sudo service ssh start file_env() {
local var="$1"
local fileVar="${var}_FILE"
local def="${2:-}"
if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then
printf >&2 'error: both %s and %s are set (but are exclusive)\n' "$var" "$fileVar"
exit 1
fi
local val="$def"
if [ "${!var:-}" ]; then
val="${!var}"
elif [ "${!fileVar:-}" ]; then
val="$(< "${!fileVar}")"
fi
export "$var"="$val"
unset "$fileVar"
}
docker_setup_env() {
file_env 'PGPOOL_ADMIN_USERNAME'
file_env 'PGPOOL_ADMIN_PASSWORD'
file_env 'POSTGRES_PGPOOL_USERNAME'
file_env 'POSTGRES_PGPOOL_PASSWORD'
}
if [ "$(id -u)" = '0' ]; then
exec gosu postgres "$BASH_SOURCE"
fi
install --directory --owner postgres --group postgres --mode 700 /var/lib/postgresql/.ssh
cp /ssh/* /var/lib/postgresql/.ssh/
chmod 600 /var/lib/postgresql/.ssh/*
docker_setup_env
printf "%s:%s\n" "$PGPOOL_ADMIN_USERNAME" (pg_md5 "$PGPOOL_ADMIN_PASSWORD") > /etc/pgpool2/pcp.conf
{ {
printf "listen_addresses = '*'\n" printf "localhost:9898:%s:%s\n" "$PGPOOL_ADMIN_USERNAME" "$PGPOOL_ADMIN_PASSWORD"
printf "port = 5432\n" printf "pgpool:9898:%s:%s\n" "$PGPOOL_ADMIN_USERNAME" "$PGPOOL_ADMIN_PASSWORD"
printf "unix_socket_directories = '/run'\n" } > ~/.pcppass
printf "pcp_socket_dir = '/run'\n" chmod 600 /etc/pgpool2/pcp.conf ~/.pcppass
printf "enable_pool_hba = off\n"
printf "allow_clear_text_frontend_auth = on\n"
printf "process_management_mode = 'dynamic'\n"
printf "backend_clustering_mode = 'raw'\n"
printf "health_check_timeout = 5\n"
printf "health_check_period = 5\n"
printf "health_check_user = 'pgpool'\n"
printf "health_check_password = '%s'\n" "$PGPOOL_PASSWORD"
IFS=':'
n=0
for backend in $PGPOOL_BACKEND
do
printf "backend_hostname%d = '%s'\n" $n $backend
printf "backend_port%d = 5432\n" $n
((n+=1))
done
} > /etc/pgpool2/pgpool.conf
#
#
#{
# printf "listen_addresses = '*'\n"
# printf "port = 5432\n"
# printf "unix_socket_directories = '/run'\n"
# printf "pcp_socket_dir = '/run'\n"
# printf "enable_pool_hba = off\n"
# printf "allow_clear_text_frontend_auth = on\n"
# printf "process_management_mode = 'dynamic'\n"
# printf "backend_clustering_mode = 'raw'\n"
# printf "health_check_timeout = 5\n"
# printf "health_check_period = 5\n"
# printf "health_check_user = 'pgpool'\n"
# printf "health_check_password = '%s'\n" "$PGPOOL_PASSWORD"
#
# IFS=':'
# n=0
# for backend in $PGPOOL_BACKEND
# do
# printf "backend_hostname%d = '%s'\n" $n $backend
# printf "backend_port%d = 5432\n" $n
# ((n+=1))
# done
#} > /etc/pgpool2/pgpool.conf
sudo service ssh start
sudo /usr/sbin/pgpool sudo /usr/sbin/pgpool
while true while true

7
id_ed25519
View File

@@ -1,7 +0,0 @@
-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW
QyNTUxOQAAACC37G+MPGWIbvwNRxUf3ufVqWysXoxPA5G3QqY+sv5mzgAAAJgP2LF4D9ix
eAAAAAtzc2gtZWQyNTUxOQAAACC37G+MPGWIbvwNRxUf3ufVqWysXoxPA5G3QqY+sv5mzg
AAAEBhVUtZmAbot+VXJpY/IueHrCQeTDgClUTCepMJa1mqZbfsb4w8ZYhu/A1HFR/e59Wp
bKxejE8DkbdCpj6y/mbOAAAAFXBvc3RncmVzIGRvY2tlciBzd2FybQ==
-----END OPENSSH PRIVATE KEY-----