docker/postgresql-repmgr
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

initial

Browse Source
This commit is contained in:
Bernhard Radermacher
2026-02-17 08:07:53 +01:00
parent 95ec2aa1d8
commit bdaedf2e71
37 changed files with 6767 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1405
rootfs/opt/bitnami/scripts/libpostgresql.sh Normal file
View File

File diff suppressed because it is too large Load Diff

954
rootfs/opt/bitnami/scripts/librepmgr.sh Normal file
View File

@@ -0,0 +1,954 @@
#!/bin/bash
# Copyright Broadcom, Inc. All Rights Reserved.
# SPDX-License-Identifier: APACHE-2.0
#
# Bitnami Postgresql Repmgr library
# shellcheck disable=SC1091
# Load Generic Libraries
. /opt/bitnami/scripts/libfile.sh
. /opt/bitnami/scripts/libfs.sh
. /opt/bitnami/scripts/liblog.sh
. /opt/bitnami/scripts/libos.sh
. /opt/bitnami/scripts/libvalidations.sh
. /opt/bitnami/scripts/libnet.sh
########################
# Execute repmgr command and print the output
# Globals:
# REPMGR_*
# POSTGRESQL_DAEMON_USER
# Arguments:
# $@ - Additional arguments to pass to the repmgr command
# Returns:
# None
########################
repmgr_execute_print_output() {
local repmgr_cmd=()
if am_i_root; then
repmgr_cmd=("run_as_user" "$POSTGRESQL_DAEMON_USER" "${REPMGR_BIN_DIR}/repmgr")
else
repmgr_cmd=("${REPMGR_BIN_DIR}/repmgr")
fi
"${repmgr_cmd[@]}" "$@" 2>&1
}
########################
# Execute repmgr command
# Globals:
# REPMGR_*
# POSTGRESQL_DAEMON_USER
# Arguments:
# $@ - Additional arguments to pass to the repmgr command
# Returns:
# None
########################
repmgr_execute() {
debug_execute "repmgr_execute_print_output" "$@"
}
########################
# Get repmgr node id
# Globals:
# REPMGR_*
# Arguments:
# None
# Returns:
# String
#########################
repmgr_get_node_id() {
local num
if [[ "$REPMGR_NODE_ID" != "" ]]; then
echo "$REPMGR_NODE_ID"
else
num="${REPMGR_NODE_NAME##*-}"
if [[ "$num" != "" ]]; then
num=$((num + REPMGR_NODE_ID_START_SEED))
echo "$num"
fi
fi
}
########################
# Get repmgr password method
# Globals:
# REPMGR_*
# Arguments:
# None
# Returns:
# String
#########################
repmgr_get_env_password() {
if [[ "$REPMGR_USE_PASSFILE" = "true" ]]; then
echo "PGPASSFILE=${REPMGR_PASSFILE_PATH}"
else
echo "PGPASSWORD=${REPMGR_PASSWORD}"
fi
}
########################
# Get repmgr conninfo password method
# Globals:
# REPMGR_*
# Arguments:
# None
# Returns:
# String
#########################
repmgr_get_conninfo_password() {
if [[ "$REPMGR_USE_PASSFILE" = "true" ]]; then
echo "passfile=${REPMGR_PASSFILE_PATH}"
else
echo "password=${REPMGR_PASSWORD}"
fi
}
########################
# Validate settings in REPMGR_* env. variables
# Globals:
# REPMGR_*
# Arguments:
# None
# Returns:
# None
#########################
repmgr_validate() {
info "Validating settings in REPMGR_* env vars..."
local error_code=0
# Auxiliary functions
print_validation_error() {
error "$1"
error_code=1
}
if [[ -z "$REPMGR_PARTNER_NODES" ]]; then
print_validation_error "The list of partner nodes cannot be empty. Set the environment variable REPMGR_PARTNER_NODES with a comma separated list of partner nodes."
fi
if [[ -z "$REPMGR_PRIMARY_HOST" ]]; then
print_validation_error "The initial primary host is required. Set the environment variable REPMGR_PRIMARY_HOST with the initial primary host."
fi
if [[ -z "$REPMGR_NODE_NAME" ]]; then
print_validation_error "The node name is required. Set the environment variable REPMGR_NODE_NAME with the node name."
elif [[ ! "$REPMGR_NODE_NAME" =~ ^.*+-[0-9]+$ ]]; then
print_validation_error "The node name does not follow the required format. Valid format: ^.*+-[0-9]+$"
fi
if [[ -z "$(repmgr_get_node_id)" ]]; then
print_validation_error "The node id is required. Set the environment variable REPMGR_NODE_ID with the node id."
fi
if [[ -z "$REPMGR_NODE_NETWORK_NAME" ]]; then
print_validation_error "The node network name is required. Set the environment variable REPMGR_NODE_NETWORK_NAME with the node network name."
fi
# Credentials validations
if [[ -z "$REPMGR_USERNAME" ]] || [[ -z "$REPMGR_PASSWORD" ]]; then
print_validation_error "The repmgr credentials are mandatory. Set the environment variables REPMGR_USERNAME and REPMGR_PASSWORD with the repmgr credentials."
fi
if [[ -z "$REPMGR_NODE_TYPE" ]] || ! [[ "$REPMGR_NODE_TYPE" =~ ^(data|witness)$ ]]; then
print_validation_error "Set the environment variable REPMGR_NODE_TYPE to 'data' or 'witness'."
fi
if ! is_yes_no_value "$REPMGR_PGHBA_TRUST_ALL"; then
print_validation_error "The allowed values for REPMGR_PGHBA_TRUST_ALL are: yes or no."
fi
if ! is_yes_no_value "$REPMGR_UPGRADE_EXTENSION"; then
print_validation_error "The allowed values for REPMGR_UPGRADE_EXTENSION are: yes or no."
fi
if ! [[ "$REPMGR_FAILOVER" =~ ^(automatic|manual)$ ]]; then
print_validation_error "The allowed values for REPMGR_FAILOVER are: automatic or manual."
fi
[[ "$error_code" -eq 0 ]] || exit "$error_code"
}
########################
# Ask partner nodes which node is the primary
# Globals:
# REPMGR_*
# Arguments:
# Non
# Returns:
# String[] - (host port)
#########################
repmgr_get_upstream_node() {
local primary_conninfo
local pretending_primary_host=""
local pretending_primary_port=""
local host=""
local port=""
local suggested_primary_host=""
local suggested_primary_port=""
if [[ -n "$REPMGR_PARTNER_NODES" ]]; then
debug "Querying all partner nodes for common upstream node..."
read -r -a nodes <<<"$(tr ',;' ' ' <<<"${REPMGR_PARTNER_NODES}")"
for node in "${nodes[@]}"; do
# intentionally accept incorrect address (without [schema:]// )
[[ "$node" =~ ^(([^:/?#]+):)?// ]] || node="tcp://${node}"
host="$(parse_uri "$node" 'host')"
port="$(parse_uri "$node" 'port')"
port="${port:-$REPMGR_PRIMARY_PORT}"
debug "Checking node '$host:$port'..."
local query="SELECT conninfo FROM repmgr.show_nodes WHERE (upstream_node_name IS NULL OR upstream_node_name = '') AND active=true"
if ! primary_conninfo="$(echo "$query" | NO_ERRORS=true postgresql_remote_execute "$host" "$port" "$REPMGR_DATABASE" "$REPMGR_USERNAME" "$REPMGR_PASSWORD" "-tA")"; then
debug "Skipping: failed to get primary from the node '$host:$port'!"
continue
elif [[ -z "$primary_conninfo" ]]; then
debug "Skipping: failed to get information about primary nodes!"
continue
elif [[ "$(echo "$primary_conninfo" | wc -l)" -eq 1 ]]; then
suggested_primary_host="$(echo "$primary_conninfo" | awk -F 'host=' '{print $2}' | awk '{print $1}')"
suggested_primary_port="$(echo "$primary_conninfo" | awk -F 'port=' '{print $2}' | awk '{print $1}')"
debug "Pretending primary role node - '${suggested_primary_host}:${suggested_primary_port}'"
if [[ -n "$pretending_primary_host" ]]; then
if [[ "${pretending_primary_host}:${pretending_primary_port}" != "${suggested_primary_host}:${suggested_primary_port}" ]]; then
warn "Conflict of pretending primary role nodes (previously: '${pretending_primary_host}:${pretending_primary_port}', now: '${suggested_primary_host}:${suggested_primary_port}')"
pretending_primary_host="" && pretending_primary_port="" && break
fi
else
debug "Pretending primary set to '${suggested_primary_host}:${suggested_primary_port}'!"
pretending_primary_host="$suggested_primary_host"
pretending_primary_port="$suggested_primary_port"
fi
else
warn "There were more than one primary when getting primary from node '$host:$port'"
pretending_primary_host="" && pretending_primary_port="" && break
fi
done
fi
echo "$pretending_primary_host"
echo "$pretending_primary_port"
}
########################
# Gets the node that is currently set as primary node
# Globals:
# REPMGR_*
# Arguments:
# None
# Returns:
# String[] - (host port)
#########################
repmgr_get_primary_node() {
local upstream_node
local upstream_host
local upstream_port
local primary_host=""
local primary_port="$REPMGR_PRIMARY_PORT"
readarray -t upstream_node < <(repmgr_get_upstream_node)
upstream_host=${upstream_node[0]}
upstream_port=${upstream_node[1]:-$REPMGR_PRIMARY_PORT}
[[ -n "$upstream_host" ]] && info "Auto-detected primary node: '${upstream_host}:${upstream_port}'"
if [[ -f "$REPMGR_PRIMARY_ROLE_LOCK_FILE_NAME" ]]; then
info "This node was acting as a primary!"
if [[ -z "$upstream_host" ]] || [[ "${upstream_host}:${upstream_port}" = "${REPMGR_NODE_NETWORK_NAME}:${REPMGR_PORT_NUMBER}" ]]; then
info "Can not find new primary"
else
info "Current master is '${upstream_host}:${upstream_port}'"
[[ "${MODULE:-}" != "pre-stop-hook" ]] && info "Cloning/rewinding it and acting as a standby node..."
rm -f "$REPMGR_PRIMARY_ROLE_LOCK_FILE_NAME"
export REPMGR_SWITCH_ROLE="yes"
primary_host="$upstream_host"
primary_port="$upstream_port"
fi
else
if [[ -z "$upstream_host" ]]; then
if [[ "${REPMGR_PRIMARY_HOST}:${REPMGR_PRIMARY_PORT}" != "${REPMGR_NODE_NETWORK_NAME}:${REPMGR_PORT_NUMBER}" ]]; then
primary_host="$REPMGR_PRIMARY_HOST"
primary_port="$REPMGR_PRIMARY_PORT"
fi
else
if [[ "${upstream_host}:${upstream_port}" = "${REPMGR_NODE_NETWORK_NAME}:${REPMGR_PORT_NUMBER}" ]]; then
info "Dismissing auto-detected info given it points to itself"
else
primary_host="$upstream_host"
primary_port="$upstream_port"
fi
fi
fi
[[ -n "$primary_host" ]] && info "Primary node: '${primary_host}:${primary_port}'"
echo "$primary_host"
echo "$primary_port"
}
########################
# Generates env vars for the node
# Globals:
# REPMGR_*
# Arguments:
# None
# Returns:
# Series of exports to be used as 'eval' arguments
#########################
repmgr_set_role() {
local role="standby"
local primary_node
local primary_host
local primary_port
readarray -t primary_node < <(repmgr_get_primary_node)
primary_host=${primary_node[0]}
primary_port=${primary_node[1]:-$REPMGR_PRIMARY_PORT}
if [[ "$REPMGR_NODE_TYPE" = "data" ]]; then
if [[ -z "$primary_host" ]]; then
info "There are no nodes with primary role. Assuming the primary role..."
role="primary"
else
info "Node configured as standby"
role="standby"
fi
else
info "Node configured as witness"
role="witness"
fi
cat <<EOF
export REPMGR_ROLE="$role"
export REPMGR_CURRENT_PRIMARY_HOST="$primary_host"
export REPMGR_CURRENT_PRIMARY_PORT="$primary_port"
EOF
}
########################
# Change a Repmgr configuration file by setting a property
# Globals:
# REPMGR_*
# Arguments:
# $1 - property
# $2 - value
# $3 - Path to configuration file (default: $REPMGR_CONF_FILE)
# Returns:
# None
#########################
repmgr_set_property() {
local -r property="${1:?missing property}"
local -r value="${2:-}"
local -r conf_file="${3:-$REPMGR_CONF_FILE}"
replace_in_file "$conf_file" "^#*\s*${property}\s*=.*" "${property} = '${value}'" false
}
########################
# Create the repmgr user (with )
# Globals:
# REPMGR_*
# POSTGRESQL_*
# Arguments:
# None
# Returns:
# None
#########################
repmgr_create_repmgr_user() {
local postgres_password="$POSTGRESQL_PASSWORD"
local -r escaped_password="${REPMGR_PASSWORD//\'/\'\'}"
info "Creating repmgr user: $REPMGR_USERNAME"
[[ "$POSTGRESQL_USERNAME" != "postgres" ]] && [[ -n "$POSTGRESQL_POSTGRES_PASSWORD" ]] && postgres_password="$POSTGRESQL_POSTGRES_PASSWORD"
# The repmgr user is created as superuser for simplicity (ref: https://repmgr.org/docs/4.3/quickstart-repmgr-user-database.html)
POSTGRESQL_POSTGRES_PASSWORD="$postgres_password" postgresql_ensure_user_exists "$REPMGR_USERNAME" --password "$escaped_password"
echo "ALTER USER ${REPMGR_USERNAME} WITH SUPERUSER CREATEDB;" | postgresql_execute "" "postgres" "$postgres_password"
# set the repmgr user's search path to include the 'repmgr' schema name (ref: https://repmgr.org/docs/4.3/quickstart-repmgr-user-database.html)
echo "ALTER USER ${REPMGR_USERNAME} SET search_path TO repmgr, \"\$user\", public;" | postgresql_execute "" "postgres" "$postgres_password"
}
########################
# Creates the repmgr database
# Globals:
# REPMGR_*
# POSTGRESQL_*
# Arguments:
# None
# Returns:
# None
#########################
repmgr_create_repmgr_db() {
local postgres_password="$POSTGRESQL_PASSWORD"
info "Creating repmgr database: $REPMGR_DATABASE"
[[ "$POSTGRESQL_USERNAME" != "postgres" ]] && [[ -n "$POSTGRESQL_POSTGRES_PASSWORD" ]] && postgres_password="$POSTGRESQL_POSTGRES_PASSWORD"
echo "CREATE DATABASE $REPMGR_DATABASE;" | postgresql_execute "" "postgres" "$postgres_password"
}
########################
# Use a different PostgreSQL configuration file by pretending it's an injected custom configuration
# Globals:
# POSTGRESQL_MOUNTED_CONF_DIR
# Arguments:
# None
# Returns:
# None
#########################
repmgr_inject_postgresql_configuration() {
debug "Injecting a new postgresql.conf file..."
postgresql_create_config
# ref: https://repmgr.org/docs/4.3/quickstart-postgresql-configuration.html
if [[ -n "$POSTGRESQL_SHARED_PRELOAD_LIBRARIES" ]]; then
if [[ "$POSTGRESQL_SHARED_PRELOAD_LIBRARIES" =~ ^(repmgr|REPMGR)$ ]]; then
postgresql_set_property "shared_preload_libraries" "$POSTGRESQL_SHARED_PRELOAD_LIBRARIES"
else
postgresql_set_property "shared_preload_libraries" "repmgr, ${POSTGRESQL_SHARED_PRELOAD_LIBRARIES}"
fi
else
postgresql_set_property "shared_preload_libraries" "repmgr"
fi
postgresql_set_property "max_wal_senders" "16"
postgresql_set_property "max_replication_slots" "10"
postgresql_set_property "wal_level" "$POSTGRESQL_WAL_LEVEL"
postgresql_set_property "archive_mode" "on"
postgresql_set_property "hot_standby" "on"
postgresql_set_property "archive_command" "/bin/true"
postgresql_configure_connections
postgresql_configure_timezone
# Redirect logs to POSTGRESQL_LOG_FILE
postgresql_configure_logging
postgresql_set_property "logging_collector" "on"
postgresql_set_property "log_directory" "$POSTGRESQL_LOG_DIR"
postgresql_set_property "log_filename" "postgresql.log"
is_boolean_yes "$POSTGRESQL_ENABLE_TLS" && postgresql_configure_tls
is_boolean_yes "$POSTGRESQL_ENABLE_TLS" && [[ -n $POSTGRESQL_TLS_CA_FILE ]] && postgresql_tls_auth_configuration
is_boolean_yes "$REPMGR_USE_PGREWIND" && postgresql_set_property "wal_log_hints" "on"
cp "$POSTGRESQL_CONF_FILE" "${POSTGRESQL_MOUNTED_CONF_DIR}/postgresql.conf"
}
########################
# Use a different pg_hba.conf file by pretending it's an injected custom configuration\
# Globals:
# POSTGRESQL_MOUNTED_CONF_DIR
# REPMGR_*
# Arguments:
# None
# Returns:
# None
#########################
repmgr_inject_pghba_configuration() {
debug "Injecting a new pg_hba.conf file..."
cat >"${POSTGRESQL_MOUNTED_CONF_DIR}/pg_hba.conf" <<EOF
local all all trust
host all all 127.0.0.1/32 trust
host all all ::1/128 trust
host all all 0.0.0.0/0 md5
host all all ::/0 md5
host $REPMGR_DATABASE $REPMGR_USERNAME 0.0.0.0/0 md5
host $REPMGR_DATABASE $REPMGR_USERNAME ::/0 md5
host replication all 0.0.0.0/0 md5
host replication all ::/0 md5
EOF
if is_boolean_yes "$POSTGRESQL_SR_CHECK"; then
cat >>"${POSTGRESQL_MOUNTED_CONF_DIR}/pg_hba.conf" <<EOF
host $POSTGRESQL_SR_CHECK_DATABASE $POSTGRESQL_SR_CHECK_USERNAME 0.0.0.0/0 md5
host $POSTGRESQL_SR_CHECK_DATABASE $POSTGRESQL_SR_CHECK_USERNAME ::/0 md5
EOF
fi
if is_boolean_yes "$POSTGRESQL_ENABLE_TLS" && [[ -n $POSTGRESQL_TLS_CA_FILE ]]; then
cat >>"${POSTGRESQL_MOUNTED_CONF_DIR}/pg_hba.conf" <<EOF
hostssl all all 0.0.0.0/0 cert
hostssl all all ::/0 cert
EOF
fi
}
########################
# Check if a given configuration file was mounted externally
# Globals:
# REPMGR_MOUNTED_CONF_DIR
# Arguments:
# $1 - Filename
# Returns:
# 1 if the file was mounted externally, 0 otherwise
#########################
repmgr_is_file_external() {
local -r filename=$1
if [[ -d "$REPMGR_MOUNTED_CONF_DIR" ]] && [[ -f "$REPMGR_MOUNTED_CONF_DIR"/"$filename" ]]; then
return 0
else
return 1
fi
}
########################
# Prepare PostgreSQL default configuration
# Globals:
# POSTGRESQL_MOUNTED_CONF_DIR
# REPMGR_MOUNTED_CONF_DIR
# REPMGR_PASSFILE_PATH
# Arguments:
# None
# Returns:
# None
#########################
repmgr_postgresql_configuration() {
info "Preparing PostgreSQL configuration..."
# User injected custom configuration
if [[ -d "$REPMGR_MOUNTED_CONF_DIR" ]] && compgen -G "$REPMGR_MOUNTED_CONF_DIR"/* >/dev/null; then
debug "User injected custom configuration detected!"
fi
ensure_dir_exists "$POSTGRESQL_MOUNTED_CONF_DIR"
if repmgr_is_file_external "postgresql.conf"; then
cp "${REPMGR_MOUNTED_CONF_DIR}/postgresql.conf" "${POSTGRESQL_MOUNTED_CONF_DIR}/postgresql.conf"
else
repmgr_inject_postgresql_configuration
fi
if repmgr_is_file_external "pg_hba.conf"; then
cp "${REPMGR_MOUNTED_CONF_DIR}/pg_hba.conf" "${POSTGRESQL_MOUNTED_CONF_DIR}/pg_hba.conf"
else
repmgr_inject_pghba_configuration
fi
if [[ "$REPMGR_USE_PASSFILE" = "true" ]] && [[ ! -f "${REPMGR_PASSFILE_PATH}" ]]; then
echo "*:*:*:${REPMGR_USERNAME}:${REPMGR_PASSWORD}" >"${REPMGR_PASSFILE_PATH}"
chmod 600 "${REPMGR_PASSFILE_PATH}"
fi
}
########################
# Generates repmgr config files
# Globals:
# REPMGR_*
# POSTGRESQL_*
# Arguments:
# None
# Returns:
# None
#########################
repmgr_generate_repmgr_config() {
info "Preparing repmgr configuration..."
# If using a distinct WAL directory (${POSTGRESQL_DATA_DIR}/pg_wal is a symlink to an existing dir or $POSTGRESQL_INITDB_WAL_DIR is set a custom value during 1st boot),
# set the "--waldir" option accordingly
local -r waldir=$(postgresql_get_waldir)
local -r waldir_option=$([[ -n "$waldir" ]] && echo "--waldir=$waldir")
cat <<EOF >>"${REPMGR_CONF_FILE}.tmp"
event_notification_command='${REPMGR_EVENTS_DIR}/router.sh %n %e %s "%t" "%d"'
ssh_options='-o "StrictHostKeyChecking no" -v'
use_replication_slots='${REPMGR_USE_REPLICATION_SLOTS}'
pg_bindir='${POSTGRESQL_BIN_DIR}'
# FIXME: these 2 parameter should work
node_id=$(repmgr_get_node_id)
node_name='${REPMGR_NODE_NAME}'
location='${REPMGR_NODE_LOCATION}'
conninfo='user=${REPMGR_USERNAME} $(repmgr_get_conninfo_password) host=${REPMGR_NODE_NETWORK_NAME} dbname=${REPMGR_DATABASE} port=${REPMGR_PORT_NUMBER} connect_timeout=${REPMGR_CONNECT_TIMEOUT}'
failover='${REPMGR_FAILOVER}'
promote_command='$(repmgr_get_env_password) repmgr standby promote -f "${REPMGR_CONF_FILE}" --log-level DEBUG --verbose'
follow_command='$(repmgr_get_env_password) repmgr standby follow -f "${REPMGR_CONF_FILE}" -W --log-level DEBUG --verbose'
reconnect_attempts='${REPMGR_RECONNECT_ATTEMPTS}'
reconnect_interval='${REPMGR_RECONNECT_INTERVAL}'
log_level='${REPMGR_LOG_LEVEL}'
priority='${REPMGR_NODE_PRIORITY}'
monitoring_history='${REPMGR_MONITORING_HISTORY}'
monitor_interval_secs='${REPMGR_MONITOR_INTERVAL_SECS}'
degraded_monitoring_timeout='${REPMGR_DEGRADED_MONITORING_TIMEOUT}'
data_directory='${POSTGRESQL_DATA_DIR}'
async_query_timeout='${REPMGR_MASTER_RESPONSE_TIMEOUT}'
primary_visibility_consensus=${REPMGR_PRIMARY_VISIBILITY_CONSENSUS}
pg_ctl_options='-o "--config-file=\"${POSTGRESQL_CONF_FILE}\" --external_pid_file=\"${POSTGRESQL_PID_FILE}\" --hba_file=\"${POSTGRESQL_PGHBA_FILE}\""'
pg_basebackup_options='$waldir_option'
repmgrd_pid_file='${REPMGR_PID_FILE}'
EOF
if is_boolean_yes "$REPMGR_FENCE_OLD_PRIMARY"; then
cat <<EOF >>"${REPMGR_CONF_FILE}.tmp"
child_nodes_disconnect_command='/bin/bash -c ". /opt/bitnami/scripts/libpostgresql.sh && . /opt/bitnami/scripts/postgresql-env.sh && postgresql_stop && kill -TERM 1"'
EOF
if [[ -v REPMGR_CHILD_NODES_CHECK_INTERVAL ]]; then
cat <<EOF >>"${REPMGR_CONF_FILE}.tmp"
child_nodes_check_interval=${REPMGR_CHILD_NODES_CHECK_INTERVAL}
EOF
fi
if [[ -v REPMGR_CHILD_NODES_CONNECTED_MIN_COUNT ]]; then
cat <<EOF >>"${REPMGR_CONF_FILE}.tmp"
child_nodes_connected_min_count=${REPMGR_CHILD_NODES_CONNECTED_MIN_COUNT}
EOF
fi
if [[ -v REPMGR_CHILD_NODES_DISCONNECT_TIMEOUT ]]; then
cat <<EOF >>"${REPMGR_CONF_FILE}.tmp"
child_nodes_disconnect_timeout=${REPMGR_CHILD_NODES_DISCONNECT_TIMEOUT}
EOF
fi
fi
if [[ "$REPMGR_FENCE_OLD_PRIMARY" == "true" ]]; then
cat <<EOF >>"${REPMGR_CONF_FILE}.tmp"
child_nodes_disconnect_command='/bin/bash -c ". /opt/bitnami/scripts/libpostgresql.sh && . /opt/bitnami/scripts/postgresql-env.sh && postgresql_stop && kill -TERM 1"'
EOF
if [[ -v REPMGR_CHILD_NODES_CHECK_INTERVAL ]]; then
cat <<EOF >>"${REPMGR_CONF_FILE}.tmp"
child_nodes_check_interval=${REPMGR_CHILD_NODES_CHECK_INTERVAL}
EOF
fi
if [[ -v REPMGR_CHILD_NODES_CONNECTED_MIN_COUNT ]]; then
cat <<EOF >>"${REPMGR_CONF_FILE}.tmp"
child_nodes_connected_min_count=${REPMGR_CHILD_NODES_CONNECTED_MIN_COUNT}
EOF
fi
if [[ -v REPMGR_CHILD_NODES_DISCONNECT_TIMEOUT ]]; then
cat <<EOF >>"${REPMGR_CONF_FILE}.tmp"
child_nodes_disconnect_timeout=${REPMGR_CHILD_NODES_DISCONNECT_TIMEOUT}
EOF
fi
fi
if [[ -f "${REPMGR_MOUNTED_CONF_DIR}/repmgr.conf" ]]; then
# remove from default the overrided keys, and append the desired conf
grep -xvFf "${REPMGR_CONF_FILE}.tmp" "${REPMGR_MOUNTED_CONF_DIR}/repmgr.conf" | awk -F"=" '{print $1;}' >"${REPMGR_CONF_FILE}.keys" && grep -v -f "${REPMGR_CONF_FILE}.keys" "${REPMGR_CONF_FILE}.tmp" >"$REPMGR_CONF_FILE" && cat "${REPMGR_MOUNTED_CONF_DIR}/repmgr.conf" >>"$REPMGR_CONF_FILE"
else
cp "${REPMGR_CONF_FILE}.tmp" "${REPMGR_CONF_FILE}"
fi
if [[ "$REPMGR_USE_PASSFILE" = "true" ]]; then
echo "passfile='${REPMGR_PASSFILE_PATH}'" >>"$REPMGR_CONF_FILE"
fi
}
########################
# Waits until the primary node responds
# Globals:
# REPMGR_*
# Arguments:
# None
# Returns:
# None
#########################
repmgr_wait_primary_node() {
local return_value=1
local -i timeout=60
local -i step=10
local -i max_tries=$((timeout / step))
local schemata
info "Waiting for primary node..."
debug "Wait for schema $REPMGR_DATABASE.repmgr on '${REPMGR_CURRENT_PRIMARY_HOST}:${REPMGR_CURRENT_PRIMARY_PORT}', will try $max_tries times with $step delay seconds (TIMEOUT=$timeout)"
for ((i = 0; i <= timeout; i += step)); do
local query="SELECT 1 FROM information_schema.schemata WHERE catalog_name='$REPMGR_DATABASE' AND schema_name='repmgr'"
if ! schemata="$(echo "$query" | NO_ERRORS=true postgresql_remote_execute "$REPMGR_CURRENT_PRIMARY_HOST" "$REPMGR_CURRENT_PRIMARY_PORT" "$REPMGR_DATABASE" "$REPMGR_USERNAME" "$REPMGR_PASSWORD" "-tA")"; then
debug "Host '${REPMGR_CURRENT_PRIMARY_HOST}:${REPMGR_CURRENT_PRIMARY_PORT}' is not accessible"
else
if [[ $schemata -ne 1 ]]; then
debug "Schema $REPMGR_DATABASE.repmgr is still not accessible"
else
debug "Schema $REPMGR_DATABASE.repmgr exists!"
return_value=0 && break
fi
fi
sleep "$step"
done
return $return_value
}
########################
# Clones data from primary node
# Globals:
# REPMGR_*
# POSTGRESQL_*
# Arguments:
# None
# Returns:
# None
#########################
repmgr_clone_primary() {
# Clears WAL directory if existing (pg_basebackup requires the WAL dir to be empty)
local -r waldir=$(postgresql_get_waldir)
if [[ -d "$waldir" ]]; then
info "Deleting existing WAL directory $waldir..."
rm -rf "$waldir" && ensure_dir_exists "$waldir"
fi
info "Cloning data from primary node..."
local -r flags=("-f" "$REPMGR_CONF_FILE" "-h" "$REPMGR_CURRENT_PRIMARY_HOST" "-p" "$REPMGR_CURRENT_PRIMARY_PORT" "-U" "$REPMGR_USERNAME" "-d" "dbname=$REPMGR_DATABASE host=$REPMGR_CURRENT_PRIMARY_HOST port=$REPMGR_CURRENT_PRIMARY_PORT connect_timeout=$REPMGR_CONNECT_TIMEOUT" "-D" "$POSTGRESQL_DATA_DIR" "standby" "clone" "--fast-checkpoint" "--force")
if [[ "$REPMGR_USE_PASSFILE" = "true" ]]; then
PGPASSFILE="$REPMGR_PASSFILE_PATH" repmgr_execute "${flags[@]}"
else
PGPASSWORD="$REPMGR_PASSWORD" repmgr_execute "${flags[@]}"
fi
}
########################
# Execute pg_rewind to get data from the primary node
# Globals:
# REPMGR_*
# Arguments:
# None
# Returns:
# None
#########################
repmgr_pgrewind() {
info "Running pg_rewind data to primary node..."
local -r flags=("-D" "$POSTGRESQL_DATA_DIR" "--source-server" "host=${REPMGR_CURRENT_PRIMARY_HOST} port=${REPMGR_CURRENT_PRIMARY_PORT} user=${REPMGR_USERNAME} dbname=${REPMGR_DATABASE}")
if [[ "$REPMGR_USE_PASSFILE" = "true" ]]; then
PGPASSFILE="$REPMGR_PASSFILE_PATH" debug_execute "${POSTGRESQL_BIN_DIR}/pg_rewind" "${flags[@]}"
else
PGPASSWORD="$REPMGR_PASSWORD" debug_execute "${POSTGRESQL_BIN_DIR}/pg_rewind" "${flags[@]}"
fi
}
########################
# Rejoin node
# Globals:
# REPMGR_*
# Arguments:
# None
# Returns:
# None
#########################
repmgr_rewind() {
info "Rejoining node..."
ensure_dir_exists "$POSTGRESQL_DATA_DIR"
if is_boolean_yes "$REPMGR_USE_PGREWIND"; then
info "Using pg_rewind to primary node..."
if ! repmgr_pgrewind; then
warn "pg_rewind failed, resorting to data cloning"
repmgr_clone_primary
fi
else
repmgr_clone_primary
fi
}
########################
# Register a node as primary
# Globals:
# REPMGR_*
# Arguments:
# None
# Returns:
# None
#########################
repmgr_register_primary() {
info "Registering Primary..."
local -r flags=("-f" "$REPMGR_CONF_FILE" "master" "register" "--force")
repmgr_execute "${flags[@]}"
}
########################
# Unregister standby node
# Globals:
# REPMGR_*
# Arguments:
# None
# Returns:
# None
#########################
repmgr_unregister_standby() {
info "Unregistering standby node..."
local -r flags=("standby" "unregister" "-f" "$REPMGR_CONF_FILE" "--node-id=$(repmgr_get_node_id)")
# The command below can fail when the node doesn't exist yet
repmgr_execute "${flags[@]}" || true
}
########################
# Unregister witness
# Globals:
# REPMGR_*
# Arguments:
# None
# Returns:
# None
#########################
repmgr_unregister_witness() {
info "Unregistering witness node..."
local -r flags=("-f" "$REPMGR_CONF_FILE" "witness" "unregister" "-h" "$REPMGR_CURRENT_PRIMARY_HOST" "-p" "$REPMGR_CURRENT_PRIMARY_PORT" "--verbose")
# The command below can fail when the node doesn't exist yet
if [[ "$REPMGR_USE_PASSFILE" = "true" ]]; then
PGPASSFILE="$REPMGR_PASSFILE_PATH" repmgr_execute "${flags[@]}" || true
else
PGPASSWORD="$REPMGR_PASSWORD" repmgr_execute "${flags[@]}" || true
fi
}
########################
# Register witness
# Globals:
# REPMGR_*
# Arguments:
# None
# Returns:
# None
#########################
repmgr_register_witness() {
info "Registering witness node..."
local -r flags=("-f" "$REPMGR_CONF_FILE" "witness" "register" "-h" "$REPMGR_CURRENT_PRIMARY_HOST" "-p" "$REPMGR_CURRENT_PRIMARY_PORT" "--force" "--verbose")
repmgr_wait_primary_node
if [[ "$REPMGR_USE_PASSFILE" = "true" ]]; then
PGPASSFILE="$REPMGR_PASSFILE_PATH" repmgr_execute "${flags[@]}"
else
PGPASSWORD="$REPMGR_PASSWORD" repmgr_execute "${flags[@]}"
fi
}
########################
# Standby follow.
# Globals:
# REPMGR_*
# Arguments:
# None
# Returns:
# None
#########################
repmgr_standby_follow() {
info "Running standby follow..."
local -r flags=("standby" "follow" "-f" "$REPMGR_CONF_FILE" "-W" "--log-level" "DEBUG" "--verbose")
if [[ "$REPMGR_USE_PASSFILE" = "true" ]]; then
PGPASSFILE="$REPMGR_PASSFILE_PATH" repmgr_execute "${flags[@]}"
else
PGPASSWORD="$REPMGR_PASSWORD" repmgr_execute "${flags[@]}"
fi
}
########################
# Resgister a node as standby
# Globals:
# REPMGR_*
# Arguments:
# None
# Returns:
# None
#########################
repmgr_register_standby() {
info "Registering Standby node..."
local -r flags=("standby" "register" "-f" "$REPMGR_CONF_FILE" "--force" "--verbose")
repmgr_execute "${flags[@]}"
}
########################
# Upgrade repmgr extension
# Globals:
# REPMGR_*
# Arguments:
# None
# Returns:
# None
#########################
repmgr_upgrade_extension() {
info "Upgrading repmgr extension..."
echo "ALTER EXTENSION repmgr UPDATE" | postgresql_execute "$REPMGR_DATABASE" "$REPMGR_USERNAME" "$REPMGR_PASSWORD"
}
########################
# Initialize repmgr service
# Globals:
# REPMGR_*
# Arguments:
# None
# Returns:
# None
#########################
repmgr_initialize() {
debug "Node ID: '$(repmgr_get_node_id)', Rol: '$REPMGR_ROLE', Primary Node: '${REPMGR_CURRENT_PRIMARY_HOST}:${REPMGR_CURRENT_PRIMARY_PORT}'"
info "Initializing Repmgr..."
ensure_dir_exists "$REPMGR_LOCK_DIR"
am_i_root && chown "$POSTGRESQL_DAEMON_USER:$POSTGRESQL_DAEMON_GROUP" "$REPMGR_LOCK_DIR"
ensure_dir_exists "$POSTGRESQL_DATA_DIR"
am_i_root && chown "$POSTGRESQL_DAEMON_USER:$POSTGRESQL_DAEMON_GROUP" "$POSTGRESQL_DATA_DIR"
# This fixes an issue where the trap would kill the entrypoint.sh, if a PID was left over from a previous run
# Exec replaces the process without creating a new one, and when the container is restarted it may have the same PID
rm -f "$REPMGR_PID_FILE"
if [[ "$REPMGR_ROLE" = "standby" ]]; then
repmgr_wait_primary_node || exit 1
repmgr_rewind
fi
# Run postgresql initialization skipping replication config
postgresql_initialize true
if ! repmgr_is_file_external "postgresql.conf"; then
# Allow remote connections, required to register primary and standby nodes
postgresql_enable_remote_connections
# Configure port and restrict access to PostgreSQL (MD5)
postgresql_set_property "port" "$POSTGRESQL_PORT_NUMBER"
postgresql_configure_replication_parameters
postgresql_configure_fsync
fi
if ! repmgr_is_file_external "pg_hba.conf"; then
is_boolean_yes "$REPMGR_PGHBA_TRUST_ALL" || postgresql_restrict_pghba
fi
if [[ "$REPMGR_ROLE" = "primary" ]]; then
if is_boolean_yes "$POSTGRESQL_FIRST_BOOT"; then
postgresql_start_bg
repmgr_create_repmgr_user
repmgr_create_repmgr_db
# Restart PostgreSQL
postgresql_stop
postgresql_start_bg
repmgr_register_primary
# Allow running custom initialization scripts
postgresql_custom_init_scripts
# Set synchronous replication
POSTGRESQL_CLUSTER_APP_NAME="$REPMGR_PARTNER_NODES"
export POSTGRESQL_CLUSTER_APP_NAME
postgresql_configure_synchronous_replication
elif is_boolean_yes "$REPMGR_UPGRADE_EXTENSION"; then
# Upgrade repmgr extension
postgresql_start_bg
repmgr_upgrade_extension
else
debug "Skipping repmgr configuration..."
fi
elif [[ "$REPMGR_ROLE" = "standby" ]]; then
POSTGRESQL_MASTER_PORT_NUMBER="$REPMGR_CURRENT_PRIMARY_PORT"
export POSTGRESQL_MASTER_PORT_NUMBER
POSTGRESQL_MASTER_HOST="$REPMGR_CURRENT_PRIMARY_HOST"
export POSTGRESQL_MASTER_HOST
postgresql_configure_recovery
postgresql_start_bg
repmgr_unregister_standby
repmgr_register_standby
elif [[ "$REPMGR_ROLE" = "witness" ]]; then
postgresql_start_bg
repmgr_create_repmgr_user
repmgr_create_repmgr_db
repmgr_unregister_witness
repmgr_register_witness
fi
}
########################
# Checks repmgr status trying to detect split-brain scenarios
# Globals:
# REPMGR_*
# Arguments:
# $1 - property
# $2 - value
# $3 - Path to configuration file (default: $REPMGR_CONF_FILE)
# Returns:
# None
#########################
repmgr_check_status() {
local -r flags=("-f" "$REPMGR_CONF_FILE")
repmgr_role=$(repmgr_execute_print_output "${flags[@]}" node check --role --nagios | awk '{print $NF}')
if [[ "$repmgr_role" = "primary" ]]; then
# Split-brain case: this node considers himself a primary but
# there's another primary node in the cluster
repmgr_status=$(repmgr_execute_print_output "${flags[@]}" daemon status)
if grep -q "registered as standby but running as primary" <<< "$repmgr_status"; then
echo "inconsistent repmgr status"
return 1
fi
fi
return 0
}

488
rootfs/opt/bitnami/scripts/postgresql-env.sh Normal file
View File

@@ -0,0 +1,488 @@
#!/bin/bash
# Copyright Broadcom, Inc. All Rights Reserved.
# SPDX-License-Identifier: APACHE-2.0
#
# Environment configuration for postgresql
# The values for all environment variables will be set in the below order of precedence
# 1. Custom environment variables defined below after Bitnami defaults
# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR
# 3. Environment variables overridden via external files using *_FILE variables (see below)
# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata)
# Load logging library
# shellcheck disable=SC1090,SC1091
. /opt/bitnami/scripts/liblog.sh
export BITNAMI_ROOT_DIR="/opt/bitnami"
export BITNAMI_VOLUME_DIR="/bitnami"
# Logging configuration
export MODULE="${MODULE:-postgresql}"
export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}"
# By setting an environment variable matching *_FILE to a file path, the prefixed environment
# variable will be overridden with the value specified in that file
postgresql_env_vars=(
POSTGRESQL_VOLUME_DIR
POSTGRESQL_DATA_DIR
POSTGRESQL_EXTRA_FLAGS
POSTGRESQL_INIT_MAX_TIMEOUT
POSTGRESQL_PGCTLTIMEOUT
POSTGRESQL_SHUTDOWN_MODE
POSTGRESQL_CLUSTER_APP_NAME
POSTGRESQL_DATABASE
POSTGRESQL_INITDB_ARGS
ALLOW_EMPTY_PASSWORD
POSTGRESQL_INITDB_WAL_DIR
POSTGRESQL_MASTER_HOST
POSTGRESQL_MASTER_PORT_NUMBER
POSTGRESQL_NUM_SYNCHRONOUS_REPLICAS
POSTGRESQL_SYNCHRONOUS_REPLICAS_MODE
POSTGRESQL_PORT_NUMBER
POSTGRESQL_ALLOW_REMOTE_CONNECTIONS
POSTGRESQL_REPLICATION_MODE
POSTGRESQL_REPLICATION_USER
POSTGRESQL_REPLICATION_USE_PASSFILE
POSTGRESQL_REPLICATION_PASSFILE_PATH
POSTGRESQL_SR_CHECK
POSTGRESQL_SR_CHECK_USERNAME
POSTGRESQL_SR_CHECK_DATABASE
POSTGRESQL_SYNCHRONOUS_COMMIT_MODE
POSTGRESQL_FSYNC
POSTGRESQL_USERNAME
POSTGRESQL_ENABLE_LDAP
POSTGRESQL_LDAP_URL
POSTGRESQL_LDAP_PREFIX
POSTGRESQL_LDAP_SUFFIX
POSTGRESQL_LDAP_SERVER
POSTGRESQL_LDAP_PORT
POSTGRESQL_LDAP_SCHEME
POSTGRESQL_LDAP_TLS
POSTGRESQL_LDAP_BASE_DN
POSTGRESQL_LDAP_BIND_DN
POSTGRESQL_LDAP_BIND_PASSWORD
POSTGRESQL_LDAP_SEARCH_ATTR
POSTGRESQL_LDAP_SEARCH_FILTER
POSTGRESQL_INITSCRIPTS_USERNAME
POSTGRESQL_PASSWORD
POSTGRESQL_POSTGRES_PASSWORD
POSTGRESQL_REPLICATION_PASSWORD
POSTGRESQL_SR_CHECK_PASSWORD
POSTGRESQL_INITSCRIPTS_PASSWORD
POSTGRESQL_ENABLE_TLS
POSTGRESQL_TLS_CERT_FILE
POSTGRESQL_TLS_KEY_FILE
POSTGRESQL_TLS_CA_FILE
POSTGRESQL_TLS_CRL_FILE
POSTGRESQL_TLS_PREFER_SERVER_CIPHERS
POSTGRESQL_SHARED_PRELOAD_LIBRARIES
POSTGRESQL_PGAUDIT_LOG
POSTGRESQL_PGAUDIT_LOG_CATALOG
POSTGRESQL_PGAUDIT_LOG_PARAMETER
POSTGRESQL_LOG_CONNECTIONS
POSTGRESQL_LOG_DISCONNECTIONS
POSTGRESQL_LOG_HOSTNAME
POSTGRESQL_CLIENT_MIN_MESSAGES
POSTGRESQL_LOG_LINE_PREFIX
POSTGRESQL_LOG_TIMEZONE
POSTGRESQL_TIMEZONE
POSTGRESQL_MAX_CONNECTIONS
POSTGRESQL_TCP_KEEPALIVES_IDLE
POSTGRESQL_TCP_KEEPALIVES_INTERVAL
POSTGRESQL_TCP_KEEPALIVES_COUNT
POSTGRESQL_STATEMENT_TIMEOUT
POSTGRESQL_PGHBA_REMOVE_FILTERS
POSTGRESQL_USERNAME_CONNECTION_LIMIT
POSTGRESQL_POSTGRES_CONNECTION_LIMIT
POSTGRESQL_WAL_LEVEL
POSTGRESQL_DEFAULT_TOAST_COMPRESSION
POSTGRESQL_PASSWORD_ENCRYPTION
POSTGRESQL_DEFAULT_TRANSACTION_ISOLATION
POSTGRESQL_REPLICATION_NODES
POSTGRESQL_PERFORM_RESTORE
POSTGRESQL_AUTOCTL_CONF_DIR
POSTGRESQL_AUTOCTL_MODE
POSTGRESQL_AUTOCTL_MONITOR_HOST
POSTGRESQL_AUTOCTL_HOSTNAME
REPMGR_DATA_DIR
REPMGR_SKIP_SETUP
REPMGR_NODE_ID
REPMGR_NODE_ID_START_SEED
REPMGR_NODE_NAME
REPMGR_NODE_NETWORK_NAME
REPMGR_NODE_PRIORITY
REPMGR_NODE_LOCATION
REPMGR_NODE_TYPE
REPMGR_PORT_NUMBER
REPMGR_LOG_LEVEL
REPMGR_USE_PGREWIND
REPMGR_START_OPTIONS
REPMGR_CONNECT_TIMEOUT
REPMGR_RECONNECT_ATTEMPTS
REPMGR_RECONNECT_INTERVAL
REPMGR_PARTNER_NODES
REPMGR_PRIMARY_HOST
REPMGR_PRIMARY_PORT
REPMGR_USE_REPLICATION_SLOTS
REPMGR_MASTER_RESPONSE_TIMEOUT
REPMGR_PRIMARY_VISIBILITY_CONSENSUS
REPMGR_MONITORING_HISTORY
REPMGR_MONITOR_INTERVAL_SECS
REPMGR_DEGRADED_MONITORING_TIMEOUT
REPMGR_UPGRADE_EXTENSION
REPMGR_FENCE_OLD_PRIMARY
REPMGR_FAILOVER
REPMGR_CHILD_NODES_CHECK_INTERVAL
REPMGR_CHILD_NODES_CONNECTED_MIN_COUNT
REPMGR_CHILD_NODES_DISCONNECT_TIMEOUT
REPMGR_SWITCH_ROLE
REPMGR_USERNAME
REPMGR_DATABASE
REPMGR_PGHBA_TRUST_ALL
REPMGR_PASSWORD
REPMGR_USE_PASSFILE
REPMGR_PASSFILE_PATH
PGCONNECT_TIMEOUT
POSTGRES_DATA_DIR
PGDATA
POSTGRES_SHUTDOWN_MODE
POSTGRES_CLUSTER_APP_NAME
POSTGRES_DATABASE
POSTGRES_DB
POSTGRES_INITDB_ARGS
POSTGRES_INITDB_WAL_DIR
POSTGRES_MASTER_HOST
POSTGRES_MASTER_PORT_NUMBER
POSTGRES_NUM_SYNCHRONOUS_REPLICAS
POSTGRES_SYNCHRONOUS_REPLICAS_MODE
POSTGRES_PORT_NUMBER
POSTGRES_ALLOW_REMOTE_CONNECTIONS
POSTGRES_REPLICATION_MODE
POSTGRES_REPLICATION_USER
POSTGRES_SR_CHECK
POSTGRES_SR_CHECK_USER
POSTGRES_SR_CHECK_DATABASE
POSTGRES_SYNCHRONOUS_COMMIT_MODE
POSTGRES_FSYNC
POSTGRES_USERNAME
POSTGRES_USER
POSTGRESQL_USER
POSTGRES_ENABLE_LDAP
POSTGRES_LDAP_URL
POSTGRES_LDAP_PREFIX
POSTGRES_LDAP_SUFFIX
POSTGRES_LDAP_SERVER
POSTGRES_LDAP_PORT
POSTGRES_LDAP_SCHEME
POSTGRES_LDAP_TLS
POSTGRES_LDAP_BASE_DN
POSTGRES_LDAP_BIND_DN
POSTGRES_LDAP_BIND_PASSWORD
POSTGRES_LDAP_SEARCH_ATTR
POSTGRES_LDAP_SEARCH_FILTER
POSTGRES_INITSCRIPTS_USERNAME
POSTGRES_PASSWORD
POSTGRES_POSTGRES_PASSWORD
POSTGRES_REPLICATION_PASSWORD
POSTGRES_SR_CHECK_PASSWORD
POSTGRES_INITSCRIPTS_PASSWORD
POSTGRES_ENABLE_TLS
POSTGRES_TLS_CERT_FILE
POSTGRES_TLS_KEY_FILE
POSTGRES_TLS_CA_FILE
POSTGRES_TLS_CRL_FILE
POSTGRES_TLS_PREFER_SERVER_CIPHERS
POSTGRES_SHARED_PRELOAD_LIBRARIES
POSTGRES_PGAUDIT_LOG
POSTGRES_PGAUDIT_LOG_CATALOG
POSTGRES_PGAUDIT_LOG_PARAMETER
POSTGRES_LOG_CONNECTIONS
POSTGRES_LOG_DISCONNECTIONS
POSTGRES_LOG_HOSTNAME
POSTGRES_CLIENT_MIN_MESSAGES
POSTGRES_LOG_LINE_PREFIX
POSTGRES_LOG_TIMEZONE
POSTGRES_TIMEZONE
POSTGRES_MAX_CONNECTIONS
POSTGRES_TCP_KEEPALIVES_IDLE
POSTGRES_TCP_KEEPALIVES_INTERVAL
POSTGRES_TCP_KEEPALIVES_COUNT
POSTGRES_STATEMENT_TIMEOUT
POSTGRES_PGHBA_REMOVE_FILTERS
POSTGRES_USER_CONNECTION_LIMIT
POSTGRES_POSTGRES_CONNECTION_LIMIT
)
for env_var in "${postgresql_env_vars[@]}"; do
file_env_var="${env_var}_FILE"
if [[ -n "${!file_env_var:-}" ]]; then
if [[ -r "${!file_env_var:-}" ]]; then
export "${env_var}=$(< "${!file_env_var}")"
unset "${file_env_var}"
else
warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable."
fi
fi
done
unset postgresql_env_vars
# Paths
export POSTGRESQL_VOLUME_DIR="${POSTGRESQL_VOLUME_DIR:-/bitnami/postgresql}"
export POSTGRESQL_BASE_DIR="/opt/bitnami/postgresql"
POSTGRESQL_DATA_DIR="${POSTGRESQL_DATA_DIR:-"${POSTGRES_DATA_DIR:-}"}"
POSTGRESQL_DATA_DIR="${POSTGRESQL_DATA_DIR:-"${PGDATA:-}"}"
export POSTGRESQL_DATA_DIR="${POSTGRESQL_DATA_DIR:-${POSTGRESQL_VOLUME_DIR}/data}"
export POSTGRESQL_DEFAULT_CONF_DIR="$POSTGRESQL_BASE_DIR/conf.default"
export POSTGRESQL_CONF_DIR="$POSTGRESQL_BASE_DIR/conf"
export POSTGRESQL_MOUNTED_CONF_DIR="$POSTGRESQL_VOLUME_DIR/conf"
export POSTGRESQL_CONF_FILE="$POSTGRESQL_CONF_DIR/postgresql.conf"
export POSTGRESQL_PGHBA_FILE="$POSTGRESQL_CONF_DIR/pg_hba.conf"
export POSTGRESQL_RECOVERY_FILE="$POSTGRESQL_DATA_DIR/recovery.conf"
export POSTGRESQL_LOG_DIR="$POSTGRESQL_BASE_DIR/logs"
export POSTGRESQL_LOG_FILE="$POSTGRESQL_LOG_DIR/postgresql.log"
export POSTGRESQL_TMP_DIR="$POSTGRESQL_BASE_DIR/tmp"
export POSTGRESQL_PID_FILE="$POSTGRESQL_TMP_DIR/postgresql.pid"
export POSTGRESQL_BIN_DIR="$POSTGRESQL_BASE_DIR/bin"
export POSTGRESQL_INITSCRIPTS_DIR="/docker-entrypoint-initdb.d"
export POSTGRESQL_PREINITSCRIPTS_DIR="/docker-entrypoint-preinitdb.d"
export PATH="${POSTGRESQL_BIN_DIR}:${BITNAMI_ROOT_DIR}/common/bin:${PATH}"
# System users (when running with a privileged user)
export POSTGRESQL_DAEMON_USER="postgres"
export POSTGRESQL_DAEMON_GROUP="postgres"
# PostgreSQL settings
export POSTGRESQL_EXTRA_FLAGS="${POSTGRESQL_EXTRA_FLAGS:-}"
export POSTGRESQL_INIT_MAX_TIMEOUT="${POSTGRESQL_INIT_MAX_TIMEOUT:-60}"
export POSTGRESQL_PGCTLTIMEOUT="${POSTGRESQL_PGCTLTIMEOUT:-60}"
POSTGRESQL_SHUTDOWN_MODE="${POSTGRESQL_SHUTDOWN_MODE:-"${POSTGRES_SHUTDOWN_MODE:-}"}"
export POSTGRESQL_SHUTDOWN_MODE="${POSTGRESQL_SHUTDOWN_MODE:-fast}"
POSTGRESQL_CLUSTER_APP_NAME="${POSTGRESQL_CLUSTER_APP_NAME:-"${POSTGRES_CLUSTER_APP_NAME:-}"}"
export POSTGRESQL_CLUSTER_APP_NAME="${POSTGRESQL_CLUSTER_APP_NAME:-walreceiver}"
POSTGRESQL_DATABASE="${POSTGRESQL_DATABASE:-"${POSTGRES_DATABASE:-}"}"
POSTGRESQL_DATABASE="${POSTGRESQL_DATABASE:-"${POSTGRES_DB:-}"}"
export POSTGRESQL_DATABASE="${POSTGRESQL_DATABASE:-postgres}"
POSTGRESQL_INITDB_ARGS="${POSTGRESQL_INITDB_ARGS:-"${POSTGRES_INITDB_ARGS:-}"}"
export POSTGRESQL_INITDB_ARGS="${POSTGRESQL_INITDB_ARGS:-}"
export ALLOW_EMPTY_PASSWORD="${ALLOW_EMPTY_PASSWORD:-no}"
POSTGRESQL_INITDB_WAL_DIR="${POSTGRESQL_INITDB_WAL_DIR:-"${POSTGRES_INITDB_WAL_DIR:-}"}"
export POSTGRESQL_INITDB_WAL_DIR="${POSTGRESQL_INITDB_WAL_DIR:-}"
POSTGRESQL_MASTER_HOST="${POSTGRESQL_MASTER_HOST:-"${POSTGRES_MASTER_HOST:-}"}"
export POSTGRESQL_MASTER_HOST="${POSTGRESQL_MASTER_HOST:-}"
POSTGRESQL_MASTER_PORT_NUMBER="${POSTGRESQL_MASTER_PORT_NUMBER:-"${POSTGRES_MASTER_PORT_NUMBER:-}"}"
export POSTGRESQL_MASTER_PORT_NUMBER="${POSTGRESQL_MASTER_PORT_NUMBER:-5432}"
POSTGRESQL_NUM_SYNCHRONOUS_REPLICAS="${POSTGRESQL_NUM_SYNCHRONOUS_REPLICAS:-"${POSTGRES_NUM_SYNCHRONOUS_REPLICAS:-}"}"
export POSTGRESQL_NUM_SYNCHRONOUS_REPLICAS="${POSTGRESQL_NUM_SYNCHRONOUS_REPLICAS:-0}"
POSTGRESQL_SYNCHRONOUS_REPLICAS_MODE="${POSTGRESQL_SYNCHRONOUS_REPLICAS_MODE:-"${POSTGRES_SYNCHRONOUS_REPLICAS_MODE:-}"}"
export POSTGRESQL_SYNCHRONOUS_REPLICAS_MODE="${POSTGRESQL_SYNCHRONOUS_REPLICAS_MODE:-}"
POSTGRESQL_PORT_NUMBER="${POSTGRESQL_PORT_NUMBER:-"${POSTGRES_PORT_NUMBER:-}"}"
export POSTGRESQL_PORT_NUMBER="${POSTGRESQL_PORT_NUMBER:-5432}"
POSTGRESQL_ALLOW_REMOTE_CONNECTIONS="${POSTGRESQL_ALLOW_REMOTE_CONNECTIONS:-"${POSTGRES_ALLOW_REMOTE_CONNECTIONS:-}"}"
export POSTGRESQL_ALLOW_REMOTE_CONNECTIONS="${POSTGRESQL_ALLOW_REMOTE_CONNECTIONS:-yes}"
POSTGRESQL_REPLICATION_MODE="${POSTGRESQL_REPLICATION_MODE:-"${POSTGRES_REPLICATION_MODE:-}"}"
export POSTGRESQL_REPLICATION_MODE="${POSTGRESQL_REPLICATION_MODE:-master}"
POSTGRESQL_REPLICATION_USER="${POSTGRESQL_REPLICATION_USER:-"${POSTGRES_REPLICATION_USER:-}"}"
export POSTGRESQL_REPLICATION_USER="${POSTGRESQL_REPLICATION_USER:-}"
export POSTGRESQL_REPLICATION_USE_PASSFILE="${POSTGRESQL_REPLICATION_USE_PASSFILE:-no}"
export POSTGRESQL_REPLICATION_PASSFILE_PATH="${POSTGRESQL_REPLICATION_PASSFILE_PATH:-${POSTGRESQL_CONF_DIR}/.pgpass}"
POSTGRESQL_SR_CHECK="${POSTGRESQL_SR_CHECK:-"${POSTGRES_SR_CHECK:-}"}"
export POSTGRESQL_SR_CHECK="${POSTGRESQL_SR_CHECK:-no}"
POSTGRESQL_SR_CHECK_USERNAME="${POSTGRESQL_SR_CHECK_USERNAME:-"${POSTGRES_SR_CHECK_USER:-}"}"
export POSTGRESQL_SR_CHECK_USERNAME="${POSTGRESQL_SR_CHECK_USERNAME:-sr_check_user}"
POSTGRESQL_SR_CHECK_DATABASE="${POSTGRESQL_SR_CHECK_DATABASE:-"${POSTGRES_SR_CHECK_DATABASE:-}"}"
export POSTGRESQL_SR_CHECK_DATABASE="${POSTGRESQL_SR_CHECK_DATABASE:-postgres}"
POSTGRESQL_SYNCHRONOUS_COMMIT_MODE="${POSTGRESQL_SYNCHRONOUS_COMMIT_MODE:-"${POSTGRES_SYNCHRONOUS_COMMIT_MODE:-}"}"
export POSTGRESQL_SYNCHRONOUS_COMMIT_MODE="${POSTGRESQL_SYNCHRONOUS_COMMIT_MODE:-on}"
POSTGRESQL_FSYNC="${POSTGRESQL_FSYNC:-"${POSTGRES_FSYNC:-}"}"
export POSTGRESQL_FSYNC="${POSTGRESQL_FSYNC:-on}"
POSTGRESQL_USERNAME="${POSTGRESQL_USERNAME:-"${POSTGRES_USERNAME:-}"}"
POSTGRESQL_USERNAME="${POSTGRESQL_USERNAME:-"${POSTGRES_USER:-}"}"
POSTGRESQL_USERNAME="${POSTGRESQL_USERNAME:-"${POSTGRESQL_USER:-}"}"
export POSTGRESQL_USERNAME="${POSTGRESQL_USERNAME:-postgres}"
POSTGRESQL_ENABLE_LDAP="${POSTGRESQL_ENABLE_LDAP:-"${POSTGRES_ENABLE_LDAP:-}"}"
export POSTGRESQL_ENABLE_LDAP="${POSTGRESQL_ENABLE_LDAP:-no}"
POSTGRESQL_LDAP_URL="${POSTGRESQL_LDAP_URL:-"${POSTGRES_LDAP_URL:-}"}"
export POSTGRESQL_LDAP_URL="${POSTGRESQL_LDAP_URL:-}"
POSTGRESQL_LDAP_PREFIX="${POSTGRESQL_LDAP_PREFIX:-"${POSTGRES_LDAP_PREFIX:-}"}"
export POSTGRESQL_LDAP_PREFIX="${POSTGRESQL_LDAP_PREFIX:-}"
POSTGRESQL_LDAP_SUFFIX="${POSTGRESQL_LDAP_SUFFIX:-"${POSTGRES_LDAP_SUFFIX:-}"}"
export POSTGRESQL_LDAP_SUFFIX="${POSTGRESQL_LDAP_SUFFIX:-}"
POSTGRESQL_LDAP_SERVER="${POSTGRESQL_LDAP_SERVER:-"${POSTGRES_LDAP_SERVER:-}"}"
export POSTGRESQL_LDAP_SERVER="${POSTGRESQL_LDAP_SERVER:-}"
POSTGRESQL_LDAP_PORT="${POSTGRESQL_LDAP_PORT:-"${POSTGRES_LDAP_PORT:-}"}"
export POSTGRESQL_LDAP_PORT="${POSTGRESQL_LDAP_PORT:-}"
POSTGRESQL_LDAP_SCHEME="${POSTGRESQL_LDAP_SCHEME:-"${POSTGRES_LDAP_SCHEME:-}"}"
export POSTGRESQL_LDAP_SCHEME="${POSTGRESQL_LDAP_SCHEME:-}"
POSTGRESQL_LDAP_TLS="${POSTGRESQL_LDAP_TLS:-"${POSTGRES_LDAP_TLS:-}"}"
export POSTGRESQL_LDAP_TLS="${POSTGRESQL_LDAP_TLS:-}"
POSTGRESQL_LDAP_BASE_DN="${POSTGRESQL_LDAP_BASE_DN:-"${POSTGRES_LDAP_BASE_DN:-}"}"
export POSTGRESQL_LDAP_BASE_DN="${POSTGRESQL_LDAP_BASE_DN:-}"
POSTGRESQL_LDAP_BIND_DN="${POSTGRESQL_LDAP_BIND_DN:-"${POSTGRES_LDAP_BIND_DN:-}"}"
export POSTGRESQL_LDAP_BIND_DN="${POSTGRESQL_LDAP_BIND_DN:-}"
POSTGRESQL_LDAP_BIND_PASSWORD="${POSTGRESQL_LDAP_BIND_PASSWORD:-"${POSTGRES_LDAP_BIND_PASSWORD:-}"}"
export POSTGRESQL_LDAP_BIND_PASSWORD="${POSTGRESQL_LDAP_BIND_PASSWORD:-}"
POSTGRESQL_LDAP_SEARCH_ATTR="${POSTGRESQL_LDAP_SEARCH_ATTR:-"${POSTGRES_LDAP_SEARCH_ATTR:-}"}"
export POSTGRESQL_LDAP_SEARCH_ATTR="${POSTGRESQL_LDAP_SEARCH_ATTR:-}"
POSTGRESQL_LDAP_SEARCH_FILTER="${POSTGRESQL_LDAP_SEARCH_FILTER:-"${POSTGRES_LDAP_SEARCH_FILTER:-}"}"
export POSTGRESQL_LDAP_SEARCH_FILTER="${POSTGRESQL_LDAP_SEARCH_FILTER:-}"
POSTGRESQL_INITSCRIPTS_USERNAME="${POSTGRESQL_INITSCRIPTS_USERNAME:-"${POSTGRES_INITSCRIPTS_USERNAME:-}"}"
export POSTGRESQL_INITSCRIPTS_USERNAME="${POSTGRESQL_INITSCRIPTS_USERNAME:-$POSTGRESQL_USERNAME}"
POSTGRESQL_PASSWORD="${POSTGRESQL_PASSWORD:-"${POSTGRES_PASSWORD:-}"}"
export POSTGRESQL_PASSWORD="${POSTGRESQL_PASSWORD:-}"
POSTGRESQL_POSTGRES_PASSWORD="${POSTGRESQL_POSTGRES_PASSWORD:-"${POSTGRES_POSTGRES_PASSWORD:-}"}"
export POSTGRESQL_POSTGRES_PASSWORD="${POSTGRESQL_POSTGRES_PASSWORD:-}"
POSTGRESQL_REPLICATION_PASSWORD="${POSTGRESQL_REPLICATION_PASSWORD:-"${POSTGRES_REPLICATION_PASSWORD:-}"}"
export POSTGRESQL_REPLICATION_PASSWORD="${POSTGRESQL_REPLICATION_PASSWORD:-}"
POSTGRESQL_SR_CHECK_PASSWORD="${POSTGRESQL_SR_CHECK_PASSWORD:-"${POSTGRES_SR_CHECK_PASSWORD:-}"}"
export POSTGRESQL_SR_CHECK_PASSWORD="${POSTGRESQL_SR_CHECK_PASSWORD:-}"
POSTGRESQL_INITSCRIPTS_PASSWORD="${POSTGRESQL_INITSCRIPTS_PASSWORD:-"${POSTGRES_INITSCRIPTS_PASSWORD:-}"}"
export POSTGRESQL_INITSCRIPTS_PASSWORD="${POSTGRESQL_INITSCRIPTS_PASSWORD:-$POSTGRESQL_PASSWORD}"
POSTGRESQL_ENABLE_TLS="${POSTGRESQL_ENABLE_TLS:-"${POSTGRES_ENABLE_TLS:-}"}"
export POSTGRESQL_ENABLE_TLS="${POSTGRESQL_ENABLE_TLS:-no}"
POSTGRESQL_TLS_CERT_FILE="${POSTGRESQL_TLS_CERT_FILE:-"${POSTGRES_TLS_CERT_FILE:-}"}"
export POSTGRESQL_TLS_CERT_FILE="${POSTGRESQL_TLS_CERT_FILE:-}"
POSTGRESQL_TLS_KEY_FILE="${POSTGRESQL_TLS_KEY_FILE:-"${POSTGRES_TLS_KEY_FILE:-}"}"
export POSTGRESQL_TLS_KEY_FILE="${POSTGRESQL_TLS_KEY_FILE:-}"
POSTGRESQL_TLS_CA_FILE="${POSTGRESQL_TLS_CA_FILE:-"${POSTGRES_TLS_CA_FILE:-}"}"
export POSTGRESQL_TLS_CA_FILE="${POSTGRESQL_TLS_CA_FILE:-}"
POSTGRESQL_TLS_CRL_FILE="${POSTGRESQL_TLS_CRL_FILE:-"${POSTGRES_TLS_CRL_FILE:-}"}"
export POSTGRESQL_TLS_CRL_FILE="${POSTGRESQL_TLS_CRL_FILE:-}"
POSTGRESQL_TLS_PREFER_SERVER_CIPHERS="${POSTGRESQL_TLS_PREFER_SERVER_CIPHERS:-"${POSTGRES_TLS_PREFER_SERVER_CIPHERS:-}"}"
export POSTGRESQL_TLS_PREFER_SERVER_CIPHERS="${POSTGRESQL_TLS_PREFER_SERVER_CIPHERS:-yes}"
POSTGRESQL_SHARED_PRELOAD_LIBRARIES="${POSTGRESQL_SHARED_PRELOAD_LIBRARIES:-"${POSTGRES_SHARED_PRELOAD_LIBRARIES:-}"}"
export POSTGRESQL_SHARED_PRELOAD_LIBRARIES="${POSTGRESQL_SHARED_PRELOAD_LIBRARIES:-pgaudit}"
POSTGRESQL_PGAUDIT_LOG="${POSTGRESQL_PGAUDIT_LOG:-"${POSTGRES_PGAUDIT_LOG:-}"}"
export POSTGRESQL_PGAUDIT_LOG="${POSTGRESQL_PGAUDIT_LOG:-}"
POSTGRESQL_PGAUDIT_LOG_CATALOG="${POSTGRESQL_PGAUDIT_LOG_CATALOG:-"${POSTGRES_PGAUDIT_LOG_CATALOG:-}"}"
export POSTGRESQL_PGAUDIT_LOG_CATALOG="${POSTGRESQL_PGAUDIT_LOG_CATALOG:-}"
POSTGRESQL_PGAUDIT_LOG_PARAMETER="${POSTGRESQL_PGAUDIT_LOG_PARAMETER:-"${POSTGRES_PGAUDIT_LOG_PARAMETER:-}"}"
export POSTGRESQL_PGAUDIT_LOG_PARAMETER="${POSTGRESQL_PGAUDIT_LOG_PARAMETER:-}"
POSTGRESQL_LOG_CONNECTIONS="${POSTGRESQL_LOG_CONNECTIONS:-"${POSTGRES_LOG_CONNECTIONS:-}"}"
export POSTGRESQL_LOG_CONNECTIONS="${POSTGRESQL_LOG_CONNECTIONS:-}"
POSTGRESQL_LOG_DISCONNECTIONS="${POSTGRESQL_LOG_DISCONNECTIONS:-"${POSTGRES_LOG_DISCONNECTIONS:-}"}"
export POSTGRESQL_LOG_DISCONNECTIONS="${POSTGRESQL_LOG_DISCONNECTIONS:-}"
POSTGRESQL_LOG_HOSTNAME="${POSTGRESQL_LOG_HOSTNAME:-"${POSTGRES_LOG_HOSTNAME:-}"}"
export POSTGRESQL_LOG_HOSTNAME="${POSTGRESQL_LOG_HOSTNAME:-}"
POSTGRESQL_CLIENT_MIN_MESSAGES="${POSTGRESQL_CLIENT_MIN_MESSAGES:-"${POSTGRES_CLIENT_MIN_MESSAGES:-}"}"
export POSTGRESQL_CLIENT_MIN_MESSAGES="${POSTGRESQL_CLIENT_MIN_MESSAGES:-error}"
POSTGRESQL_LOG_LINE_PREFIX="${POSTGRESQL_LOG_LINE_PREFIX:-"${POSTGRES_LOG_LINE_PREFIX:-}"}"
export POSTGRESQL_LOG_LINE_PREFIX="${POSTGRESQL_LOG_LINE_PREFIX:-}"
POSTGRESQL_LOG_TIMEZONE="${POSTGRESQL_LOG_TIMEZONE:-"${POSTGRES_LOG_TIMEZONE:-}"}"
export POSTGRESQL_LOG_TIMEZONE="${POSTGRESQL_LOG_TIMEZONE:-}"
POSTGRESQL_TIMEZONE="${POSTGRESQL_TIMEZONE:-"${POSTGRES_TIMEZONE:-}"}"
export POSTGRESQL_TIMEZONE="${POSTGRESQL_TIMEZONE:-}"
POSTGRESQL_MAX_CONNECTIONS="${POSTGRESQL_MAX_CONNECTIONS:-"${POSTGRES_MAX_CONNECTIONS:-}"}"
export POSTGRESQL_MAX_CONNECTIONS="${POSTGRESQL_MAX_CONNECTIONS:-}"
POSTGRESQL_TCP_KEEPALIVES_IDLE="${POSTGRESQL_TCP_KEEPALIVES_IDLE:-"${POSTGRES_TCP_KEEPALIVES_IDLE:-}"}"
export POSTGRESQL_TCP_KEEPALIVES_IDLE="${POSTGRESQL_TCP_KEEPALIVES_IDLE:-}"
POSTGRESQL_TCP_KEEPALIVES_INTERVAL="${POSTGRESQL_TCP_KEEPALIVES_INTERVAL:-"${POSTGRES_TCP_KEEPALIVES_INTERVAL:-}"}"
export POSTGRESQL_TCP_KEEPALIVES_INTERVAL="${POSTGRESQL_TCP_KEEPALIVES_INTERVAL:-}"
POSTGRESQL_TCP_KEEPALIVES_COUNT="${POSTGRESQL_TCP_KEEPALIVES_COUNT:-"${POSTGRES_TCP_KEEPALIVES_COUNT:-}"}"
export POSTGRESQL_TCP_KEEPALIVES_COUNT="${POSTGRESQL_TCP_KEEPALIVES_COUNT:-}"
POSTGRESQL_STATEMENT_TIMEOUT="${POSTGRESQL_STATEMENT_TIMEOUT:-"${POSTGRES_STATEMENT_TIMEOUT:-}"}"
export POSTGRESQL_STATEMENT_TIMEOUT="${POSTGRESQL_STATEMENT_TIMEOUT:-}"
POSTGRESQL_PGHBA_REMOVE_FILTERS="${POSTGRESQL_PGHBA_REMOVE_FILTERS:-"${POSTGRES_PGHBA_REMOVE_FILTERS:-}"}"
export POSTGRESQL_PGHBA_REMOVE_FILTERS="${POSTGRESQL_PGHBA_REMOVE_FILTERS:-}"
POSTGRESQL_USERNAME_CONNECTION_LIMIT="${POSTGRESQL_USERNAME_CONNECTION_LIMIT:-"${POSTGRES_USER_CONNECTION_LIMIT:-}"}"
export POSTGRESQL_USERNAME_CONNECTION_LIMIT="${POSTGRESQL_USERNAME_CONNECTION_LIMIT:-}"
POSTGRESQL_POSTGRES_CONNECTION_LIMIT="${POSTGRESQL_POSTGRES_CONNECTION_LIMIT:-"${POSTGRES_POSTGRES_CONNECTION_LIMIT:-}"}"
export POSTGRESQL_POSTGRES_CONNECTION_LIMIT="${POSTGRESQL_POSTGRES_CONNECTION_LIMIT:-}"
export POSTGRESQL_WAL_LEVEL="${POSTGRESQL_WAL_LEVEL:-replica}"
export POSTGRESQL_DEFAULT_TOAST_COMPRESSION="${POSTGRESQL_DEFAULT_TOAST_COMPRESSION:-}"
export POSTGRESQL_PASSWORD_ENCRYPTION="${POSTGRESQL_PASSWORD_ENCRYPTION:-}"
export POSTGRESQL_DEFAULT_TRANSACTION_ISOLATION="${POSTGRESQL_DEFAULT_TRANSACTION_ISOLATION:-}"
export POSTGRESQL_USE_CUSTOM_PGHBA_INITIALIZATION="no"
export POSTGRESQL_REPLICATION_NODES="${POSTGRESQL_REPLICATION_NODES:-}"
# Native recovery settings
export POSTGRESQL_PERFORM_RESTORE="${POSTGRESQL_PERFORM_RESTORE:-no}"
# pgAutoFailover settings
export POSTGRESQL_AUTOCTL_VOLUME_DIR="${POSTGRESQL_VOLUME_DIR}/pgautoctl"
export POSTGRESQL_AUTOCTL_CONF_DIR="${POSTGRESQL_AUTOCTL_CONF_DIR:-${POSTGRESQL_AUTOCTL_VOLUME_DIR}/.config}"
export POSTGRESQL_AUTOCTL_MODE="${POSTGRESQL_AUTOCTL_MODE:-postgres}"
export POSTGRESQL_AUTOCTL_MONITOR_HOST="${POSTGRESQL_AUTOCTL_MONITOR_HOST:-monitor}"
export POSTGRESQL_AUTOCTL_HOSTNAME="${POSTGRESQL_AUTOCTL_HOSTNAME:-$(hostname --fqdn)}"
# pgBackRest settings
export POSTGRESQL_PGBACKREST_VOLUME_DIR="${POSTGRESQL_VOLUME_DIR}/pgbackrest"
export POSTGRESQL_PGBACKREST_LOGS_DIR="${POSTGRESQL_PGBACKREST_VOLUME_DIR}/logs"
export POSTGRESQL_PGBACKREST_BACKUPS_DIR="${POSTGRESQL_PGBACKREST_VOLUME_DIR}/backups"
export POSTGRESQL_PGBACKREST_SPOOL_DIR="${POSTGRESQL_PGBACKREST_VOLUME_DIR}/spool"
export POSTGRESQL_PGBACKREST_CONF_FILE="${POSTGRESQL_DATA_DIR}/pgbackrest.conf"
# Internal
export POSTGRESQL_FIRST_BOOT="yes"
export NSS_WRAPPER_LIB="/opt/bitnami/common/lib/libnss_wrapper.so"
# Paths (Replication Manager)
export PATH="/opt/bitnami/repmgr/bin:/opt/bitnami/common/bin:$PATH"
export REPMGR_BASE_DIR="/opt/bitnami/repmgr"
export REPMGR_CONF_DIR="$REPMGR_BASE_DIR/conf"
export REPMGR_VOLUME_DIR="/bitnami/repmgr"
export REPMGR_MOUNTED_CONF_DIR="$REPMGR_VOLUME_DIR/conf"
export REPMGR_TMP_DIR="$REPMGR_BASE_DIR/tmp"
export REPMGR_EVENTS_DIR="$REPMGR_BASE_DIR/events"
export REPMGR_LOCK_DIR="$POSTGRESQL_VOLUME_DIR/lock"
export REPMGR_PRIMARY_ROLE_LOCK_FILE_NAME="$REPMGR_LOCK_DIR/master.lock"
export REPMGR_STANDBY_ROLE_LOCK_FILE_NAME="$REPMGR_LOCK_DIR/standby.lock"
export REPMGR_BIN_DIR="$REPMGR_BASE_DIR/bin"
export REPMGR_CONF_FILE="$REPMGR_CONF_DIR/repmgr.conf"
export REPMGR_DATA_DIR="${REPMGR_DATA_DIR:-${REPMGR_VOLUME_DIR}/repmgr/data}"
export REPMGR_PID_FILE="${REPMGR_TMP_DIR}/repmgr.pid"
# Settings (Replication Manager)
export REPMGR_SKIP_SETUP="${REPMGR_SKIP_SETUP:-no}"
export REPMGR_NODE_ID="${REPMGR_NODE_ID:-}"
export REPMGR_NODE_ID_START_SEED="${REPMGR_NODE_ID_START_SEED:-1000}"
export REPMGR_NODE_NAME="${REPMGR_NODE_NAME:-$(hostname)}"
export REPMGR_NODE_NETWORK_NAME="${REPMGR_NODE_NETWORK_NAME:-}"
export REPMGR_NODE_PRIORITY="${REPMGR_NODE_PRIORITY:-100}"
export REPMGR_NODE_LOCATION="${REPMGR_NODE_LOCATION:-default}"
export REPMGR_NODE_TYPE="${REPMGR_NODE_TYPE:-data}"
export REPMGR_PORT_NUMBER="${REPMGR_PORT_NUMBER:-5432}"
export REPMGR_LOG_LEVEL="${REPMGR_LOG_LEVEL:-NOTICE}"
export REPMGR_USE_PGREWIND="${REPMGR_USE_PGREWIND:-no}"
export REPMGR_START_OPTIONS="${REPMGR_START_OPTIONS:-}"
export REPMGR_CONNECT_TIMEOUT="${REPMGR_CONNECT_TIMEOUT:-5}"
export REPMGR_RECONNECT_ATTEMPTS="${REPMGR_RECONNECT_ATTEMPTS:-3}"
export REPMGR_RECONNECT_INTERVAL="${REPMGR_RECONNECT_INTERVAL:-5}"
export REPMGR_PARTNER_NODES="${REPMGR_PARTNER_NODES:-}"
export REPMGR_PRIMARY_HOST="${REPMGR_PRIMARY_HOST:-}"
export REPMGR_PRIMARY_PORT="${REPMGR_PRIMARY_PORT:-5432}"
export REPMGR_USE_REPLICATION_SLOTS="${REPMGR_USE_REPLICATION_SLOTS:-1}"
export REPMGR_MASTER_RESPONSE_TIMEOUT="${REPMGR_MASTER_RESPONSE_TIMEOUT:-20}"
export REPMGR_PRIMARY_VISIBILITY_CONSENSUS="${REPMGR_PRIMARY_VISIBILITY_CONSENSUS:-false}"
export REPMGR_MONITORING_HISTORY="${REPMGR_MONITORING_HISTORY:-no}"
export REPMGR_MONITOR_INTERVAL_SECS="${REPMGR_MONITOR_INTERVAL_SECS:-2}"
export REPMGR_DEGRADED_MONITORING_TIMEOUT="${REPMGR_DEGRADED_MONITORING_TIMEOUT:-5}"
export REPMGR_UPGRADE_EXTENSION="${REPMGR_UPGRADE_EXTENSION:-no}"
export REPMGR_FENCE_OLD_PRIMARY="${REPMGR_FENCE_OLD_PRIMARY:-no}"
export REPMGR_FAILOVER="${REPMGR_FAILOVER:-automatic}"
export REPMGR_CHILD_NODES_CHECK_INTERVAL="${REPMGR_CHILD_NODES_CHECK_INTERVAL:-5}"
export REPMGR_CHILD_NODES_CONNECTED_MIN_COUNT="${REPMGR_CHILD_NODES_CONNECTED_MIN_COUNT:-1}"
export REPMGR_CHILD_NODES_DISCONNECT_TIMEOUT="${REPMGR_CHILD_NODES_DISCONNECT_TIMEOUT:-30}"
# Internal (Replication Manager)
export REPMGR_SWITCH_ROLE="${REPMGR_SWITCH_ROLE:-no}"
export REPMGR_CURRENT_PRIMARY_HOST=""
export REPMGR_CURRENT_PRIMARY_PORT="$REPMGR_PRIMARY_PORT"
# Credentials (Replication Manager)
export REPMGR_USERNAME="${REPMGR_USERNAME:-repmgr}"
export REPMGR_DATABASE="${REPMGR_DATABASE:-repmgr}"
export REPMGR_PGHBA_TRUST_ALL="${REPMGR_PGHBA_TRUST_ALL:-no}"
export REPMGR_PASSWORD="${REPMGR_PASSWORD:-}"
export REPMGR_USE_PASSFILE="${REPMGR_USE_PASSFILE:-}"
export REPMGR_PASSFILE_PATH="${REPMGR_PASSFILE_PATH:-$REPMGR_CONF_DIR/.pgpass}"
# PostgreSQL env var (Replication Manager)
export PGCONNECT_TIMEOUT="${PGCONNECT_TIMEOUT:-10}"
export POSTGRESQL_REPLICATION_USER="$REPMGR_USERNAME"
export POSTGRESQL_REPLICATION_PASSWORD="$REPMGR_PASSWORD"
export POSTGRESQL_REPLICATION_USE_PASSFILE="$REPMGR_USE_PASSFILE"
export POSTGRESQL_REPLICATION_PASSFILE_PATH="$REPMGR_PASSFILE_PATH"
export POSTGRESQL_MASTER_HOST="$REPMGR_PRIMARY_HOST"
export POSTGRESQL_MASTER_PORT_NUMBER="$REPMGR_PRIMARY_PORT"
# Custom environment variables may be defined below

41
rootfs/opt/bitnami/scripts/postgresql-repmgr/entrypoint.sh Executable file
View File

@@ -0,0 +1,41 @@
#!/bin/bash
# Copyright Broadcom, Inc. All Rights Reserved.
# SPDX-License-Identifier: APACHE-2.0
# shellcheck disable=SC1091
set -o errexit
set -o nounset
set -o pipefail
#set -o xtrace
# Load libraries
. /opt/bitnami/scripts/liblog.sh
. /opt/bitnami/scripts/libbitnami.sh
. /opt/bitnami/scripts/libpostgresql.sh
. /opt/bitnami/scripts/librepmgr.sh
# Load PostgreSQL & repmgr environment variables
. /opt/bitnami/scripts/postgresql-env.sh
export MODULE=postgresql-repmgr
print_welcome_page
# Enable the nss_wrapper settings
postgresql_enable_nss_wrapper
# We add the copy from default config in the entrypoint to not break users
# bypassing the setup.sh logic. If the file already exists do not overwrite (in
# case someone mounts a configuration file in /opt/bitnami/postgresql/conf)
debug "Copying files from $POSTGRESQL_DEFAULT_CONF_DIR to $POSTGRESQL_CONF_DIR"
cp -nr "$POSTGRESQL_DEFAULT_CONF_DIR"/. "$POSTGRESQL_CONF_DIR"
if [[ "$*" = *"/opt/bitnami/scripts/postgresql-repmgr/run.sh"* ]]; then
info "** Starting PostgreSQL with Replication Manager setup **"
/opt/bitnami/scripts/postgresql-repmgr/setup.sh
touch "$POSTGRESQL_TMP_DIR"/.initialized
info "** PostgreSQL with Replication Manager setup finished! **"
fi
echo ""
exec "$@"

30
rootfs/opt/bitnami/scripts/postgresql-repmgr/postunpack.sh Executable file
View File

@@ -0,0 +1,30 @@
#!/bin/bash
# Copyright Broadcom, Inc. All Rights Reserved.
# SPDX-License-Identifier: APACHE-2.0
# shellcheck disable=SC1091
# Load libraries
. /opt/bitnami/scripts/libfs.sh
. /opt/bitnami/scripts/libpostgresql.sh
. /opt/bitnami/scripts/librepmgr.sh
# Load PostgreSQL & repmgr environment variables
. /opt/bitnami/scripts/postgresql-env.sh
for dir in "$POSTGRESQL_INITSCRIPTS_DIR" "$POSTGRESQL_TMP_DIR" "$POSTGRESQL_LOG_DIR" "$POSTGRESQL_CONF_DIR" "${POSTGRESQL_CONF_DIR}/conf.d" "$POSTGRESQL_DEFAULT_CONF_DIR" "$POSTGRESQL_MOUNTED_CONF_DIR" "${POSTGRESQL_MOUNTED_CONF_DIR}/conf.d" "$POSTGRESQL_VOLUME_DIR" "$REPMGR_CONF_DIR" "$REPMGR_TMP_DIR"; do
ensure_dir_exists "$dir"
chmod -R g+rwX "$dir"
done
# Copying events handlers
mv /events "$REPMGR_EVENTS_DIR"
chmod +x "$REPMGR_EVENTS_DIR"/router.sh "$REPMGR_EVENTS_DIR"/execs/*sh "$REPMGR_EVENTS_DIR"/execs/includes/*sh
# Redirect all logging to stdout
ln -sf /dev/stdout "$POSTGRESQL_LOG_FILE"
# Copy all initially generated configuration files to the default directory
# (this is to avoid breaking when entrypoint is being overridden)
cp -r "${POSTGRESQL_CONF_DIR}/"* "$POSTGRESQL_DEFAULT_CONF_DIR"

30
rootfs/opt/bitnami/scripts/postgresql-repmgr/run.sh Executable file
View File

@@ -0,0 +1,30 @@
#!/bin/bash
# Copyright Broadcom, Inc. All Rights Reserved.
# SPDX-License-Identifier: APACHE-2.0
# shellcheck disable=SC1091
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purposes
# Load libraries
. /opt/bitnami/scripts/liblog.sh
. /opt/bitnami/scripts/libpostgresql.sh
. /opt/bitnami/scripts/librepmgr.sh
# Load PostgreSQL & repmgr environment variables
. /opt/bitnami/scripts/postgresql-env.sh
readonly repmgr_flags=("-f" "$REPMGR_CONF_FILE" "--daemonize=false")
# shellcheck disable=SC2155
readonly repmgr_cmd=$(command -v repmgrd)
postgresql_start_bg true
info "** Starting repmgrd **"
if am_i_root; then
exec_as_user "$POSTGRESQL_DAEMON_USER" "$repmgr_cmd" "${repmgr_flags[@]}"
else
exec "$repmgr_cmd" "${repmgr_flags[@]}"
fi

57
rootfs/opt/bitnami/scripts/postgresql-repmgr/setup.sh Executable file
View File

@@ -0,0 +1,57 @@
#!/bin/bash
# Copyright Broadcom, Inc. All Rights Reserved.
# SPDX-License-Identifier: APACHE-2.0
#
# Bitnami PostgreSQL setup
# shellcheck disable=SC1091
set -o errexit
set -o nounset
set -o pipefail
#set -o xtrace
# Load Libraries
. /opt/bitnami/scripts/libpostgresql.sh
. /opt/bitnami/scripts/librepmgr.sh
# Load PostgreSQL & repmgr environment variables
. /opt/bitnami/scripts/postgresql-env.sh
# Ensure PostgreSQL & repmgr environment variables settings are valid
repmgr_validate
postgresql_validate
# Set the environment variables for the node's role
eval "$(repmgr_set_role)"
# Ensure PostgreSQL is stopped when this script ends.
trap "postgresql_stop" EXIT
# Ensure 'daemon' user exists when running as 'root'
am_i_root && ensure_user_exists "$POSTGRESQL_DAEMON_USER" --group "$POSTGRESQL_DAEMON_GROUP"
if is_boolean_yes "$REPMGR_SKIP_SETUP"; then
info "Skipping preparing configuration files..."
if [[ "$REPMGR_ROLE" = "standby" ]]; then
repmgr_wait_primary_node || exit 1
repmgr_rewind
POSTGRESQL_MASTER_PORT_NUMBER="$REPMGR_CURRENT_PRIMARY_PORT"
export POSTGRESQL_MASTER_PORT_NUMBER
POSTGRESQL_MASTER_HOST="$REPMGR_CURRENT_PRIMARY_HOST"
export POSTGRESQL_MASTER_HOST
postgresql_configure_recovery
postgresql_start_bg
repmgr_unregister_standby
repmgr_register_standby
fi
# This fixes an issue if a PID was left over during the setup
rm -f "$REPMGR_PID_FILE"
else
# Prepare PostgreSQL default configuration
repmgr_postgresql_configuration
# Prepare repmgr configuration
repmgr_generate_repmgr_config
# Initialize PostgreSQL & repmgr
export POSTGRESQL_USE_CUSTOM_PGHBA_INITIALIZATION="yes"
repmgr_initialize
fi