diff --git a/Dockerfile b/Dockerfile index 8049682..a90e353 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,57 +1,4 @@ -FROM debian:trixie-slim - -RUN set -eux; \ - groupadd -r postgres --gid=5432; \ - useradd -r -g postgres --uid=5432 --home-dir=/var/lib/postgresql --shell=/bin/bash postgres; \ - install --verbose --directory --owner postgres --group postgres --mode 1755 /var/lib/postgresql - -RUN apt-get update; \ - apt-get install -y --no-install-recommends \ - openssh-server \ - sudo \ - ; \ - rm -rf /var/lib/apt/lists/*; \ - echo "postgres ALL = (ALL) NOPASSWD:ALL" >> /etc/sudoers; \ - echo "X11Forwarding no" >> /etc/ssh/sshd_config; \ - echo "PasswordAuthentication no" >> /etc/ssh/sshd_config; \ - echo "StrictHostKeyChecking no" >> /etc/ssh/ssh_config - -RUN set -eux; \ - grep -q '/usr/share/locale' /etc/dpkg/dpkg.cfg.d/docker; \ - sed -ri '/\/usr\/share\/locale/d' /etc/dpkg/dpkg.cfg.d/docker; \ - ! grep -q '/usr/share/locale' /etc/dpkg/dpkg.cfg.d/docker; \ - apt-get update; \ - apt-get install -y --no-install-recommends \ - locales; \ - rm -rf /var/lib/apt/lists/*; \ - echo 'en_US.UTF-8 UTF-8' >> /etc/locale.gen; \ - locale-gen; \ - locale -a | grep 'en_US.utf8' -ENV LANG=en_US.utf8 - -ENV GOSU_VERSION=1.19 -RUN set -eux; \ - savedAptMark="$(apt-mark showmanual)"; \ - apt-get install -y --no-install-recommends \ - ca-certificates \ - wget \ - gnupg \ - ; \ - rm -rf /var/lib/apt/lists/*; \ - dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \ - wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/${GOSU_VERSION}/gosu-${dpkgArch}"; \ - wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/${GOSU_VERSION}/gosu-${dpkgArch}.asc"; \ - export GNUPGHOME="$(mktemp -d)"; \ - gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \ - gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \ - gpgconf --kill all; \ - rm -rf "${GNUPGHOME}" /usr/local/bin/gosu.asc; \ - apt-mark auto '.*' > /dev/null; \ - [ -z "${savedAptMark}" ] || apt-mark manual "${savedAptMark}" > /dev/null; \ - apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ - chmod +x /usr/local/bin/gosu; \ - gosu --version; \ - gosu nobody true +FROM pendragon.zone/docker/pg15 RUN set -ex; \ apt-get update; \ @@ -78,7 +25,6 @@ ENV PG_VERSION=15.16-1.pgdg13+1 ENV PGDATA=/var/lib/postgresql/data RUN install --verbose --directory --owner postgres --group postgres --mode 3777 /var/run/postgresql; \ - install --verbose --directory --owner postgres --group postgres --mode 3755 /var/lib/postgresql; \ install --verbose --directory --owner postgres --group postgres --mode 1700 "${PGDATA}" RUN set -ex; \ @@ -106,7 +52,6 @@ RUN set -eux; \ VOLUME /var/lib/postgresql/data -COPY --chown=postgres:postgres postgres /var/lib/postgresql/ COPY --chmod=755 entrypoint.sh /usr/local/bin/ ENTRYPOINT ["entrypoint.sh"] diff --git a/entrypoint.sh b/entrypoint.sh index 4b2877f..580ff69 100644 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -80,6 +80,10 @@ if [ "$(id -u)" = '0' ]; then exec gosu postgres "$BASH_SOURCE" fi +install --verbose --directory --owner postgres --group postgres --mode 1700 /var/lib/postgresql/.ssh +cp /ssh/* /var/lib/postgresql/.ssh/ +chmod 600 /var/lib/postgresql/.ssh/* + docker_setup_env if [[ ! -s "$PGDATA/PG_VERSION" ]]; then diff --git a/postgres/.profile b/postgres/.profile deleted file mode 100644 index 144512f..0000000 --- a/postgres/.profile +++ /dev/null @@ -1 +0,0 @@ -export PATH="${PATH}:/usr/lib/postgresql/15/bin" \ No newline at end of file diff --git a/postgres/.ssh/authorized_keys b/postgres/.ssh/authorized_keys deleted file mode 100644 index 8f1fa7f..0000000 --- a/postgres/.ssh/authorized_keys +++ /dev/null @@ -1 +0,0 @@ -ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILfsb4w8ZYhu/A1HFR/e59WpbKxejE8DkbdCpj6y/mbO postgres docker swarm \ No newline at end of file diff --git a/postgres/.ssh/id_ed25519 b/postgres/.ssh/id_ed25519 deleted file mode 100644 index 2f40cc8..0000000 --- a/postgres/.ssh/id_ed25519 +++ /dev/null @@ -1,7 +0,0 @@ ------BEGIN OPENSSH PRIVATE KEY----- -b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW -QyNTUxOQAAACC37G+MPGWIbvwNRxUf3ufVqWysXoxPA5G3QqY+sv5mzgAAAJgP2LF4D9ix -eAAAAAtzc2gtZWQyNTUxOQAAACC37G+MPGWIbvwNRxUf3ufVqWysXoxPA5G3QqY+sv5mzg -AAAEBhVUtZmAbot+VXJpY/IueHrCQeTDgClUTCepMJa1mqZbfsb4w8ZYhu/A1HFR/e59Wp -bKxejE8DkbdCpj6y/mbOAAAAFXBvc3RncmVzIGRvY2tlciBzd2FybQ== ------END OPENSSH PRIVATE KEY-----