diff --git a/Dockerfile b/Dockerfile index 32cb7d9..c5e74d5 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,77 +1,77 @@ FROM debian:trixie-slim -RUN set -eux; \ - groupadd -r postgres --gid=5432; \ - useradd -r -g postgres --uid=5432 --home-dir=/var/lib/postgresql --shell=/bin/bash postgres; \ +RUN set -eux && \ + groupadd -r postgres --gid=5432 && \ + useradd -r -g postgres --uid=5432 --home-dir=/var/lib/postgresql --shell=/bin/bash postgres && \ install --verbose --directory --owner postgres --group postgres --mode 1755 /var/lib/postgresql -RUN apt-get update; \ +RUN apt-get update && \ apt-get install -y --no-install-recommends \ openssh-server \ sudo \ - ; \ - rm -rf /var/lib/apt/lists/*; \ - echo "postgres ALL = (ALL) NOPASSWD:ALL" >> /etc/sudoers; \ - echo "X11Forwarding no" >> /etc/ssh/sshd_config; \ - echo "PasswordAuthentication no" >> /etc/ssh/sshd_config; \ + && \ + rm -rf /var/lib/apt/lists/* && \ + echo "postgres ALL = (ALL) NOPASSWD:ALL" >> /etc/sudoers && \ + echo "X11Forwarding no" >> /etc/ssh/sshd_config && \ + echo "PasswordAuthentication no" >> /etc/ssh/sshd_config && \ echo "StrictHostKeyChecking no" >> /etc/ssh/ssh_config -RUN set -eux; \ - grep -q '/usr/share/locale' /etc/dpkg/dpkg.cfg.d/docker; \ - sed -ri '/\/usr\/share\/locale/d' /etc/dpkg/dpkg.cfg.d/docker; \ - ! grep -q '/usr/share/locale' /etc/dpkg/dpkg.cfg.d/docker; \ - apt-get update; \ +RUN set -eux && \ + grep -q '/usr/share/locale' /etc/dpkg/dpkg.cfg.d/docker && \ + sed -ri '/\/usr\/share\/locale/d' /etc/dpkg/dpkg.cfg.d/docker && \ + ! grep -q '/usr/share/locale' /etc/dpkg/dpkg.cfg.d/docker && \ + apt-get update && \ apt-get install -y --no-install-recommends \ - locales; \ - rm -rf /var/lib/apt/lists/*; \ - echo 'en_US.UTF-8 UTF-8' >> /etc/locale.gen; \ - locale-gen; \ + locales && \ + rm -rf /var/lib/apt/lists/* && \ + echo 'en_US.UTF-8 UTF-8' >> /etc/locale.gen && \ + locale-gen && \ locale -a | grep 'en_US.utf8' ENV LANG=en_US.utf8 ENV GOSU_VERSION=1.19 -RUN set -eux; \ - apt-get update; \ +RUN set -eux && \ + apt-get update && \ apt-get install -y --no-install-recommends \ gnupg \ - ; \ - savedAptMark="$(apt-mark showmanual)"; \ + && \ + savedAptMark="$(apt-mark showmanual)" && \ apt-get install -y --no-install-recommends \ ca-certificates \ wget \ - ; \ - rm -rf /var/lib/apt/lists/*; \ - dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \ - wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/${GOSU_VERSION}/gosu-${dpkgArch}"; \ - wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/${GOSU_VERSION}/gosu-${dpkgArch}.asc" &6 \ - export GNUPGHOME="$(mktemp -d)"; \ - gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \ - gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \ - gpgconf --kill all; \ - rm -rf "${GNUPGHOME}" /usr/local/bin/gosu.asc; \ - apt-mark auto '.*' > /dev/null; \ - [ -z "${savedAptMark}" ] || apt-mark manual "${savedAptMark}" > /dev/null; \ - apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ - chmod +x /usr/local/bin/gosu; \ - gosu --version; \ + && \ + rm -rf /var/lib/apt/lists/* && \ + dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')" && \ + wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/${GOSU_VERSION}/gosu-${dpkgArch}" && \ + wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/${GOSU_VERSION}/gosu-${dpkgArch}.asc" && \ + export GNUPGHOME="$(mktemp -d)" && \ + gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4 && \ + gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu && \ + gpgconf --kill all && \ + rm -rf "${GNUPGHOME}" /usr/local/bin/gosu.asc && \ + apt-mark auto '.*' > /dev/null && \ + [ -z "${savedAptMark}" ] || apt-mark manual "${savedAptMark}" > /dev/null && \ + apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false && \ + chmod +x /usr/local/bin/gosu && \ + gosu --version && \ gosu nobody true -RUN set -ex; \ - apt-get update; \ +RUN set -ex && \ + apt-get update && \ apt-get install -y --no-install-recommends \ less \ xz-utils \ zstd \ - ; \ + && \ rm -rf /var/lib/apt/lists/* -RUN set -ex; \ - key='B97B0AFCAA1A47F044F244A07FCC7D46ACCC4CF8'; \ - export GNUPGHOME="$(mktemp -d)"; \ - mkdir -p /usr/local/share/keyrings/; \ - gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "${key}"; \ - gpg --batch --export --armor "${key}" > /usr/local/share/keyrings/postgres.gpg.asc; \ - gpgconf --kill all; \ +RUN set -ex && \ + key='B97B0AFCAA1A47F044F244A07FCC7D46ACCC4CF8' && \ + export GNUPGHOME="$(mktemp -d)" && \ + mkdir -p /usr/local/share/keyrings/ && \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "${key}" && \ + gpg --batch --export --armor "${key}" > /usr/local/share/keyrings/postgres.gpg.asc && \ + gpgconf --kill all && \ rm -rf "${GNUPGHOME}" ENV PG_MAJOR=15 @@ -79,31 +79,31 @@ ENV PATH=$PATH:/usr/lib/postgresql/$PG_MAJOR/bin ENV PG_VERSION=15.16-1.pgdg13+1 ENV PGDATA=/var/lib/postgresql/data -RUN install --verbose --directory --owner postgres --group postgres --mode 3777 /var/run/postgresql; \ - install --verbose --directory --owner postgres --group postgres --mode 3755 /var/lib/postgresql; \ +RUN install --verbose --directory --owner postgres --group postgres --mode 3777 /var/run/postgresql && \ + install --verbose --directory --owner postgres --group postgres --mode 3755 /var/lib/postgresql && \ install --verbose --directory --owner postgres --group postgres --mode 1700 "${PGDATA}" -RUN set -ex; \ - dpkgArch="$(dpkg --print-architecture)"; \ - aptRepo="[ signed-by=/usr/local/share/keyrings/postgres.gpg.asc ] http://apt.postgresql.org/pub/repos/apt trixie-pgdg main ${PG_MAJOR}"; \ - echo "deb ${aptRepo}" > /etc/apt/sources.list.d/pgdg.list; \ - apt-get update; \ +RUN set -ex && \ + dpkgArch="$(dpkg --print-architecture)" && \ + aptRepo="[ signed-by=/usr/local/share/keyrings/postgres.gpg.asc ] http://apt.postgresql.org/pub/repos/apt trixie-pgdg main ${PG_MAJOR}" && \ + echo "deb ${aptRepo}" > /etc/apt/sources.list.d/pgdg.list && \ + apt-get update && \ apt-get install -y --no-install-recommends \ postgresql-common \ - ; \ - sed -ri 's/#(create_main_cluster) .*$/\1 = false/' /etc/postgresql-common/createcluster.conf; \ + && \ + sed -ri 's/#(create_main_cluster) .*$/\1 = false/' /etc/postgresql-common/createcluster.conf && \ apt-get install -y --no-install-recommends \ "postgresql-${PG_MAJOR}=${PG_VERSION}" \ "postgresql-${PG_MAJOR}-pgpool2" \ - ; \ - rm -rf /var/lib/apt/lists/*; \ + && \ + rm -rf /var/lib/apt/lists/* && \ postgres --version -RUN set -eux; \ - dpkg-divert --add --rename --divert "/usr/share/postgresql/postgresql.conf.sample.dpkg" "/usr/share/postgresql/${PG_MAJOR}/postgresql.conf.sample"; \ - cp -v /usr/share/postgresql/postgresql.conf.sample.dpkg /usr/share/postgresql/postgresql.conf.sample; \ - ln -sv ../postgresql.conf.sample "/usr/share/postgresql/${PG_MAJOR}/"; \ - sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/share/postgresql/postgresql.conf.sample; \ +RUN set -eux && \ + dpkg-divert --add --rename --divert "/usr/share/postgresql/postgresql.conf.sample.dpkg" "/usr/share/postgresql/${PG_MAJOR}/postgresql.conf.sample" && \ + cp -v /usr/share/postgresql/postgresql.conf.sample.dpkg /usr/share/postgresql/postgresql.conf.sample && \ + ln -sv ../postgresql.conf.sample "/usr/share/postgresql/${PG_MAJOR}/" && \ + sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/share/postgresql/postgresql.conf.sample && \ grep -F "listen_addresses = '*'" /usr/share/postgresql/postgresql.conf.sample VOLUME /var/lib/postgresql/data