FROM postgres:15

RUN apt-get update && \
    apt-get install -y --no-install-recommends \
            postgresql-$PG_MAJOR-repmgr \
            && \
    rm -rf /var/lib/apt/lists/*

RUN install --verbose --directory --owner postgres --group postgres --mode 1777 /etc/repmgr && \
    ln -s /etc/repmgr/repmgr.conf /etc/repmgr.conf

VOLUME /etc/repmgr

RUN apt-get update && \
    apt-get install -y --no-install-recommends \
            openssh-server \
            sudo \
            && \
    rm -rf /var/lib/apt/lists/* && \
    echo "postgres   ALL = (ALL) NOPASSWD:ALL" >> /etc/sudoers && \
    echo "X11Forwarding no" >> /etc/ssh/sshd_config && \
    echo "PasswordAuthentication no" >> /etc/ssh/sshd_config && \
    echo "StrictHostKeyChecking no" >> /etc/ssh/ssh_config && \
    mkdir -p /var/lib/postgresql/.ssh && \
    chmod 700 /var/lib/postgresql/.ssh && \
    chown postgres: /var/lib/postgresql/.ssh && \
    chmod g-w,o-w /var/lib/postgresql

COPY --chmod=644 --chown=postgres profile /var/lib/postgresql/.profile
COPY --chmod=600 --chown=postgres authorized_keys id_ed25519 /var/lib/postgresql/.ssh/

COPY --chmod=755 entrypoint.sh /usr/local/bin/

ENTRYPOINT ["entrypoint.sh"]