postgresrepmgr/Dockerfile

#
# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
#
# PLEASE DO NOT EDIT IT DIRECTLY.
#

FROM debian:trixie-slim

# explicitly set user/group IDs
RUN set -eux; \
	groupadd -r postgres --gid=999; \
# https://salsa.debian.org/postgresql/postgresql-common/blob/997d842ee744687d99a2b2d95c1083a2615c79e8/debian/postgresql-common.postinst#L32-35
	useradd -r -g postgres --uid=999 --home-dir=/var/lib/postgresql --shell=/bin/bash postgres; \
# also create the postgres user's home directory with appropriate permissions
# see https://github.com/docker-library/postgres/issues/274
	install --verbose --directory --owner postgres --group postgres --mode 1777 /var/lib/postgresql

RUN set -ex; \
	apt-get update; \
	apt-get install -y --no-install-recommends \
		gnupg \
# https://www.postgresql.org/docs/16/app-psql.html#APP-PSQL-META-COMMAND-PSET-PAGER
# https://github.com/postgres/postgres/blob/REL_16_1/src/include/fe_utils/print.h#L25
# (if "less" is available, it gets used as the default pager for psql, and it only adds ~1.5MiB to our image size)
		less \
	; \
	rm -rf /var/lib/apt/lists/*

# grab gosu for easy step-down from root
# https://github.com/tianon/gosu/releases
ENV GOSU_VERSION 1.19
RUN set -eux; \
	savedAptMark="$(apt-mark showmanual)"; \
	apt-get update; \
	apt-get install -y --no-install-recommends ca-certificates wget; \
	rm -rf /var/lib/apt/lists/*; \
	dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \
	wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \
	wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \
	export GNUPGHOME="$(mktemp -d)"; \
	gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \
	gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \
	gpgconf --kill all; \
	rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; \
	apt-mark auto '.*' > /dev/null; \
	[ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \
	apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
	chmod +x /usr/local/bin/gosu; \
	gosu --version; \
	gosu nobody true

# make the "en_US.UTF-8" locale so postgres will be utf-8 enabled by default
RUN set -eux; \
	if [ -f /etc/dpkg/dpkg.cfg.d/docker ]; then \
# if this file exists, we're likely in "debian:xxx-slim", and locales are thus being excluded so we need to remove that exclusion (since we need locales)
		grep -q '/usr/share/locale' /etc/dpkg/dpkg.cfg.d/docker; \
		sed -ri '/\/usr\/share\/locale/d' /etc/dpkg/dpkg.cfg.d/docker; \
		! grep -q '/usr/share/locale' /etc/dpkg/dpkg.cfg.d/docker; \
	fi; \
	apt-get update; apt-get install -y --no-install-recommends locales; rm -rf /var/lib/apt/lists/*; \
	echo 'en_US.UTF-8 UTF-8' >> /etc/locale.gen; \
	locale-gen; \
	locale -a | grep 'en_US.utf8'
ENV LANG en_US.utf8

RUN set -eux; \
	apt-get update; \
	apt-get install -y --no-install-recommends \
		libnss-wrapper \
		xz-utils \
		zstd \
	; \
	rm -rf /var/lib/apt/lists/*

RUN mkdir /docker-entrypoint-initdb.d

RUN set -ex; \
# pub   4096R/ACCC4CF8 2011-10-13 [expires: 2019-07-02]
#       Key fingerprint = B97B 0AFC AA1A 47F0 44F2  44A0 7FCC 7D46 ACCC 4CF8
# uid                  PostgreSQL Debian Repository
	key='B97B0AFCAA1A47F044F244A07FCC7D46ACCC4CF8'; \
	export GNUPGHOME="$(mktemp -d)"; \
	mkdir -p /usr/local/share/keyrings/; \
	gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
	gpg --batch --export --armor "$key" > /usr/local/share/keyrings/postgres.gpg.asc; \
	gpgconf --kill all; \
	rm -rf "$GNUPGHOME"

ENV PG_MAJOR 15
ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin

ENV PG_VERSION 15.16-1.pgdg13+1

RUN set -ex; \
	\
# see note below about "*.pyc" files
	export PYTHONDONTWRITEBYTECODE=1; \
	\
	dpkgArch="$(dpkg --print-architecture)"; \
	aptRepo="[ signed-by=/usr/local/share/keyrings/postgres.gpg.asc ] http://apt.postgresql.org/pub/repos/apt trixie-pgdg main $PG_MAJOR"; \
# we're on an architecture upstream doesn't officially build for
# let's build binaries from their published source packages
			echo "deb-src $aptRepo" > /etc/apt/sources.list.d/pgdg.list; \
			\
			savedAptMark="$(apt-mark showmanual)"; \
			\
			tempDir="$(mktemp -d)"; \
			cd "$tempDir"; \
			\
# create a temporary local APT repo to install from (so that dependency resolution can be handled by APT, as it should be)
			apt-get update; \
			apt-get install -y --no-install-recommends dpkg-dev; \
			echo "deb [ trusted=yes ] file://$tempDir ./" > /etc/apt/sources.list.d/temp.list; \
			_update_repo() { \
				dpkg-scanpackages . > Packages; \
# work around the following APT issue by using "Acquire::GzipIndexes=false" (overriding "/etc/apt/apt.conf.d/docker-gzip-indexes")
#   Could not open file /var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages - open (13: Permission denied)
#   ...
#   E: Failed to fetch store:/var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages  Could not open file /var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages - open (13: Permission denied)
				apt-get -o Acquire::GzipIndexes=false update; \
			}; \
			_update_repo; \
			\
# build .deb files from upstream's source packages (which are verified by apt-get)
			nproc="$(nproc)"; \
			export DEB_BUILD_OPTIONS="nocheck parallel=$nproc"; \
# we have to build postgresql-common-dev first because postgresql-$PG_MAJOR shares "debian/rules" logic with it: https://salsa.debian.org/postgresql/postgresql/-/commit/f4338a0d28cf4541956bddb0f4e444ba9dba81b9
			apt-get build-dep -y postgresql-common-dev; \
			apt-get source --compile postgresql-common-dev; \
			_update_repo; \
			apt-get build-dep -y "postgresql-$PG_MAJOR=$PG_VERSION"; \
			apt-get source --compile "postgresql-$PG_MAJOR=$PG_VERSION"; \
			\
# we don't remove APT lists here because they get re-downloaded and removed later
			\
# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies
# (which is done after we install the built packages so we don't have to redownload any overlapping dependencies)
			apt-mark showmanual | xargs apt-mark auto > /dev/null; \
			apt-mark manual $savedAptMark; \
			\
			ls -lAFh; \
			_update_repo; \
			grep '^Package: ' Packages; \
			cd /; \
	\
	apt-get install -y --no-install-recommends postgresql-common; \
	sed -ri 's/#(create_main_cluster) .*$/\1 = false/' /etc/postgresql-common/createcluster.conf; \
	apt-get install -y --no-install-recommends \
		"postgresql-$PG_MAJOR=$PG_VERSION" \
	; \
	\
	rm -rf /var/lib/apt/lists/*; \
	\
	if [ -n "$tempDir" ]; then \
# if we have leftovers from building, let's purge them (including extra, unnecessary build deps)
		apt-get purge -y --auto-remove; \
		rm -rf "$tempDir" /etc/apt/sources.list.d/temp.list; \
	fi; \
	\
# some of the steps above generate a lot of "*.pyc" files (and setting "PYTHONDONTWRITEBYTECODE" beforehand doesn't propagate properly for some reason), so we clean them up manually (as long as they aren't owned by a package)
	find /usr -name '*.pyc' -type f -exec bash -c 'for pyc; do dpkg -S "$pyc" &> /dev/null || rm -vf "$pyc"; done' -- '{}' +; \
	\
	postgres --version

# make the sample config easier to munge (and "correct by default")
RUN set -eux; \
	dpkg-divert --add --rename --divert "/usr/share/postgresql/postgresql.conf.sample.dpkg" "/usr/share/postgresql/$PG_MAJOR/postgresql.conf.sample"; \
	cp -v /usr/share/postgresql/postgresql.conf.sample.dpkg /usr/share/postgresql/postgresql.conf.sample; \
	ln -sv ../postgresql.conf.sample "/usr/share/postgresql/$PG_MAJOR/"; \
	sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/share/postgresql/postgresql.conf.sample; \
	grep -F "listen_addresses = '*'" /usr/share/postgresql/postgresql.conf.sample

RUN install --verbose --directory --owner postgres --group postgres --mode 3777 /var/run/postgresql

ENV PGDATA /var/lib/postgresql/data
# this 1777 will be replaced by 0700 at runtime (allows semi-arbitrary "--user" values)
RUN install --verbose --directory --owner postgres --group postgres --mode 1777 "$PGDATA"
VOLUME /var/lib/postgresql/data

COPY docker-entrypoint.sh docker-ensure-initdb.sh /usr/local/bin/
RUN ln -sT docker-ensure-initdb.sh /usr/local/bin/docker-enforce-initdb.sh
ENTRYPOINT ["docker-entrypoint.sh"]

# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL
# calls "Fast Shutdown mode" wherein new connections are disallowed and any
# in-progress transactions are aborted, allowing PostgreSQL to stop cleanly and
# flush tables to disk.
#
# See https://www.postgresql.org/docs/current/server-shutdown.html for more details
# about available PostgreSQL server shutdown signals.
#
# See also https://www.postgresql.org/docs/current/server-start.html for further
# justification of this as the default value, namely that the example (and
# shipped) systemd service files use the "Fast Shutdown mode" for service
# termination.
#
STOPSIGNAL SIGINT
#
# An additional setting that is recommended for all users regardless of this
# value is the runtime "--stop-timeout" (or your orchestrator/runtime's
# equivalent) for controlling how long to wait between sending the defined
# STOPSIGNAL and sending SIGKILL.
#
# The default in most runtimes (such as Docker) is 10 seconds, and the
# documentation at https://www.postgresql.org/docs/current/server-start.html notes
# that even 90 seconds may not be long enough in many instances.

EXPOSE 5432
CMD ["postgres"]

#FROM debian:trixie-slim
#
#RUN set -eux; \
#	groupadd -r postgres --gid=5432; \
#	useradd -r -g postgres --uid=5432 --home-dir=/var/lib/postgresql --shell=/bin/bash postgres; \
#	install --verbose --directory --owner postgres --group postgres --mode 1777 /var/lib/postgresql
#
#RUN set -ex; \
#	apt-get update; \
#	apt-get install -y --no-install-recommends \
#		gnupg \
#		less \
#	; \
#	rm -rf /var/lib/apt/lists/*
#
#ENV GOSU_VERSION=1.19
#RUN set -eux; \
#	savedAptMark="$(apt-mark showmanual)"; \
#	apt-get update; \
#	apt-get install -y --no-install-recommends ca-certificates wget; \
#	rm -rf /var/lib/apt/lists/*; \
#	dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \
#	wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \
#	wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \
#	export GNUPGHOME="$(mktemp -d)"; \
#	gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \
#	gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \
#	gpgconf --kill all; \
#	rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; \
#	apt-mark auto '.*' > /dev/null; \
#	[ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \
#	apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
#	chmod +x /usr/local/bin/gosu; \
#	gosu --version; \
#	gosu nobody true
#
#RUN set -eux; \
#	if [ -f /etc/dpkg/dpkg.cfg.d/docker ]; then \
#		grep -q '/usr/share/locale' /etc/dpkg/dpkg.cfg.d/docker; \
#		sed -ri '/\/usr\/share\/locale/d' /etc/dpkg/dpkg.cfg.d/docker; \
#		! grep -q '/usr/share/locale' /etc/dpkg/dpkg.cfg.d/docker; \
#	fi; \
#	apt-get update; apt-get install -y --no-install-recommends locales; rm -rf /var/lib/apt/lists/*; \
#	echo 'en_US.UTF-8 UTF-8' >> /etc/locale.gen; \
#	locale-gen; \
#	locale -a | grep 'en_US.utf8'
#ENV LANG=en_US.utf8
#
#RUN set -eux; \
#	apt-get update; \
#	apt-get install -y --no-install-recommends \
#		libnss-wrapper \
#		xz-utils \
#		zstd \
#	; \
#	rm -rf /var/lib/apt/lists/*
#
#RUN mkdir /docker-entrypoint-initdb.d
#
#RUN set -ex; \
#	key='B97B0AFCAA1A47F044F244A07FCC7D46ACCC4CF8'; \
#	export GNUPGHOME="$(mktemp -d)"; \
#	mkdir -p /usr/local/share/keyrings/; \
#	gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
#	gpg --batch --export --armor "$key" > /usr/local/share/keyrings/postgres.gpg.asc; \
#	gpgconf --kill all; \
#	rm -rf "$GNUPGHOME"
#
#ENV PG_MAJOR=15
#ENV PATH=$PATH:/usr/lib/postgresql/$PG_MAJOR/bin
#
#ENV PG_VERSION=15.16-1.pgdg13+1
#
#RUN set -ex; \
#	export PYTHONDONTWRITEBYTECODE=1; \
#	dpkgArch="$(dpkg --print-architecture)"; \
#	aptRepo="[ signed-by=/usr/local/share/keyrings/postgres.gpg.asc ] http://apt.postgresql.org/pub/repos/apt trixie-pgdg main $PG_MAJOR"; \
#    echo "deb-src $aptRepo" > /etc/apt/sources.list.d/pgdg.list; \
#    savedAptMark="$(apt-mark showmanual)"; \
#    tempDir="$(mktemp -d)"; \
#    cd "$tempDir"; \
#    apt-get update; \
#    apt-get install -y --no-install-recommends dpkg-dev; \
#    echo "deb [ trusted=yes ] file://$tempDir ./" > /etc/apt/sources.list.d/temp.list; \
#    _update_repo() { \
#        dpkg-scanpackages . > Packages; \
#        apt-get -o Acquire::GzipIndexes=false update; \
#    }; \
#    _update_repo; \
#    nproc="$(nproc)"; \
#    export DEB_BUILD_OPTIONS="nocheck parallel=$nproc"; \
#    apt-get build-dep -y postgresql-common-dev; \
#    apt-get source --compile postgresql-common-dev; \
#    _update_repo; \
#    apt-get build-dep -y "postgresql-$PG_MAJOR=$PG_VERSION"; \
#    apt-get source --compile "postgresql-$PG_MAJOR=$PG_VERSION"; \
#    apt-mark showmanual | xargs apt-mark auto > /dev/null; \
#    apt-mark manual $savedAptMark; \
#    ls -lAFh; \
#    _update_repo; \
#    grep '^Package: ' Packages; \
#	apt-get install -y --no-install-recommends postgresql-common; \
#	sed -ri 's/#(create_main_cluster) .*$/\1 = false/' /etc/postgresql-common/createcluster.conf \
# 	apt-get install -y --no-install-recommends \
#		"postgresql-$PG_MAJOR=$PG_VERSION" \
#        "postgresql-server-dev-$PG_MAJOR=$PG_VERSION" \
#	; \
#    cd /; \
#	rm -rf /var/lib/apt/lists/*; \
#    apt-get purge -y --auto-remove; \
#	rm -rf "$tempDir" /etc/apt/sources.list.d/temp.list; \
#	find /usr -name '*.pyc' -type f -exec bash -c 'for pyc; do dpkg -S "$pyc" &> /dev/null || rm -vf "$pyc"; done' -- '{}' +; \
#	postgres --version
#
#RUN set -eux; \
#	savedAptMark="$(apt-mark showmanual)"; \
#	apt-get update; \
#    apt-get install -y --no-install-recommends dpkg-dev ca-certificates wget libjson-c-dev libcurlpp-dev; \
#    apt-get build-dep -y "postgresql-$PG_MAJOR=$PG_VERSION"; \
#	rm -rf /var/lib/apt/lists/*; \
#    tempDir="$(mktemp -d)"; \
#    nproc="$(nproc)"; \
#    cp /usr/include/postgresql/15/server/pg_config.h /usr/include/postgresql/; \
#    cd "$tempDir"; \
#    wget https://github.com/EnterpriseDB/repmgr/releases/download/v5.5.0/repmgr-5.5.0.tar.gz; \
#    echo "c5633c351f3a0627a53ac1828ac7581ee74c7e0c  repmgr-5.5.0.tar.gz" | sha1sum --check; \
#    tar -xvzf repmgr-5.5.0.tar.gz; \
#    cd repmgr; \
#    ./configure && make -j "$nproc" install; \
#	apt-mark auto '.*' > /dev/null; \
#	[ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \
#	apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false
#
#RUN set -eux; \
#	dpkg-divert --add --rename --divert "/usr/share/postgresql/postgresql.conf.sample.dpkg" "/usr/share/postgresql/$PG_MAJOR/postgresql.conf.sample"; \
#	cp -v /usr/share/postgresql/postgresql.conf.sample.dpkg /usr/share/postgresql/postgresql.conf.sample; \
#	ln -sv ../postgresql.conf.sample "/usr/share/postgresql/$PG_MAJOR/"; \
#	sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/share/postgresql/postgresql.conf.sample; \
#	grep -F "listen_addresses = '*'" /usr/share/postgresql/postgresql.conf.sample
#
#RUN install --verbose --directory --owner postgres --group postgres --mode 3777 /var/run/postgresql
#
#ENV PGDATA=/var/lib/postgresql/data
#RUN install --verbose --directory --owner postgres --group postgres --mode 1777 "$PGDATA"
#VOLUME /var/lib/postgresql/data
#
#COPY docker-entrypoint.sh docker-ensure-initdb.sh /usr/local/bin/
#RUN ln -sT docker-ensure-initdb.sh /usr/local/bin/docker-enforce-initdb.sh
#
#ENTRYPOINT ["/bin/bash"]
#
#
#
##ENTRYPOINT ["docker-entrypoint.sh"]
##
##STOPSIGNAL SIGINT
##
##EXPOSE 5432
##CMD ["postgres"]