From c7ec015d4793a92d517a5fe4cfe17ab8777777af Mon Sep 17 00:00:00 2001 From: Bernhard Radermacher Date: Fri, 20 Feb 2026 13:38:19 +0100 Subject: [PATCH] user and hba for witness --- docker-entrypoint-initdb.d/00-main.sh | 32 ++++++++++++++++++--------- 1 file changed, 21 insertions(+), 11 deletions(-) diff --git a/docker-entrypoint-initdb.d/00-main.sh b/docker-entrypoint-initdb.d/00-main.sh index ec77748..d694153 100755 --- a/docker-entrypoint-initdb.d/00-main.sh +++ b/docker-entrypoint-initdb.d/00-main.sh @@ -10,6 +10,23 @@ server_start() { -w start } +create_repmgr() { + psql -c "CREATE USER repmgr WITH SUPERUSER ENCRYPTED PASSWORD '${REPMGR_PASSWORD}';" + psql -c "CREATE DATABASE repmgr WITH OWNER repmgr;" + psql -c 'ALTER USER repmgr SET search_path TO repmgr, "$user", public;' +} + +create_hba() { + echo "local all all trust" > /var/lib/postgresql/data/pg_hba.conf + echo "local replication repmgr trust" >> /var/lib/postgresql/data/pg_hba.conf + echo "host replication repmgr 127.0.0.1/32 trust" >> /var/lib/postgresql/data/pg_hba.conf + echo "host replication repmgr ${POSTGRES_NETWORK-100.64.0.0/10} trust" >> /var/lib/postgresql/data/pg_hba.conf + echo "local repmgr repmgr trust" >> /var/lib/postgresql/data/pg_hba.conf + echo "host repmgr repmgr 127.0.0.1/32 trust" >> /var/lib/postgresql/data/pg_hba.conf + echo "host repmgr repmgr ${POSTGRES_NETWORK-100.64.0.0/10} trust" >> /var/lib/postgresql/data/pg_hba.conf + echo "host all all all scram-sha-256" >> /var/lib/postgresql/data/pg_hba.conf +} + echo "node_id = ${REPMGR_NODE_ID}" >> /etc/repmgr.conf echo "node_name = ${REPMGR_NODE_NAME}" >> /etc/repmgr.conf echo "conninfo = 'host=${REPMGR_NODE_NAME} dbname=repmgr user=repmgr connect_timeout=2'" >> /etc/repmgr.conf @@ -34,7 +51,9 @@ case "$REPMGR_NODE_ROLE" in /usr/lib/postgresql/15/bin/repmgr -f /etc/repmgr.conf standby register ;; witness ) + create_repmgr docker_temp_server_stop + create_hba server_start until /usr/lib/postgresql/15/bin/repmgr -h $REPMGR_UPSTREAM -f /etc/repmgr.conf witness register &> /dev/null do @@ -43,9 +62,7 @@ case "$REPMGR_NODE_ROLE" in done ;; * ) - psql -c "CREATE USER repmgr WITH SUPERUSER ENCRYPTED PASSWORD '${REPMGR_PASSWORD}';" - psql -c "CREATE DATABASE repmgr WITH OWNER repmgr;" - psql -c 'ALTER USER repmgr SET search_path TO repmgr, "$user", public;' + create_repmgr docker_temp_server_stop echo "archive_command = '/bin/true'" >> /var/lib/postgresql/data/postgresql.conf echo "archive_mode = on" >> /var/lib/postgresql/data/postgresql.conf @@ -55,14 +72,7 @@ case "$REPMGR_NODE_ROLE" in if [[ -n $POSTGRES_MAX_CONNECTIONS ]]; then echo "max_connections = ${POSTGRES_MAX_CONNECTIONS}" >> /var/lib/postgresql/data/postgresql.conf fi - echo "local all all trust" > /var/lib/postgresql/data/pg_hba.conf - echo "local replication repmgr trust" >> /var/lib/postgresql/data/pg_hba.conf - echo "host replication repmgr 127.0.0.1/32 trust" >> /var/lib/postgresql/data/pg_hba.conf - echo "host replication repmgr ${POSTGRES_NETWORK-100.64.0.0/10} trust" >> /var/lib/postgresql/data/pg_hba.conf - echo "local repmgr repmgr trust" >> /var/lib/postgresql/data/pg_hba.conf - echo "host repmgr repmgr 127.0.0.1/32 trust" >> /var/lib/postgresql/data/pg_hba.conf - echo "host repmgr repmgr ${POSTGRES_NETWORK-100.64.0.0/10} trust" >> /var/lib/postgresql/data/pg_hba.conf - echo "host all all all scram-sha-256" >> /var/lib/postgresql/data/pg_hba.conf + create_hba server_start /usr/lib/postgresql/15/bin/repmgr -f /etc/repmgr.conf primary register ;;