-
Notifications
You must be signed in to change notification settings - Fork 83
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Postgres database is uninitialized and superuser password is not specified #28
Comments
experienced the same issue today. What did resolve it for me (temporarily) is updating the postgres/Dockerfile on line 1: FROM postgres:9.4.25-alpine Including the patching to the previous version of postgres 9.4 did resolve it (version 25). |
One of the branches is using PostgreSQL 12.2, but this requires changes in core XNAT (in addition to changes in XNAT 1.7.6 that enabled using PostgreSQL 10 or higher). The changes are very minor, but it doesn’t really matter how minor they are if you have an earlier version of XNAT!
So, if you are running XNAT 1.7.6, you should be able to use any version of PostgreSQL through the latest release of 11 by specifying the appropriate tag for the postgres Docker image.
Another change<7fefa4b#diff-4e5e90c6228fd48698d074241c2ba760> in the latest update on the features/dependency-mgmt branch<https://github.com/NrgXnat/xnat-docker-compose/tree/features/dependency-mgmt> of the xnat-docker-compose project is the addition of the PGPASSWORD environment variable to both the xnat-web and orthanc container definitions:
environment:
- CATALINA_OPTS=-Xms128m -Xmx8192m -Dxnat.home=/data/xnat/home -agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=8000
- PGPASSWORD=${XNAT_DATASOURCE_PASSWORD}
That environment variable is one of the many ways PostgreSQL checks for authentication credentials<https://www.postgresql.org/docs/9.6/libpq-envars.html>. This is more secure than having the database simply set up for trust. Once we have the big new features in this branch ironed out, I’m hoping to spend some time adding stuff to make it both more secure and easier to manage, so hopefully this will be a bit more turnkey sometime soon!
…--
Rick Herrick
Sr. Programmer/Analyst
Neuroinformatics Research Group
Washington University School of Medicine
Phone: +1 (314) 273-1645
From: Johan van Soest <notifications@github.com>
Reply-To: NrgXnat/xnat-docker-compose <reply@reply.github.com>
Date: Tuesday, March 17, 2020 at 9:55 AM
To: NrgXnat/xnat-docker-compose <xnat-docker-compose@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Subject: Re: [NrgXnat/xnat-docker-compose] Postgres database is uninitialized and superuser password is not specified (#28)
experienced the same issue today. What did resolve it for me (temporarily) is updating the postgres/Dockerfile on line 1: FROM postgres:9.4.25-alpine
Including the patching to the previous version of postgres 9.4 did resolve it (version 25).
In the development branches of this repository I do see that they are bumping to postgres 12.xx in newer versions. So I think this is a breaking change at Postgres.
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub<#28 (comment)>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/AAC2ZUK3XV4E3AGPSHZJ6TLRH6FK3ANCNFSM4LMH3VWA>.
________________________________
The materials in this message are private and may contain Protected Healthcare Information or other information of a sensitive nature. If you are not the intended recipient, be advised that any unauthorized use, disclosure, copying or the taking of any action in reliance on the contents of this information is strictly prohibited. If you have received this email in error, please immediately notify the sender via telephone or return mail.
|
Why is this closed? The issue is not resolved in HEAD, at least. |
A recent update to the official postgres docker image breaks
xnat-docker-compose
out the box, causing it to fail with the following error.One simple work around (which it appears you are aware of by looking at some of the more recent code in branches other than
master
) is to add the following lines to thexnat-db
definition indocker-compose.yml
:However this is not really best practice security wise, as it means any other service on the same docker network can get access to the xnat postgres database without authentication.
Ideally I think the
xnat-db
image should be pre-configured with a password using thePOSTGRES_PASSWORD
environment variable, and the thexnat-web
container should be made aware of this value and use it when connecting.I would love to hear your thoughts on this.
The text was updated successfully, but these errors were encountered: