From 5fb344ef72daa77d27910b5e85a4245245dbb3e2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Niccol=C3=B2=20Fei?= Date: Mon, 10 Feb 2025 16:51:31 +0100 Subject: [PATCH] chore: remove unnecessary entrypoint from the image MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Niccolò Fei --- Dockerfile | 183 +++++----------------- docker-entrypoint.sh | 356 ------------------------------------------- 2 files changed, 38 insertions(+), 501 deletions(-) delete mode 100755 docker-entrypoint.sh diff --git a/Dockerfile b/Dockerfile index 284673d..7bbff2e 100644 --- a/Dockerfile +++ b/Dockerfile @@ -30,12 +30,12 @@ LABEL name="PostgreSQL Container Images" \ COPY build-deps.txt / # Install runtime and build dependencies -RUN set -ex; \ - apt-get update; \ +RUN apt-get update && \ apt-get install -y --no-install-recommends \ gnupg \ dirmngr \ ca-certificates \ + locales-all \ ssl-cert \ libnss-wrapper \ libxml2 \ @@ -43,69 +43,25 @@ RUN set -ex; \ libxslt1.1 \ xz-utils \ zstd \ - $(cat /build-deps.txt); \ - rm -rf /var/lib/apt/lists/*; + $(cat /build-deps.txt) && \ + rm -rf /var/lib/apt/lists/* /var/cache/* /var/log/* # explicitly set user/group IDs -RUN set -eux; \ - groupadd -r postgres --gid=999; \ -# https://salsa.debian.org/postgresql/postgresql-common/blob/997d842ee744687d99a2b2d95c1083a2615c79e8/debian/postgresql-common.postinst#L32-35 - useradd -r -g postgres --uid=26 --home-dir=/var/lib/postgresql --shell=/bin/bash postgres; \ -# also create the postgres user's home directory with appropriate permissions -# see https://github.com/docker-library/postgres/issues/274 - mkdir -p /var/lib/postgresql; \ +RUN groupadd -r postgres --gid=999 && \ + useradd -r -g postgres --uid=26 --home-dir=/var/lib/postgresql --shell=/bin/bash postgres && \ + mkdir -p /var/lib/postgresql && \ chown -R postgres:postgres /var/lib/postgresql -# grab gosu for easy step-down from root -# https://github.com/tianon/gosu/releases -ENV GOSU_VERSION 1.17 -RUN set -eux; \ - savedAptMark="$(apt-mark showmanual)"; \ - apt-get update; \ - apt-get install -y --no-install-recommends ca-certificates wget; \ - rm -rf /var/lib/apt/lists/*; \ - dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \ - wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \ - wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \ - export GNUPGHOME="$(mktemp -d)"; \ - gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \ - gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \ - gpgconf --kill all; \ - rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; \ - apt-mark auto '.*' > /dev/null; \ - [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \ - apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ - chmod +x /usr/local/bin/gosu; \ - gosu --version; \ - gosu nobody true - -# make the "en_US.UTF-8" locale so postgres will be utf-8 enabled by default -RUN set -eux; \ - if [ -f /etc/dpkg/dpkg.cfg.d/docker ]; then \ -# if this file exists, we're likely in "debian:xxx-slim", and locales are thus being excluded so we need to remove that exclusion (since we need locales) - grep -q '/usr/share/locale' /etc/dpkg/dpkg.cfg.d/docker; \ - sed -ri '/\/usr\/share\/locale/d' /etc/dpkg/dpkg.cfg.d/docker; \ - ! grep -q '/usr/share/locale' /etc/dpkg/dpkg.cfg.d/docker; \ - fi; \ - apt-get update; apt-get install -y --no-install-recommends locales; rm -rf /var/lib/apt/lists/*; \ - echo 'en_US.UTF-8 UTF-8' >> /etc/locale.gen; \ - locale-gen; \ - locale -a | grep 'en_US.utf8' -ENV LANG en_US.utf8 - -RUN mkdir /docker-entrypoint-initdb.d - -ENV PG_MAJOR $PG_MAJOR -ENV PATH $PATH:/usr/lib/postgresql/$PG_MAJOR/bin +ENV PG_MAJOR=$PG_MAJOR +ENV PATH=/usr/lib/postgresql/$PG_MAJOR/bin:$PATH # Build PostgreSQL -# Partially refer to https://github.com/docker-library/postgres/blob/master/16/alpine3.19/Dockerfile#L33-L160 -RUN set -eux ; \ - mkdir -p /usr/src/postgresql ; \ - git clone -b "$PG_BRANCH" --single-branch "$PG_REPO" /usr/src/postgresql ; \ - cd /usr/src/postgresql ; \ - export LLVM_CONFIG="/usr/lib/llvm-16/bin/llvm-config" ; \ - export CLANG=clang-16 ; \ +# Partially refer to https://github.com/docker-library/postgres/blob/master/16/alpine3.21/Dockerfile#L119-L159 +RUN mkdir -p /usr/src/postgresql && \ + git clone -b "$PG_BRANCH" --single-branch "$PG_REPO" /usr/src/postgresql && \ + cd /usr/src/postgresql && \ + export LLVM_CONFIG="/usr/lib/llvm-16/bin/llvm-config" && \ + export CLANG=clang-16 && \ ./configure \ --build=x86_64-linux-gnu \ --prefix=/usr \ @@ -151,107 +107,44 @@ RUN set -eux ; \ LDFLAGS="-Wl,-z,relro -Wl,-z,now" \ CPPFLAGS="-Wdate-time -D_FORTIFY_SOURCE=2" \ CXXFLAGS="-g -Og -fstack-protector-strong -Wformat -Werror=format-security" \ - ; \ - make -j "$(nproc)" world-bin ; \ - make install-world-bin ; \ - cd / ; \ - rm -rf /usr/src/postgresql ; \ - postgres --version + && \ + make -j "$(nproc)" world-bin && \ + make install-world-bin && \ + rm -rf /usr/src/postgresql # TODO: re-enable once https://github.com/pgaudit/pgaudit/issues/257 is fixed # Build PgAudit # See to https://github.com/pgaudit/pgaudit/blob/master/README.md#compile-and-install -# RUN set -eux ; \ -# mkdir -p /usr/src/pgaudit ; \ -# git clone -b main --single-branch https://github.com/pgaudit/pgaudit.git /usr/src/pgaudit ; \ -# cd /usr/src/pgaudit ; \ -# make install USE_PGXS=1 PG_CONFIG=/usr/lib/postgresql/$PG_MAJOR/bin/pg_config ; \ -# cd / ; \ +# RUN mkdir -p /usr/src/pgaudit && \ +# git clone -b main --single-branch https://github.com/pgaudit/pgaudit.git /usr/src/pgaudit && \ +# cd /usr/src/pgaudit && \ +# make install USE_PGXS=1 PG_CONFIG=/usr/lib/postgresql/$PG_MAJOR/bin/pg_config && \ # rm -rf /usr/src/pgaudit # Purge build dependencies -RUN set -xe ; \ - apt-get purge -y --autoremove $(cat /build-deps.txt) - -# Even though we compile from source, we still need PGDG to gather an updated version of psycopg2 -RUN set -ex; \ -# pub 4096R/ACCC4CF8 2011-10-13 [expires: 2019-07-02] -# Key fingerprint = B97B 0AFC AA1A 47F0 44F2 44A0 7FCC 7D46 ACCC 4CF8 -# uid PostgreSQL Debian Repository - key='B97B0AFCAA1A47F044F244A07FCC7D46ACCC4CF8'; \ - export GNUPGHOME="$(mktemp -d)"; \ - mkdir -p /usr/local/share/keyrings/; \ - gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ - gpg --batch --export --armor "$key" > /usr/local/share/keyrings/postgres.gpg.asc; \ - gpgconf --kill all; \ - rm -rf "$GNUPGHOME" +RUN apt-get purge -y --autoremove $(cat /build-deps.txt) # Install barman-cloud -RUN set -xe; \ - aptRepo="[ signed-by=/usr/local/share/keyrings/postgres.gpg.asc ] http://apt.postgresql.org/pub/repos/apt/ bookworm-pgdg main $PG_MAJOR"; \ - echo "deb $aptRepo" > /etc/apt/sources.list.d/pgdg.list; \ - apt-get update; \ +RUN key='B97B0AFCAA1A47F044F244A07FCC7D46ACCC4CF8' && \ + export GNUPGHOME="$(mktemp -d)" && \ + mkdir -p /usr/local/share/keyrings/ && \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key" && \ + gpg --batch --export --armor "$key" > /usr/local/share/keyrings/postgres.gpg.asc && \ + gpgconf --kill all && \ + rm -rf "$GNUPGHOME" && \ + aptRepo="[ signed-by=/usr/local/share/keyrings/postgres.gpg.asc ] http://apt.postgresql.org/pub/repos/apt/ bookworm-pgdg main $PG_MAJOR" && \ + echo "deb $aptRepo" > /etc/apt/sources.list.d/pgdg.list && \ + apt-get update && \ apt-get install -y --no-install-recommends \ python3-pip \ python3-psycopg2 \ python3-setuptools \ - ; \ - pip3 install --break-system-packages --upgrade pip; \ - pip3 install --break-system-packages barman[cloud,azure,snappy,google] boto3==1.35.99; \ - rm -rf /var/lib/apt/lists/*; - -# make the sample config easier to munge (and "correct by default") -RUN set -eux; \ - dpkg-divert --add --rename --divert "/usr/share/postgresql/postgresql.conf.sample.dpkg" "/usr/share/postgresql/$PG_MAJOR/postgresql.conf.sample"; \ - cp -v /usr/share/postgresql/postgresql.conf.sample.dpkg /usr/share/postgresql/postgresql.conf.sample; \ - ln -sv ../postgresql.conf.sample "/usr/share/postgresql/$PG_MAJOR/"; \ - sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/share/postgresql/postgresql.conf.sample; \ - grep -F "listen_addresses = '*'" /usr/share/postgresql/postgresql.conf.sample - -RUN mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 3777 /var/run/postgresql - -ENV PGDATA /var/lib/postgresql/data -# this 1777 will be replaced by 0700 at runtime (allows semi-arbitrary "--user" values) -RUN mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 1777 "$PGDATA" -VOLUME /var/lib/postgresql/data + && \ + pip3 install --break-system-packages --upgrade pip && \ + pip3 install --break-system-packages barman[cloud,azure,snappy,google] boto3==1.35.99 && \ + rm -rf /var/lib/apt/lists/* /var/cache/* /var/log/* # DoD 2.3 - remove setuid/setgid from any binary that not strictly requires it, and before doing that list them on the stdout RUN find / -not -path "/proc/*" -perm /6000 -type f -exec ls -ld {} \; -exec chmod a-s {} \; || true USER 26 - -COPY docker-entrypoint.sh /usr/local/bin/ -ENTRYPOINT ["docker-entrypoint.sh"] - -# We set the default STOPSIGNAL to SIGINT, which corresponds to what PostgreSQL -# calls "Fast Shutdown mode" wherein new connections are disallowed and any -# in-progress transactions are aborted, allowing PostgreSQL to stop cleanly and -# flush tables to disk, which is the best compromise available to avoid data -# corruption. -# -# Users who know their applications do not keep open long-lived idle connections -# may way to use a value of SIGTERM instead, which corresponds to "Smart -# Shutdown mode" in which any existing sessions are allowed to finish and the -# server stops when all sessions are terminated. -# -# See https://www.postgresql.org/docs/12/server-shutdown.html for more details -# about available PostgreSQL server shutdown signals. -# -# See also https://www.postgresql.org/docs/12/server-start.html for further -# justification of this as the default value, namely that the example (and -# shipped) systemd service files use the "Fast Shutdown mode" for service -# termination. -# -STOPSIGNAL SIGINT -# -# An additional setting that is recommended for all users regardless of this -# value is the runtime "--stop-timeout" (or your orchestrator/runtime's -# equivalent) for controlling how long to wait between sending the defined -# STOPSIGNAL and sending SIGKILL (which is likely to cause data corruption). -# -# The default in most runtimes (such as Docker) is 10 seconds, and the -# documentation at https://www.postgresql.org/docs/12/server-start.html notes -# that even 90 seconds may not be long enough in many instances. - -EXPOSE 5432 -CMD ["postgres"] diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh deleted file mode 100755 index 6f59993..0000000 --- a/docker-entrypoint.sh +++ /dev/null @@ -1,356 +0,0 @@ -#!/usr/bin/env bash -set -Eeo pipefail -# TODO swap to -Eeuo pipefail above (after handling all potentially-unset variables) - -# usage: file_env VAR [DEFAULT] -# ie: file_env 'XYZ_DB_PASSWORD' 'example' -# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of -# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature) -file_env() { - local var="$1" - local fileVar="${var}_FILE" - local def="${2:-}" - if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then - printf >&2 'error: both %s and %s are set (but are exclusive)\n' "$var" "$fileVar" - exit 1 - fi - local val="$def" - if [ "${!var:-}" ]; then - val="${!var}" - elif [ "${!fileVar:-}" ]; then - val="$(< "${!fileVar}")" - fi - export "$var"="$val" - unset "$fileVar" -} - -# check to see if this file is being run or sourced from another script -_is_sourced() { - # https://unix.stackexchange.com/a/215279 - [ "${#FUNCNAME[@]}" -ge 2 ] \ - && [ "${FUNCNAME[0]}" = '_is_sourced' ] \ - && [ "${FUNCNAME[1]}" = 'source' ] -} - -# used to create initial postgres directories and if run as root, ensure ownership to the "postgres" user -docker_create_db_directories() { - local user; user="$(id -u)" - - mkdir -p "$PGDATA" - # ignore failure since there are cases where we can't chmod (and PostgreSQL might fail later anyhow - it's picky about permissions of this directory) - chmod 00700 "$PGDATA" || : - - # ignore failure since it will be fine when using the image provided directory; see also https://github.com/docker-library/postgres/pull/289 - mkdir -p /var/run/postgresql || : - chmod 03775 /var/run/postgresql || : - - # Create the transaction log directory before initdb is run so the directory is owned by the correct user - if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then - mkdir -p "$POSTGRES_INITDB_WALDIR" - if [ "$user" = '0' ]; then - find "$POSTGRES_INITDB_WALDIR" \! -user postgres -exec chown postgres '{}' + - fi - chmod 700 "$POSTGRES_INITDB_WALDIR" - fi - - # allow the container to be started with `--user` - if [ "$user" = '0' ]; then - find "$PGDATA" \! -user postgres -exec chown postgres '{}' + - find /var/run/postgresql \! -user postgres -exec chown postgres '{}' + - fi -} - -# initialize empty PGDATA directory with new database via 'initdb' -# arguments to `initdb` can be passed via POSTGRES_INITDB_ARGS or as arguments to this function -# `initdb` automatically creates the "postgres", "template0", and "template1" dbnames -# this is also where the database user is created, specified by `POSTGRES_USER` env -docker_init_database_dir() { - # "initdb" is particular about the current user existing in "/etc/passwd", so we use "nss_wrapper" to fake that if necessary - # see https://github.com/docker-library/postgres/pull/253, https://github.com/docker-library/postgres/issues/359, https://cwrap.org/nss_wrapper.html - local uid; uid="$(id -u)" - if ! getent passwd "$uid" &> /dev/null; then - # see if we can find a suitable "libnss_wrapper.so" (https://salsa.debian.org/sssd-team/nss-wrapper/-/commit/b9925a653a54e24d09d9b498a2d913729f7abb15) - local wrapper - for wrapper in {/usr,}/lib{/*,}/libnss_wrapper.so; do - if [ -s "$wrapper" ]; then - NSS_WRAPPER_PASSWD="$(mktemp)" - NSS_WRAPPER_GROUP="$(mktemp)" - export LD_PRELOAD="$wrapper" NSS_WRAPPER_PASSWD NSS_WRAPPER_GROUP - local gid; gid="$(id -g)" - printf 'postgres:x:%s:%s:PostgreSQL:%s:/bin/false\n' "$uid" "$gid" "$PGDATA" > "$NSS_WRAPPER_PASSWD" - printf 'postgres:x:%s:\n' "$gid" > "$NSS_WRAPPER_GROUP" - break - fi - done - fi - - if [ -n "${POSTGRES_INITDB_WALDIR:-}" ]; then - set -- --waldir "$POSTGRES_INITDB_WALDIR" "$@" - fi - - # --pwfile refuses to handle a properly-empty file (hence the "\n"): https://github.com/docker-library/postgres/issues/1025 - eval 'initdb --username="$POSTGRES_USER" --pwfile=<(printf "%s\n" "$POSTGRES_PASSWORD") '"$POSTGRES_INITDB_ARGS"' "$@"' - - # unset/cleanup "nss_wrapper" bits - if [[ "${LD_PRELOAD:-}" == */libnss_wrapper.so ]]; then - rm -f "$NSS_WRAPPER_PASSWD" "$NSS_WRAPPER_GROUP" - unset LD_PRELOAD NSS_WRAPPER_PASSWD NSS_WRAPPER_GROUP - fi -} - -# print large warning if POSTGRES_PASSWORD is long -# error if both POSTGRES_PASSWORD is empty and POSTGRES_HOST_AUTH_METHOD is not 'trust' -# print large warning if POSTGRES_HOST_AUTH_METHOD is set to 'trust' -# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ] -docker_verify_minimum_env() { - case "${PG_MAJOR:-}" in - 12 | 13) # https://github.com/postgres/postgres/commit/67a472d71c98c3d2fa322a1b4013080b20720b98 - # check password first so we can output the warning before postgres - # messes it up - if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then - cat >&2 <<-'EOWARN' - - WARNING: The supplied POSTGRES_PASSWORD is 100+ characters. - - This will not work if used via PGPASSWORD with "psql". - - https://www.postgresql.org/message-id/flat/E1Rqxp2-0004Qt-PL%40wrigleys.postgresql.org (BUG #6412) - https://github.com/docker-library/postgres/issues/507 - - EOWARN - fi - ;; - esac - if [ -z "$POSTGRES_PASSWORD" ] && [ 'trust' != "$POSTGRES_HOST_AUTH_METHOD" ]; then - # The - option suppresses leading tabs but *not* spaces. :) - cat >&2 <<-'EOE' - Error: Database is uninitialized and superuser password is not specified. - You must specify POSTGRES_PASSWORD to a non-empty value for the - superuser. For example, "-e POSTGRES_PASSWORD=password" on "docker run". - - You may also use "POSTGRES_HOST_AUTH_METHOD=trust" to allow all - connections without a password. This is *not* recommended. - - See PostgreSQL documentation about "trust": - https://www.postgresql.org/docs/current/auth-trust.html - EOE - exit 1 - fi - if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then - cat >&2 <<-'EOWARN' - ******************************************************************************** - WARNING: POSTGRES_HOST_AUTH_METHOD has been set to "trust". This will allow - anyone with access to the Postgres port to access your database without - a password, even if POSTGRES_PASSWORD is set. See PostgreSQL - documentation about "trust": - https://www.postgresql.org/docs/current/auth-trust.html - In Docker's default configuration, this is effectively any other - container on the same system. - - It is not recommended to use POSTGRES_HOST_AUTH_METHOD=trust. Replace - it with "-e POSTGRES_PASSWORD=password" instead to set a password in - "docker run". - ******************************************************************************** - EOWARN - fi -} - -# usage: docker_process_init_files [file [file [...]]] -# ie: docker_process_init_files /always-initdb.d/* -# process initializer files, based on file extensions and permissions -docker_process_init_files() { - # psql here for backwards compatibility "${psql[@]}" - psql=( docker_process_sql ) - - printf '\n' - local f - for f; do - case "$f" in - *.sh) - # https://github.com/docker-library/postgres/issues/450#issuecomment-393167936 - # https://github.com/docker-library/postgres/pull/452 - if [ -x "$f" ]; then - printf '%s: running %s\n' "$0" "$f" - "$f" - else - printf '%s: sourcing %s\n' "$0" "$f" - . "$f" - fi - ;; - *.sql) printf '%s: running %s\n' "$0" "$f"; docker_process_sql -f "$f"; printf '\n' ;; - *.sql.gz) printf '%s: running %s\n' "$0" "$f"; gunzip -c "$f" | docker_process_sql; printf '\n' ;; - *.sql.xz) printf '%s: running %s\n' "$0" "$f"; xzcat "$f" | docker_process_sql; printf '\n' ;; - *.sql.zst) printf '%s: running %s\n' "$0" "$f"; zstd -dc "$f" | docker_process_sql; printf '\n' ;; - *) printf '%s: ignoring %s\n' "$0" "$f" ;; - esac - printf '\n' - done -} - -# Execute sql script, passed via stdin (or -f flag of pqsl) -# usage: docker_process_sql [psql-cli-args] -# ie: docker_process_sql --dbname=mydb <<<'INSERT ...' -# ie: docker_process_sql -f my-file.sql -# ie: docker_process_sql > "$PGDATA/pg_hba.conf" -} - -# start socket-only postgresql server for setting up or running scripts -# all arguments will be passed along as arguments to `postgres` (via pg_ctl) -docker_temp_server_start() { - if [ "$1" = 'postgres' ]; then - shift - fi - - # internal start of server in order to allow setup using psql client - # does not listen on external TCP/IP and waits until start finishes - set -- "$@" -c listen_addresses='' -p "${PGPORT:-5432}" - - PGUSER="${PGUSER:-$POSTGRES_USER}" \ - pg_ctl -D "$PGDATA" \ - -o "$(printf '%q ' "$@")" \ - -w start -} - -# stop postgresql server after done setting up user and running scripts -docker_temp_server_stop() { - PGUSER="${PGUSER:-postgres}" \ - pg_ctl -D "$PGDATA" -m fast -w stop -} - -# check arguments for an option that would cause postgres to stop -# return true if there is one -_pg_want_help() { - local arg - for arg; do - case "$arg" in - # postgres --help | grep 'then exit' - # leaving out -C on purpose since it always fails and is unhelpful: - # postgres: could not access the server configuration file "/var/lib/postgresql/data/postgresql.conf": No such file or directory - -'?'|--help|--describe-config|-V|--version) - return 0 - ;; - esac - done - return 1 -} - -_main() { - # if first arg looks like a flag, assume we want to run postgres server - if [ "${1:0:1}" = '-' ]; then - set -- postgres "$@" - fi - - if [ "$1" = 'postgres' ] && ! _pg_want_help "$@"; then - docker_setup_env - # setup data directories and permissions (when run as root) - docker_create_db_directories - if [ "$(id -u)" = '0' ]; then - # then restart script as postgres user - exec gosu postgres "$BASH_SOURCE" "$@" - fi - - # only run initialization on an empty data directory - if [ -z "$DATABASE_ALREADY_EXISTS" ]; then - docker_verify_minimum_env - - # check dir permissions to reduce likelihood of half-initialized database - ls /docker-entrypoint-initdb.d/ > /dev/null - - docker_init_database_dir - pg_setup_hba_conf "$@" - - # PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless - # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS - export PGPASSWORD="${PGPASSWORD:-$POSTGRES_PASSWORD}" - docker_temp_server_start "$@" - - docker_setup_db - docker_process_init_files /docker-entrypoint-initdb.d/* - - docker_temp_server_stop - unset PGPASSWORD - - cat <<-'EOM' - - PostgreSQL init process complete; ready for start up. - - EOM - else - cat <<-'EOM' - - PostgreSQL Database directory appears to contain a database; Skipping initialization - - EOM - fi - fi - - exec "$@" -} - -if ! _is_sourced; then - _main "$@" -fi