From 4aabacc1e65809d7d4f09660a9af656ff9074af2 Mon Sep 17 00:00:00 2001
From: Adarsh Shah <github@shahadarsh.com>
Date: Wed, 6 Mar 2024 18:27:22 -0500
Subject: [PATCH 1/3] initial support for alt base image

---
 tembo-cli/src/cmd/apply.rs          | 10 +++++++
 tembo-cli/tembo/Dockerfile.template | 44 +++++++++++++++++++++++++++--
 2 files changed, 52 insertions(+), 2 deletions(-)

diff --git a/tembo-cli/src/cmd/apply.rs b/tembo-cli/src/cmd/apply.rs
index cdd026f0c..c0a6e8956 100644
--- a/tembo-cli/src/cmd/apply.rs
+++ b/tembo-cli/src/cmd/apply.rs
@@ -1109,6 +1109,16 @@ fn get_postgres_config(
         }
     }
 
+    postgres_config.push_str(
+        "
+    listen_addresses = '*'
+    include_dir = 'extra-configs'
+    ssl = on
+    ssl_cert_file = '/var/lib/postgresql/server.crt'
+    ssl_key_file = '/var/lib/postgresql/server.key'
+    ssl_min_protocol_version = 'TLSv1.2'",
+    );
+
     Ok(postgres_config)
 }
 
diff --git a/tembo-cli/tembo/Dockerfile.template b/tembo-cli/tembo/Dockerfile.template
index b1bd79dfb..dba6e192a 100644
--- a/tembo-cli/tembo/Dockerfile.template
+++ b/tembo-cli/tembo/Dockerfile.template
@@ -1,4 +1,42 @@
-FROM quay.io/tembo/tembo-local:latest
+FROM quay.io/tembo/standard-cnpg:15-a0a5ab5
+
+USER root
+
+RUN apt-get update && \
+    apt-get install -y vim openssl && \
+    apt-get autoremove -y && \
+    apt-get clean -y && \
+    rm -rf /var/lib/apt/lists/*
+
+RUN chown -R postgres:postgres $PGDATA && \
+    chmod -R 0700 $PGDATA
+# Set up the environment for the data directory
+ENV PGDATA /var/lib/postgresql/data2
+RUN mkdir -p $PGDATA && \
+    chown -R postgres:postgres $PGDATA && \
+    chmod -R 0700 $PGDATA
+
+# Generate self-signed certificate
+RUN openssl req -new -newkey rsa:4096 -days 365 -nodes -x509 \
+    -subj "/CN=*.local.tembo.io" \
+    -keyout /var/lib/postgresql/server.key \
+    -out /var/lib/postgresql/server.crt && \
+    chown postgres:postgres /var/lib/postgresql/server.* && \
+    chmod 600 /var/lib/postgresql/server.key
+
+USER postgres
+
+# Initialize the database
+RUN pg_ctl -c init
+
+# Set permissive authentication (for local testing)
+RUN echo "hostssl all all 0.0.0.0/0 trust" >> ${PGDATA}/pg_hba.conf
+
+# Set environment variables
+ENV PGHOST=localhost
+ENV PGPORT=5432
+ENV PGDATABASE=postgres
+ENV PGUSER=postgres
 
 {% for trunk_install in trunk_installs %}
 {% if trunk_install.version %}
@@ -10,4 +48,6 @@ RUN trunk install {{trunk_install.name}}
 
 # Optional:
 # Specify extra Postgres configurations by copying into this directory
-COPY postgres.conf $PGDATA/extra-configs
\ No newline at end of file
+COPY postgres.conf $PGDATA/extra-configs
+
+CMD ["postgres"]
\ No newline at end of file

From 767b04eadf96d60fdd70821c13312a16af720680 Mon Sep 17 00:00:00 2001
From: Steven Miller <sjmiller609@gmail.com>
Date: Wed, 6 Mar 2024 18:50:59 -0500
Subject: [PATCH 2/3] Fix connect local

---
 tembo-cli/src/cmd/apply.rs          | 11 +++++------
 tembo-cli/tembo/Dockerfile.template |  7 +++++--
 2 files changed, 10 insertions(+), 8 deletions(-)

diff --git a/tembo-cli/src/cmd/apply.rs b/tembo-cli/src/cmd/apply.rs
index c0a6e8956..0767f054b 100644
--- a/tembo-cli/src/cmd/apply.rs
+++ b/tembo-cli/src/cmd/apply.rs
@@ -1111,12 +1111,11 @@ fn get_postgres_config(
 
     postgres_config.push_str(
         "
-    listen_addresses = '*'
-    include_dir = 'extra-configs'
-    ssl = on
-    ssl_cert_file = '/var/lib/postgresql/server.crt'
-    ssl_key_file = '/var/lib/postgresql/server.key'
-    ssl_min_protocol_version = 'TLSv1.2'",
+listen_addresses = '*'
+ssl = 'on'
+ssl_cert_file = '/var/lib/postgresql/server.crt'
+ssl_key_file = '/var/lib/postgresql/server.key'
+ssl_min_protocol_version = 'TLSv1.2'",
     );
 
     Ok(postgres_config)
diff --git a/tembo-cli/tembo/Dockerfile.template b/tembo-cli/tembo/Dockerfile.template
index dba6e192a..bc9af06f9 100644
--- a/tembo-cli/tembo/Dockerfile.template
+++ b/tembo-cli/tembo/Dockerfile.template
@@ -29,8 +29,11 @@ USER postgres
 # Initialize the database
 RUN pg_ctl -c init
 
+
 # Set permissive authentication (for local testing)
 RUN echo "hostssl all all 0.0.0.0/0 trust" >> ${PGDATA}/pg_hba.conf
+RUN echo "include_dir = 'extra-configs'" >> ${PGDATA}/postgresql.conf
+RUN mkdir -p $PGDATA/extra-configs
 
 # Set environment variables
 ENV PGHOST=localhost
@@ -48,6 +51,6 @@ RUN trunk install {{trunk_install.name}}
 
 # Optional:
 # Specify extra Postgres configurations by copying into this directory
-COPY postgres.conf $PGDATA/extra-configs
+COPY postgres.conf $PGDATA/extra-configs/postgres.conf
 
-CMD ["postgres"]
\ No newline at end of file
+CMD ["postgres"]

From 1ddd16bb53a8bed891a7125084b664c8c05ae89e Mon Sep 17 00:00:00 2001
From: Adarsh Shah <github@shahadarsh.com>
Date: Thu, 7 Mar 2024 13:14:20 -0500
Subject: [PATCH 3/3] uses alt base image based on the stack

---
 tembo-cli/src/cmd/apply.rs          | 16 ++++++++++++++--
 tembo-cli/tembo/Dockerfile.template |  2 +-
 2 files changed, 15 insertions(+), 3 deletions(-)

diff --git a/tembo-cli/src/cmd/apply.rs b/tembo-cli/src/cmd/apply.rs
index 0767f054b..97517ad27 100644
--- a/tembo-cli/src/cmd/apply.rs
+++ b/tembo-cli/src/cmd/apply.rs
@@ -10,6 +10,7 @@ use controller::extensions::types::Extension as ControllerExtension;
 use controller::extensions::types::ExtensionInstallLocation as ControllerExtensionInstallLocation;
 use controller::extensions::types::TrunkInstall as ControllerTrunkInstall;
 use controller::stacks::get_stack;
+use controller::stacks::types::Stack;
 use controller::stacks::types::StackType as ControllerStackType;
 use itertools::Itertools;
 use log::info;
@@ -240,10 +241,11 @@ fn docker_apply_instance(
         stack.app_services.clone(),
         extensions,
         trunk_installs,
-        stack.postgres_config,
+        stack.postgres_config.clone(),
     )?;
 
-    let rendered_dockerfile: String = get_rendered_dockerfile(&trunk_installs)?;
+    let rendered_dockerfile: String =
+        get_rendered_dockerfile(&trunk_installs, &stack, instance_setting.pg_version)?;
 
     FileUtils::create_file(
         DOCKERFILE_NAME.to_string(),
@@ -988,6 +990,8 @@ pub fn get_instance_settings(
 
 pub fn get_rendered_dockerfile(
     trunk_installs: &Option<Vec<ControllerTrunkInstall>>,
+    stack: &Stack,
+    pg_version: u8,
 ) -> Result<String, anyhow::Error> {
     // Include the Dockerfile template directly into the binary
     let contents = include_str!("../../tembo/Dockerfile.template");
@@ -996,6 +1000,14 @@ pub fn get_rendered_dockerfile(
     let _ = tera.add_raw_template("dockerfile", contents);
     let mut context = Context::new();
 
+    let image = match pg_version.into() {
+        14 => &stack.images.pg14,
+        15 => &stack.images.pg15,
+        16 => &stack.images.pg16,
+        _ => &stack.images.pg15,
+    };
+
+    context.insert("image_with_version", &image);
     context.insert("trunk_installs", &trunk_installs);
 
     let rendered_dockerfile = tera.render("dockerfile", &context).unwrap();
diff --git a/tembo-cli/tembo/Dockerfile.template b/tembo-cli/tembo/Dockerfile.template
index bc9af06f9..91e08b0c6 100644
--- a/tembo-cli/tembo/Dockerfile.template
+++ b/tembo-cli/tembo/Dockerfile.template
@@ -1,4 +1,4 @@
-FROM quay.io/tembo/standard-cnpg:15-a0a5ab5
+FROM quay.io/tembo/{{image_with_version}}
 
 USER root