From b759d11f18b23eb8bcb00b3e03c829ec0bb1bc9e Mon Sep 17 00:00:00 2001 From: Conor Brady Date: Wed, 15 Nov 2023 10:06:57 -0800 Subject: [PATCH 01/68] Install pgbackrest and configure --- openshift/patroni-postgis/README.md | 4 +-- openshift/patroni-postgis/docker/Dockerfile | 1 + openshift/patroni-postgis/docker/init_postgis | 25 +++++++++++++++++++ .../patroni-postgis/openshift/build.yaml | 14 ++++++++++- 4 files changed, 41 insertions(+), 3 deletions(-) diff --git a/openshift/patroni-postgis/README.md b/openshift/patroni-postgis/README.md index 8393eff89..ad60a696b 100644 --- a/openshift/patroni-postgis/README.md +++ b/openshift/patroni-postgis/README.md @@ -11,7 +11,7 @@ The WPS pipeline currently assumes the existence of an appropriately tagged patr ```bash # Build a patroni imagestream: -oc -n e1e498-tools process -f openshift/build.yaml | oc -n e1e498-tools apply -f - +oc -n e1e498-tools process -f openshift/build.yaml -p OBJECT_STORE_SERVER="server" -p OBJECT_STORE_BUCKET="bucket" -p OBJECT_STORE_USER_ID="uid" -p OBJECT_STORE_SECRET="sec" | oc -n e1e498-tools apply -f - # Tag the old imagestream so we can keep it around if we need to revert: oc -n e1e498-tools tag patroni-postgres:v12 patroni-postgres:v12- # Tag the new imagestream (it won't be used until the pods get re-created): @@ -69,4 +69,4 @@ SELECT postgis_extensions_upgrade(); This script cannot be run as part of the alembic scripts in the api project, the api uses a `wps` user that does not have the appropriate priveleges. Upgrading the image may this require manually running `SELECT postgis_extensions_upgrade();` on the target database once the new image has been applied. -The PostGIS version can be checked with `SELECT postgis_full_version();` \ No newline at end of file +The PostGIS version can be checked with `SELECT postgis_full_version();` diff --git a/openshift/patroni-postgis/docker/Dockerfile b/openshift/patroni-postgis/docker/Dockerfile index 23bc25d83..38ce5b89b 100644 --- a/openshift/patroni-postgis/docker/Dockerfile +++ b/openshift/patroni-postgis/docker/Dockerfile @@ -14,6 +14,7 @@ RUN apt-get update \ && apt-get install -y --no-install-recommends \ postgresql-$PG_MAJOR-postgis-$POSTGIS_MAJOR=$POSTGIS_VERSION \ postgresql-$PG_MAJOR-postgis-$POSTGIS_MAJOR-scripts=$POSTGIS_VERSION \ + pgbackrest \ && rm -rf /var/lib/apt/lists/* # Add the POSTGIS command to the end of the post_init script. diff --git a/openshift/patroni-postgis/docker/init_postgis b/openshift/patroni-postgis/docker/init_postgis index 829d96150..ac4297308 100644 --- a/openshift/patroni-postgis/docker/init_postgis +++ b/openshift/patroni-postgis/docker/init_postgis @@ -3,3 +3,28 @@ if [[ (! -z "$APP_USER") && (! -z "$APP_PASSWORD") && (! -z "$APP_DATABASE")]]; echo "Loading PostGIS extensions into $APP_DATABASE" psql "$1" -w -c "\c ${APP_DATABASE}" -c "CREATE EXTENSION IF NOT EXISTS postgis;" fi + +cat < Date: Wed, 15 Nov 2023 10:35:56 -0800 Subject: [PATCH 02/68] Bump postgis --- openshift/patroni-postgis/README.md | 2 +- openshift/patroni-postgis/docker/Dockerfile | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/openshift/patroni-postgis/README.md b/openshift/patroni-postgis/README.md index ad60a696b..17854720e 100644 --- a/openshift/patroni-postgis/README.md +++ b/openshift/patroni-postgis/README.md @@ -11,7 +11,7 @@ The WPS pipeline currently assumes the existence of an appropriately tagged patr ```bash # Build a patroni imagestream: -oc -n e1e498-tools process -f openshift/build.yaml -p OBJECT_STORE_SERVER="server" -p OBJECT_STORE_BUCKET="bucket" -p OBJECT_STORE_USER_ID="uid" -p OBJECT_STORE_SECRET="sec" | oc -n e1e498-tools apply -f - +oc -n e1e498-tools process -f openshift/build.yaml -p OBJECT_STORE_SERVER="server" -p OBJECT_STORE_BUCKET="bucket" -p OBJECT_STORE_USER_ID="uid" -p OBJECT_STORE_SECRET="sec" -p GIT_REF="" | oc -n e1e498-tools apply -f - # Tag the old imagestream so we can keep it around if we need to revert: oc -n e1e498-tools tag patroni-postgres:v12 patroni-postgres:v12- # Tag the new imagestream (it won't be used until the pods get re-created): diff --git a/openshift/patroni-postgis/docker/Dockerfile b/openshift/patroni-postgis/docker/Dockerfile index 38ce5b89b..5887109be 100644 --- a/openshift/patroni-postgis/docker/Dockerfile +++ b/openshift/patroni-postgis/docker/Dockerfile @@ -3,7 +3,7 @@ FROM image-registry.openshift-image-registry.svc:5000/bcgov/patroni-postgres:12.4-latest ENV POSTGIS_MAJOR 3 -ENV POSTGIS_VERSION 3.3.1+dfsg-1.pgdg100+1 +ENV POSTGIS_VERSION 3.4.0+dfsg-1.pgdg110+1 # Switch to root user for package installs USER 0 From 442814164a8892eb218753e3474f1689cb09cfb8 Mon Sep 17 00:00:00 2001 From: Conor Brady Date: Wed, 15 Nov 2023 11:00:23 -0800 Subject: [PATCH 03/68] Try again --- openshift/patroni-postgis/docker/Dockerfile | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/openshift/patroni-postgis/docker/Dockerfile b/openshift/patroni-postgis/docker/Dockerfile index 5887109be..ef9e8889d 100644 --- a/openshift/patroni-postgis/docker/Dockerfile +++ b/openshift/patroni-postgis/docker/Dockerfile @@ -12,8 +12,12 @@ USER 0 RUN apt-get update \ && apt-cache showpkg postgresql-$PG_MAJOR-postgis-$POSTGIS_MAJOR \ && apt-get install -y --no-install-recommends \ + # ca-certificates: for accessing remote raster files; + # fix: https://github.com/postgis/docker-postgis/issues/307 + ca-certificates \ + \ postgresql-$PG_MAJOR-postgis-$POSTGIS_MAJOR=$POSTGIS_VERSION \ - postgresql-$PG_MAJOR-postgis-$POSTGIS_MAJOR-scripts=$POSTGIS_VERSION \ + postgresql-$PG_MAJOR-postgis-$POSTGIS_MAJOR-scripts \ pgbackrest \ && rm -rf /var/lib/apt/lists/* From 85b628852a354861498f91cf92fb6beb39e8d3c7 Mon Sep 17 00:00:00 2001 From: Conor Brady Date: Wed, 15 Nov 2023 11:19:24 -0800 Subject: [PATCH 04/68] Again --- openshift/patroni-postgis/docker/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/openshift/patroni-postgis/docker/Dockerfile b/openshift/patroni-postgis/docker/Dockerfile index ef9e8889d..5843d3c21 100644 --- a/openshift/patroni-postgis/docker/Dockerfile +++ b/openshift/patroni-postgis/docker/Dockerfile @@ -3,7 +3,7 @@ FROM image-registry.openshift-image-registry.svc:5000/bcgov/patroni-postgres:12.4-latest ENV POSTGIS_MAJOR 3 -ENV POSTGIS_VERSION 3.4.0+dfsg-1.pgdg110+1 +ENV POSTGIS_VERSION 3.3.4+dfsg-1.pgdg100+1 # Switch to root user for package installs USER 0 From 642b7bb18b6ed55f77d556dd7c2243b9a9814c71 Mon Sep 17 00:00:00 2001 From: Conor Brady Date: Wed, 15 Nov 2023 11:58:24 -0800 Subject: [PATCH 05/68] Point patroni to new image --- openshift/templates/patroni.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/openshift/templates/patroni.yaml b/openshift/templates/patroni.yaml index 53166ae15..ef8502596 100644 --- a/openshift/templates/patroni.yaml +++ b/openshift/templates/patroni.yaml @@ -287,12 +287,12 @@ parameters: - name: IMAGE_NAME description: | The Patroni image stream name - value: patroni-postgres + value: patroni-postgres-pgbackrest - name: IMAGE_TAG description: | The image tag used to specify which image you would like deployed. Don't use `latest`. - value: "v12-2022-09-12" + value: "v12-latest" - name: PVC_SIZE description: The size of the persistent volume to create. displayName: Persistent Volume Size From e1e4ab88953a3bbdb090da0f9907c8adce7fb0ab Mon Sep 17 00:00:00 2001 From: Conor Brady Date: Wed, 15 Nov 2023 12:54:38 -0800 Subject: [PATCH 06/68] Make object store docker args --- openshift/patroni-postgis/README.md | 2 +- openshift/patroni-postgis/docker/Dockerfile | 6 ++++++ 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/openshift/patroni-postgis/README.md b/openshift/patroni-postgis/README.md index 17854720e..892e9a726 100644 --- a/openshift/patroni-postgis/README.md +++ b/openshift/patroni-postgis/README.md @@ -11,7 +11,7 @@ The WPS pipeline currently assumes the existence of an appropriately tagged patr ```bash # Build a patroni imagestream: -oc -n e1e498-tools process -f openshift/build.yaml -p OBJECT_STORE_SERVER="server" -p OBJECT_STORE_BUCKET="bucket" -p OBJECT_STORE_USER_ID="uid" -p OBJECT_STORE_SECRET="sec" -p GIT_REF="" | oc -n e1e498-tools apply -f - +oc -n e1e498-tools process -f openshift/build.yaml| oc -n e1e498-tools apply -f - # Tag the old imagestream so we can keep it around if we need to revert: oc -n e1e498-tools tag patroni-postgres:v12 patroni-postgres:v12- # Tag the new imagestream (it won't be used until the pods get re-created): diff --git a/openshift/patroni-postgis/docker/Dockerfile b/openshift/patroni-postgis/docker/Dockerfile index 5843d3c21..1ea47fe1d 100644 --- a/openshift/patroni-postgis/docker/Dockerfile +++ b/openshift/patroni-postgis/docker/Dockerfile @@ -2,6 +2,12 @@ # For details, see: https://github.com/bcgov/patroni-postgres-container/ FROM image-registry.openshift-image-registry.svc:5000/bcgov/patroni-postgres:12.4-latest +# The below must be supplied for a build +ARG OBJECT_STORE_SERVER=server +ARG OBJECT_STORE_BUCKET=bucket +ARG OBJECT_STORE_USER_ID=uid +ARG OBJECT_STORE_SECRET=sec + ENV POSTGIS_MAJOR 3 ENV POSTGIS_VERSION 3.3.4+dfsg-1.pgdg100+1 From 08e7ab13e9d2087602e3a897a716817fb70c5397 Mon Sep 17 00:00:00 2001 From: Conor Brady Date: Wed, 15 Nov 2023 12:55:58 -0800 Subject: [PATCH 07/68] Remove required object store fields from build --- .../patroni-postgis/openshift/build.yaml | 24 +++++++++---------- 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/openshift/patroni-postgis/openshift/build.yaml b/openshift/patroni-postgis/openshift/build.yaml index d4fe5ae70..cc2aceea6 100644 --- a/openshift/patroni-postgis/openshift/build.yaml +++ b/openshift/patroni-postgis/openshift/build.yaml @@ -23,18 +23,18 @@ parameters: value: main - name: POSTGRES_VERSION value: "12" - - name: OBJECT_STORE_SERVER - description: Backup object store server - required: true - - name: OBJECT_STORE_BUCKET - description: Backup object store bucket - required: true - - name: OBJECT_STORE_USER_ID - description: Backup object store user id - required: true - - name: OBJECT_STORE_SECRET - description: Backup object store secret - required: true + # - name: OBJECT_STORE_SERVER + # description: Backup object store server + # required: true + # - name: OBJECT_STORE_BUCKET + # description: Backup object store bucket + # required: true + # - name: OBJECT_STORE_USER_ID + # description: Backup object store user id + # required: true + # - name: OBJECT_STORE_SECRET + # description: Backup object store secret + # required: true objects: - apiVersion: v1 kind: ImageStream From 109d55e54ad1689d70c49a68e2cf03dbe5d003de Mon Sep 17 00:00:00 2001 From: Conor Brady Date: Wed, 15 Nov 2023 13:56:45 -0800 Subject: [PATCH 08/68] Try with build args --- openshift/patroni-postgis/README.md | 2 +- .../patroni-postgis/openshift/build.yaml | 33 ++++++++++++------- 2 files changed, 22 insertions(+), 13 deletions(-) diff --git a/openshift/patroni-postgis/README.md b/openshift/patroni-postgis/README.md index 892e9a726..17854720e 100644 --- a/openshift/patroni-postgis/README.md +++ b/openshift/patroni-postgis/README.md @@ -11,7 +11,7 @@ The WPS pipeline currently assumes the existence of an appropriately tagged patr ```bash # Build a patroni imagestream: -oc -n e1e498-tools process -f openshift/build.yaml| oc -n e1e498-tools apply -f - +oc -n e1e498-tools process -f openshift/build.yaml -p OBJECT_STORE_SERVER="server" -p OBJECT_STORE_BUCKET="bucket" -p OBJECT_STORE_USER_ID="uid" -p OBJECT_STORE_SECRET="sec" -p GIT_REF="" | oc -n e1e498-tools apply -f - # Tag the old imagestream so we can keep it around if we need to revert: oc -n e1e498-tools tag patroni-postgres:v12 patroni-postgres:v12- # Tag the new imagestream (it won't be used until the pods get re-created): diff --git a/openshift/patroni-postgis/openshift/build.yaml b/openshift/patroni-postgis/openshift/build.yaml index cc2aceea6..4b73103b6 100644 --- a/openshift/patroni-postgis/openshift/build.yaml +++ b/openshift/patroni-postgis/openshift/build.yaml @@ -23,18 +23,18 @@ parameters: value: main - name: POSTGRES_VERSION value: "12" - # - name: OBJECT_STORE_SERVER - # description: Backup object store server - # required: true - # - name: OBJECT_STORE_BUCKET - # description: Backup object store bucket - # required: true - # - name: OBJECT_STORE_USER_ID - # description: Backup object store user id - # required: true - # - name: OBJECT_STORE_SECRET - # description: Backup object store secret - # required: true + - name: OBJECT_STORE_SERVER + description: Backup object store server + required: true + - name: OBJECT_STORE_BUCKET + description: Backup object store bucket + required: true + - name: OBJECT_STORE_USER_ID + description: Backup object store user id + required: true + - name: OBJECT_STORE_SECRET + description: Backup object store secret + required: true objects: - apiVersion: v1 kind: ImageStream @@ -67,6 +67,15 @@ objects: type: Git strategy: dockerStrategy: + buildArgs: + - name: "OBJECT_STORE_SERVER" + value: "${OBJECT_STORE_SERVER}" + - name: "OBJECT_STORE_BUCKET" + value: "${OBJECT_STORE_BUCKET}" + - name: "OBJECT_STORE_USER_ID" + value: "${OBJECT_STORE_USER_ID}" + - name: "OBJECT_STORE_SECRET" + value: "${OBJECT_STORE_SECRET}" type: Docker triggers: - type: ConfigChange From de4f0165f1767daa197b36586b6ec9dfbbc44b72 Mon Sep 17 00:00:00 2001 From: Conor Brady Date: Wed, 15 Nov 2023 14:01:09 -0800 Subject: [PATCH 09/68] Try with env variables --- openshift/patroni-postgis/docker/Dockerfile | 6 ------ openshift/patroni-postgis/docker/init_postgis | 2 +- openshift/patroni-postgis/openshift/build.yaml | 2 +- 3 files changed, 2 insertions(+), 8 deletions(-) diff --git a/openshift/patroni-postgis/docker/Dockerfile b/openshift/patroni-postgis/docker/Dockerfile index 1ea47fe1d..5843d3c21 100644 --- a/openshift/patroni-postgis/docker/Dockerfile +++ b/openshift/patroni-postgis/docker/Dockerfile @@ -2,12 +2,6 @@ # For details, see: https://github.com/bcgov/patroni-postgres-container/ FROM image-registry.openshift-image-registry.svc:5000/bcgov/patroni-postgres:12.4-latest -# The below must be supplied for a build -ARG OBJECT_STORE_SERVER=server -ARG OBJECT_STORE_BUCKET=bucket -ARG OBJECT_STORE_USER_ID=uid -ARG OBJECT_STORE_SECRET=sec - ENV POSTGIS_MAJOR 3 ENV POSTGIS_VERSION 3.3.4+dfsg-1.pgdg100+1 diff --git a/openshift/patroni-postgis/docker/init_postgis b/openshift/patroni-postgis/docker/init_postgis index ac4297308..7d2835b62 100644 --- a/openshift/patroni-postgis/docker/init_postgis +++ b/openshift/patroni-postgis/docker/init_postgis @@ -4,7 +4,7 @@ if [[ (! -z "$APP_USER") && (! -z "$APP_PASSWORD") && (! -z "$APP_DATABASE")]]; psql "$1" -w -c "\c ${APP_DATABASE}" -c "CREATE EXTENSION IF NOT EXISTS postgis;" fi -cat < Date: Wed, 15 Nov 2023 14:50:25 -0800 Subject: [PATCH 10/68] Move sudio --- openshift/patroni-postgis/docker/init_postgis | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/openshift/patroni-postgis/docker/init_postgis b/openshift/patroni-postgis/docker/init_postgis index 7d2835b62..6c4e03195 100644 --- a/openshift/patroni-postgis/docker/init_postgis +++ b/openshift/patroni-postgis/docker/init_postgis @@ -4,7 +4,7 @@ if [[ (! -z "$APP_USER") && (! -z "$APP_PASSWORD") && (! -z "$APP_DATABASE")]]; psql "$1" -w -c "\c ${APP_DATABASE}" -c "CREATE EXTENSION IF NOT EXISTS postgis;" fi -cat < Date: Wed, 15 Nov 2023 15:06:10 -0800 Subject: [PATCH 11/68] Change perms on pgbackrest.conf --- openshift/patroni-postgis/docker/Dockerfile | 2 ++ openshift/patroni-postgis/docker/init_postgis | 2 +- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/openshift/patroni-postgis/docker/Dockerfile b/openshift/patroni-postgis/docker/Dockerfile index 5843d3c21..c23078fa5 100644 --- a/openshift/patroni-postgis/docker/Dockerfile +++ b/openshift/patroni-postgis/docker/Dockerfile @@ -26,5 +26,7 @@ COPY init_postgis /usr/share/scripts/patroni/ RUN cat /usr/share/scripts/patroni/init_postgis >> /usr/share/scripts/patroni/post_init.sh RUN rm /usr/share/scripts/patroni/init_postgis +RUN chmod a+rwx /etc/pgbackrest + # Switch back to default user USER 1001 \ No newline at end of file diff --git a/openshift/patroni-postgis/docker/init_postgis b/openshift/patroni-postgis/docker/init_postgis index 6c4e03195..7d2835b62 100644 --- a/openshift/patroni-postgis/docker/init_postgis +++ b/openshift/patroni-postgis/docker/init_postgis @@ -4,7 +4,7 @@ if [[ (! -z "$APP_USER") && (! -z "$APP_PASSWORD") && (! -z "$APP_DATABASE")]]; psql "$1" -w -c "\c ${APP_DATABASE}" -c "CREATE EXTENSION IF NOT EXISTS postgis;" fi -sudo cat < Date: Wed, 15 Nov 2023 15:20:13 -0800 Subject: [PATCH 12/68] Create a pgbackrest folder --- openshift/patroni-postgis/docker/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/openshift/patroni-postgis/docker/Dockerfile b/openshift/patroni-postgis/docker/Dockerfile index c23078fa5..48246f97f 100644 --- a/openshift/patroni-postgis/docker/Dockerfile +++ b/openshift/patroni-postgis/docker/Dockerfile @@ -26,7 +26,7 @@ COPY init_postgis /usr/share/scripts/patroni/ RUN cat /usr/share/scripts/patroni/init_postgis >> /usr/share/scripts/patroni/post_init.sh RUN rm /usr/share/scripts/patroni/init_postgis -RUN chmod a+rwx /etc/pgbackrest +RUN mkdir -p /etc/pgbackrest && chmod a+rwx /etc/pgbackrest # Switch back to default user USER 1001 \ No newline at end of file From 9c2c9ac71dd5ef3c66cdea268f9719dfb3f81dbe Mon Sep 17 00:00:00 2001 From: Conor Brady Date: Thu, 16 Nov 2023 10:36:27 -0800 Subject: [PATCH 13/68] Move configuration to command --- openshift/patroni-postgis/docker/Dockerfile | 15 +++++++++++ openshift/patroni-postgis/docker/init_postgis | 27 +------------------ 2 files changed, 16 insertions(+), 26 deletions(-) diff --git a/openshift/patroni-postgis/docker/Dockerfile b/openshift/patroni-postgis/docker/Dockerfile index 48246f97f..2bab83c94 100644 --- a/openshift/patroni-postgis/docker/Dockerfile +++ b/openshift/patroni-postgis/docker/Dockerfile @@ -27,6 +27,21 @@ RUN cat /usr/share/scripts/patroni/init_postgis >> /usr/share/scripts/patroni/po RUN rm /usr/share/scripts/patroni/init_postgis RUN mkdir -p /etc/pgbackrest && chmod a+rwx /etc/pgbackrest +RUN pgbackrest --stanza=demo-cluster-1 \ + --repo-s3-endpoint=$OBJECT_STORE_SERVER \ + --repo1-s3-key=$OBJECT_STORE_USER_ID \ + --repo1-s3-key-secret=$OBJECT_STORE_SECRET \ + --repo1-s3-bucket=$OBJECT_STORE_BUCKET \ + --repo1-s3-region=$eu-west-3 \ + --type=s3 backup \ + --pg1-path=/home/postgres/pgdata/pgroot/data \ + --pg1-port=5432 \ + --pg1-user=postgres \ + --repo1-path=/repo1 \ + --repo1-retention-full=3 \ + --process-max=2 \ + --delta=y + # Switch back to default user USER 1001 \ No newline at end of file diff --git a/openshift/patroni-postgis/docker/init_postgis b/openshift/patroni-postgis/docker/init_postgis index 7d2835b62..b7855aae2 100644 --- a/openshift/patroni-postgis/docker/init_postgis +++ b/openshift/patroni-postgis/docker/init_postgis @@ -2,29 +2,4 @@ if [[ (! -z "$APP_USER") && (! -z "$APP_PASSWORD") && (! -z "$APP_DATABASE")]]; then echo "Loading PostGIS extensions into $APP_DATABASE" psql "$1" -w -c "\c ${APP_DATABASE}" -c "CREATE EXTENSION IF NOT EXISTS postgis;" -fi - -cat < Date: Thu, 16 Nov 2023 10:54:46 -0800 Subject: [PATCH 14/68] Try embedding in dockerfile --- openshift/patroni-postgis/docker/Dockerfile | 39 +++++++++++++-------- 1 file changed, 24 insertions(+), 15 deletions(-) diff --git a/openshift/patroni-postgis/docker/Dockerfile b/openshift/patroni-postgis/docker/Dockerfile index 2bab83c94..975b6c5f3 100644 --- a/openshift/patroni-postgis/docker/Dockerfile +++ b/openshift/patroni-postgis/docker/Dockerfile @@ -26,21 +26,30 @@ COPY init_postgis /usr/share/scripts/patroni/ RUN cat /usr/share/scripts/patroni/init_postgis >> /usr/share/scripts/patroni/post_init.sh RUN rm /usr/share/scripts/patroni/init_postgis -RUN mkdir -p /etc/pgbackrest && chmod a+rwx /etc/pgbackrest -RUN pgbackrest --stanza=demo-cluster-1 \ - --repo-s3-endpoint=$OBJECT_STORE_SERVER \ - --repo1-s3-key=$OBJECT_STORE_USER_ID \ - --repo1-s3-key-secret=$OBJECT_STORE_SECRET \ - --repo1-s3-bucket=$OBJECT_STORE_BUCKET \ - --repo1-s3-region=$eu-west-3 \ - --type=s3 backup \ - --pg1-path=/home/postgres/pgdata/pgroot/data \ - --pg1-port=5432 \ - --pg1-user=postgres \ - --repo1-path=/repo1 \ - --repo1-retention-full=3 \ - --process-max=2 \ - --delta=y +RUN cat < Date: Thu, 16 Nov 2023 11:08:02 -0800 Subject: [PATCH 15/68] New append command --- openshift/patroni-postgis/docker/Dockerfile | 47 ++++++++++----------- 1 file changed, 23 insertions(+), 24 deletions(-) diff --git a/openshift/patroni-postgis/docker/Dockerfile b/openshift/patroni-postgis/docker/Dockerfile index 975b6c5f3..aa8fbf73c 100644 --- a/openshift/patroni-postgis/docker/Dockerfile +++ b/openshift/patroni-postgis/docker/Dockerfile @@ -26,30 +26,29 @@ COPY init_postgis /usr/share/scripts/patroni/ RUN cat /usr/share/scripts/patroni/init_postgis >> /usr/share/scripts/patroni/post_init.sh RUN rm /usr/share/scripts/patroni/init_postgis -RUN cat <> /etc/pgbackrest.conf # Switch back to default user From 5af0472549ce42680ba9c679fbc311e981d405cd Mon Sep 17 00:00:00 2001 From: Conor Brady Date: Thu, 16 Nov 2023 11:28:00 -0800 Subject: [PATCH 16/68] Change config location --- openshift/patroni-postgis/docker/Dockerfile | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/openshift/patroni-postgis/docker/Dockerfile b/openshift/patroni-postgis/docker/Dockerfile index aa8fbf73c..a363a6a4e 100644 --- a/openshift/patroni-postgis/docker/Dockerfile +++ b/openshift/patroni-postgis/docker/Dockerfile @@ -27,7 +27,8 @@ RUN cat /usr/share/scripts/patroni/init_postgis >> /usr/share/scripts/patroni/po RUN rm /usr/share/scripts/patroni/init_postgis # configure pgbackrest -RUN echo "[global] \ +RUN touch /home/pgbackrest/pgbackrest.conf \ + && echo "[global] \ repo1-type=s3 \ repo1-storage-verify-tls=n \ repo1-s3-endpoint=$OBJECT_STORE_SERVER \ @@ -48,8 +49,8 @@ RUN echo "[global] \ [demo-cluster-1] \ pg1-path=/home/postgres/pgdata/pgroot/data \ pg1-port=5432 \ - pg1-user=postgres" >> /etc/pgbackrest.conf - + pg1-user=postgres" >> /home/pgbackrest/pgbackrest.conf \ + && pgbackrest --config=/home/pgbackrest/pgbackrest.conf # Switch back to default user USER 1001 \ No newline at end of file From 08c356811adac306bc3efcb7faf135fa2438d1b0 Mon Sep 17 00:00:00 2001 From: Conor Brady Date: Thu, 16 Nov 2023 11:40:46 -0800 Subject: [PATCH 17/68] again --- openshift/patroni-postgis/docker/Dockerfile | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/openshift/patroni-postgis/docker/Dockerfile b/openshift/patroni-postgis/docker/Dockerfile index a363a6a4e..67a2396cc 100644 --- a/openshift/patroni-postgis/docker/Dockerfile +++ b/openshift/patroni-postgis/docker/Dockerfile @@ -27,7 +27,8 @@ RUN cat /usr/share/scripts/patroni/init_postgis >> /usr/share/scripts/patroni/po RUN rm /usr/share/scripts/patroni/init_postgis # configure pgbackrest -RUN touch /home/pgbackrest/pgbackrest.conf \ +RUN mkdir -p /home/pgbackrest \ + && touch /home/pgbackrest/pgbackrest.conf \ && echo "[global] \ repo1-type=s3 \ repo1-storage-verify-tls=n \ From 5493719318c6c0d8a132d53e62dbbcbff3a1a17f Mon Sep 17 00:00:00 2001 From: Conor Brady Date: Thu, 16 Nov 2023 11:56:53 -0800 Subject: [PATCH 18/68] pgbackrest in init --- openshift/patroni-postgis/docker/Dockerfile | 3 +-- openshift/patroni-postgis/docker/init_postgis | 4 +++- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/openshift/patroni-postgis/docker/Dockerfile b/openshift/patroni-postgis/docker/Dockerfile index 67a2396cc..51079101a 100644 --- a/openshift/patroni-postgis/docker/Dockerfile +++ b/openshift/patroni-postgis/docker/Dockerfile @@ -50,8 +50,7 @@ RUN mkdir -p /home/pgbackrest \ [demo-cluster-1] \ pg1-path=/home/postgres/pgdata/pgroot/data \ pg1-port=5432 \ - pg1-user=postgres" >> /home/pgbackrest/pgbackrest.conf \ - && pgbackrest --config=/home/pgbackrest/pgbackrest.conf + pg1-user=postgres" >> /home/pgbackrest/pgbackrest.conf # Switch back to default user USER 1001 \ No newline at end of file diff --git a/openshift/patroni-postgis/docker/init_postgis b/openshift/patroni-postgis/docker/init_postgis index b7855aae2..abf290f6c 100644 --- a/openshift/patroni-postgis/docker/init_postgis +++ b/openshift/patroni-postgis/docker/init_postgis @@ -2,4 +2,6 @@ if [[ (! -z "$APP_USER") && (! -z "$APP_PASSWORD") && (! -z "$APP_DATABASE")]]; then echo "Loading PostGIS extensions into $APP_DATABASE" psql "$1" -w -c "\c ${APP_DATABASE}" -c "CREATE EXTENSION IF NOT EXISTS postgis;" -fi \ No newline at end of file +fi + +pgbackrest --config=/home/pgbackrest/pgbackrest.conf \ No newline at end of file From c3ad5fa51a5d59ad19a3cd07f5911f3f471036b7 Mon Sep 17 00:00:00 2001 From: Conor Brady Date: Thu, 16 Nov 2023 12:12:59 -0800 Subject: [PATCH 19/68] set data path in init --- openshift/patroni-postgis/docker/Dockerfile | 1 - openshift/patroni-postgis/docker/init_postgis | 3 ++- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/openshift/patroni-postgis/docker/Dockerfile b/openshift/patroni-postgis/docker/Dockerfile index 51079101a..da1be6b63 100644 --- a/openshift/patroni-postgis/docker/Dockerfile +++ b/openshift/patroni-postgis/docker/Dockerfile @@ -48,7 +48,6 @@ RUN mkdir -p /home/pgbackrest \ process-max=2 \ \ [demo-cluster-1] \ - pg1-path=/home/postgres/pgdata/pgroot/data \ pg1-port=5432 \ pg1-user=postgres" >> /home/pgbackrest/pgbackrest.conf diff --git a/openshift/patroni-postgis/docker/init_postgis b/openshift/patroni-postgis/docker/init_postgis index abf290f6c..d75876922 100644 --- a/openshift/patroni-postgis/docker/init_postgis +++ b/openshift/patroni-postgis/docker/init_postgis @@ -4,4 +4,5 @@ if [[ (! -z "$APP_USER") && (! -z "$APP_PASSWORD") && (! -z "$APP_DATABASE")]]; psql "$1" -w -c "\c ${APP_DATABASE}" -c "CREATE EXTENSION IF NOT EXISTS postgis;" fi -pgbackrest --config=/home/pgbackrest/pgbackrest.conf \ No newline at end of file +pgbackrest --config=/home/pgbackrest/pgbackrest.conf +pgbackrest --pg1-path=/home/postgres/pgdata/pgroot/data From 1978249ecb4dd22cd8211e2e0372919e439d14d9 Mon Sep 17 00:00:00 2001 From: Conor Brady Date: Thu, 16 Nov 2023 14:57:51 -0800 Subject: [PATCH 20/68] Newlines --- openshift/patroni-postgis/docker/Dockerfile | 42 +++++++++---------- openshift/patroni-postgis/docker/init_postgis | 3 +- 2 files changed, 22 insertions(+), 23 deletions(-) diff --git a/openshift/patroni-postgis/docker/Dockerfile b/openshift/patroni-postgis/docker/Dockerfile index da1be6b63..d6e97fb5f 100644 --- a/openshift/patroni-postgis/docker/Dockerfile +++ b/openshift/patroni-postgis/docker/Dockerfile @@ -29,27 +29,27 @@ RUN rm /usr/share/scripts/patroni/init_postgis # configure pgbackrest RUN mkdir -p /home/pgbackrest \ && touch /home/pgbackrest/pgbackrest.conf \ - && echo "[global] \ - repo1-type=s3 \ - repo1-storage-verify-tls=n \ - repo1-s3-endpoint=$OBJECT_STORE_SERVER \ - repo1-s3-uri-style=path \ - repo1-s3-bucket=$OBJECT_STORE_BUCKET \ - repo1-s3-key=$OBJECT_STORE_USER_ID \ - repo1-s3-key-secret=$OBJECT_STORE_SECRET \ - repo1-s3-region=eu-west-3 \ - \ - repo1-path=/repo1 \ - repo1-retention-full=3 \ - start-fast=y \ - log-level-console=info \ - log-level-file=debug \ - delta=y \ - process-max=2 \ - \ - [demo-cluster-1] \ - pg1-port=5432 \ - pg1-user=postgres" >> /home/pgbackrest/pgbackrest.conf + && echo -e "[global] \n \ + repo1-type=s3 \n \ + repo1-storage-verify-tls=n \n \ + repo1-s3-endpoint=$OBJECT_STORE_SERVER \n\ + repo1-s3-uri-style=path \n\ + repo1-s3-bucket=$OBJECT_STORE_BUCKET \n\ + repo1-s3-key=$OBJECT_STORE_USER_ID \n \ + repo1-s3-key-secret=$OBJECT_STORE_SECRET \n \ + repo1-s3-region=eu-west-3 \n \ + \n \ + repo1-path=/repo1 \n \ + repo1-retention-full=3 \n \ + start-fast=y \n \ + log-level-console=info \n \ + log-level-file=debug \n \ + delta=y \n \ + process-max=2 \n \ + \n \ + [demo-cluster-1] \n \ + pg1-port=5432 \n \ + pg1-user=postgres \n" >> /home/pgbackrest/pgbackrest.conf # Switch back to default user USER 1001 \ No newline at end of file diff --git a/openshift/patroni-postgis/docker/init_postgis b/openshift/patroni-postgis/docker/init_postgis index d75876922..92ffd7412 100644 --- a/openshift/patroni-postgis/docker/init_postgis +++ b/openshift/patroni-postgis/docker/init_postgis @@ -4,5 +4,4 @@ if [[ (! -z "$APP_USER") && (! -z "$APP_PASSWORD") && (! -z "$APP_DATABASE")]]; psql "$1" -w -c "\c ${APP_DATABASE}" -c "CREATE EXTENSION IF NOT EXISTS postgis;" fi -pgbackrest --config=/home/pgbackrest/pgbackrest.conf -pgbackrest --pg1-path=/home/postgres/pgdata/pgroot/data +pgbackrest --config=/home/pgbackrest/pgbackrest.conf --pg1-path=/home/postgres/pgdata/pgroot/data --stanza=demo-cluster-1 stanza-create \ No newline at end of file From 46ecc9a4418d735a8bad37303bbc001a4d8e32a6 Mon Sep 17 00:00:00 2001 From: Conor Brady Date: Thu, 16 Nov 2023 15:11:01 -0800 Subject: [PATCH 21/68] Remove -e flag --- openshift/patroni-postgis/docker/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/openshift/patroni-postgis/docker/Dockerfile b/openshift/patroni-postgis/docker/Dockerfile index d6e97fb5f..075eeb21b 100644 --- a/openshift/patroni-postgis/docker/Dockerfile +++ b/openshift/patroni-postgis/docker/Dockerfile @@ -29,7 +29,7 @@ RUN rm /usr/share/scripts/patroni/init_postgis # configure pgbackrest RUN mkdir -p /home/pgbackrest \ && touch /home/pgbackrest/pgbackrest.conf \ - && echo -e "[global] \n \ + && echo "[global] \n \ repo1-type=s3 \n \ repo1-storage-verify-tls=n \n \ repo1-s3-endpoint=$OBJECT_STORE_SERVER \n\ From e1f0d9104763feb43ea4ae6440744f9fa6bbf8b6 Mon Sep 17 00:00:00 2001 From: Conor Brady Date: Thu, 16 Nov 2023 15:33:46 -0800 Subject: [PATCH 22/68] more db details --- openshift/patroni-postgis/docker/Dockerfile | 5 ++--- openshift/patroni-postgis/docker/init_postgis | 2 +- 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/openshift/patroni-postgis/docker/Dockerfile b/openshift/patroni-postgis/docker/Dockerfile index 075eeb21b..c8ad7dd80 100644 --- a/openshift/patroni-postgis/docker/Dockerfile +++ b/openshift/patroni-postgis/docker/Dockerfile @@ -27,7 +27,7 @@ RUN cat /usr/share/scripts/patroni/init_postgis >> /usr/share/scripts/patroni/po RUN rm /usr/share/scripts/patroni/init_postgis # configure pgbackrest -RUN mkdir -p /home/pgbackrest \ +RUN mkdir -p /home/pgbackrest/log \ && touch /home/pgbackrest/pgbackrest.conf \ && echo "[global] \n \ repo1-type=s3 \n \ @@ -48,8 +48,7 @@ RUN mkdir -p /home/pgbackrest \ process-max=2 \n \ \n \ [demo-cluster-1] \n \ - pg1-port=5432 \n \ - pg1-user=postgres \n" >> /home/pgbackrest/pgbackrest.conf + pg1-port=5432 \n \" >> /home/pgbackrest/pgbackrest.conf # Switch back to default user USER 1001 \ No newline at end of file diff --git a/openshift/patroni-postgis/docker/init_postgis b/openshift/patroni-postgis/docker/init_postgis index 92ffd7412..87536fce3 100644 --- a/openshift/patroni-postgis/docker/init_postgis +++ b/openshift/patroni-postgis/docker/init_postgis @@ -4,4 +4,4 @@ if [[ (! -z "$APP_USER") && (! -z "$APP_PASSWORD") && (! -z "$APP_DATABASE")]]; psql "$1" -w -c "\c ${APP_DATABASE}" -c "CREATE EXTENSION IF NOT EXISTS postgis;" fi -pgbackrest --config=/home/pgbackrest/pgbackrest.conf --pg1-path=/home/postgres/pgdata/pgroot/data --stanza=demo-cluster-1 stanza-create \ No newline at end of file +pgbackrest --config=/home/pgbackrest/pgbackrest.conf --pg1-path=/home/postgres/pgdata/pgroot/data --pg1-user=$APP_USER --pg-database=$APP_DATABASE --stanza=demo-cluster-1 --log-path=/home/pgbackrest/log stanza-create \ No newline at end of file From 4847daadb5afcb8baf42eba391f0d61eb59bb6a4 Mon Sep 17 00:00:00 2001 From: Conor Brady Date: Thu, 16 Nov 2023 15:53:05 -0800 Subject: [PATCH 23/68] try again --- openshift/patroni-postgis/docker/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/openshift/patroni-postgis/docker/Dockerfile b/openshift/patroni-postgis/docker/Dockerfile index c8ad7dd80..f7e857255 100644 --- a/openshift/patroni-postgis/docker/Dockerfile +++ b/openshift/patroni-postgis/docker/Dockerfile @@ -48,7 +48,7 @@ RUN mkdir -p /home/pgbackrest/log \ process-max=2 \n \ \n \ [demo-cluster-1] \n \ - pg1-port=5432 \n \" >> /home/pgbackrest/pgbackrest.conf + pg1-port=5432 \n" >> /home/pgbackrest/pgbackrest.conf # Switch back to default user USER 1001 \ No newline at end of file From 85895e1d6a74db1b8c55399097f85f59a92d581f Mon Sep 17 00:00:00 2001 From: Conor Brady Date: Thu, 16 Nov 2023 16:03:18 -0800 Subject: [PATCH 24/68] fix --- openshift/patroni-postgis/docker/init_postgis | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/openshift/patroni-postgis/docker/init_postgis b/openshift/patroni-postgis/docker/init_postgis index 87536fce3..a94223be7 100644 --- a/openshift/patroni-postgis/docker/init_postgis +++ b/openshift/patroni-postgis/docker/init_postgis @@ -4,4 +4,4 @@ if [[ (! -z "$APP_USER") && (! -z "$APP_PASSWORD") && (! -z "$APP_DATABASE")]]; psql "$1" -w -c "\c ${APP_DATABASE}" -c "CREATE EXTENSION IF NOT EXISTS postgis;" fi -pgbackrest --config=/home/pgbackrest/pgbackrest.conf --pg1-path=/home/postgres/pgdata/pgroot/data --pg1-user=$APP_USER --pg-database=$APP_DATABASE --stanza=demo-cluster-1 --log-path=/home/pgbackrest/log stanza-create \ No newline at end of file +pgbackrest --config=/home/pgbackrest/pgbackrest.conf --pg1-path=/home/postgres/pgdata/pgroot/data --pg1-user=$APP_USER --pg1-database=$APP_DATABASE --stanza=demo-cluster-1 --log-path=/home/pgbackrest/log stanza-create \ No newline at end of file From dd3c64f38dd4df505109fce2defc72ebf73dcb56 Mon Sep 17 00:00:00 2001 From: Conor Brady Date: Thu, 16 Nov 2023 16:23:12 -0800 Subject: [PATCH 25/68] Put it in if block --- openshift/patroni-postgis/docker/init_postgis | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/openshift/patroni-postgis/docker/init_postgis b/openshift/patroni-postgis/docker/init_postgis index a94223be7..5f66c7322 100644 --- a/openshift/patroni-postgis/docker/init_postgis +++ b/openshift/patroni-postgis/docker/init_postgis @@ -2,6 +2,5 @@ if [[ (! -z "$APP_USER") && (! -z "$APP_PASSWORD") && (! -z "$APP_DATABASE")]]; then echo "Loading PostGIS extensions into $APP_DATABASE" psql "$1" -w -c "\c ${APP_DATABASE}" -c "CREATE EXTENSION IF NOT EXISTS postgis;" -fi - -pgbackrest --config=/home/pgbackrest/pgbackrest.conf --pg1-path=/home/postgres/pgdata/pgroot/data --pg1-user=$APP_USER --pg1-database=$APP_DATABASE --stanza=demo-cluster-1 --log-path=/home/pgbackrest/log stanza-create \ No newline at end of file + pgbackrest --config=/home/pgbackrest/pgbackrest.conf --pg1-path=/home/postgres/pgdata/pgroot/data --pg1-user=$APP_USER --pg1-database=$APP_DATABASE --stanza=demo-cluster-1 --log-path=/home/pgbackrest/log stanza-create +fi \ No newline at end of file From ca288e1ee5da33214eb3f7c625d59f499e156334 Mon Sep 17 00:00:00 2001 From: Conor Brady Date: Thu, 16 Nov 2023 16:35:36 -0800 Subject: [PATCH 26/68] Delete command --- openshift/patroni-postgis/docker/init_postgis | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/openshift/patroni-postgis/docker/init_postgis b/openshift/patroni-postgis/docker/init_postgis index 5f66c7322..62f6e9988 100644 --- a/openshift/patroni-postgis/docker/init_postgis +++ b/openshift/patroni-postgis/docker/init_postgis @@ -2,5 +2,5 @@ if [[ (! -z "$APP_USER") && (! -z "$APP_PASSWORD") && (! -z "$APP_DATABASE")]]; then echo "Loading PostGIS extensions into $APP_DATABASE" psql "$1" -w -c "\c ${APP_DATABASE}" -c "CREATE EXTENSION IF NOT EXISTS postgis;" - pgbackrest --config=/home/pgbackrest/pgbackrest.conf --pg1-path=/home/postgres/pgdata/pgroot/data --pg1-user=$APP_USER --pg1-database=$APP_DATABASE --stanza=demo-cluster-1 --log-path=/home/pgbackrest/log stanza-create + # pgbackrest --config=/home/pgbackrest/pgbackrest.conf --pg1-path=/home/postgres/pgdata/pgroot/data --pg1-user=$APP_USER --pg1-database=$APP_DATABASE --stanza=demo-cluster-1 --log-path=/home/pgbackrest/log stanza-create fi \ No newline at end of file From c9c1c5c72d656650cfb14455b328328f4dfb92fb Mon Sep 17 00:00:00 2001 From: Conor Brady Date: Fri, 17 Nov 2023 11:03:43 -0800 Subject: [PATCH 27/68] commit it --- openshift/patroni-postgis/docker/Dockerfile | 26 ++++++++++++++----- openshift/patroni-postgis/docker/init_postgis | 4 ++- 2 files changed, 22 insertions(+), 8 deletions(-) diff --git a/openshift/patroni-postgis/docker/Dockerfile b/openshift/patroni-postgis/docker/Dockerfile index f7e857255..a01660e6c 100644 --- a/openshift/patroni-postgis/docker/Dockerfile +++ b/openshift/patroni-postgis/docker/Dockerfile @@ -21,15 +21,20 @@ RUN apt-get update \ pgbackrest \ && rm -rf /var/lib/apt/lists/* -# Add the POSTGIS command to the end of the post_init script. -COPY init_postgis /usr/share/scripts/patroni/ -RUN cat /usr/share/scripts/patroni/init_postgis >> /usr/share/scripts/patroni/post_init.sh -RUN rm /usr/share/scripts/patroni/init_postgis +RUN mkdir -p -m 777 /var/log/pgbackrest \ + && chown postgres:postgres /var/log/pgbackrest \ + && mkdir -p /etc/pgbackrest \ + && mkdir -p /etc/pgbackrest/conf.d \ + && touch /etc/pgbackrest/pgbackrest.conf \ + && chmod 640 /etc/pgbackrest/pgbackrest.conf \ + && chown postgres:postgres /etc/pgbackrest/pgbackrest.conf + # configure pgbackrest RUN mkdir -p /home/pgbackrest/log \ - && touch /home/pgbackrest/pgbackrest.conf \ - && echo "[global] \n \ + && touch /home/pgbackrest/pgbackrest.conf +RUN echo \ + "[global] \n \ repo1-type=s3 \n \ repo1-storage-verify-tls=n \n \ repo1-s3-endpoint=$OBJECT_STORE_SERVER \n\ @@ -48,7 +53,14 @@ RUN mkdir -p /home/pgbackrest/log \ process-max=2 \n \ \n \ [demo-cluster-1] \n \ - pg1-port=5432 \n" >> /home/pgbackrest/pgbackrest.conf + pg1-path=/home/postgres/pgdata/pgroot/data \ + pg1-port=5432 \n \ + pg1-user=$APP_USER" >> /etc/pgbackrest/pgbackrest.conf + +# Add the POSTGIS command to the end of the post_init script. +COPY init_postgis /usr/share/scripts/patroni/ +RUN cat /usr/share/scripts/patroni/init_postgis >> /usr/share/scripts/patroni/post_init.sh +RUN rm /usr/share/scripts/patroni/init_postgis # Switch back to default user USER 1001 \ No newline at end of file diff --git a/openshift/patroni-postgis/docker/init_postgis b/openshift/patroni-postgis/docker/init_postgis index 62f6e9988..3f85f7ef4 100644 --- a/openshift/patroni-postgis/docker/init_postgis +++ b/openshift/patroni-postgis/docker/init_postgis @@ -3,4 +3,6 @@ if [[ (! -z "$APP_USER") && (! -z "$APP_PASSWORD") && (! -z "$APP_DATABASE")]]; echo "Loading PostGIS extensions into $APP_DATABASE" psql "$1" -w -c "\c ${APP_DATABASE}" -c "CREATE EXTENSION IF NOT EXISTS postgis;" # pgbackrest --config=/home/pgbackrest/pgbackrest.conf --pg1-path=/home/postgres/pgdata/pgroot/data --pg1-user=$APP_USER --pg1-database=$APP_DATABASE --stanza=demo-cluster-1 --log-path=/home/pgbackrest/log stanza-create -fi \ No newline at end of file +fi + +# pgbackrest --config=/home/pgbackrest/pgbackrest.conf --pg1-path=/home/postgres/pgdata/pgroot/data \ No newline at end of file From 70f6ff3d7cc45395387ca23c5e15d0ab91cc679d Mon Sep 17 00:00:00 2001 From: Conor Brady Date: Fri, 17 Nov 2023 11:19:07 -0800 Subject: [PATCH 28/68] another --- openshift/patroni-postgis/docker/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/openshift/patroni-postgis/docker/Dockerfile b/openshift/patroni-postgis/docker/Dockerfile index a01660e6c..1ba6e40d7 100644 --- a/openshift/patroni-postgis/docker/Dockerfile +++ b/openshift/patroni-postgis/docker/Dockerfile @@ -26,7 +26,7 @@ RUN mkdir -p -m 777 /var/log/pgbackrest \ && mkdir -p /etc/pgbackrest \ && mkdir -p /etc/pgbackrest/conf.d \ && touch /etc/pgbackrest/pgbackrest.conf \ - && chmod 640 /etc/pgbackrest/pgbackrest.conf \ + && chmod 777 /etc/pgbackrest/pgbackrest.conf \ && chown postgres:postgres /etc/pgbackrest/pgbackrest.conf From d0b997e97ce6d2db5779ffcd8b4b0e7394091a31 Mon Sep 17 00:00:00 2001 From: Conor Brady Date: Fri, 17 Nov 2023 12:47:26 -0800 Subject: [PATCH 29/68] postgres user --- openshift/patroni-postgis/docker/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/openshift/patroni-postgis/docker/Dockerfile b/openshift/patroni-postgis/docker/Dockerfile index 1ba6e40d7..8f5fd78e6 100644 --- a/openshift/patroni-postgis/docker/Dockerfile +++ b/openshift/patroni-postgis/docker/Dockerfile @@ -55,7 +55,7 @@ RUN echo \ [demo-cluster-1] \n \ pg1-path=/home/postgres/pgdata/pgroot/data \ pg1-port=5432 \n \ - pg1-user=$APP_USER" >> /etc/pgbackrest/pgbackrest.conf + pg1-user=postgres" >> /etc/pgbackrest/pgbackrest.conf # Add the POSTGIS command to the end of the post_init script. COPY init_postgis /usr/share/scripts/patroni/ From bb58c71068025066622eabe71fa10e7e75b7bf91 Mon Sep 17 00:00:00 2001 From: Conor Brady Date: Fri, 17 Nov 2023 13:02:28 -0800 Subject: [PATCH 30/68] Redundant commands --- openshift/patroni-postgis/docker/Dockerfile | 4 ---- 1 file changed, 4 deletions(-) diff --git a/openshift/patroni-postgis/docker/Dockerfile b/openshift/patroni-postgis/docker/Dockerfile index 8f5fd78e6..809c20736 100644 --- a/openshift/patroni-postgis/docker/Dockerfile +++ b/openshift/patroni-postgis/docker/Dockerfile @@ -29,10 +29,6 @@ RUN mkdir -p -m 777 /var/log/pgbackrest \ && chmod 777 /etc/pgbackrest/pgbackrest.conf \ && chown postgres:postgres /etc/pgbackrest/pgbackrest.conf - -# configure pgbackrest -RUN mkdir -p /home/pgbackrest/log \ - && touch /home/pgbackrest/pgbackrest.conf RUN echo \ "[global] \n \ repo1-type=s3 \n \ From af7cc103affef495e380514f0483b16b4f902743 Mon Sep 17 00:00:00 2001 From: Conor Brady Date: Fri, 17 Nov 2023 13:23:19 -0800 Subject: [PATCH 31/68] postgres user --- openshift/patroni-postgis/docker/Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/openshift/patroni-postgis/docker/Dockerfile b/openshift/patroni-postgis/docker/Dockerfile index 809c20736..36b922ea8 100644 --- a/openshift/patroni-postgis/docker/Dockerfile +++ b/openshift/patroni-postgis/docker/Dockerfile @@ -58,5 +58,5 @@ COPY init_postgis /usr/share/scripts/patroni/ RUN cat /usr/share/scripts/patroni/init_postgis >> /usr/share/scripts/patroni/post_init.sh RUN rm /usr/share/scripts/patroni/init_postgis -# Switch back to default user -USER 1001 \ No newline at end of file +USER postgres +WORKDIR /home/postgres \ No newline at end of file From a5d342c1259f77fbb179ce2a2693d9669259670c Mon Sep 17 00:00:00 2001 From: Conor Brady Date: Fri, 17 Nov 2023 13:38:06 -0800 Subject: [PATCH 32/68] ssh config --- openshift/patroni-postgis/docker/Dockerfile | 18 ++- .../patroni-postgis/docker/ssh/ssh_config | 56 ++++++++ .../patroni-postgis/docker/ssh/sshd_config | 123 ++++++++++++++++++ .../patroni-postgis/docker/start_sshd.sh | 57 ++++++++ 4 files changed, 252 insertions(+), 2 deletions(-) create mode 100644 openshift/patroni-postgis/docker/ssh/ssh_config create mode 100644 openshift/patroni-postgis/docker/ssh/sshd_config create mode 100755 openshift/patroni-postgis/docker/start_sshd.sh diff --git a/openshift/patroni-postgis/docker/Dockerfile b/openshift/patroni-postgis/docker/Dockerfile index 36b922ea8..08923c93e 100644 --- a/openshift/patroni-postgis/docker/Dockerfile +++ b/openshift/patroni-postgis/docker/Dockerfile @@ -29,6 +29,21 @@ RUN mkdir -p -m 777 /var/log/pgbackrest \ && chmod 777 /etc/pgbackrest/pgbackrest.conf \ && chown postgres:postgres /etc/pgbackrest/pgbackrest.conf + +EXPOSE 5432 8008 2222 +ENV LC_ALL=en_US.UTF-8 LANG=en_US.UTF-8 EDITOR=/usr/bin/editor +ENV HOME=/home/postgres +ENV SSHD_CONF_DIR=/home/postgres/ssh_config_template +ENV START_SSHD=false + +ADD start_sshd.sh /run/ + +COPY ssh /ssh_conf_template +ADD ssh/ssh_config /etc/ssh/ssh_config +RUN chmod 777 /ssh_conf_template +USER postgres +WORKDIR /home/postgres + RUN echo \ "[global] \n \ repo1-type=s3 \n \ @@ -58,5 +73,4 @@ COPY init_postgis /usr/share/scripts/patroni/ RUN cat /usr/share/scripts/patroni/init_postgis >> /usr/share/scripts/patroni/post_init.sh RUN rm /usr/share/scripts/patroni/init_postgis -USER postgres -WORKDIR /home/postgres \ No newline at end of file +ENTRYPOINT ["/run/start_sshd.sh"] \ No newline at end of file diff --git a/openshift/patroni-postgis/docker/ssh/ssh_config b/openshift/patroni-postgis/docker/ssh/ssh_config new file mode 100644 index 000000000..fb7179f69 --- /dev/null +++ b/openshift/patroni-postgis/docker/ssh/ssh_config @@ -0,0 +1,56 @@ + +# This is the ssh client system-wide configuration file. See +# ssh_config(5) for more information. This file provides defaults for +# users, and the values can be changed in per-user configuration files +# or on the command line. + +# Configuration data is parsed as follows: +# 1. command line options +# 2. user-specific file +# 3. system-wide file +# Any configuration value is only changed the first time it is set. +# Thus, host-specific definitions should be at the beginning of the +# configuration file, and defaults at the end. + +# Site-wide defaults for some commonly used options. For a comprehensive +# list of available options, their meanings and defaults, please see the +# ssh_config(5) man page. + +Host * +# ForwardAgent no +# ForwardX11 no +# ForwardX11Trusted yes +# RhostsRSAAuthentication no +# RSAAuthentication yes +# PasswordAuthentication yes +# HostbasedAuthentication no +# GSSAPIAuthentication no +# GSSAPIDelegateCredentials no +# GSSAPIKeyExchange no +# GSSAPITrustDNS no +# BatchMode no +# AddressFamily any +# ConnectTimeout 0 +# IdentityFile ~/.ssh/identity +# IdentityFile ~/.ssh/id_rsa +# IdentityFile ~/.ssh/id_dsa +# IdentityFile ~/.ssh/id_ecdsa +# IdentityFile ~/.ssh/id_ed25519 +# Port 22 +# Protocol 2 +# Cipher 3des +# Ciphers aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc +# MACs hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160 +# EscapeChar ~ +# Tunnel no +# TunnelDevice any:any +# PermitLocalCommand no +# VisualHostKey no +# ProxyCommand ssh -q -W %h:%p gateway.example.com +# RekeyLimit 1G 1h + CheckHostIP no + StrictHostKeyChecking no + UserKnownHostsFile=/dev/null + SendEnv LANG LC_* + HashKnownHosts false + GSSAPIAuthentication yes \ No newline at end of file diff --git a/openshift/patroni-postgis/docker/ssh/sshd_config b/openshift/patroni-postgis/docker/ssh/sshd_config new file mode 100644 index 000000000..5691596b6 --- /dev/null +++ b/openshift/patroni-postgis/docker/ssh/sshd_config @@ -0,0 +1,123 @@ +# $OpenBSD: sshd_config,v 1.100 2016/08/15 12:32:04 naddy Exp $ + +# This is the sshd server system-wide configuration file. See +# sshd_config(5) for more information. + +# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin + +# The strategy used for options in the default sshd_config shipped with +# OpenSSH is to specify options with their default value where +# possible, but leave them commented. Uncommented options override the +# default value. + +Port 2222 +#AddressFamily any +#ListenAddress 0.0.0.0 +#ListenAddress :: + +HostKey /home/postgres/sshd/ssh_host_rsa_key +HostKey /home/postgres/sshd/ssh_host_ecdsa_key +HostKey /home/postgres/sshd/ssh_host_ed25519_key + +# Ciphers and keying +#RekeyLimit default none + +# Logging +#SyslogFacility AUTH +#LogLevel INFO + +# Authentication: + +#LoginGraceTime 2m +#PermitRootLogin prohibit-password +#StrictModes yes +#MaxAuthTries 6 +#MaxSessions 10 + +#PubkeyAuthentication yes + +# Expect .ssh/authorized_keys2 to be disregarded by default in future. +#AuthorizedKeysFile .ssh/authorized_keys .ssh/authorized_keys2 + +#AuthorizedPrincipalsFile none + +#AuthorizedKeysCommand none +#AuthorizedKeysCommandUser nobody + +# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts +#HostbasedAuthentication no +# Change to yes if you don't trust ~/.ssh/known_hosts for +# HostbasedAuthentication +#IgnoreUserKnownHosts no +# Don't read the user's ~/.rhosts and ~/.shosts files +#IgnoreRhosts yes + +# To disable tunneled clear text passwords, change to no here! +#PasswordAuthentication yes +#PermitEmptyPasswords no + +# Change to yes to enable challenge-response passwords (beware issues with +# some PAM modules and threads) +ChallengeResponseAuthentication no + +# Kerberos options +#KerberosAuthentication no +#KerberosOrLocalPasswd yes +#KerberosTicketCleanup yes +#KerberosGetAFSToken no + +# GSSAPI options +#GSSAPIAuthentication no +#GSSAPICleanupCredentials yes +#GSSAPIStrictAcceptorCheck yes +#GSSAPIKeyExchange no + +# Set this to 'yes' to enable PAM authentication, account processing, +# and session processing. If this is enabled, PAM authentication will +# be allowed through the ChallengeResponseAuthentication and +# PasswordAuthentication. Depending on your PAM configuration, +# PAM authentication via ChallengeResponseAuthentication may bypass +# the setting of "PermitRootLogin without-password". +# If you just want the PAM account and session checks to run without +# PAM authentication, then enable this but set PasswordAuthentication +# and ChallengeResponseAuthentication to 'no'. +UsePAM no + +#AllowAgentForwarding yes +#AllowTcpForwarding yes +#GatewayPorts no +X11Forwarding yes +#X11DisplayOffset 10 +#X11UseLocalhost yes +#PermitTTY yes +PrintMotd no +#PrintLastLog yes +#TCPKeepAlive yes +#UseLogin no +#UsePrivilegeSeparation no +#PermitUserEnvironment no +#Compression delayed +#ClientAliveInterval 0 +#ClientAliveCountMax 3 +#UseDNS no +PidFile /home/postgres/sshd/sshd.pid +#MaxStartups 10:30:100 +#PermitTunnel no +#ChrootDirectory none +#VersionAddendum none + +# no default banner path +#Banner none + +# Allow client to pass locale environment variables +AcceptEnv LANG LC_* + +# override default of no subsystems +Subsystem sftp /usr/lib/openssh/sftp-server + +# Example of overriding settings on a per-user basis +#Match User anoncvs +# X11Forwarding no +# AllowTcpForwarding no +# PermitTTY no +# ForceCommand cvs server \ No newline at end of file diff --git a/openshift/patroni-postgis/docker/start_sshd.sh b/openshift/patroni-postgis/docker/start_sshd.sh new file mode 100755 index 000000000..c130dc636 --- /dev/null +++ b/openshift/patroni-postgis/docker/start_sshd.sh @@ -0,0 +1,57 @@ +#!/bin/bash + +# Create directories with correct permissions for ssh client +SSH_DIR=/home/postgres/.ssh +mkdir $SSH_DIR +chmod 700 $SSH_DIR + +if [ -d /ssh_keys ]; then + cp /ssh_keys/* $SSH_DIR +fi + + +if [ -f $SSH_DIR/config ]; then + chmod 644 $SSH_DIR/id_rsa.pub +fi + +if [ -f $SSH_DIR/id_rsa.pub ]; then + chmod 644 $SSH_DIR/id_rsa.pub +fi + +if [ -f $SSH_DIR/id_rsa ]; then + chmod 600 $SSH_DIR/id_rsa +fi + +if [ "$START_SSHD" = true ]; then + + SSH_CONF=/ssh_conf_template + + mkdir /home/postgres/sshd + + # Generate server keys if not existing + if [ ! -f $SSH_CONF/ssh_host_ecdsa_key ]; then + echo "Host key $SSH_CONF/ssh_host_ecdsa_key not found - generating a new one" + ssh-keygen -q -N "" -t ecdsa -f $SSH_CONF/ssh_host_ecdsa_key + fi + if [ ! -f $SSH_CONF/ssh_host_ed25519_key ]; then + echo "Host key $SSH_CONF/ssh_host_ed25519_key not found - generating a new one" + ssh-keygen -q -N "" -t ed25519 -f $SSH_CONF/ssh_host_ed25519_key + fi + if [ ! -f $SSH_CONF/ssh_host_rsa_key ]; then + echo "Host key $SSH_CONF/ssh_host_rsa_key not found - generating a new one" + ssh-keygen -q -N "" -t rsa -f $SSH_CONF/ssh_host_rsa_key + fi +# + # Copy the keys and the config to the home directory + cp -r $SSH_CONF/* /home/postgres/sshd/ + + # Copy authorized keys + if [ -f $SSH_DIR/authorized_keys ]; then + chmod 600 $SSH_DIR/authorized_keys + fi + + chmod 600 /home/postgres/sshd/ssh_host* + + /usr/sbin/sshd -f /home/postgres/sshd/sshd_config + +fi From fdec4d89f71920b92cc50c9cc07083ce8e4ee537 Mon Sep 17 00:00:00 2001 From: Conor Brady Date: Fri, 17 Nov 2023 13:47:55 -0800 Subject: [PATCH 33/68] fix user --- openshift/patroni-postgis/docker/Dockerfile | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/openshift/patroni-postgis/docker/Dockerfile b/openshift/patroni-postgis/docker/Dockerfile index 08923c93e..0d7cb58eb 100644 --- a/openshift/patroni-postgis/docker/Dockerfile +++ b/openshift/patroni-postgis/docker/Dockerfile @@ -41,8 +41,6 @@ ADD start_sshd.sh /run/ COPY ssh /ssh_conf_template ADD ssh/ssh_config /etc/ssh/ssh_config RUN chmod 777 /ssh_conf_template -USER postgres -WORKDIR /home/postgres RUN echo \ "[global] \n \ @@ -73,4 +71,7 @@ COPY init_postgis /usr/share/scripts/patroni/ RUN cat /usr/share/scripts/patroni/init_postgis >> /usr/share/scripts/patroni/post_init.sh RUN rm /usr/share/scripts/patroni/init_postgis +USER postgres +WORKDIR /home/postgres + ENTRYPOINT ["/run/start_sshd.sh"] \ No newline at end of file From de963d26a1b58844e954a6f4e0ce2a90fc649499 Mon Sep 17 00:00:00 2001 From: Conor Brady Date: Fri, 17 Nov 2023 13:58:01 -0800 Subject: [PATCH 34/68] CMD not Entrypoint --- openshift/patroni-postgis/docker/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/openshift/patroni-postgis/docker/Dockerfile b/openshift/patroni-postgis/docker/Dockerfile index 0d7cb58eb..7d5458cb4 100644 --- a/openshift/patroni-postgis/docker/Dockerfile +++ b/openshift/patroni-postgis/docker/Dockerfile @@ -74,4 +74,4 @@ RUN rm /usr/share/scripts/patroni/init_postgis USER postgres WORKDIR /home/postgres -ENTRYPOINT ["/run/start_sshd.sh"] \ No newline at end of file +CMD ["/run/start_sshd.sh"] \ No newline at end of file From f6601a54d62a5e481119562c46603f20bfb0f8c0 Mon Sep 17 00:00:00 2001 From: Conor Brady Date: Fri, 17 Nov 2023 15:06:04 -0800 Subject: [PATCH 35/68] try again --- openshift/patroni-postgis/docker/Dockerfile | 4 +- openshift/patroni-postgis/docker/init_postgis | 57 ++++++++++++++++++- 2 files changed, 57 insertions(+), 4 deletions(-) diff --git a/openshift/patroni-postgis/docker/Dockerfile b/openshift/patroni-postgis/docker/Dockerfile index 7d5458cb4..a865dcdaf 100644 --- a/openshift/patroni-postgis/docker/Dockerfile +++ b/openshift/patroni-postgis/docker/Dockerfile @@ -72,6 +72,4 @@ RUN cat /usr/share/scripts/patroni/init_postgis >> /usr/share/scripts/patroni/po RUN rm /usr/share/scripts/patroni/init_postgis USER postgres -WORKDIR /home/postgres - -CMD ["/run/start_sshd.sh"] \ No newline at end of file +WORKDIR /home/postgres \ No newline at end of file diff --git a/openshift/patroni-postgis/docker/init_postgis b/openshift/patroni-postgis/docker/init_postgis index 3f85f7ef4..a1f6c67a8 100644 --- a/openshift/patroni-postgis/docker/init_postgis +++ b/openshift/patroni-postgis/docker/init_postgis @@ -5,4 +5,59 @@ if [[ (! -z "$APP_USER") && (! -z "$APP_PASSWORD") && (! -z "$APP_DATABASE")]]; # pgbackrest --config=/home/pgbackrest/pgbackrest.conf --pg1-path=/home/postgres/pgdata/pgroot/data --pg1-user=$APP_USER --pg1-database=$APP_DATABASE --stanza=demo-cluster-1 --log-path=/home/pgbackrest/log stanza-create fi -# pgbackrest --config=/home/pgbackrest/pgbackrest.conf --pg1-path=/home/postgres/pgdata/pgroot/data \ No newline at end of file +# pgbackrest --config=/home/pgbackrest/pgbackrest.conf --pg1-path=/home/postgres/pgdata/pgroot/data + +SSH_DIR=/home/postgres/.ssh +mkdir $SSH_DIR +chmod 700 $SSH_DIR + +if [ -d /ssh_keys ]; then + cp /ssh_keys/* $SSH_DIR +fi + + +if [ -f $SSH_DIR/config ]; then + chmod 644 $SSH_DIR/id_rsa.pub +fi + +if [ -f $SSH_DIR/id_rsa.pub ]; then + chmod 644 $SSH_DIR/id_rsa.pub +fi + +if [ -f $SSH_DIR/id_rsa ]; then + chmod 600 $SSH_DIR/id_rsa +fi + +if [ "$START_SSHD" = true ]; then + + SSH_CONF=/ssh_conf_template + + mkdir /home/postgres/sshd + + # Generate server keys if not existing + if [ ! -f $SSH_CONF/ssh_host_ecdsa_key ]; then + echo "Host key $SSH_CONF/ssh_host_ecdsa_key not found - generating a new one" + ssh-keygen -q -N "" -t ecdsa -f $SSH_CONF/ssh_host_ecdsa_key + fi + if [ ! -f $SSH_CONF/ssh_host_ed25519_key ]; then + echo "Host key $SSH_CONF/ssh_host_ed25519_key not found - generating a new one" + ssh-keygen -q -N "" -t ed25519 -f $SSH_CONF/ssh_host_ed25519_key + fi + if [ ! -f $SSH_CONF/ssh_host_rsa_key ]; then + echo "Host key $SSH_CONF/ssh_host_rsa_key not found - generating a new one" + ssh-keygen -q -N "" -t rsa -f $SSH_CONF/ssh_host_rsa_key + fi +# + # Copy the keys and the config to the home directory + cp -r $SSH_CONF/* /home/postgres/sshd/ + + # Copy authorized keys + if [ -f $SSH_DIR/authorized_keys ]; then + chmod 600 $SSH_DIR/authorized_keys + fi + + chmod 600 /home/postgres/sshd/ssh_host* + + /usr/sbin/sshd -f /home/postgres/sshd/sshd_config + +fi From 6440126a6b1100f6725ff70e15264be77edd6eff Mon Sep 17 00:00:00 2001 From: Conor Brady Date: Fri, 17 Nov 2023 15:23:00 -0800 Subject: [PATCH 36/68] simplify --- openshift/patroni-postgis/docker/Dockerfile | 16 +++--- openshift/patroni-postgis/docker/init_postgis | 57 +------------------ 2 files changed, 9 insertions(+), 64 deletions(-) diff --git a/openshift/patroni-postgis/docker/Dockerfile b/openshift/patroni-postgis/docker/Dockerfile index a865dcdaf..f3b5a455d 100644 --- a/openshift/patroni-postgis/docker/Dockerfile +++ b/openshift/patroni-postgis/docker/Dockerfile @@ -31,16 +31,16 @@ RUN mkdir -p -m 777 /var/log/pgbackrest \ EXPOSE 5432 8008 2222 -ENV LC_ALL=en_US.UTF-8 LANG=en_US.UTF-8 EDITOR=/usr/bin/editor -ENV HOME=/home/postgres -ENV SSHD_CONF_DIR=/home/postgres/ssh_config_template -ENV START_SSHD=false +# ENV LC_ALL=en_US.UTF-8 LANG=en_US.UTF-8 EDITOR=/usr/bin/editor +# ENV HOME=/home/postgres +# ENV SSHD_CONF_DIR=/home/postgres/ssh_config_template +# ENV START_SSHD=false -ADD start_sshd.sh /run/ +# ADD start_sshd.sh /run/ -COPY ssh /ssh_conf_template -ADD ssh/ssh_config /etc/ssh/ssh_config -RUN chmod 777 /ssh_conf_template +# COPY ssh /ssh_conf_template +# ADD ssh/ssh_config /etc/ssh/ssh_config +# RUN chmod 777 /ssh_conf_template RUN echo \ "[global] \n \ diff --git a/openshift/patroni-postgis/docker/init_postgis b/openshift/patroni-postgis/docker/init_postgis index a1f6c67a8..3f85f7ef4 100644 --- a/openshift/patroni-postgis/docker/init_postgis +++ b/openshift/patroni-postgis/docker/init_postgis @@ -5,59 +5,4 @@ if [[ (! -z "$APP_USER") && (! -z "$APP_PASSWORD") && (! -z "$APP_DATABASE")]]; # pgbackrest --config=/home/pgbackrest/pgbackrest.conf --pg1-path=/home/postgres/pgdata/pgroot/data --pg1-user=$APP_USER --pg1-database=$APP_DATABASE --stanza=demo-cluster-1 --log-path=/home/pgbackrest/log stanza-create fi -# pgbackrest --config=/home/pgbackrest/pgbackrest.conf --pg1-path=/home/postgres/pgdata/pgroot/data - -SSH_DIR=/home/postgres/.ssh -mkdir $SSH_DIR -chmod 700 $SSH_DIR - -if [ -d /ssh_keys ]; then - cp /ssh_keys/* $SSH_DIR -fi - - -if [ -f $SSH_DIR/config ]; then - chmod 644 $SSH_DIR/id_rsa.pub -fi - -if [ -f $SSH_DIR/id_rsa.pub ]; then - chmod 644 $SSH_DIR/id_rsa.pub -fi - -if [ -f $SSH_DIR/id_rsa ]; then - chmod 600 $SSH_DIR/id_rsa -fi - -if [ "$START_SSHD" = true ]; then - - SSH_CONF=/ssh_conf_template - - mkdir /home/postgres/sshd - - # Generate server keys if not existing - if [ ! -f $SSH_CONF/ssh_host_ecdsa_key ]; then - echo "Host key $SSH_CONF/ssh_host_ecdsa_key not found - generating a new one" - ssh-keygen -q -N "" -t ecdsa -f $SSH_CONF/ssh_host_ecdsa_key - fi - if [ ! -f $SSH_CONF/ssh_host_ed25519_key ]; then - echo "Host key $SSH_CONF/ssh_host_ed25519_key not found - generating a new one" - ssh-keygen -q -N "" -t ed25519 -f $SSH_CONF/ssh_host_ed25519_key - fi - if [ ! -f $SSH_CONF/ssh_host_rsa_key ]; then - echo "Host key $SSH_CONF/ssh_host_rsa_key not found - generating a new one" - ssh-keygen -q -N "" -t rsa -f $SSH_CONF/ssh_host_rsa_key - fi -# - # Copy the keys and the config to the home directory - cp -r $SSH_CONF/* /home/postgres/sshd/ - - # Copy authorized keys - if [ -f $SSH_DIR/authorized_keys ]; then - chmod 600 $SSH_DIR/authorized_keys - fi - - chmod 600 /home/postgres/sshd/ssh_host* - - /usr/sbin/sshd -f /home/postgres/sshd/sshd_config - -fi +# pgbackrest --config=/home/pgbackrest/pgbackrest.conf --pg1-path=/home/postgres/pgdata/pgroot/data \ No newline at end of file From 5b4046f63452809e2bbecb895d67c107631fa3aa Mon Sep 17 00:00:00 2001 From: Conor Brady Date: Fri, 17 Nov 2023 15:35:20 -0800 Subject: [PATCH 37/68] Undo user change --- openshift/patroni-postgis/docker/Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/openshift/patroni-postgis/docker/Dockerfile b/openshift/patroni-postgis/docker/Dockerfile index f3b5a455d..3ac0e76ca 100644 --- a/openshift/patroni-postgis/docker/Dockerfile +++ b/openshift/patroni-postgis/docker/Dockerfile @@ -71,5 +71,5 @@ COPY init_postgis /usr/share/scripts/patroni/ RUN cat /usr/share/scripts/patroni/init_postgis >> /usr/share/scripts/patroni/post_init.sh RUN rm /usr/share/scripts/patroni/init_postgis -USER postgres -WORKDIR /home/postgres \ No newline at end of file +# Switch back to default user +USER 1001 \ No newline at end of file From 9d1d1f25ffc718b77ebc9f4de969d3dffa538994 Mon Sep 17 00:00:00 2001 From: Conor Brady Date: Fri, 17 Nov 2023 15:47:41 -0800 Subject: [PATCH 38/68] remove ports --- openshift/patroni-postgis/docker/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/openshift/patroni-postgis/docker/Dockerfile b/openshift/patroni-postgis/docker/Dockerfile index 3ac0e76ca..c14c8dac9 100644 --- a/openshift/patroni-postgis/docker/Dockerfile +++ b/openshift/patroni-postgis/docker/Dockerfile @@ -30,7 +30,7 @@ RUN mkdir -p -m 777 /var/log/pgbackrest \ && chown postgres:postgres /etc/pgbackrest/pgbackrest.conf -EXPOSE 5432 8008 2222 +# EXPOSE 5432 8008 2222 # ENV LC_ALL=en_US.UTF-8 LANG=en_US.UTF-8 EDITOR=/usr/bin/editor # ENV HOME=/home/postgres # ENV SSHD_CONF_DIR=/home/postgres/ssh_config_template From 418888cd4a9ce95eba17810a8921e48ff5c8e6f6 Mon Sep 17 00:00:00 2001 From: Conor Brady Date: Fri, 17 Nov 2023 16:00:44 -0800 Subject: [PATCH 39/68] No config --- openshift/patroni-postgis/docker/Dockerfile | 46 ++++++++++----------- 1 file changed, 23 insertions(+), 23 deletions(-) diff --git a/openshift/patroni-postgis/docker/Dockerfile b/openshift/patroni-postgis/docker/Dockerfile index c14c8dac9..a20246e85 100644 --- a/openshift/patroni-postgis/docker/Dockerfile +++ b/openshift/patroni-postgis/docker/Dockerfile @@ -42,29 +42,29 @@ RUN mkdir -p -m 777 /var/log/pgbackrest \ # ADD ssh/ssh_config /etc/ssh/ssh_config # RUN chmod 777 /ssh_conf_template -RUN echo \ - "[global] \n \ - repo1-type=s3 \n \ - repo1-storage-verify-tls=n \n \ - repo1-s3-endpoint=$OBJECT_STORE_SERVER \n\ - repo1-s3-uri-style=path \n\ - repo1-s3-bucket=$OBJECT_STORE_BUCKET \n\ - repo1-s3-key=$OBJECT_STORE_USER_ID \n \ - repo1-s3-key-secret=$OBJECT_STORE_SECRET \n \ - repo1-s3-region=eu-west-3 \n \ - \n \ - repo1-path=/repo1 \n \ - repo1-retention-full=3 \n \ - start-fast=y \n \ - log-level-console=info \n \ - log-level-file=debug \n \ - delta=y \n \ - process-max=2 \n \ - \n \ - [demo-cluster-1] \n \ - pg1-path=/home/postgres/pgdata/pgroot/data \ - pg1-port=5432 \n \ - pg1-user=postgres" >> /etc/pgbackrest/pgbackrest.conf +# RUN echo \ +# "[global] \n \ +# repo1-type=s3 \n \ +# repo1-storage-verify-tls=n \n \ +# repo1-s3-endpoint=$OBJECT_STORE_SERVER \n\ +# repo1-s3-uri-style=path \n\ +# repo1-s3-bucket=$OBJECT_STORE_BUCKET \n\ +# repo1-s3-key=$OBJECT_STORE_USER_ID \n \ +# repo1-s3-key-secret=$OBJECT_STORE_SECRET \n \ +# repo1-s3-region=eu-west-3 \n \ +# \n \ +# repo1-path=/repo1 \n \ +# repo1-retention-full=3 \n \ +# start-fast=y \n \ +# log-level-console=info \n \ +# log-level-file=debug \n \ +# delta=y \n \ +# process-max=2 \n \ +# \n \ +# [demo-cluster-1] \n \ +# pg1-path=/home/postgres/pgdata/pgroot/data \ +# pg1-port=5432 \n \ +# pg1-user=postgres" >> /etc/pgbackrest/pgbackrest.conf # Add the POSTGIS command to the end of the post_init script. COPY init_postgis /usr/share/scripts/patroni/ From abd3814fced40235eb5723c5db7b57da4cd43d55 Mon Sep 17 00:00:00 2001 From: Conor Brady Date: Fri, 17 Nov 2023 16:14:43 -0800 Subject: [PATCH 40/68] Undo folder ops --- openshift/patroni-postgis/docker/Dockerfile | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/openshift/patroni-postgis/docker/Dockerfile b/openshift/patroni-postgis/docker/Dockerfile index a20246e85..a2347bfab 100644 --- a/openshift/patroni-postgis/docker/Dockerfile +++ b/openshift/patroni-postgis/docker/Dockerfile @@ -21,13 +21,13 @@ RUN apt-get update \ pgbackrest \ && rm -rf /var/lib/apt/lists/* -RUN mkdir -p -m 777 /var/log/pgbackrest \ - && chown postgres:postgres /var/log/pgbackrest \ - && mkdir -p /etc/pgbackrest \ - && mkdir -p /etc/pgbackrest/conf.d \ - && touch /etc/pgbackrest/pgbackrest.conf \ - && chmod 777 /etc/pgbackrest/pgbackrest.conf \ - && chown postgres:postgres /etc/pgbackrest/pgbackrest.conf +# RUN mkdir -p -m 777 /var/log/pgbackrest \ +# && chown postgres:postgres /var/log/pgbackrest \ +# && mkdir -p /etc/pgbackrest \ +# && mkdir -p /etc/pgbackrest/conf.d \ +# && touch /etc/pgbackrest/pgbackrest.conf \ +# && chmod 777 /etc/pgbackrest/pgbackrest.conf \ +# && chown postgres:postgres /etc/pgbackrest/pgbackrest.conf # EXPOSE 5432 8008 2222 From 8796b5b5d92d7adc857c4c282f4deaa6bef4dcec Mon Sep 17 00:00:00 2001 From: Conor Brady Date: Fri, 17 Nov 2023 16:24:37 -0800 Subject: [PATCH 41/68] no pgbackrest --- openshift/patroni-postgis/docker/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/openshift/patroni-postgis/docker/Dockerfile b/openshift/patroni-postgis/docker/Dockerfile index a2347bfab..12f6b7aa7 100644 --- a/openshift/patroni-postgis/docker/Dockerfile +++ b/openshift/patroni-postgis/docker/Dockerfile @@ -18,7 +18,7 @@ RUN apt-get update \ \ postgresql-$PG_MAJOR-postgis-$POSTGIS_MAJOR=$POSTGIS_VERSION \ postgresql-$PG_MAJOR-postgis-$POSTGIS_MAJOR-scripts \ - pgbackrest \ + # pgbackrest \ && rm -rf /var/lib/apt/lists/* # RUN mkdir -p -m 777 /var/log/pgbackrest \ From c2b2e4f984294fcc2f8984c3913ae84df65eebed Mon Sep 17 00:00:00 2001 From: Conor Brady Date: Sat, 18 Nov 2023 12:19:05 -0800 Subject: [PATCH 42/68] Back to basics --- openshift/patroni-postgis/docker/Dockerfile | 45 ------------------- openshift/patroni-postgis/docker/init_postgis | 5 +-- 2 files changed, 1 insertion(+), 49 deletions(-) diff --git a/openshift/patroni-postgis/docker/Dockerfile b/openshift/patroni-postgis/docker/Dockerfile index 12f6b7aa7..bff9130c0 100644 --- a/openshift/patroni-postgis/docker/Dockerfile +++ b/openshift/patroni-postgis/docker/Dockerfile @@ -21,51 +21,6 @@ RUN apt-get update \ # pgbackrest \ && rm -rf /var/lib/apt/lists/* -# RUN mkdir -p -m 777 /var/log/pgbackrest \ -# && chown postgres:postgres /var/log/pgbackrest \ -# && mkdir -p /etc/pgbackrest \ -# && mkdir -p /etc/pgbackrest/conf.d \ -# && touch /etc/pgbackrest/pgbackrest.conf \ -# && chmod 777 /etc/pgbackrest/pgbackrest.conf \ -# && chown postgres:postgres /etc/pgbackrest/pgbackrest.conf - - -# EXPOSE 5432 8008 2222 -# ENV LC_ALL=en_US.UTF-8 LANG=en_US.UTF-8 EDITOR=/usr/bin/editor -# ENV HOME=/home/postgres -# ENV SSHD_CONF_DIR=/home/postgres/ssh_config_template -# ENV START_SSHD=false - -# ADD start_sshd.sh /run/ - -# COPY ssh /ssh_conf_template -# ADD ssh/ssh_config /etc/ssh/ssh_config -# RUN chmod 777 /ssh_conf_template - -# RUN echo \ -# "[global] \n \ -# repo1-type=s3 \n \ -# repo1-storage-verify-tls=n \n \ -# repo1-s3-endpoint=$OBJECT_STORE_SERVER \n\ -# repo1-s3-uri-style=path \n\ -# repo1-s3-bucket=$OBJECT_STORE_BUCKET \n\ -# repo1-s3-key=$OBJECT_STORE_USER_ID \n \ -# repo1-s3-key-secret=$OBJECT_STORE_SECRET \n \ -# repo1-s3-region=eu-west-3 \n \ -# \n \ -# repo1-path=/repo1 \n \ -# repo1-retention-full=3 \n \ -# start-fast=y \n \ -# log-level-console=info \n \ -# log-level-file=debug \n \ -# delta=y \n \ -# process-max=2 \n \ -# \n \ -# [demo-cluster-1] \n \ -# pg1-path=/home/postgres/pgdata/pgroot/data \ -# pg1-port=5432 \n \ -# pg1-user=postgres" >> /etc/pgbackrest/pgbackrest.conf - # Add the POSTGIS command to the end of the post_init script. COPY init_postgis /usr/share/scripts/patroni/ RUN cat /usr/share/scripts/patroni/init_postgis >> /usr/share/scripts/patroni/post_init.sh diff --git a/openshift/patroni-postgis/docker/init_postgis b/openshift/patroni-postgis/docker/init_postgis index 3f85f7ef4..b7855aae2 100644 --- a/openshift/patroni-postgis/docker/init_postgis +++ b/openshift/patroni-postgis/docker/init_postgis @@ -2,7 +2,4 @@ if [[ (! -z "$APP_USER") && (! -z "$APP_PASSWORD") && (! -z "$APP_DATABASE")]]; then echo "Loading PostGIS extensions into $APP_DATABASE" psql "$1" -w -c "\c ${APP_DATABASE}" -c "CREATE EXTENSION IF NOT EXISTS postgis;" - # pgbackrest --config=/home/pgbackrest/pgbackrest.conf --pg1-path=/home/postgres/pgdata/pgroot/data --pg1-user=$APP_USER --pg1-database=$APP_DATABASE --stanza=demo-cluster-1 --log-path=/home/pgbackrest/log stanza-create -fi - -# pgbackrest --config=/home/pgbackrest/pgbackrest.conf --pg1-path=/home/postgres/pgdata/pgroot/data \ No newline at end of file +fi \ No newline at end of file From 171569b210944e54b6e71872176c0a31cf7edbca Mon Sep 17 00:00:00 2001 From: Conor Brady Date: Sat, 18 Nov 2023 12:33:53 -0800 Subject: [PATCH 43/68] Remove post init --- openshift/patroni-postgis/docker/Dockerfile | 6 +++--- openshift/templates/patroni_prerequisite.yaml | 4 ++-- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/openshift/patroni-postgis/docker/Dockerfile b/openshift/patroni-postgis/docker/Dockerfile index bff9130c0..e49ee1ec7 100644 --- a/openshift/patroni-postgis/docker/Dockerfile +++ b/openshift/patroni-postgis/docker/Dockerfile @@ -22,9 +22,9 @@ RUN apt-get update \ && rm -rf /var/lib/apt/lists/* # Add the POSTGIS command to the end of the post_init script. -COPY init_postgis /usr/share/scripts/patroni/ -RUN cat /usr/share/scripts/patroni/init_postgis >> /usr/share/scripts/patroni/post_init.sh -RUN rm /usr/share/scripts/patroni/init_postgis +# COPY init_postgis /usr/share/scripts/patroni/ +# RUN cat /usr/share/scripts/patroni/init_postgis >> /usr/share/scripts/patroni/post_init.sh +# RUN rm /usr/share/scripts/patroni/init_postgis # Switch back to default user USER 1001 \ No newline at end of file diff --git a/openshift/templates/patroni_prerequisite.yaml b/openshift/templates/patroni_prerequisite.yaml index e576a5a40..c603e9aca 100644 --- a/openshift/templates/patroni_prerequisite.yaml +++ b/openshift/templates/patroni_prerequisite.yaml @@ -179,12 +179,12 @@ parameters: - name: IMAGE_NAME description: | The Patroni image stream name - value: patroni-postgres + value: patroni-postgres-pgbackrest - name: IMAGE_TAG description: | The image tag used to specify which image you would like deployed. Don't use `latest`. - value: "v12" + value: "v12-latest" - name: PVC_SIZE description: The size of the persistent volume to create. displayName: Persistent Volume Size From 4890a1e1e946daddcc09ee61a4f7d6edb3970982 Mon Sep 17 00:00:00 2001 From: Conor Brady Date: Mon, 20 Nov 2023 14:07:53 -0800 Subject: [PATCH 44/68] Add back ppgbackrest --- openshift/patroni-postgis/docker/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/openshift/patroni-postgis/docker/Dockerfile b/openshift/patroni-postgis/docker/Dockerfile index e49ee1ec7..fddf9ec57 100644 --- a/openshift/patroni-postgis/docker/Dockerfile +++ b/openshift/patroni-postgis/docker/Dockerfile @@ -18,7 +18,7 @@ RUN apt-get update \ \ postgresql-$PG_MAJOR-postgis-$POSTGIS_MAJOR=$POSTGIS_VERSION \ postgresql-$PG_MAJOR-postgis-$POSTGIS_MAJOR-scripts \ - # pgbackrest \ + pgbackrest \ && rm -rf /var/lib/apt/lists/* # Add the POSTGIS command to the end of the post_init script. From 3386bbf309b14b31f16799cb6b2f4a4a349ba318 Mon Sep 17 00:00:00 2001 From: Conor Brady Date: Mon, 20 Nov 2023 14:29:27 -0800 Subject: [PATCH 45/68] Add init_postgis back --- openshift/patroni-postgis/docker/Dockerfile | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/openshift/patroni-postgis/docker/Dockerfile b/openshift/patroni-postgis/docker/Dockerfile index fddf9ec57..5843d3c21 100644 --- a/openshift/patroni-postgis/docker/Dockerfile +++ b/openshift/patroni-postgis/docker/Dockerfile @@ -22,9 +22,9 @@ RUN apt-get update \ && rm -rf /var/lib/apt/lists/* # Add the POSTGIS command to the end of the post_init script. -# COPY init_postgis /usr/share/scripts/patroni/ -# RUN cat /usr/share/scripts/patroni/init_postgis >> /usr/share/scripts/patroni/post_init.sh -# RUN rm /usr/share/scripts/patroni/init_postgis +COPY init_postgis /usr/share/scripts/patroni/ +RUN cat /usr/share/scripts/patroni/init_postgis >> /usr/share/scripts/patroni/post_init.sh +RUN rm /usr/share/scripts/patroni/init_postgis # Switch back to default user USER 1001 \ No newline at end of file From eba5e9f87a0ce20cb3ea2265cea80478589f4ea7 Mon Sep 17 00:00:00 2001 From: Conor Brady Date: Mon, 20 Nov 2023 15:08:38 -0800 Subject: [PATCH 46/68] file ownership --- openshift/patroni-postgis/docker/Dockerfile | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/openshift/patroni-postgis/docker/Dockerfile b/openshift/patroni-postgis/docker/Dockerfile index 5843d3c21..7dac119bf 100644 --- a/openshift/patroni-postgis/docker/Dockerfile +++ b/openshift/patroni-postgis/docker/Dockerfile @@ -21,6 +21,14 @@ RUN apt-get update \ pgbackrest \ && rm -rf /var/lib/apt/lists/* +RUN mkdir -p -m 777 /var/log/pgbackrest \ + && chown postgres:postgres /var/log/pgbackrest \ + && mkdir -p /etc/pgbackrest \ + && mkdir -p /etc/pgbackrest/conf.d \ + && touch /etc/pgbackrest/pgbackrest.conf \ + && chmod 777 /etc/pgbackrest/pgbackrest.conf \ + && chown postgres:postgres /etc/pgbackrest/pgbackrest.conf + # Add the POSTGIS command to the end of the post_init script. COPY init_postgis /usr/share/scripts/patroni/ RUN cat /usr/share/scripts/patroni/init_postgis >> /usr/share/scripts/patroni/post_init.sh From 6ab11b4b134ef9a25cdad785a3a35cde91aacf5b Mon Sep 17 00:00:00 2001 From: Conor Brady Date: Mon, 20 Nov 2023 15:32:27 -0800 Subject: [PATCH 47/68] ssh stuff --- openshift/patroni-postgis/docker/Dockerfile | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/openshift/patroni-postgis/docker/Dockerfile b/openshift/patroni-postgis/docker/Dockerfile index 7dac119bf..fa5e22ef9 100644 --- a/openshift/patroni-postgis/docker/Dockerfile +++ b/openshift/patroni-postgis/docker/Dockerfile @@ -29,6 +29,18 @@ RUN mkdir -p -m 777 /var/log/pgbackrest \ && chmod 777 /etc/pgbackrest/pgbackrest.conf \ && chown postgres:postgres /etc/pgbackrest/pgbackrest.conf +EXPOSE 5432 8008 2222 +ENV LC_ALL=en_US.UTF-8 LANG=en_US.UTF-8 EDITOR=/usr/bin/editor +ENV HOME=/home/postgres +ENV SSHD_CONF_DIR=/home/postgres/ssh_config_template +ENV START_SSHD=false + +ADD start_sshd.sh /run/ + +COPY ssh /ssh_conf_template +ADD ssh/ssh_config /etc/ssh/ssh_config +RUN chmod 777 /ssh_conf_template + # Add the POSTGIS command to the end of the post_init script. COPY init_postgis /usr/share/scripts/patroni/ RUN cat /usr/share/scripts/patroni/init_postgis >> /usr/share/scripts/patroni/post_init.sh From f5887b580b1e432ceca3c949e6b5a818dae374ea Mon Sep 17 00:00:00 2001 From: Conor Brady Date: Mon, 20 Nov 2023 15:49:27 -0800 Subject: [PATCH 48/68] Add start ssh script --- openshift/patroni-postgis/docker/init_postgis | 1 + 1 file changed, 1 insertion(+) diff --git a/openshift/patroni-postgis/docker/init_postgis b/openshift/patroni-postgis/docker/init_postgis index b7855aae2..5b69dc0df 100644 --- a/openshift/patroni-postgis/docker/init_postgis +++ b/openshift/patroni-postgis/docker/init_postgis @@ -2,4 +2,5 @@ if [[ (! -z "$APP_USER") && (! -z "$APP_PASSWORD") && (! -z "$APP_DATABASE")]]; then echo "Loading PostGIS extensions into $APP_DATABASE" psql "$1" -w -c "\c ${APP_DATABASE}" -c "CREATE EXTENSION IF NOT EXISTS postgis;" + ./run/start_sshd.sh fi \ No newline at end of file From 513d66510c9ff283bac21b1353cc4e52be11255e Mon Sep 17 00:00:00 2001 From: Conor Brady Date: Mon, 20 Nov 2023 16:05:16 -0800 Subject: [PATCH 49/68] Udno startssh --- openshift/patroni-postgis/docker/init_postgis | 1 - 1 file changed, 1 deletion(-) diff --git a/openshift/patroni-postgis/docker/init_postgis b/openshift/patroni-postgis/docker/init_postgis index 5b69dc0df..b7855aae2 100644 --- a/openshift/patroni-postgis/docker/init_postgis +++ b/openshift/patroni-postgis/docker/init_postgis @@ -2,5 +2,4 @@ if [[ (! -z "$APP_USER") && (! -z "$APP_PASSWORD") && (! -z "$APP_DATABASE")]]; then echo "Loading PostGIS extensions into $APP_DATABASE" psql "$1" -w -c "\c ${APP_DATABASE}" -c "CREATE EXTENSION IF NOT EXISTS postgis;" - ./run/start_sshd.sh fi \ No newline at end of file From 9e088ed8173a0d32a3160592b3c8e1d0ec4ac02c Mon Sep 17 00:00:00 2001 From: Conor Brady Date: Mon, 20 Nov 2023 16:30:22 -0800 Subject: [PATCH 50/68] Try before --- openshift/patroni-postgis/docker/init_postgis | 1 + 1 file changed, 1 insertion(+) diff --git a/openshift/patroni-postgis/docker/init_postgis b/openshift/patroni-postgis/docker/init_postgis index b7855aae2..bf3164068 100644 --- a/openshift/patroni-postgis/docker/init_postgis +++ b/openshift/patroni-postgis/docker/init_postgis @@ -1,5 +1,6 @@ if [[ (! -z "$APP_USER") && (! -z "$APP_PASSWORD") && (! -z "$APP_DATABASE")]]; then echo "Loading PostGIS extensions into $APP_DATABASE" + ./run/start_sshd.sh psql "$1" -w -c "\c ${APP_DATABASE}" -c "CREATE EXTENSION IF NOT EXISTS postgis;" fi \ No newline at end of file From 3853b67e01e6757afda6af4c07cb8e31fd7f9f5b Mon Sep 17 00:00:00 2001 From: Conor Brady Date: Mon, 20 Nov 2023 16:43:38 -0800 Subject: [PATCH 51/68] Add back config --- openshift/patroni-postgis/docker/Dockerfile | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/openshift/patroni-postgis/docker/Dockerfile b/openshift/patroni-postgis/docker/Dockerfile index fa5e22ef9..df3187d63 100644 --- a/openshift/patroni-postgis/docker/Dockerfile +++ b/openshift/patroni-postgis/docker/Dockerfile @@ -46,5 +46,26 @@ COPY init_postgis /usr/share/scripts/patroni/ RUN cat /usr/share/scripts/patroni/init_postgis >> /usr/share/scripts/patroni/post_init.sh RUN rm /usr/share/scripts/patroni/init_postgis +RUN echo "[global] \n \ + repo1-type=s3 \n \ + repo1-storage-verify-tls=n \n \ + repo1-s3-endpoint=$OBJECT_STORE_SERVER \n\ + repo1-s3-uri-style=path \n\ + repo1-s3-bucket=$OBJECT_STORE_BUCKET \n\ + repo1-s3-key=$OBJECT_STORE_USER_ID \n \ + repo1-s3-key-secret=$OBJECT_STORE_SECRET \n \ + repo1-s3-region=eu-west-3 \n \ + \n \ + repo1-path=/repo1 \n \ + repo1-retention-full=3 \n \ + start-fast=y \n \ + log-level-console=info \n \ + log-level-file=debug \n \ + delta=y \n \ + process-max=2 \n \ + \n \ + [demo-cluster-1] \n \ + pg1-port=5432 \n" >> /home/pgbackrest/pgbackrest.conf + # Switch back to default user USER 1001 \ No newline at end of file From 80e48edff5387306a6736521bca447647c64c850 Mon Sep 17 00:00:00 2001 From: Conor Brady Date: Mon, 20 Nov 2023 16:56:09 -0800 Subject: [PATCH 52/68] Without ssh --- openshift/patroni-postgis/docker/init_postgis | 1 - 1 file changed, 1 deletion(-) diff --git a/openshift/patroni-postgis/docker/init_postgis b/openshift/patroni-postgis/docker/init_postgis index bf3164068..b7855aae2 100644 --- a/openshift/patroni-postgis/docker/init_postgis +++ b/openshift/patroni-postgis/docker/init_postgis @@ -1,6 +1,5 @@ if [[ (! -z "$APP_USER") && (! -z "$APP_PASSWORD") && (! -z "$APP_DATABASE")]]; then echo "Loading PostGIS extensions into $APP_DATABASE" - ./run/start_sshd.sh psql "$1" -w -c "\c ${APP_DATABASE}" -c "CREATE EXTENSION IF NOT EXISTS postgis;" fi \ No newline at end of file From 59ca67080c4ef0c6edc22f5d5f5342198d6a864e Mon Sep 17 00:00:00 2001 From: Conor Brady Date: Mon, 20 Nov 2023 17:07:35 -0800 Subject: [PATCH 53/68] Fix path --- openshift/patroni-postgis/docker/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/openshift/patroni-postgis/docker/Dockerfile b/openshift/patroni-postgis/docker/Dockerfile index df3187d63..11ed3648f 100644 --- a/openshift/patroni-postgis/docker/Dockerfile +++ b/openshift/patroni-postgis/docker/Dockerfile @@ -65,7 +65,7 @@ RUN echo "[global] \n \ process-max=2 \n \ \n \ [demo-cluster-1] \n \ - pg1-port=5432 \n" >> /home/pgbackrest/pgbackrest.conf + pg1-port=5432 \n" >> /etc/pgbackrest/pgbackrest.conf # Switch back to default user USER 1001 \ No newline at end of file From ee99f95c3efefb671c227e7de0d75545da32081d Mon Sep 17 00:00:00 2001 From: Conor Brady Date: Mon, 20 Nov 2023 17:44:42 -0800 Subject: [PATCH 54/68] add pg path --- openshift/patroni-postgis/docker/Dockerfile | 1 + 1 file changed, 1 insertion(+) diff --git a/openshift/patroni-postgis/docker/Dockerfile b/openshift/patroni-postgis/docker/Dockerfile index 11ed3648f..d5f14a7d6 100644 --- a/openshift/patroni-postgis/docker/Dockerfile +++ b/openshift/patroni-postgis/docker/Dockerfile @@ -65,6 +65,7 @@ RUN echo "[global] \n \ process-max=2 \n \ \n \ [demo-cluster-1] \n \ + pg1-path=/home/postgres/pgdata/pgroot/data \ pg1-port=5432 \n" >> /etc/pgbackrest/pgbackrest.conf # Switch back to default user From 908de144aa280846c049b14edeb027de6abcbd8f Mon Sep 17 00:00:00 2001 From: Conor Brady Date: Mon, 20 Nov 2023 18:02:54 -0800 Subject: [PATCH 55/68] newline --- openshift/patroni-postgis/docker/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/openshift/patroni-postgis/docker/Dockerfile b/openshift/patroni-postgis/docker/Dockerfile index d5f14a7d6..a18bde869 100644 --- a/openshift/patroni-postgis/docker/Dockerfile +++ b/openshift/patroni-postgis/docker/Dockerfile @@ -65,7 +65,7 @@ RUN echo "[global] \n \ process-max=2 \n \ \n \ [demo-cluster-1] \n \ - pg1-path=/home/postgres/pgdata/pgroot/data \ + pg1-path=/home/postgres/pgdata/pgroot/data \n \ pg1-port=5432 \n" >> /etc/pgbackrest/pgbackrest.conf # Switch back to default user From 0be63262223d556d7d7c91bcb9a56be8e8c88e9b Mon Sep 17 00:00:00 2001 From: Conor Brady Date: Mon, 20 Nov 2023 19:22:33 -0800 Subject: [PATCH 56/68] init commands --- openshift/patroni-postgis/docker/init_postgis | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/openshift/patroni-postgis/docker/init_postgis b/openshift/patroni-postgis/docker/init_postgis index b7855aae2..673eed62a 100644 --- a/openshift/patroni-postgis/docker/init_postgis +++ b/openshift/patroni-postgis/docker/init_postgis @@ -1,5 +1,12 @@ if [[ (! -z "$APP_USER") && (! -z "$APP_PASSWORD") && (! -z "$APP_DATABASE")]]; then + echo "Initializing archive mode for pgbackrest" + psql -c "alter system set archive_mode=on;" + psql -c "alter system set archive_command=pgbackrest --stanza=demo-cluster-1 archive-push '%p';" echo "Loading PostGIS extensions into $APP_DATABASE" psql "$1" -w -c "\c ${APP_DATABASE}" -c "CREATE EXTENSION IF NOT EXISTS postgis;" + echo "Restarting postgres to init config" + pg_ctl restart -D /home/postgres/pgdata/pgroot/data + echo "Creating pgbackrest stanza" + pgbackrest --stanza=demo-cluster-1 stanza-create fi \ No newline at end of file From 98270495610f798b322ac6ab7bfc6221797e6781 Mon Sep 17 00:00:00 2001 From: Conor Brady Date: Tue, 21 Nov 2023 12:18:28 -0800 Subject: [PATCH 57/68] Dyanmically configure cluster --- openshift/patroni-postgis/docker/Dockerfile | 6 +----- openshift/patroni-postgis/docker/init_postgis | 4 ++-- 2 files changed, 3 insertions(+), 7 deletions(-) diff --git a/openshift/patroni-postgis/docker/Dockerfile b/openshift/patroni-postgis/docker/Dockerfile index a18bde869..0f6774d5a 100644 --- a/openshift/patroni-postgis/docker/Dockerfile +++ b/openshift/patroni-postgis/docker/Dockerfile @@ -62,11 +62,7 @@ RUN echo "[global] \n \ log-level-console=info \n \ log-level-file=debug \n \ delta=y \n \ - process-max=2 \n \ - \n \ - [demo-cluster-1] \n \ - pg1-path=/home/postgres/pgdata/pgroot/data \n \ - pg1-port=5432 \n" >> /etc/pgbackrest/pgbackrest.conf + process-max=2 \n" >> /etc/pgbackrest/pgbackrest.conf # Switch back to default user USER 1001 \ No newline at end of file diff --git a/openshift/patroni-postgis/docker/init_postgis b/openshift/patroni-postgis/docker/init_postgis index 673eed62a..79dab7dc3 100644 --- a/openshift/patroni-postgis/docker/init_postgis +++ b/openshift/patroni-postgis/docker/init_postgis @@ -1,5 +1,5 @@ -if [[ (! -z "$APP_USER") && (! -z "$APP_PASSWORD") && (! -z "$APP_DATABASE")]]; then +if [[ (! -z "$APP_USER") && (! -z "$APP_PASSWORD") && (! -z "$APP_DATABASE") && (! -z "$NAME")]]; then echo "Initializing archive mode for pgbackrest" psql -c "alter system set archive_mode=on;" psql -c "alter system set archive_command=pgbackrest --stanza=demo-cluster-1 archive-push '%p';" @@ -8,5 +8,5 @@ if [[ (! -z "$APP_USER") && (! -z "$APP_PASSWORD") && (! -z "$APP_DATABASE")]]; echo "Restarting postgres to init config" pg_ctl restart -D /home/postgres/pgdata/pgroot/data echo "Creating pgbackrest stanza" - pgbackrest --stanza=demo-cluster-1 stanza-create + pgbackrest --stanza=$NAME-cluster-1 --pg1-path=/home/postgres/pgdata/pgroot/data --pg1-port=5432 stanza-create fi \ No newline at end of file From 55874e5f6bf746d7b8a861cf8b439d84571e0bd5 Mon Sep 17 00:00:00 2001 From: Conor Brady Date: Tue, 21 Nov 2023 14:28:52 -0800 Subject: [PATCH 58/68] Quote name --- openshift/patroni-postgis/docker/init_postgis | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/openshift/patroni-postgis/docker/init_postgis b/openshift/patroni-postgis/docker/init_postgis index 79dab7dc3..1cb9d261e 100644 --- a/openshift/patroni-postgis/docker/init_postgis +++ b/openshift/patroni-postgis/docker/init_postgis @@ -8,5 +8,5 @@ if [[ (! -z "$APP_USER") && (! -z "$APP_PASSWORD") && (! -z "$APP_DATABASE") && echo "Restarting postgres to init config" pg_ctl restart -D /home/postgres/pgdata/pgroot/data echo "Creating pgbackrest stanza" - pgbackrest --stanza=$NAME-cluster-1 --pg1-path=/home/postgres/pgdata/pgroot/data --pg1-port=5432 stanza-create + pgbackrest --stanza="$NAME-cluster-1" --pg1-path=/home/postgres/pgdata/pgroot/data --pg1-port=5432 stanza-create fi \ No newline at end of file From 101583c8a3e5201c1ed52b86ec1f1503e28f47d3 Mon Sep 17 00:00:00 2001 From: Conor Brady Date: Tue, 21 Nov 2023 14:46:36 -0800 Subject: [PATCH 59/68] Add name --- openshift/templates/patroni.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/openshift/templates/patroni.yaml b/openshift/templates/patroni.yaml index ef8502596..73a003197 100644 --- a/openshift/templates/patroni.yaml +++ b/openshift/templates/patroni.yaml @@ -162,6 +162,8 @@ objects: key: app-db-password - name: APP_DATABASE value: ${PARENT_NAME} + - name: NAME + value: ${NAME} - name: PATRONI_SCOPE value: ${NAME} - name: PATRONI_NAME From e6d3c8ef6a1daf2d8e81968e5f3bbc8efc0469af Mon Sep 17 00:00:00 2001 From: Conor Brady Date: Tue, 21 Nov 2023 15:05:27 -0800 Subject: [PATCH 60/68] Parameterize data dir --- openshift/patroni-postgis/docker/init_postgis | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/openshift/patroni-postgis/docker/init_postgis b/openshift/patroni-postgis/docker/init_postgis index 1cb9d261e..e859a50f7 100644 --- a/openshift/patroni-postgis/docker/init_postgis +++ b/openshift/patroni-postgis/docker/init_postgis @@ -1,12 +1,12 @@ -if [[ (! -z "$APP_USER") && (! -z "$APP_PASSWORD") && (! -z "$APP_DATABASE") && (! -z "$NAME")]]; then +if [[ (! -z "$APP_USER") && (! -z "$APP_PASSWORD") && (! -z "$APP_DATABASE") && (! -z "$NAME") && (! -z "$PATRONI_POSTGRESQL_DATA_DIR")]]; then echo "Initializing archive mode for pgbackrest" psql -c "alter system set archive_mode=on;" psql -c "alter system set archive_command=pgbackrest --stanza=demo-cluster-1 archive-push '%p';" echo "Loading PostGIS extensions into $APP_DATABASE" psql "$1" -w -c "\c ${APP_DATABASE}" -c "CREATE EXTENSION IF NOT EXISTS postgis;" echo "Restarting postgres to init config" - pg_ctl restart -D /home/postgres/pgdata/pgroot/data + pg_ctl restart -D "$PATRONI_POSTGRESQL_DATA_DIR" echo "Creating pgbackrest stanza" - pgbackrest --stanza="$NAME-cluster-1" --pg1-path=/home/postgres/pgdata/pgroot/data --pg1-port=5432 stanza-create + pgbackrest --stanza="$NAME-cluster-1" --pg1-path="$PATRONI_POSTGRESQL_DATA_DIR" --pg1-port=5432 stanza-create fi \ No newline at end of file From ed0606c6ed0bb149899c9ebaee5719cb69972a1f Mon Sep 17 00:00:00 2001 From: Conor Brady Date: Tue, 21 Nov 2023 15:20:42 -0800 Subject: [PATCH 61/68] Update params --- openshift/patroni-postgis/openshift/build.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/openshift/patroni-postgis/openshift/build.yaml b/openshift/patroni-postgis/openshift/build.yaml index dda2ae843..f7f5e69fe 100644 --- a/openshift/patroni-postgis/openshift/build.yaml +++ b/openshift/patroni-postgis/openshift/build.yaml @@ -76,6 +76,8 @@ objects: value: "${OBJECT_STORE_USER_ID}" - name: "OBJECT_STORE_SECRET" value: "${OBJECT_STORE_SECRET}" + - name: PATRONI_POSTGRESQL_DATA_DIR + value: "${PATRONI_POSTGRESQL_DATA_DIR}" type: Docker triggers: - type: ConfigChange From 5a6cc7883cac6d4b92234135d25190ab1c91586c Mon Sep 17 00:00:00 2001 From: Conor Brady Date: Tue, 21 Nov 2023 15:33:57 -0800 Subject: [PATCH 62/68] bak --- openshift/patroni-postgis/docker/init_postgis | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/openshift/patroni-postgis/docker/init_postgis b/openshift/patroni-postgis/docker/init_postgis index e859a50f7..1cb9d261e 100644 --- a/openshift/patroni-postgis/docker/init_postgis +++ b/openshift/patroni-postgis/docker/init_postgis @@ -1,12 +1,12 @@ -if [[ (! -z "$APP_USER") && (! -z "$APP_PASSWORD") && (! -z "$APP_DATABASE") && (! -z "$NAME") && (! -z "$PATRONI_POSTGRESQL_DATA_DIR")]]; then +if [[ (! -z "$APP_USER") && (! -z "$APP_PASSWORD") && (! -z "$APP_DATABASE") && (! -z "$NAME")]]; then echo "Initializing archive mode for pgbackrest" psql -c "alter system set archive_mode=on;" psql -c "alter system set archive_command=pgbackrest --stanza=demo-cluster-1 archive-push '%p';" echo "Loading PostGIS extensions into $APP_DATABASE" psql "$1" -w -c "\c ${APP_DATABASE}" -c "CREATE EXTENSION IF NOT EXISTS postgis;" echo "Restarting postgres to init config" - pg_ctl restart -D "$PATRONI_POSTGRESQL_DATA_DIR" + pg_ctl restart -D /home/postgres/pgdata/pgroot/data echo "Creating pgbackrest stanza" - pgbackrest --stanza="$NAME-cluster-1" --pg1-path="$PATRONI_POSTGRESQL_DATA_DIR" --pg1-port=5432 stanza-create + pgbackrest --stanza="$NAME-cluster-1" --pg1-path=/home/postgres/pgdata/pgroot/data --pg1-port=5432 stanza-create fi \ No newline at end of file From 44fda8fe68a4303390791bedeb112e3f260349cc Mon Sep 17 00:00:00 2001 From: Conor Brady Date: Tue, 21 Nov 2023 15:34:20 -0800 Subject: [PATCH 63/68] back --- openshift/patroni-postgis/openshift/build.yaml | 2 -- 1 file changed, 2 deletions(-) diff --git a/openshift/patroni-postgis/openshift/build.yaml b/openshift/patroni-postgis/openshift/build.yaml index f7f5e69fe..dda2ae843 100644 --- a/openshift/patroni-postgis/openshift/build.yaml +++ b/openshift/patroni-postgis/openshift/build.yaml @@ -76,8 +76,6 @@ objects: value: "${OBJECT_STORE_USER_ID}" - name: "OBJECT_STORE_SECRET" value: "${OBJECT_STORE_SECRET}" - - name: PATRONI_POSTGRESQL_DATA_DIR - value: "${PATRONI_POSTGRESQL_DATA_DIR}" type: Docker triggers: - type: ConfigChange From 233655d9fc7c5e62d364e1647d55e2f123ed2f07 Mon Sep 17 00:00:00 2001 From: Conor Brady Date: Tue, 21 Nov 2023 15:46:59 -0800 Subject: [PATCH 64/68] cleanup --- openshift/patroni-postgis/docker/Dockerfile | 12 ------------ 1 file changed, 12 deletions(-) diff --git a/openshift/patroni-postgis/docker/Dockerfile b/openshift/patroni-postgis/docker/Dockerfile index 0f6774d5a..ed4067c36 100644 --- a/openshift/patroni-postgis/docker/Dockerfile +++ b/openshift/patroni-postgis/docker/Dockerfile @@ -29,18 +29,6 @@ RUN mkdir -p -m 777 /var/log/pgbackrest \ && chmod 777 /etc/pgbackrest/pgbackrest.conf \ && chown postgres:postgres /etc/pgbackrest/pgbackrest.conf -EXPOSE 5432 8008 2222 -ENV LC_ALL=en_US.UTF-8 LANG=en_US.UTF-8 EDITOR=/usr/bin/editor -ENV HOME=/home/postgres -ENV SSHD_CONF_DIR=/home/postgres/ssh_config_template -ENV START_SSHD=false - -ADD start_sshd.sh /run/ - -COPY ssh /ssh_conf_template -ADD ssh/ssh_config /etc/ssh/ssh_config -RUN chmod 777 /ssh_conf_template - # Add the POSTGIS command to the end of the post_init script. COPY init_postgis /usr/share/scripts/patroni/ RUN cat /usr/share/scripts/patroni/init_postgis >> /usr/share/scripts/patroni/post_init.sh From 913d5a35bacae98414cbcd2eb8dc9ba42c88aca6 Mon Sep 17 00:00:00 2001 From: Conor Brady Date: Tue, 21 Nov 2023 15:58:24 -0800 Subject: [PATCH 65/68] Delete --- .../patroni-postgis/docker/ssh/ssh_config | 56 -------- .../patroni-postgis/docker/ssh/sshd_config | 123 ------------------ .../patroni-postgis/docker/start_sshd.sh | 57 -------- 3 files changed, 236 deletions(-) delete mode 100644 openshift/patroni-postgis/docker/ssh/ssh_config delete mode 100644 openshift/patroni-postgis/docker/ssh/sshd_config delete mode 100755 openshift/patroni-postgis/docker/start_sshd.sh diff --git a/openshift/patroni-postgis/docker/ssh/ssh_config b/openshift/patroni-postgis/docker/ssh/ssh_config deleted file mode 100644 index fb7179f69..000000000 --- a/openshift/patroni-postgis/docker/ssh/ssh_config +++ /dev/null @@ -1,56 +0,0 @@ - -# This is the ssh client system-wide configuration file. See -# ssh_config(5) for more information. This file provides defaults for -# users, and the values can be changed in per-user configuration files -# or on the command line. - -# Configuration data is parsed as follows: -# 1. command line options -# 2. user-specific file -# 3. system-wide file -# Any configuration value is only changed the first time it is set. -# Thus, host-specific definitions should be at the beginning of the -# configuration file, and defaults at the end. - -# Site-wide defaults for some commonly used options. For a comprehensive -# list of available options, their meanings and defaults, please see the -# ssh_config(5) man page. - -Host * -# ForwardAgent no -# ForwardX11 no -# ForwardX11Trusted yes -# RhostsRSAAuthentication no -# RSAAuthentication yes -# PasswordAuthentication yes -# HostbasedAuthentication no -# GSSAPIAuthentication no -# GSSAPIDelegateCredentials no -# GSSAPIKeyExchange no -# GSSAPITrustDNS no -# BatchMode no -# AddressFamily any -# ConnectTimeout 0 -# IdentityFile ~/.ssh/identity -# IdentityFile ~/.ssh/id_rsa -# IdentityFile ~/.ssh/id_dsa -# IdentityFile ~/.ssh/id_ecdsa -# IdentityFile ~/.ssh/id_ed25519 -# Port 22 -# Protocol 2 -# Cipher 3des -# Ciphers aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc -# MACs hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160 -# EscapeChar ~ -# Tunnel no -# TunnelDevice any:any -# PermitLocalCommand no -# VisualHostKey no -# ProxyCommand ssh -q -W %h:%p gateway.example.com -# RekeyLimit 1G 1h - CheckHostIP no - StrictHostKeyChecking no - UserKnownHostsFile=/dev/null - SendEnv LANG LC_* - HashKnownHosts false - GSSAPIAuthentication yes \ No newline at end of file diff --git a/openshift/patroni-postgis/docker/ssh/sshd_config b/openshift/patroni-postgis/docker/ssh/sshd_config deleted file mode 100644 index 5691596b6..000000000 --- a/openshift/patroni-postgis/docker/ssh/sshd_config +++ /dev/null @@ -1,123 +0,0 @@ -# $OpenBSD: sshd_config,v 1.100 2016/08/15 12:32:04 naddy Exp $ - -# This is the sshd server system-wide configuration file. See -# sshd_config(5) for more information. - -# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin - -# The strategy used for options in the default sshd_config shipped with -# OpenSSH is to specify options with their default value where -# possible, but leave them commented. Uncommented options override the -# default value. - -Port 2222 -#AddressFamily any -#ListenAddress 0.0.0.0 -#ListenAddress :: - -HostKey /home/postgres/sshd/ssh_host_rsa_key -HostKey /home/postgres/sshd/ssh_host_ecdsa_key -HostKey /home/postgres/sshd/ssh_host_ed25519_key - -# Ciphers and keying -#RekeyLimit default none - -# Logging -#SyslogFacility AUTH -#LogLevel INFO - -# Authentication: - -#LoginGraceTime 2m -#PermitRootLogin prohibit-password -#StrictModes yes -#MaxAuthTries 6 -#MaxSessions 10 - -#PubkeyAuthentication yes - -# Expect .ssh/authorized_keys2 to be disregarded by default in future. -#AuthorizedKeysFile .ssh/authorized_keys .ssh/authorized_keys2 - -#AuthorizedPrincipalsFile none - -#AuthorizedKeysCommand none -#AuthorizedKeysCommandUser nobody - -# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts -#HostbasedAuthentication no -# Change to yes if you don't trust ~/.ssh/known_hosts for -# HostbasedAuthentication -#IgnoreUserKnownHosts no -# Don't read the user's ~/.rhosts and ~/.shosts files -#IgnoreRhosts yes - -# To disable tunneled clear text passwords, change to no here! -#PasswordAuthentication yes -#PermitEmptyPasswords no - -# Change to yes to enable challenge-response passwords (beware issues with -# some PAM modules and threads) -ChallengeResponseAuthentication no - -# Kerberos options -#KerberosAuthentication no -#KerberosOrLocalPasswd yes -#KerberosTicketCleanup yes -#KerberosGetAFSToken no - -# GSSAPI options -#GSSAPIAuthentication no -#GSSAPICleanupCredentials yes -#GSSAPIStrictAcceptorCheck yes -#GSSAPIKeyExchange no - -# Set this to 'yes' to enable PAM authentication, account processing, -# and session processing. If this is enabled, PAM authentication will -# be allowed through the ChallengeResponseAuthentication and -# PasswordAuthentication. Depending on your PAM configuration, -# PAM authentication via ChallengeResponseAuthentication may bypass -# the setting of "PermitRootLogin without-password". -# If you just want the PAM account and session checks to run without -# PAM authentication, then enable this but set PasswordAuthentication -# and ChallengeResponseAuthentication to 'no'. -UsePAM no - -#AllowAgentForwarding yes -#AllowTcpForwarding yes -#GatewayPorts no -X11Forwarding yes -#X11DisplayOffset 10 -#X11UseLocalhost yes -#PermitTTY yes -PrintMotd no -#PrintLastLog yes -#TCPKeepAlive yes -#UseLogin no -#UsePrivilegeSeparation no -#PermitUserEnvironment no -#Compression delayed -#ClientAliveInterval 0 -#ClientAliveCountMax 3 -#UseDNS no -PidFile /home/postgres/sshd/sshd.pid -#MaxStartups 10:30:100 -#PermitTunnel no -#ChrootDirectory none -#VersionAddendum none - -# no default banner path -#Banner none - -# Allow client to pass locale environment variables -AcceptEnv LANG LC_* - -# override default of no subsystems -Subsystem sftp /usr/lib/openssh/sftp-server - -# Example of overriding settings on a per-user basis -#Match User anoncvs -# X11Forwarding no -# AllowTcpForwarding no -# PermitTTY no -# ForceCommand cvs server \ No newline at end of file diff --git a/openshift/patroni-postgis/docker/start_sshd.sh b/openshift/patroni-postgis/docker/start_sshd.sh deleted file mode 100755 index c130dc636..000000000 --- a/openshift/patroni-postgis/docker/start_sshd.sh +++ /dev/null @@ -1,57 +0,0 @@ -#!/bin/bash - -# Create directories with correct permissions for ssh client -SSH_DIR=/home/postgres/.ssh -mkdir $SSH_DIR -chmod 700 $SSH_DIR - -if [ -d /ssh_keys ]; then - cp /ssh_keys/* $SSH_DIR -fi - - -if [ -f $SSH_DIR/config ]; then - chmod 644 $SSH_DIR/id_rsa.pub -fi - -if [ -f $SSH_DIR/id_rsa.pub ]; then - chmod 644 $SSH_DIR/id_rsa.pub -fi - -if [ -f $SSH_DIR/id_rsa ]; then - chmod 600 $SSH_DIR/id_rsa -fi - -if [ "$START_SSHD" = true ]; then - - SSH_CONF=/ssh_conf_template - - mkdir /home/postgres/sshd - - # Generate server keys if not existing - if [ ! -f $SSH_CONF/ssh_host_ecdsa_key ]; then - echo "Host key $SSH_CONF/ssh_host_ecdsa_key not found - generating a new one" - ssh-keygen -q -N "" -t ecdsa -f $SSH_CONF/ssh_host_ecdsa_key - fi - if [ ! -f $SSH_CONF/ssh_host_ed25519_key ]; then - echo "Host key $SSH_CONF/ssh_host_ed25519_key not found - generating a new one" - ssh-keygen -q -N "" -t ed25519 -f $SSH_CONF/ssh_host_ed25519_key - fi - if [ ! -f $SSH_CONF/ssh_host_rsa_key ]; then - echo "Host key $SSH_CONF/ssh_host_rsa_key not found - generating a new one" - ssh-keygen -q -N "" -t rsa -f $SSH_CONF/ssh_host_rsa_key - fi -# - # Copy the keys and the config to the home directory - cp -r $SSH_CONF/* /home/postgres/sshd/ - - # Copy authorized keys - if [ -f $SSH_DIR/authorized_keys ]; then - chmod 600 $SSH_DIR/authorized_keys - fi - - chmod 600 /home/postgres/sshd/ssh_host* - - /usr/sbin/sshd -f /home/postgres/sshd/sshd_config - -fi From e6764ca38529945dd48cc2a75fa161f5bde013bf Mon Sep 17 00:00:00 2001 From: Conor Brady Date: Wed, 22 Nov 2023 08:41:29 -0800 Subject: [PATCH 66/68] Quote vars --- openshift/patroni-postgis/docker/Dockerfile | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/openshift/patroni-postgis/docker/Dockerfile b/openshift/patroni-postgis/docker/Dockerfile index ed4067c36..e3b3278aa 100644 --- a/openshift/patroni-postgis/docker/Dockerfile +++ b/openshift/patroni-postgis/docker/Dockerfile @@ -10,14 +10,14 @@ USER 0 # PostGIS requirements taken from https://github.com/postgis/docker-postgis RUN apt-get update \ - && apt-cache showpkg postgresql-$PG_MAJOR-postgis-$POSTGIS_MAJOR \ + && apt-cache showpkg postgresql-"$PG_MAJOR"-postgis-"$POSTGIS_MAJOR" \ && apt-get install -y --no-install-recommends \ # ca-certificates: for accessing remote raster files; # fix: https://github.com/postgis/docker-postgis/issues/307 ca-certificates \ \ - postgresql-$PG_MAJOR-postgis-$POSTGIS_MAJOR=$POSTGIS_VERSION \ - postgresql-$PG_MAJOR-postgis-$POSTGIS_MAJOR-scripts \ + postgresql-"$PG_MAJOR"-postgis-"$POSTGIS_MAJOR"="$POSTGIS_VERSION" \ + postgresql-"$PG_MAJOR"-postgis-"$POSTGIS_MAJOR"-scripts \ pgbackrest \ && rm -rf /var/lib/apt/lists/* From 7aae2c9574c2918b6d5332ee3813a1e8bced7663 Mon Sep 17 00:00:00 2001 From: Conor Brady Date: Wed, 22 Nov 2023 10:54:29 -0800 Subject: [PATCH 67/68] Update readme and tagged version --- openshift/patroni-postgis/README.md | 7 ++++--- openshift/templates/patroni.yaml | 2 +- openshift/templates/patroni_prerequisite.yaml | 2 +- 3 files changed, 6 insertions(+), 5 deletions(-) diff --git a/openshift/patroni-postgis/README.md b/openshift/patroni-postgis/README.md index 17854720e..55c39d7be 100644 --- a/openshift/patroni-postgis/README.md +++ b/openshift/patroni-postgis/README.md @@ -10,12 +10,13 @@ The WPS pipeline currently assumes the existence of an appropriately tagged patr ### Build and tag an imagestream as follows: ```bash -# Build a patroni imagestream: +# Build a patroni-pgbackrest imagestream: oc -n e1e498-tools process -f openshift/build.yaml -p OBJECT_STORE_SERVER="server" -p OBJECT_STORE_BUCKET="bucket" -p OBJECT_STORE_USER_ID="uid" -p OBJECT_STORE_SECRET="sec" -p GIT_REF="" | oc -n e1e498-tools apply -f - # Tag the old imagestream so we can keep it around if we need to revert: -oc -n e1e498-tools tag patroni-postgres:v12 patroni-postgres:v12- +oc -n e1e498-tools tag patroni-postgres-pgbackrest:v12- patroni-postgres-pgbackrest:v12- # Tag the new imagestream (it won't be used until the pods get re-created): -oc -n e1e498-tools tag patroni-postgres:v12-latest patroni-postgres:v12 +oc -n e1e498-tools tag patroni-postgres-pgbackrest:v12-latest patroni-postgres-pgbackrest:v12- +# Then update the tag in the patroni yaml files to point to the current date tag ``` #### Common build failures diff --git a/openshift/templates/patroni.yaml b/openshift/templates/patroni.yaml index 73a003197..65860e3f1 100644 --- a/openshift/templates/patroni.yaml +++ b/openshift/templates/patroni.yaml @@ -294,7 +294,7 @@ parameters: description: | The image tag used to specify which image you would like deployed. Don't use `latest`. - value: "v12-latest" + value: "v12-2023-11-22" - name: PVC_SIZE description: The size of the persistent volume to create. displayName: Persistent Volume Size diff --git a/openshift/templates/patroni_prerequisite.yaml b/openshift/templates/patroni_prerequisite.yaml index c603e9aca..71bde5190 100644 --- a/openshift/templates/patroni_prerequisite.yaml +++ b/openshift/templates/patroni_prerequisite.yaml @@ -184,7 +184,7 @@ parameters: description: | The image tag used to specify which image you would like deployed. Don't use `latest`. - value: "v12-latest" + value: "v12-2023-11-22" - name: PVC_SIZE description: The size of the persistent volume to create. displayName: Persistent Volume Size From 322cca4ee6c9ea0a83b9fdefd0b969b3efe7ea22 Mon Sep 17 00:00:00 2001 From: Conor Brady Date: Wed, 22 Nov 2023 10:56:05 -0800 Subject: [PATCH 68/68] Update stanza reference --- openshift/patroni-postgis/docker/init_postgis | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/openshift/patroni-postgis/docker/init_postgis b/openshift/patroni-postgis/docker/init_postgis index 1cb9d261e..9e86f2fa1 100644 --- a/openshift/patroni-postgis/docker/init_postgis +++ b/openshift/patroni-postgis/docker/init_postgis @@ -2,7 +2,7 @@ if [[ (! -z "$APP_USER") && (! -z "$APP_PASSWORD") && (! -z "$APP_DATABASE") && (! -z "$NAME")]]; then echo "Initializing archive mode for pgbackrest" psql -c "alter system set archive_mode=on;" - psql -c "alter system set archive_command=pgbackrest --stanza=demo-cluster-1 archive-push '%p';" + psql -c "alter system set archive_command=pgbackrest --stanza=$NAME-cluster-1 archive-push '%p';" echo "Loading PostGIS extensions into $APP_DATABASE" psql "$1" -w -c "\c ${APP_DATABASE}" -c "CREATE EXTENSION IF NOT EXISTS postgis;" echo "Restarting postgres to init config"