mirror of
https://github.com/bitnami/containers.git
synced 2026-02-11 14:37:20 +08:00
[bitnami/postgresql] Release 14.18.0-debian-12-r0 (#80950)
Signed-off-by: Bitnami Bot <bitnami.bot@broadcom.com>
This commit is contained in:
Bitnami Bot
@@ -10,14 +10,14 @@ ARG WITH_ALL_LOCALES="no"
|
||||
|
||||
LABEL com.vmware.cp.artifact.flavor="sha256:c50c90cfd9d12b445b011e6ad529f1ad3daea45c26d20b00732fae3cd71f6a83" \
|
||||
org.opencontainers.image.base.name="docker.io/bitnami/minideb:bookworm" \
|
||||
org.opencontainers.image.created="2025-05-05T19:10:57Z" \
|
||||
org.opencontainers.image.created="2025-05-08T16:16:00Z" \
|
||||
org.opencontainers.image.description="Application packaged by Broadcom, Inc." \
|
||||
org.opencontainers.image.documentation="https://github.com/bitnami/containers/tree/main/bitnami/postgresql/README.md" \
|
||||
org.opencontainers.image.ref.name="14.17.0-debian-12-r18" \
|
||||
org.opencontainers.image.ref.name="14.18.0-debian-12-r0" \
|
||||
org.opencontainers.image.source="https://github.com/bitnami/containers/tree/main/bitnami/postgresql" \
|
||||
org.opencontainers.image.title="postgresql" \
|
||||
org.opencontainers.image.vendor="Broadcom, Inc." \
|
||||
org.opencontainers.image.version="14.17.0"
|
||||
org.opencontainers.image.version="14.18.0"
|
||||
|
||||
ENV HOME="/" \
|
||||
OS_ARCH="${TARGETARCH:-amd64}" \
|
||||
@@ -30,7 +30,7 @@ SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"]
|
||||
RUN install_packages ca-certificates curl libbsd0 libbz2-1.0 libedit2 libffi8 libgcc-s1 libgmp10 libgnutls30 libhogweed6 libicu72 libidn2-0 libldap-2.5-0 liblz4-1 liblzma5 libmd0 libncurses6 libnettle8 libp11-kit0 libpcre3 libreadline8 libsasl2-2 libsqlite3-0 libssl3 libstdc++6 libtasn1-6 libtinfo6 libunistring2 libuuid1 libxml2 libxslt1.1 libzstd1 locales procps zlib1g
|
||||
RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ || exit 1 ; \
|
||||
COMPONENTS=( \
|
||||
"postgresql-14.17.0-14-linux-${OS_ARCH}-debian-12" \
|
||||
"postgresql-14.18.0-0-linux-${OS_ARCH}-debian-12" \
|
||||
) ; \
|
||||
for COMPONENT in "${COMPONENTS[@]}"; do \
|
||||
if [ ! -f "${COMPONENT}.tar.gz" ]; then \
|
||||
@@ -54,7 +54,7 @@ RUN echo 'en_US.UTF-8 UTF-8' >> /etc/locale.gen && locale-gen
|
||||
COPY rootfs /
|
||||
RUN /opt/bitnami/scripts/postgresql/postunpack.sh
|
||||
RUN /opt/bitnami/scripts/locales/add-extra-locales.sh
|
||||
ENV APP_VERSION="14.17.0" \
|
||||
ENV APP_VERSION="14.18.0" \
|
||||
BITNAMI_APP_NAME="postgresql" \
|
||||
LANG="en_US.UTF-8" \
|
||||
LANGUAGE="en_US:en" \
|
||||
|
||||
@@ -3,6 +3,6 @@
|
||||
"arch": "amd64",
|
||||
"distro": "debian-12",
|
||||
"type": "NAMI",
|
||||
"version": "14.17.0-14"
|
||||
"version": "14.18.0-0"
|
||||
}
|
||||
}
|
||||
@@ -74,7 +74,7 @@ autoctl_configure_auth() {
|
||||
|
||||
if [[ "${POSTGRESQL_AUTOCTL_MODE}" = "postgres" ]]; then
|
||||
info "Adding users auth configurations..."
|
||||
[[ -n "${POSTGRESQL_DATABASE}" ]] && [[ "$POSTGRESQL_DATABASE" != "postgres" ]] && postgresql_create_custom_database
|
||||
[[ -n "$POSTGRESQL_DATABASE" ]] && [[ "$POSTGRESQL_DATABASE" != "postgres" ]] && postgresql_create_custom_database "$POSTGRESQL_DATABASE"
|
||||
if [[ "$POSTGRESQL_USERNAME" = "postgres" ]]; then
|
||||
postgresql_alter_postgres_user "$POSTGRESQL_PASSWORD"
|
||||
else
|
||||
|
||||
@@ -83,6 +83,9 @@ postgresql_validate() {
|
||||
if [[ -n "$POSTGRESQL_USERNAME" ]] && [[ "$POSTGRESQL_USERNAME" != "postgres" ]] && [[ -n "$POSTGRESQL_PASSWORD" ]] && [[ -z "$POSTGRESQL_DATABASE" ]]; then
|
||||
print_validation_error "In order to use a custom PostgreSQL user you need to set the environment variable POSTGRESQL_DATABASE as well"
|
||||
fi
|
||||
if is_boolean_yes "$POSTGRESQL_SR_CHECK" && [[ -z "$POSTGRESQL_SR_CHECK_PASSWORD" ]]; then
|
||||
empty_password_error "POSTGRESQL_SR_CHECK_PASSWORD"
|
||||
fi
|
||||
fi
|
||||
if [[ -n "$POSTGRESQL_REPLICATION_MODE" ]]; then
|
||||
if [[ "$POSTGRESQL_REPLICATION_MODE" = "master" ]]; then
|
||||
@@ -124,6 +127,12 @@ postgresql_validate() {
|
||||
empty_password_error "You can not set POSTGRESQL_LDAP_URL and POSTGRESQL_LDAP_SERVER at the same time. Check your LDAP configuration."
|
||||
fi
|
||||
|
||||
if ! is_yes_no_value "$POSTGRESQL_SR_CHECK"; then
|
||||
print_validation_error "The values allowed for POSTGRESQL_SR_CHECK are: yes or no"
|
||||
elif is_boolean_yes "$POSTGRESQL_SR_CHECK" && [[ -z "$POSTGRESQL_SR_CHECK_USERNAME" || -z "$POSTGRESQL_SR_CHECK_DATABASE" ]]; then
|
||||
print_validation_error "The environment variables POSTGRESQL_SR_CHECK_USERNAME and POSTGRESQL_SR_CHECK_DATABASE are required when using the SR_CHECK feature"
|
||||
fi
|
||||
|
||||
if ! is_yes_no_value "$POSTGRESQL_ENABLE_TLS"; then
|
||||
print_validation_error "The values allowed for POSTGRESQL_ENABLE_TLS are: yes or no"
|
||||
elif is_boolean_yes "$POSTGRESQL_ENABLE_TLS"; then
|
||||
@@ -311,7 +320,7 @@ postgresql_restrict_pghba() {
|
||||
}
|
||||
|
||||
########################
|
||||
# Change pg_hba.conf so it allows access from replication users
|
||||
# Change pg_hba.conf so it allows access from replication user
|
||||
# Globals:
|
||||
# POSTGRESQL_*
|
||||
# Arguments:
|
||||
@@ -330,6 +339,26 @@ host replication all ::/0 ${replication_
|
||||
EOF
|
||||
}
|
||||
|
||||
########################
|
||||
# Change pg_hba.conf so it allows access from sr_check user
|
||||
# Globals:
|
||||
# POSTGRESQL_*
|
||||
# Arguments:
|
||||
# None
|
||||
# Returns:
|
||||
# None
|
||||
#########################
|
||||
postgresql_add_sr_check_user_to_pghba() {
|
||||
local sr_check_auth="trust"
|
||||
if [[ -n "$POSTGRESQL_SR_CHECK_PASSWORD" ]]; then
|
||||
sr_check_auth="md5"
|
||||
fi
|
||||
cat <<EOF >>"$POSTGRESQL_PGHBA_FILE"
|
||||
host $POSTGRESQL_SR_CHECK_DATABASE $POSTGRESQL_SR_CHECK_USERNAME 0.0.0.0/0 ${sr_check_auth}
|
||||
host $POSTGRESQL_SR_CHECK_DATABASE $POSTGRESQL_SR_CHECK_USERNAME ::/0 ${sr_check_auth}
|
||||
EOF
|
||||
}
|
||||
|
||||
########################
|
||||
# Change a PostgreSQL configuration file by setting a property
|
||||
# Globals:
|
||||
@@ -354,7 +383,7 @@ postgresql_set_property() {
|
||||
}
|
||||
|
||||
########################
|
||||
# Create a user for master-slave replication
|
||||
# Create a user for primary-replica replication
|
||||
# Globals:
|
||||
# POSTGRESQL_*
|
||||
# Arguments:
|
||||
@@ -370,6 +399,29 @@ postgresql_create_replication_user() {
|
||||
echo "CREATE ROLE \"$POSTGRESQL_REPLICATION_USER\" REPLICATION LOGIN ENCRYPTED PASSWORD '$escaped_password'" | postgresql_execute "" "postgres" "$postgres_password"
|
||||
}
|
||||
|
||||
########################
|
||||
# Create a user for Stream Replication checks
|
||||
# Globals:
|
||||
# POSTGRESQL_*
|
||||
# Arguments:
|
||||
# None
|
||||
# Returns:
|
||||
# None
|
||||
#########################
|
||||
postgresql_create_sr_check_user() {
|
||||
local -r escaped_password="${POSTGRESQL_SR_CHECK_PASSWORD//\'/\'\'}"
|
||||
local -r postgres_password="${POSTGRESQL_POSTGRES_PASSWORD:-$POSTGRESQL_PASSWORD}"
|
||||
|
||||
if [[ -n "$POSTGRESQL_REPLICATION_USER" ]] && [[ "$POSTGRESQL_SR_CHECK_USERNAME" == "$POSTGRESQL_REPLICATION_USER" ]]; then
|
||||
debug "The SR_CHECK username is the same as the replication user, skipping creation"
|
||||
else
|
||||
info "Creating sr-check user $POSTGRESQL_SR_CHECK_USERNAME"
|
||||
echo "CREATE ROLE \"${POSTGRESQL_SR_CHECK_USERNAME}\" WITH LOGIN PASSWORD '${escaped_password}';" | postgresql_execute "" "postgres" "$postgres_password"
|
||||
fi
|
||||
info "Granting access to \"${POSTGRESQL_SR_CHECK_USERNAME}\" to the database \"${POSTGRESQL_SR_CHECK_DATABASE}\""
|
||||
echo "GRANT CONNECT ON DATABASE \"${POSTGRESQL_SR_CHECK_DATABASE}\" TO \"${POSTGRESQL_SR_CHECK_USERNAME}\"\;" | postgresql_execute "" "postgres" "$postgres_password"
|
||||
}
|
||||
|
||||
########################
|
||||
# Change postgresql.conf by setting replication parameters
|
||||
# Globals:
|
||||
@@ -522,12 +574,13 @@ postgresql_create_admin_user() {
|
||||
# Globals:
|
||||
# POSTGRESQL_*
|
||||
# Arguments:
|
||||
# None
|
||||
# $1 - Database name
|
||||
# Returns:
|
||||
# None
|
||||
#########################
|
||||
postgresql_create_custom_database() {
|
||||
echo "CREATE DATABASE \"$POSTGRESQL_DATABASE\"" | postgresql_execute "" "postgres" ""
|
||||
local -r db_name="${1:?missing database}"
|
||||
echo "CREATE DATABASE \"$db_name\"" | postgresql_execute "" "postgres" ""
|
||||
}
|
||||
|
||||
########################
|
||||
@@ -650,7 +703,8 @@ postgresql_initialize() {
|
||||
if [[ "$POSTGRESQL_REPLICATION_MODE" = "master" ]]; then
|
||||
postgresql_master_init_db
|
||||
postgresql_start_bg "false"
|
||||
[[ -n "${POSTGRESQL_DATABASE}" ]] && [[ "$POSTGRESQL_DATABASE" != "postgres" ]] && postgresql_create_custom_database
|
||||
[[ -n "$POSTGRESQL_DATABASE" ]] && [[ "$POSTGRESQL_DATABASE" != "postgres" ]] && postgresql_create_custom_database "$POSTGRESQL_DATABASE"
|
||||
is_boolean_yes "$POSTGRESQL_SR_CHECK" && [[ "$POSTGRESQL_SR_CHECK_DATABASE" != "postgres" ]] && postgresql_create_custom_database "$POSTGRESQL_SR_CHECK_DATABASE"
|
||||
if [[ "$POSTGRESQL_USERNAME" = "postgres" ]]; then
|
||||
postgresql_alter_postgres_user "$POSTGRESQL_PASSWORD"
|
||||
else
|
||||
@@ -660,16 +714,17 @@ postgresql_initialize() {
|
||||
postgresql_create_admin_user
|
||||
fi
|
||||
is_boolean_yes "$create_pghba_file" && postgresql_restrict_pghba
|
||||
is_boolean_yes "$POSTGRESQL_SR_CHECK" && postgresql_create_sr_check_user
|
||||
[[ -n "$POSTGRESQL_REPLICATION_USER" ]] && ! $skip_replication && postgresql_create_replication_user
|
||||
is_boolean_yes "$create_conf_file" && ! $skip_replication && postgresql_configure_replication_parameters
|
||||
is_boolean_yes "$create_pghba_file" && ! $skip_replication && postgresql_configure_synchronous_replication
|
||||
is_boolean_yes "$create_pghba_file" && ! $skip_replication && postgresql_configure_synchronous_replication
|
||||
is_boolean_yes "$create_conf_file" && postgresql_configure_fsync
|
||||
is_boolean_yes "$create_conf_file" && is_boolean_yes "$POSTGRESQL_ENABLE_TLS" && postgresql_configure_tls
|
||||
[[ -n "$POSTGRESQL_REPLICATION_USER" ]] && is_boolean_yes "$create_pghba_file" && ! $skip_replication && postgresql_add_replication_to_pghba
|
||||
else
|
||||
postgresql_slave_init_db
|
||||
is_boolean_yes "$create_pghba_file" && postgresql_restrict_pghba
|
||||
is_boolean_yes "$create_conf_file" && ! $skip_replication && postgresql_configure_replication_parameters
|
||||
is_boolean_yes "$create_conf_file" && ! $skip_replication && postgresql_configure_replication_parameters
|
||||
is_boolean_yes "$create_conf_file" && postgresql_configure_fsync
|
||||
is_boolean_yes "$create_conf_file" && is_boolean_yes "$POSTGRESQL_ENABLE_TLS" && postgresql_configure_tls
|
||||
! $skip_replication && postgresql_configure_recovery
|
||||
@@ -677,6 +732,8 @@ postgresql_initialize() {
|
||||
fi
|
||||
# TLS Modifications on pghba need to be performed after properly configuring postgresql.conf file
|
||||
is_boolean_yes "$create_pghba_file" && is_boolean_yes "$POSTGRESQL_ENABLE_TLS" && [[ -n $POSTGRESQL_TLS_CA_FILE ]] && postgresql_tls_auth_configuration
|
||||
# Allow access from sr_check user
|
||||
is_boolean_yes "$create_pghba_file" && is_boolean_yes "$POSTGRESQL_SR_CHECK" && postgresql_add_sr_check_user_to_pghba
|
||||
|
||||
is_boolean_yes "$create_conf_file" && [[ -n "$POSTGRESQL_SHARED_PRELOAD_LIBRARIES" ]] && postgresql_set_property "shared_preload_libraries" "$POSTGRESQL_SHARED_PRELOAD_LIBRARIES"
|
||||
is_boolean_yes "$create_conf_file" && postgresql_configure_logging
|
||||
|
||||
@@ -45,6 +45,9 @@ postgresql_env_vars=(
|
||||
POSTGRESQL_REPLICATION_USER
|
||||
POSTGRESQL_REPLICATION_USE_PASSFILE
|
||||
POSTGRESQL_REPLICATION_PASSFILE_PATH
|
||||
POSTGRESQL_SR_CHECK
|
||||
POSTGRESQL_SR_CHECK_USERNAME
|
||||
POSTGRESQL_SR_CHECK_DATABASE
|
||||
POSTGRESQL_SYNCHRONOUS_COMMIT_MODE
|
||||
POSTGRESQL_FSYNC
|
||||
POSTGRESQL_USERNAME
|
||||
@@ -65,6 +68,7 @@ postgresql_env_vars=(
|
||||
POSTGRESQL_PASSWORD
|
||||
POSTGRESQL_POSTGRES_PASSWORD
|
||||
POSTGRESQL_REPLICATION_PASSWORD
|
||||
POSTGRESQL_SR_CHECK_PASSWORD
|
||||
POSTGRESQL_INITSCRIPTS_PASSWORD
|
||||
POSTGRESQL_ENABLE_TLS
|
||||
POSTGRESQL_TLS_CERT_FILE
|
||||
@@ -116,6 +120,9 @@ postgresql_env_vars=(
|
||||
POSTGRES_ALLOW_REMOTE_CONNECTIONS
|
||||
POSTGRES_REPLICATION_MODE
|
||||
POSTGRES_REPLICATION_USER
|
||||
POSTGRES_SR_CHECK
|
||||
POSTGRES_SR_CHECK_USER
|
||||
POSTGRES_SR_CHECK_DATABASE
|
||||
POSTGRES_SYNCHRONOUS_COMMIT_MODE
|
||||
POSTGRES_FSYNC
|
||||
POSTGRES_USERNAME
|
||||
@@ -138,6 +145,7 @@ postgresql_env_vars=(
|
||||
POSTGRES_PASSWORD
|
||||
POSTGRES_POSTGRES_PASSWORD
|
||||
POSTGRES_REPLICATION_PASSWORD
|
||||
POSTGRES_SR_CHECK_PASSWORD
|
||||
POSTGRES_INITSCRIPTS_PASSWORD
|
||||
POSTGRES_ENABLE_TLS
|
||||
POSTGRES_TLS_CERT_FILE
|
||||
@@ -237,6 +245,12 @@ POSTGRESQL_REPLICATION_USER="${POSTGRESQL_REPLICATION_USER:-"${POSTGRES_REPLICAT
|
||||
export POSTGRESQL_REPLICATION_USER="${POSTGRESQL_REPLICATION_USER:-}"
|
||||
export POSTGRESQL_REPLICATION_USE_PASSFILE="${POSTGRESQL_REPLICATION_USE_PASSFILE:-no}"
|
||||
export POSTGRESQL_REPLICATION_PASSFILE_PATH="${POSTGRESQL_REPLICATION_PASSFILE_PATH:-${POSTGRESQL_CONF_DIR}/.pgpass}"
|
||||
POSTGRESQL_SR_CHECK="${POSTGRESQL_SR_CHECK:-"${POSTGRES_SR_CHECK:-}"}"
|
||||
export POSTGRESQL_SR_CHECK="${POSTGRESQL_SR_CHECK:-no}"
|
||||
POSTGRESQL_SR_CHECK_USERNAME="${POSTGRESQL_SR_CHECK_USERNAME:-"${POSTGRES_SR_CHECK_USER:-}"}"
|
||||
export POSTGRESQL_SR_CHECK_USERNAME="${POSTGRESQL_SR_CHECK_USERNAME:-sr_check_user}"
|
||||
POSTGRESQL_SR_CHECK_DATABASE="${POSTGRESQL_SR_CHECK_DATABASE:-"${POSTGRES_SR_CHECK_DATABASE:-}"}"
|
||||
export POSTGRESQL_SR_CHECK_DATABASE="${POSTGRESQL_SR_CHECK_DATABASE:-postgres}"
|
||||
POSTGRESQL_SYNCHRONOUS_COMMIT_MODE="${POSTGRESQL_SYNCHRONOUS_COMMIT_MODE:-"${POSTGRES_SYNCHRONOUS_COMMIT_MODE:-}"}"
|
||||
export POSTGRESQL_SYNCHRONOUS_COMMIT_MODE="${POSTGRESQL_SYNCHRONOUS_COMMIT_MODE:-on}"
|
||||
POSTGRESQL_FSYNC="${POSTGRESQL_FSYNC:-"${POSTGRES_FSYNC:-}"}"
|
||||
@@ -279,6 +293,8 @@ POSTGRESQL_POSTGRES_PASSWORD="${POSTGRESQL_POSTGRES_PASSWORD:-"${POSTGRES_POSTGR
|
||||
export POSTGRESQL_POSTGRES_PASSWORD="${POSTGRESQL_POSTGRES_PASSWORD:-}"
|
||||
POSTGRESQL_REPLICATION_PASSWORD="${POSTGRESQL_REPLICATION_PASSWORD:-"${POSTGRES_REPLICATION_PASSWORD:-}"}"
|
||||
export POSTGRESQL_REPLICATION_PASSWORD="${POSTGRESQL_REPLICATION_PASSWORD:-}"
|
||||
POSTGRESQL_SR_CHECK_PASSWORD="${POSTGRESQL_SR_CHECK_PASSWORD:-"${POSTGRES_SR_CHECK_PASSWORD:-}"}"
|
||||
export POSTGRESQL_SR_CHECK_PASSWORD="${POSTGRESQL_SR_CHECK_PASSWORD:-}"
|
||||
POSTGRESQL_INITSCRIPTS_PASSWORD="${POSTGRESQL_INITSCRIPTS_PASSWORD:-"${POSTGRES_INITSCRIPTS_PASSWORD:-}"}"
|
||||
export POSTGRESQL_INITSCRIPTS_PASSWORD="${POSTGRESQL_INITSCRIPTS_PASSWORD:-$POSTGRESQL_PASSWORD}"
|
||||
POSTGRESQL_ENABLE_TLS="${POSTGRESQL_ENABLE_TLS:-"${POSTGRES_ENABLE_TLS:-}"}"
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
rolling-tags:
|
||||
- "14"
|
||||
- 14-debian-12
|
||||
- 14.17.0
|
||||
- 14.18.0
|
||||
|
||||
@@ -195,6 +195,9 @@ docker-compose up -d
|
||||
| `POSTGRESQL_REPLICATION_USER` | PostgreSQL replication user | `nil` |
|
||||
| `POSTGRESQL_REPLICATION_USE_PASSFILE` | Use PGPASSFILE instead of PGPASSWORD | `no` |
|
||||
| `POSTGRESQL_REPLICATION_PASSFILE_PATH` | Path to store passfile | `${POSTGRESQL_CONF_DIR}/.pgpass` |
|
||||
| `POSTGRESQL_SR_CHECK` | Create user on PostgreSQL for Stream Replication Check | `no` |
|
||||
| `POSTGRESQL_SR_CHECK_USERNAME` | Stream Replication Check user | `sr_check_user` |
|
||||
| `POSTGRESQL_SR_CHECK_DATABASE` | Stream Replication Check database | `postgres` |
|
||||
| `POSTGRESQL_SYNCHRONOUS_COMMIT_MODE` | Enable synchronous replication in slaves (number defined by POSTGRESQL_NUM_SYNCHRONOUS_REPLICAS) | `on` |
|
||||
| `POSTGRESQL_FSYNC` | Enable fsync in write ahead logs | `on` |
|
||||
| `POSTGRESQL_USERNAME` | PostgreSQL default username | `postgres` |
|
||||
@@ -215,6 +218,7 @@ docker-compose up -d
|
||||
| `POSTGRESQL_PASSWORD` | Password for the PostgreSQL created user | `nil` |
|
||||
| `POSTGRESQL_POSTGRES_PASSWORD` | Password for the PostgreSQL postgres user | `nil` |
|
||||
| `POSTGRESQL_REPLICATION_PASSWORD` | Password for the PostgreSQL replication user | `nil` |
|
||||
| `POSTGRESQL_SR_CHECK_PASSWORD` | Password for the Stream Replication Check user | `nil` |
|
||||
| `POSTGRESQL_INITSCRIPTS_PASSWORD` | Password for the PostgreSQL init scripts user | `$POSTGRESQL_PASSWORD` |
|
||||
| `POSTGRESQL_ENABLE_TLS` | Whether to enable TLS for traffic or not | `no` |
|
||||
| `POSTGRESQL_TLS_CERT_FILE` | File containing the certificate for the TLS traffic | `nil` |
|
||||
|
||||
Reference in New Issue
Block a user