postgres/Dockerfile at main · flanksource/postgres · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
# PostgreSQL Docker Image with pgconfig CLI
# Multi-version PostgreSQL (14-17) with auto-upgrade and tuning capabilities
# Supports both AMD64 and ARM64 architectures

# Build stage for pgconfig binary
FROM golang:1.25-bookworm AS pgconfig-builder

# Build arguments for version information
ARG VERSION=dev
ARG GIT_COMMIT=unknown
ARG BUILD_DATE=unknown

# Copy source code
WORKDIR /src/postgres
COPY go.mod go.sum ./
RUN go mod download

COPY . .
# Build pgconfig binary with cache mounts and version info
RUN --mount=type=cache,target=/root/.cache/go-build \
    --mount=type=cache,target=/go/pkg/mod \
    CGO_ENABLED=0 GOOS=linux go build \
    -ldflags "-s -w \
      -X 'main.Version=${VERSION}' \
      -X 'main.GitCommit=${GIT_COMMIT}' \
      -X 'main.BuildDate=$(date)'" \
    -o postgres-cli ./cmd

# Main stage
FROM debian:bookworm-slim

# Get architecture information
ARG TARGETARCH
ARG TARGETOS
ENV TARGETARCH=${TARGETARCH}
ENV TARGETOS=${TARGETOS}

# Default PostgreSQL version (can be 14, 15, 16, or 17)
ARG PG_VERSION=17
ENV PG_VERSION=${PG_VERSION}

# Labels
LABEL maintainer="flanksource"
LABEL description="PostgreSQL with postgres-cli for auto-upgrades and tuning"
LABEL architecture="multi-arch"

# Add PostgreSQL repository and configure locales
RUN set -eux; \
    apt-get update && \
    apt-get install -y --no-install-recommends \
        ca-certificates \
        wget \
        gnupg \
        lsb-release && \
    wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | gpg --dearmor -o /usr/share/keyrings/postgresql-archive-keyring.gpg && \
    echo "deb [signed-by=/usr/share/keyrings/postgresql-archive-keyring.gpg] http://apt.postgresql.org/pub/repos/apt $(lsb_release -cs)-pgdg main" > /etc/apt/sources.list.d/pgdg.list

# Install PostgreSQL versions 14-17 and essential tools
RUN apt-get update && \
    apt-get install -y --no-install-recommends \
        postgresql-14 \
        postgresql-15 \
        postgresql-16 \
        postgresql-17 \
        postgresql-client-14 \
        postgresql-client-15 \
        postgresql-client-16 \
        postgresql-client-17 \
        postgresql-contrib-14 \
        postgresql-contrib-15 \
        postgresql-contrib-16 \
        postgresql-contrib-17 \
        gosu \
        jq \
        curl \
        procps \
        xz-utils \
        zstd \
        tzdata \
        locales && \
    apt-get clean && \
    rm -rf /var/lib/apt/lists/* /var/cache/apt/archives/*

RUN ln -fs /usr/share/zoneinfo/Etc/UTC /etc/localtime && \
    dpkg-reconfigure --frontend noninteractive tzdata

RUN ln -sf /usr/lib/postgresql/share/postgresql/timezonesets /usr/share/postgresql/timezonesets
RUN localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8 \
    && localedef -i C -c -f UTF-8 -A /usr/share/locale/locale.alias C.UTF-8

RUN echo "C.UTF-8 UTF-8" > /etc/locale.gen && echo "en_US.UTF-8 UTF-8" >> /etc/locale.gen && locale-gen

ENV LANG=en_US.UTF-8
ENV LANGUAGE=en_US:en
ENV LC_ALL=en_US.UTF-8
ENV LOCALE_ARCHIVE=/usr/lib/locale/locale-archive
# Set environment variables for all PostgreSQL versions
ENV PG14BIN=/usr/lib/postgresql/14/bin
ENV PG15BIN=/usr/lib/postgresql/15/bin
ENV PG16BIN=/usr/lib/postgresql/16/bin
ENV PG17BIN=/usr/lib/postgresql/17/bin
ENV PG_VERSION=17

RUN curl -fsSL https://repo.pigsty.io/pig | bash && \
    dpkg -i /tmp/pig_0.6.1-1_${TARGETARCH}.deb && \
    /usr/bin/pig repo add pigsty  --update && \
    for ver in 14 15 16 17; do \
      /usr/bin/pig install -y --version $ver pgsodium pg_stat_statements pg_partman pg_jsonschema pg_hashids pg_tle pgjwt;  \
    done && \
    apt-get clean && \
    rm -rf /var/lib/apt/lists/* /var/cache/apt/archives/*

# Data directory
ENV PGDATA=/var/lib/postgresql/data

# PostgreSQL default configuration
ENV POSTGRES_DB=postgres
ENV POSTGRES_USER=postgres


ENV PGCONFIG_AUTO_UPGRADE=true
ENV PGCONFIG_AUTO_TUNE=true
ENV PG_TUNE=true


# Copy postgres-cli binary from builder stage
COPY --from=pgconfig-builder /src/postgres/postgres-cli /usr/local/bin/postgres-cli
RUN chmod +x /usr/local/bin/postgres-cli

# Ensure postgres user has UID 999 and GID 999 for consistency
RUN usermod -u 999 postgres && groupmod -g 999 postgres && \
    find / -user 100 -exec chown -h postgres {} + 2>/dev/null || true && \
    find / -group 102 -exec chgrp -h postgres {} + 2>/dev/null || true


# Create postgres user and directories
RUN set -eux; \
    # useradd -r -g postgres --uid=999 --home-dir=/var/lib/postgresql --shell=/bin/bash postgres; \
    mkdir -p /var/lib/postgresql ${PGDATA}  /docker-entrypoint-initdb.d /var/run/postgresql; \
    chown -R postgres:postgres /var/lib/postgresql /var/run/postgresql

# Make volumes for data and init scripts
VOLUME /var/lib/postgresql/data

COPY docker-entrypoint.sh /usr/local/bin/docker-entrypoint.sh
RUN chmod +x /usr/local/bin/docker-entrypoint.sh


# Expose PostgreSQL port
EXPOSE 5432

# Stop signal for graceful shutdown
STOPSIGNAL SIGINT

# Set working directory
WORKDIR /var/lib/postgresql

# Health check
HEALTHCHECK --interval=30s --timeout=30s --start-period=60s --retries=3 \
    CMD pg_isready -U postgres || exit 1

# Run as postgres user for security (can override with --user root if needed for permission fixes)
USER postgres

# Set entrypoint
ENTRYPOINT ["docker-entrypoint.sh"]