From 5f6024062f20c274d3002e7bcc9fc862edb73aa3 Mon Sep 17 00:00:00 2001 From: Sameer Naik Date: Thu, 26 Nov 2015 20:41:47 +0530 Subject: [PATCH] defined `/etc/postgresql/certs` as the mountpoint to install SSL key and certificate --- Changelog.md | 1 + Dockerfile | 3 ++- entrypoint.sh | 10 ++++++++++ 3 files changed, 13 insertions(+), 1 deletion(-) diff --git a/Changelog.md b/Changelog.md index cd36e8b..79f7a18 100644 --- a/Changelog.md +++ b/Changelog.md @@ -5,6 +5,7 @@ - `PSQL_TRUST_LOCALNET` config parameter renamed to `PG_TRUST_LOCALNET` - `PSQL_MODE` config parameter renamed to `REPLICATION_MODE` - `PSQL_SSLMODE` config parameter renamed to `REPLICATION_SSLMODE` +- defined `/etc/postgresql/certs` as the mountpoint to install SSL key and certificate **9.4-2** - added replication options diff --git a/Dockerfile b/Dockerfile index ac0cf45..bed4a4d 100644 --- a/Dockerfile +++ b/Dockerfile @@ -5,7 +5,8 @@ ENV PG_VERSION=9.4 \ PG_USER=postgres \ PG_HOME=/var/lib/postgresql \ PG_RUNDIR=/run/postgresql \ - PG_LOGDIR=/var/log/postgresql + PG_LOGDIR=/var/log/postgresql \ + PG_CERTDIR=/etc/postgresql/certs ENV PG_BINDIR=/usr/lib/postgresql/${PG_VERSION}/bin \ PG_DATADIR=${PG_HOME}/${PG_VERSION}/main diff --git a/entrypoint.sh b/entrypoint.sh index 10e9277..2172a4e 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -59,6 +59,15 @@ create_datadir() { chown -R ${PG_USER}:${PG_USER} ${PG_HOME} } +create_certdir() { + echo "Initializing certdir..." + mkdir -p ${PG_CERTDIR} + [[ -f ${PG_CERTDIR}/server.crt ]] && chmod 0644 ${PG_CERTDIR}/server.crt + [[ -f ${PG_CERTDIR}/server.key ]] && chmod 0640 ${PG_CERTDIR}/server.key + chmod 0755 ${PG_CERTDIR} + chown -R root:${PG_USER} ${PG_CERTDIR} +} + create_logdir() { echo "Initializing logdir..." mkdir -p ${PG_LOGDIR} @@ -327,6 +336,7 @@ if [[ -z ${1} ]]; then locale_gen create_datadir + create_certdir create_logdir create_rundir