release 9.1-1

Refer #5

.dockerignore

@@ -0,0 +1,4 @@
+.git
+VERSION
+README.md
+Changelog.md

Changelog.md

@@ -0,0 +1,11 @@
+# Changelog
+
+**9.1-1**
+- upgrade to sameersbn/ubuntu:20141001, fixes shellshock
+- support creation of users and databases at launch (`docker run`)
+- mount volume at `/var/run/postgresql` allowing the postgresql unix socket to be exposed
+
+**9.1**
+- optimized image size by removing `/var/lib/apt/lists/*`.
+- update to the sameersbn/ubuntu:12.04.20140818 baseimage
+- removed use of supervisord

Dockerfile

@@ -1,14 +1,17 @@
-FROM sameersbn/ubuntu:12.04.20140818
+FROM sameersbn/ubuntu:12.04.20141001
 MAINTAINER sameer@damagehead.com
 
-RUN apt-get update && \
-    apt-get install -y --no-install-recommends postgresql postgresql-client && \
-    rm -rf /var/lib/postgresql &&  \
-    rm -rf /var/lib/apt/lists/* # 20140818
+RUN apt-get update \
+ && apt-get install -y postgresql postgresql-client pwgen \
+ && rm -rf /var/lib/postgresql \
+ && rm -rf /var/lib/apt/lists/* # 20141001
 
 ADD start /start
 RUN chmod 755 /start
 
 EXPOSE 5432
+
 VOLUME ["/var/lib/postgresql"]
+VOLUME ["/run/postgresql"]
+
 CMD ["/start"]

Makefile

@@ -0,0 +1,4 @@
+all: build
+
+build:
+	@docker build --tag=${USER}/postgresql .

README.md

@@ -1,16 +1,49 @@
 # Table of Contents
+
 - [Introduction](#introduction)
+- [Changelog](Changelog.md)
+- [Reporting Issues](#reporting-issues)
 - [Installation](#installation)
 - [Quick Start](#quick-start)
+- [Creating User and Database at Launch](creating-user-and-database-at-launch)
 - [Configuration](#configuration)
     - [Data Store](#data-store)
     - [Securing the server](#securing-the-server)
+- [Shell Access](#shell-access)
 - [Upgrading](#upgrading)
-- [Issues](#issues)
 
 # Introduction
+
 Dockerfile to build a PostgreSQL container image which can be linked to other containers.
 
+# Reporting Issues
+
+Docker is a relatively new project and is active being developed and tested by a thriving community of developers and testers and every release of docker features many enhancements and bugfixes.
+
+Given the nature of the development and release cycle it is very important that you have the latest version of docker installed because any issue that you encounter might have already been fixed with a newer docker release.
+
+For ubuntu users I suggest [installing docker](https://docs.docker.com/installation/ubuntulinux/) using docker's own package repository since the version of docker packaged in the ubuntu repositories are a little dated.
+
+Here is the shortform of the installation of an updated version of docker on ubuntu.
+
+```bash
+sudo apt-get purge docker.io
+curl -s https://get.docker.io/ubuntu/ | sudo sh
+sudo apt-get update
+sudo apt-get install lxc-docker
+```
+
+Fedora and RHEL/CentOS users should try disabling selinux with `setenforce 0` and check if resolves the issue. If it does than there is not much that I can help you with. You can either stick with selinux disabled (not recommended by redhat) or switch to using ubuntu.
+
+If using the latest docker version and/or disabling selinux does not fix the issue then please file a issue request on the [issues](https://github.com/sameersbn/docker-postgresql/issues) page.
+
+In your issue report please make sure you provide the following information:
+
+- The host ditribution and release version.
+- Output of the `docker version` command
+- Output of the `docker info` command
+- The `docker run` command you used to run the image (mask out the sensitive bits).
+
 # Installation
 
 Pull the latest version of the image from the docker index. This is the recommended method of installation as it is easier to update image in the future. These builds are performed by the **Docker Trusted Build** service.
@@ -28,19 +61,28 @@ docker build -t="$USER/postgresql" .
 ```
 
 # Quick Start
+
 Run the postgresql image
 
 ```bash
 docker run --name postgresql -d sameersbn/postgresql:latest
 ```
 
-By default remote logins are permitted to the postgresql server and a random password is assigned for the postgres user. The password set for the postgres user can be retrieved from the container logs.
+The simplest way to login to the postgresql container as the administrative `postgres` user is to use the `--volumes-from` docker option to connect to the postgresql server over the unix socket.
+
+```bash
+docker run -it --rm --volumes-from=postgresql \
+  sameersbn/postgresql sudo -u postgres -H psql
+```
+
+Alternately you can fetch the password set for the `postgres` user from the container logs.
 
 ```bash
 docker logs postgresql
 ```
 
 In the output you will notice the following lines with the password:
+
 ```bash
 |------------------------------------------------------------------|
 | PostgreSQL User: postgres, Password: xxxxxxxxxxxxxx              |
@@ -57,13 +99,57 @@ To test if the postgresql server is working properly, try connecting to the serv
 psql -U postgres -h $(docker inspect --format {{.NetworkSettings.IPAddress}} postgresql)
 ```
 
+# Creating User and Database at Launch
+
+The image allows you to create a user and database at launch time.
+
+To create a new user you should specify the `DB_USER` and `DB_PASS` variables. The following command will create a new user *dbuser* with the password *dbpass*.
+
+```bash
+docker run --name postgresql -d \
+  -e 'DB_USER=dbuser' -e 'DB_PASS=dbpass' \
+  sameersbn/postgresql:latest
+```
+
+**NOTE**
+- If the password is not specified the user will not be created
+- If the user user already exists no changes will be made
+
+Similarly, you can also create a new database by specifying the database name in the `DB_NAME` variable.
+
+```bash
+docker run --name postgresql -d \
+  -e 'DB_NAME=dbname' sameersbn/postgresql:latest
+```
+
+If the `DB_USER` and `DB_PASS` variables are also specified while creating the database, then the user is granted access to the database.
+
+For example,
+
+```bash
+docker run --name postgresql -d \
+  -e 'DB_USER=dbuser' -e 'DB_PASS=dbpass' -e 'DB_NAME=dbname' \
+  sameersbn/postgresql:latest
+```
+
+, will create a user *dbuser* with the password *dbpass*. It will also create a database named *dbname* and the *dbuser* user will have full access to the *dbname* database.
+
 # Configuration
 
 ## Data Store
-For data persistence a volume should be mounted at /var/lib/postgresql.
+
+For data persistence a volume should be mounted at `/var/lib/postgresql`.
+
+SELinux users are also required to change the security context of the mount point so that it plays nicely with selinux.
+
+```bash
+mkdir -p /opt/postgresql/data
+sudo chcon -Rt svirt_sandbox_file_t /opt/postgresql/data
+```
+
+The updated run command looks like this.
 
 ```bash
-mkdir /opt/postgresql/data
 docker run --name postgresql -d \
   -v /opt/postgresql/data:/var/lib/postgresql sameersbn/postgresql:latest
 ```
@@ -71,9 +157,10 @@ docker run --name postgresql -d \
 This will make sure that the data stored in the database is not lost when the image is stopped and started again.
 
 ## Securing the server
-By default a randomly generated password is assigned for the postgres user. The password is stored in a file named pwpass in the data store and is printed in the logs.
 
-If you dont want this password to be displayed in the logs, then please note down the password listed in /opt/postgresql/data/pwpass and then delete the file.
+By default a randomly generated password is assigned for the postgres user. The password is stored in a file named `pwpass` in the data store and is printed in the logs.
+
+If you dont want this password to be displayed in the logs, then please note down the password listed in `/opt/postgresql/data/pwpass` and then delete the file.
 
 ```bash
 cat /opt/postgresql/data/pwfile
@@ -87,6 +174,28 @@ psql -U postgres -h $(docker inspect --format {{.NetworkSettings.IPAddress}} pos
 \password postgres
 ```
 
+# Shell Access
+
+For debugging and maintenance purposes you may want access the container shell. Since the container does not allow interactive login over the SSH protocol, you can use the [nsenter](http://man7.org/linux/man-pages/man1/nsenter.1.html) linux tool (part of the util-linux package) to access the container shell.
+
+Some linux distros (e.g. ubuntu) use older versions of the util-linux which do not include the `nsenter` tool. To get around this @jpetazzo has created a nice docker image that allows you to install the `nsenter` utility and a helper script named `docker-enter` on these distros.
+
+To install the nsenter tool on your host execute the following command.
+
+```bash
+docker run --rm -v /usr/local/bin:/target jpetazzo/nsenter
+```
+
+Now you can access the container shell using the command
+
+```bash
+sudo docker-enter postgresql
+```
+
+For more information refer https://github.com/jpetazzo/nsenter
+
+Another tool named `nsinit` can also be used for the same purpose. Please refer https://jpetazzo.github.io/2014/03/23/lxc-attach-nsinit-nsenter-docker-0-9/ for more information.
+
 # Upgrading
 
 To upgrade to newer releases, simply follow this 3 step upgrade procedure.
@@ -108,6 +217,3 @@ docker pull sameersbn/postgresql:latest
 ```bash
 docker run --name postgresql -d [OPTIONS] sameersbn/postgresql:latest
 ```
-
-# Issues
-Please report issues [here](https://github.com/sameersbn/docker-postgresql/issues)

start

@@ -6,9 +6,18 @@ PG_CONFDIR="/etc/postgresql/${PG_VERSION}/main"
 PG_BINDIR="/usr/lib/postgresql/${PG_VERSION}/bin"
 PG_DATADIR="/var/lib/postgresql/${PG_VERSION}/main"
 
+DB_NAME=${DB_NAME:-}
+DB_USER=${DB_USER:-}
+DB_PASS=${DB_PASS:-}
+
 # fix permissions and ownership of /var/lib/postgresql
+mkdir -p -m 0700 /var/lib/postgresql
 chown -R postgres:postgres /var/lib/postgresql
-chmod 700 /var/lib/postgresql
+
+# fix permissions and ownership of /run/postgresql
+mkdir -p -m 0755 /run/postgresql
+chown -R postgres:postgres /run/postgresql
+chmod g+s /run/postgresql
 
 # disable ssl
 sed 's/ssl = true/#ssl = true/' -i ${PG_CONFDIR}/postgresql.conf
@@ -44,6 +53,35 @@ if [ -f /var/lib/postgresql/pwfile ]; then
   echo "|------------------------------------------------------------------|"
 fi
 
+if [ -n "${DB_USER}" ]; then
+  if [ -z "${DB_PASS}" ]; then
+    echo ""
+    echo "WARNING: "
+    echo "  Please specify a password for \"${DB_USER}\". Skipping user creation..."
+    echo ""
+    DB_USER=
+  else
+    echo "Creating user \"${DB_USER}\"..."
+    echo "CREATE ROLE ${DB_USER} with LOGIN CREATEDB PASSWORD '${DB_PASS}';" |
+      sudo -u postgres -H ${PG_BINDIR}/postgres --single \
+        -D ${PG_DATADIR} -c config_file=${PG_CONFDIR}/postgresql.conf >/dev/null 2>&1
+  fi
+fi
+
+if [ -n "${DB_NAME}" ]; then
+  echo "Creating database \"${DB_NAME}\"..."
+  echo "CREATE DATABASE ${DB_NAME};" | \
+    sudo -u postgres -H ${PG_BINDIR}/postgres --single \
+      -D ${PG_DATADIR} -c config_file=${PG_CONFDIR}/postgresql.conf >/dev/null 2>&1
+
+  if [ -n "${DB_USER}" ]; then
+    echo "Granting access to database \"${DB_NAME}\" for user \"${DB_USER}\"..."
+    echo "GRANT ALL PRIVILEGES ON DATABASE ${DB_NAME} to ${DB_USER};" |
+      sudo -u postgres -H ${PG_BINDIR}/postgres --single \
+        -D ${PG_DATADIR} -c config_file=${PG_CONFDIR}/postgresql.conf >/dev/null 2>&1
+  fi
+fi
+
 echo "Starting PostgreSQL server..."
 exec sudo -u postgres -H ${PG_BINDIR}/postgres \
   -D ${PG_DATADIR} -c config_file=${PG_CONFDIR}/postgresql.conf