From b46014aeb83939639d76b9966ece5db7507aaf79 Mon Sep 17 00:00:00 2001 From: matthias Date: Thu, 12 Jun 2025 11:50:38 +0200 Subject: [PATCH 1/7] update go and public beta 18 --- Makefile | 8 +- docker/exporter/Dockerfile | 2 +- docker/pgbackrest-public-beta/Dockerfile | 314 +++++++++++++---------- 3 files changed, 182 insertions(+), 142 deletions(-) diff --git a/Makefile b/Makefile index 87796d5..7feeec1 100644 --- a/Makefile +++ b/Makefile @@ -1,17 +1,17 @@ # Define Default if Values not exist -BASE_IMAGE ?= rockylinux:9 +BASE_IMAGE ?= rockylinux/rockylinux:9 BASEOS ?= rocky9 CONTAINERIMAGE ?= rockylinux/rockylinux:9-ubi-micro IMAGE_REPOSITORY ?= docker.io IMAGE_PATH ?= cybertec-pg-container PGVERSION ?= 17 -PGVERSION_FULL ?= 17.4 +PGVERSION_FULL ?= 17.5 OLD_PG_VERSIONS ?= 13 14 15 16 PATRONI_VERSION ?= multisite-4.0.5.1 -PGBACKREST_VERSION ?= 2.55.0 +PGBACKREST_VERSION ?= 2.55.1 POSTGIS_VERSION ?= 35 -ETCD_VERSION ?= 3.5.21 +ETCD_VERSION ?= 3.6.1 PGBOUNCER_VERSION ?= 1.24 PACKAGER ?= dnf BUILD ?= 1 diff --git a/docker/exporter/Dockerfile b/docker/exporter/Dockerfile index de8cdbc..b643192 100644 --- a/docker/exporter/Dockerfile +++ b/docker/exporter/Dockerfile @@ -15,7 +15,7 @@ RUN ${PACKAGER} -y install --nodocs \ make \ && ${PACKAGER} -y clean all ; -RUN wget https://go.dev/dl/go1.23.6.linux-amd64.tar.gz && tar -xzf go1.23.6.linux-amd64.tar.gz && mv go /usr/local +RUN wget https://go.dev/dl/go1.24.4.linux-amd64.tar.gz && tar -xzf go1.24.4.linux-amd64.tar.gz && mv go /usr/local ENV PATH=$PATH:/usr/local/go/bin RUN git clone https://github.com/cybertec-postgresql/postgres_exporter.git && cd postgres_exporter && make build; diff --git a/docker/pgbackrest-public-beta/Dockerfile b/docker/pgbackrest-public-beta/Dockerfile index 669f8d4..1865539 100644 --- a/docker/pgbackrest-public-beta/Dockerfile +++ b/docker/pgbackrest-public-beta/Dockerfile @@ -1,163 +1,203 @@ ARG IMAGE_PATH ARG BUILD ARG BASEOS -ARG CONTAINERIMAGE +ARG PGVERSION -FROM ${IMAGE_PATH}/base:${BASEOS}-${BUILD} AS builder +FROM ${IMAGE_PATH}/base:${BASEOS}-${BUILD} as builder # Dockerfile specific informations ARG PACKAGER ARG PGBACKREST_VERSION +ARG PATRONI_VERSION ARG PGVERSION ARG OLD_PG_VERSIONS +ARG PG_SUPPORTED_VERSIONS="$PGVERSION" ARG PG_SUPPORTED_VERSIONS="$OLD_PG_VERSIONS $PGVERSION" +ARG ETCD_VERSION +ARG ARCH # Enable Beta-Repo RUN ${PACKAGER} config-manager --set-enabled pgdg${PGVERSION}-updates-testing \ - && ${PACKAGER} config-manager --set-enabled pgdg${PGVERSION}-source-updates-testing \ - && ${PACKAGER} -y update; + && ${PACKAGER} config-manager --set-enabled pgdg${PGVERSION}-source-updates-testing; + +# Spilo-specific +ENV PAM_OAUTH2=v1.0.1 \ + PG_PERMISSIONS=REL_1_3 -RUN ${PACKAGER} -y install --nodocs \ +# Get some Standard-Stuff +RUN ${PACKAGER} -y update && ${PACKAGER} -y install --nodocs --noplugins --setopt=install_weak_deps=0 \ --setopt=skip_missing_names_on_install=False \ - openssh-clients \ - openssh-server \ - bzip2 \ - lz4 \ - zstd \ - libicu \ - dumb-init \ - jq \ - pgbackrest-${PGBACKREST_VERSION} \ - && ${PACKAGER} -y clean all ; - -# Install postgres-server -RUN ${PACKAGER} -y update \ - && for version in $PG_SUPPORTED_VERSIONS; do \ - ${PACKAGER} -y install --nodocs postgresql${version}-server; \ + openssh-clients \ + openssh-server \ + shadow-utils \ + tar \ + bzip2 \ + lz4 \ + python3 \ + python3-pip \ + python3-psycopg2 \ + git \ + patchutils \ + binutils \ + make \ + cmake \ + gcc \ + clang \ + pam-devel \ + wget \ + mlocate \ + git-clang-format \ + openssl-devel \ + ccache \ + redhat-rpm-config \ + krb5-devel \ + busybox \ + jq \ + rsync \ + dumb-init \ + libicu \ + pgbackrest-${PGBACKREST_VERSION} \ + cronie \ + libcurl-devel \ + && ${PACKAGER} -y clean all; + +# install etcdctl +RUN curl -L https://github.com/coreos/etcd/releases/download/v${ETCD_VERSION}/etcd-v${ETCD_VERSION}-linux-${ARCH}.tar.gz | tar xz -C /bin --strip=1 --wildcards --no-anchored --no-same-owner etcdctl etcd; + +ENV PATHBACKUP = $PATH + +RUN wget https://smarden.org/runit/runit-2.1.2.tar.gz -P /package/ +COPY cron_unprivileged.c /package/ + +RUN pip3 install 'PyYAML<6.0' setuptools pystache loader kazoo meld3 boto python-etcd psutil requests cdiff ydiff==1.4.2 --upgrade \ + && if [[ $PATRONI_VERSION == "multisite-"* ]]; then \ + git clone -b $PATRONI_VERSION https://github.com/cybertec-postgresql/patroni; \ + pip3 install ./patroni[kubernetes,etcd,etcd3]; \ + else \ + pip3 install patroni[kubernetes$EXTRAS]==$PATRONI_VERSION --upgrade; \ + fi \ + && mkdir /usr/lib/postgresql \ + # Install pam_oauth2.so + && git clone -b $PAM_OAUTH2 --recurse-submodules https://github.com/zalando-pg/pam-oauth2.git && make -C pam-oauth2 install \ + && git clone -b $PG_PERMISSIONS https://github.com/cybertec-postgresql/pg_permissions.git \ + && git clone https://github.com/dimitri/pgextwlist.git \ + && git clone https://github.com/crunchydata/pgnodemx \ +\ + && ${PACKAGER} -y install --nodocs --noplugins --setopt=install_weak_deps=0 postgresql${PGVERSION} libevent-devel brotli-devel libbrotli \ + && ${PACKAGER} -y clean all \ +\ + # forbid creation of a main cluster when package is installed + #&& sed -ri 's/#(create_main_cluster) .*$/\1 = false/' /etc/postgresql-common/createcluster.conf \ +\ +# Install PostgreSQL + && for version in $PG_SUPPORTED_VERSIONS; do \ + ${PACKAGER} -y update && \ + ${PACKAGER} -y install postgresql${version}-pltcl \ + pgaudit*${version} \ + credcheck_*${version} \ + # Install PostgreSQL binaries, contrib, plproxy and multiple pl's + && ${PACKAGER} -y install -y postgresql${version}-contrib \ + postgresql${version}-plpython3 postgresql${version}-devel \ + pg_cron_${version} pgvector_${version} set_user_${version} \ + # Modify for using origial-spilo scripts + && ln -s /usr/pgsql-${version} /usr/lib/postgresql/${version} \ + && export PATH=$PATHBACKUP:/usr/pgsql-${version}/bin \ + # Install TimescaleDB + && ${PACKAGER} -y install timescaledb_${version} \ + && cd / \ + && for n in pg_permissions $EXTRA_EXTENSIONS; do \ + make -C $n USE_PGXS=1 clean install-strip; \ + done \ + && cd /pgextwlist && make clean && make && make install \ + && cd /pgnodemx && make USE_PGXS=1 clean && make USE_PGXS=1 && make USE_PGXS=1 install; \ done \ - && ${PACKAGER} -y clean all; - -# Remove default pgbackrest-config -RUN rm /etc/pgbackrest.conf -RUN rm -rf /var/spool/pgbackrest - -# Add kubectl -RUN curl -LO https://dl.k8s.io/release/v1.30.0/bin/linux/amd64/kubectl && chmod +x kubectl - -RUN mkdir -p /tmp/pgsql && cp -r /usr/pgsql* /tmp/pgsql -RUN mkdir -p /tmp/pg && cp -r /usr/bin/pg* /tmp/pg -RUN mkdir -p /tmp/lz4 && cp -r /usr/bin/lz4* /tmp/lz4 -RUN mkdir -p /tmp/zstd && cp -r /usr/bin/zstd* /tmp/zstd - - -FROM ${CONTAINERIMAGE} as micro - -ARG PGVERSION - -COPY --from=builder /usr/bin/dumb-init /usr/bin/dumb-init -COPY --from=builder /etc/passwd /etc/passwd -COPY --from=builder /etc/group /etc/group -COPY --from=builder /usr/lib64 /usr/lib64 -# SSH-client -COPY --from=builder /etc/ssh /etc/ssh -COPY --from=builder /usr/bin/ssh /usr/bin/ssh -COPY --from=builder /usr/libexec/openssh /usr/libexec/openssh -# pgBackRest -COPY --from=builder /usr/bin/pgbackrest /usr/bin/pgbackrest -COPY --from=builder /usr/share/licenses/pgbackrest/LICENSE /usr/share/licenses/pgbackrest/LICENSE -COPY --from=builder /var/lib/pgbackrest /var/lib/pgbackrest -COPY --from=builder /var/log/pgbackrest /var/log/pgbackrest -# Postgres -COPY --from=builder /tmp/pgsql/ /usr/ -COPY --from=builder /var/lib/pgsql /var/lib/pgsql -COPY --from=builder /tmp/pg /usr/bin/ - -COPY --from=builder ./kubectl /usr/local/bin/ -# lz4 -COPY --from=builder /tmp/lz4 /usr/bin/ -# zstd -COPY --from=builder /tmp/zstd /usr/bin/ -# Others -COPY --from=builder /usr/bin/sed /usr/bin/sed -COPY --from=builder /usr/bin/jq /usr/bin/jq -COPY --from=builder /usr/bin/watch /usr/bin/watch -COPY --from=builder /usr/share/locale /usr/share/locale -COPY --from=builder /usr/lib /usr/lib -COPY --from=builder /usr/lib64 /usr/lib64 -# CA -COPY --from=builder /usr/bin/ca-legacy /usr/bin/ca-legacy -COPY --from=builder /usr/bin/update-ca-trust /usr/bin/update-ca-trust -# grep -COPY --from=builder /etc/profile.d /etc/profile.d -COPY --from=builder /usr/bin/grep /usr/bin/grep -COPY --from=builder /usr/libexec /usr/libexec -# COPY --from=builder /usr/bin/update-ca-trust /usr/bin/update-ca-trust -# COPY --from=builder /usr/bin/update-ca-trust /usr/bin/update-ca-trust - -# p11-kit -COPY --from=builder /etc/pkcs11 /etc/pkcs11 -COPY --from=builder /usr/libexec/p11-kit /usr/libexec/p11-kit -COPY --from=builder /usr/share/bash-completion/completions /usr/share/bash-completion/completions -COPY --from=builder /usr/share/p11-kit /usr/share/p11-kit -COPY --from=builder /usr/share/polkit-1 /usr/share/polkit-1 - -COPY --from=builder /usr/bin/p11-kit /usr/bin/p11-kit -COPY --from=builder /etc/pki /etc/pki -COPY --from=builder /usr/share/pki /usr/share/pki -COPY --from=builder /etc/ssl /etc/ssl -COPY --from=builder /etc/pkcs11 /etc/pkcs11 - -# p11-kit-trust -COPY --from=builder /usr/bin/trust /usr/bin/ - -# libraries -COPY --from=builder /usr/bin/nss_wrapper.pl /usr/bin/nss_wrapper.pl -# COPY --from=builder /usr/lib64/libnss_wrapper.so /usr/lib64/libnss_wrapper.so -COPY --from=builder /usr/share/man/man1 /usr/share/man/man1 -COPY --from=builder /usr/bin/envsubst /usr/bin/envsubst - -RUN /usr/bin/update-ca-trust extract - -# add postgres user and group -#RUN groupadd postgres -g 26 && useradd postgres -u 26 -g 26 - -# Prepare all needed stuff -Run mkdir -p /opt/pgbackrest /backrestrepo /home/postgres /home/postgres/pgdata/pgbackrest/log - -# add pgbackrest-restore files -ADD scripts/pgbackrest/ /opt/pgbackrest/bin/ - -# add pgbackrest-common files -ADD /scripts/nss_wrapper /scripts/nss_wrapper + && ${PACKAGER} -y install --nodocs --noplugins --setopt=install_weak_deps=0 glibc-static \ + && ${PACKAGER} -y clean all; + RUN gcc -s -shared -fPIC -o /usr/local/lib/cron_unprivileged.so /package/cron_unprivileged.c + + RUN cd /package && tar -xvzf runit-2.1.2.tar.gz && rm runit-2.1.2.tar.gz \ + && cd admin/runit-2.1.2 && package/install \ + && ln -s /usr/local/bin/runsvdir /usr/bin/runsvdir \ + && rm -rf /pg_permissions /pgextwlist /pg_stat_kcache /pgnodemx /timescaledb /pam-oauth2 \ + && rm /etc/pgbackrest.conf && rm -rf /var/spool/pgbackrest \ + && ${PACKAGER} -y remove $(rpm -qa "*devel*") python3-pip python3-wheel python3-dev python3-setuptools git patchutils flatpak glibc-static gcc glibc-devel \ + && ${PACKAGER} -y autoremove \ + && ${PACKAGER} -y clean dbcache \ + && ${PACKAGER} -y clean all; FROM scratch -COPY --from=micro / / ARG PGVERSION -# set user and group ownership -RUN chown -R postgres:postgres /opt/pgbackrest \ - /backrestrepo /home/postgres/pgdata/pgbackrest /home/postgres/pgdata - -RUN mkdir -p /etc/pgbackrest \ - && chown -R postgres:postgres /etc/pgbackrest - -RUN chmod -R g=u /etc/pgbackrest \ - && rm -f /run/nologin - -RUN mkdir /.ssh && chown postgres:postgres /.ssh && chmod o+rwx /.ssh - -# set user and group ownership -RUN chown -R postgres:postgres /opt/pgbackrest \ - /backrestrepo /home/postgres/pgdata - -#ENV PATH=$PATH:/usr/pgsql-$PGVERSION/bin -COPY launcher/pgbackrest/launch.sh / - -VOLUME ["sshd", "/home/postgres/pgdata", "/backrestrepo"] +COPY --from=builder / / + +EXPOSE 5432 8008 8080 +ENV LC_ALL=en_US.utf-8 \ + PATH=$PATH:/usr/pgsql-$PGVERSION/bin \ + PGHOME=/home/postgres \ + RW_DIR=/run \ + TIMESCALEDB=$TIMESCALEDB \ + DEMO=$DEMO + +ENV LOG_ENV_DIR=$RW_DIR/etc/log.d/env \ + PGROOT=$PGHOME/pgdata/pgroot + +ENV PGDATA=$PGROOT/data \ + PGLOG=$PGROOT/pg_log + +WORKDIR $PGHOME + +COPY motd /etc/ +#COPY runit /etc/service/ + +COPY runit /etc/runit/runsvdir/default/ +COPY pgq_ticker.ini $PGHOME/ +RUN rm -rf /etc/service && mkdir /home/postgres/pgdata && chown -R postgres:postgres /home/postgres/pgdata && chmod -R g=u /home/postgres/pgdata \ + && sed -i "s|/var/lib/pgsql.*|$PGHOME:/bin/bash|" /etc/passwd \ + && chown -R postgres:postgres $PGHOME $PGHOME/pgdata $RW_DIR \ + && rm -fr /var/spool/cron /var/tmp \ + && mkdir -p /var/spool \ + && ln -s $RW_DIR/cron /var/spool/cron \ + && ln -s $RW_DIR/tmp /var/tmp \ + && for d in /etc/runit/runsvdir/default/*; do \ + chmod 755 $d/* \ + && ln -s /run/supervise/$(basename $d) $d/supervise; \ + done \ + && chmod +r /etc/motd \ + && ln -snf $RW_DIR/service /etc/service \ + #&& ln -s $RW_DIR/pam.d-postgresql /etc/pam.d/postgresql \ + && ln -s $RW_DIR/postgres.yml $PGHOME/postgres.yml \ + && ln -s $RW_DIR/.bash_history /root/.bash_history \ + && ln -s $RW_DIR/postgresql/.bash_history $PGHOME/.bash_history \ + && ln -s $RW_DIR/postgresql/.psql_history $PGHOME/.psql_history \ + && ln -s $RW_DIR/etc $PGHOME/etc \ + && for d in $PGHOME /root; do \ + d=$d/.config/patroni \ + && mkdir -p $d \ + && ln -s $PGHOME/postgres.yml $d/patronictl.yaml; \ + done \ + && sed -i 's/set compatible/set nocompatible/' /etc/vimrc \ + && echo "PATH=\"$PATH\"" > /etc/environment \ + && for e in TERM=linux LC_ALL=C.UTF-8 LANG=C.UTF-8 EDITOR=editor; \ + do echo "export $e" >> /etc/bash.bashrc; \ + done \ + && ln -s /etc/skel/.bashrc $PGHOME/.bashrc \ + && echo "source /etc/motd" >> /home/postgres/.bashrc \ + # Allow users in the root group to access the following files and dirs + && if [ "$COMPRESS" != "true" ]; then \ + chmod 664 /etc/passwd \ + && chmod o+r /etc/shadow \ + && chgrp -R 0 $PGHOME $RW_DIR \ + && chmod -R g=u $PGHOME $RW_DIR \ + && usermod -a -G root postgres; \ + fi + + +COPY scripts bootstrap major_upgrade /scripts/ +COPY launcher/postgres/launch.sh / ENTRYPOINT ["/scripts/nss_wrapper/nss_wrapper.sh"] -USER 26 +USER postgres -CMD ["dumb-init", "/launch.sh", "init"] +CMD ["/bin/sh", "/launch.sh", "init"] From 94d3ed43c2a7880ae77e0acd6230ef1f1436a970 Mon Sep 17 00:00:00 2001 From: matthias Date: Thu, 12 Jun 2025 14:29:33 +0200 Subject: [PATCH 2/7] update public beta --- docker/pg-public-beta/Dockerfile | 55 +++- docker/pgbackrest-public-beta/Dockerfile | 311 ++++++++++------------- 2 files changed, 180 insertions(+), 186 deletions(-) diff --git a/docker/pg-public-beta/Dockerfile b/docker/pg-public-beta/Dockerfile index 79e8d33..1865539 100644 --- a/docker/pg-public-beta/Dockerfile +++ b/docker/pg-public-beta/Dockerfile @@ -20,6 +20,10 @@ ARG ARCH RUN ${PACKAGER} config-manager --set-enabled pgdg${PGVERSION}-updates-testing \ && ${PACKAGER} config-manager --set-enabled pgdg${PGVERSION}-source-updates-testing; +# Spilo-specific +ENV PAM_OAUTH2=v1.0.1 \ + PG_PERMISSIONS=REL_1_3 + # Get some Standard-Stuff RUN ${PACKAGER} -y update && ${PACKAGER} -y install --nodocs --noplugins --setopt=install_weak_deps=0 \ --setopt=skip_missing_names_on_install=False \ @@ -33,12 +37,12 @@ RUN ${PACKAGER} -y update && ${PACKAGER} -y install --nodocs --noplugins --setop python3-pip \ python3-psycopg2 \ git \ - clang \ patchutils \ binutils \ make \ cmake \ gcc \ + clang \ pam-devel \ wget \ mlocate \ @@ -53,6 +57,8 @@ RUN ${PACKAGER} -y update && ${PACKAGER} -y install --nodocs --noplugins --setop dumb-init \ libicu \ pgbackrest-${PGBACKREST_VERSION} \ + cronie \ + libcurl-devel \ && ${PACKAGER} -y clean all; # install etcdctl @@ -61,32 +67,58 @@ RUN curl -L https://github.com/coreos/etcd/releases/download/v${ETCD_VERSION}/et ENV PATHBACKUP = $PATH RUN wget https://smarden.org/runit/runit-2.1.2.tar.gz -P /package/ - -RUN pip3 install 'PyYAML<6.0' setuptools pystache loader kazoo meld3 boto python-etcd psutil requests cdiff ydiff --upgrade \ - && pip3 install patroni[kubernetes$EXTRAS]==$PATRONI_VERSION --upgrade \ +COPY cron_unprivileged.c /package/ + +RUN pip3 install 'PyYAML<6.0' setuptools pystache loader kazoo meld3 boto python-etcd psutil requests cdiff ydiff==1.4.2 --upgrade \ + && if [[ $PATRONI_VERSION == "multisite-"* ]]; then \ + git clone -b $PATRONI_VERSION https://github.com/cybertec-postgresql/patroni; \ + pip3 install ./patroni[kubernetes,etcd,etcd3]; \ + else \ + pip3 install patroni[kubernetes$EXTRAS]==$PATRONI_VERSION --upgrade; \ + fi \ && mkdir /usr/lib/postgresql \ + # Install pam_oauth2.so + && git clone -b $PAM_OAUTH2 --recurse-submodules https://github.com/zalando-pg/pam-oauth2.git && make -C pam-oauth2 install \ + && git clone -b $PG_PERMISSIONS https://github.com/cybertec-postgresql/pg_permissions.git \ + && git clone https://github.com/dimitri/pgextwlist.git \ + && git clone https://github.com/crunchydata/pgnodemx \ +\ && ${PACKAGER} -y install --nodocs --noplugins --setopt=install_weak_deps=0 postgresql${PGVERSION} libevent-devel brotli-devel libbrotli \ && ${PACKAGER} -y clean all \ +\ + # forbid creation of a main cluster when package is installed + #&& sed -ri 's/#(create_main_cluster) .*$/\1 = false/' /etc/postgresql-common/createcluster.conf \ \ # Install PostgreSQL && for version in $PG_SUPPORTED_VERSIONS; do \ ${PACKAGER} -y update && \ ${PACKAGER} -y install postgresql${version}-pltcl \ + pgaudit*${version} \ + credcheck_*${version} \ # Install PostgreSQL binaries, contrib, plproxy and multiple pl's && ${PACKAGER} -y install -y postgresql${version}-contrib \ - postgresql${version}-devel \ - \ + postgresql${version}-plpython3 postgresql${version}-devel \ + pg_cron_${version} pgvector_${version} set_user_${version} \ # Modify for using origial-spilo scripts && ln -s /usr/pgsql-${version} /usr/lib/postgresql/${version} \ - && export PATH=$PATHBACKUP:/usr/pgsql-${version}/bin; \ + && export PATH=$PATHBACKUP:/usr/pgsql-${version}/bin \ + # Install TimescaleDB + && ${PACKAGER} -y install timescaledb_${version} \ + && cd / \ + && for n in pg_permissions $EXTRA_EXTENSIONS; do \ + make -C $n USE_PGXS=1 clean install-strip; \ + done \ + && cd /pgextwlist && make clean && make && make install \ + && cd /pgnodemx && make USE_PGXS=1 clean && make USE_PGXS=1 && make USE_PGXS=1 install; \ done \ && ${PACKAGER} -y install --nodocs --noplugins --setopt=install_weak_deps=0 glibc-static \ && ${PACKAGER} -y clean all; + RUN gcc -s -shared -fPIC -o /usr/local/lib/cron_unprivileged.so /package/cron_unprivileged.c RUN cd /package && tar -xvzf runit-2.1.2.tar.gz && rm runit-2.1.2.tar.gz \ && cd admin/runit-2.1.2 && package/install \ && ln -s /usr/local/bin/runsvdir /usr/bin/runsvdir \ - && rm -rf /pg_permissions* /pgextwlist /pg_stat_kcache /pgnodemx /timescaledb /set_user /pam-oauth2 \ + && rm -rf /pg_permissions /pgextwlist /pg_stat_kcache /pgnodemx /timescaledb /pam-oauth2 \ && rm /etc/pgbackrest.conf && rm -rf /var/spool/pgbackrest \ && ${PACKAGER} -y remove $(rpm -qa "*devel*") python3-pip python3-wheel python3-dev python3-setuptools git patchutils flatpak glibc-static gcc glibc-devel \ && ${PACKAGER} -y autoremove \ @@ -131,6 +163,7 @@ RUN rm -rf /etc/service && mkdir /home/postgres/pgdata && chown -R postgres:post chmod 755 $d/* \ && ln -s /run/supervise/$(basename $d) $d/supervise; \ done \ + && chmod +r /etc/motd \ && ln -snf $RW_DIR/service /etc/service \ #&& ln -s $RW_DIR/pam.d-postgresql /etc/pam.d/postgresql \ && ln -s $RW_DIR/postgres.yml $PGHOME/postgres.yml \ @@ -149,7 +182,7 @@ RUN rm -rf /etc/service && mkdir /home/postgres/pgdata && chown -R postgres:post do echo "export $e" >> /etc/bash.bashrc; \ done \ && ln -s /etc/skel/.bashrc $PGHOME/.bashrc \ - && echo "source /etc/motd" >> /root/.bashrc \ + && echo "source /etc/motd" >> /home/postgres/.bashrc \ # Allow users in the root group to access the following files and dirs && if [ "$COMPRESS" != "true" ]; then \ chmod 664 /etc/passwd \ @@ -165,6 +198,6 @@ COPY launcher/postgres/launch.sh / ENTRYPOINT ["/scripts/nss_wrapper/nss_wrapper.sh"] -USER 26 +USER postgres -CMD ["/bin/sh", "/launch.sh", "init"] \ No newline at end of file +CMD ["/bin/sh", "/launch.sh", "init"] diff --git a/docker/pgbackrest-public-beta/Dockerfile b/docker/pgbackrest-public-beta/Dockerfile index 1865539..ab58019 100644 --- a/docker/pgbackrest-public-beta/Dockerfile +++ b/docker/pgbackrest-public-beta/Dockerfile @@ -1,203 +1,164 @@ ARG IMAGE_PATH ARG BUILD ARG BASEOS -ARG PGVERSION +ARG CONTAINERIMAGE -FROM ${IMAGE_PATH}/base:${BASEOS}-${BUILD} as builder +FROM ${IMAGE_PATH}/base:${BASEOS}-${BUILD} AS builder # Dockerfile specific informations ARG PACKAGER ARG PGBACKREST_VERSION -ARG PATRONI_VERSION ARG PGVERSION ARG OLD_PG_VERSIONS -ARG PG_SUPPORTED_VERSIONS="$PGVERSION" ARG PG_SUPPORTED_VERSIONS="$OLD_PG_VERSIONS $PGVERSION" -ARG ETCD_VERSION ARG ARCH # Enable Beta-Repo RUN ${PACKAGER} config-manager --set-enabled pgdg${PGVERSION}-updates-testing \ - && ${PACKAGER} config-manager --set-enabled pgdg${PGVERSION}-source-updates-testing; - -# Spilo-specific -ENV PAM_OAUTH2=v1.0.1 \ - PG_PERMISSIONS=REL_1_3 + && ${PACKAGER} config-manager --set-enabled pgdg${PGVERSION}-source-updates-testing \ + && ${PACKAGER} -y update; -# Get some Standard-Stuff -RUN ${PACKAGER} -y update && ${PACKAGER} -y install --nodocs --noplugins --setopt=install_weak_deps=0 \ +RUN ${PACKAGER} -y install --nodocs \ --setopt=skip_missing_names_on_install=False \ - openssh-clients \ - openssh-server \ - shadow-utils \ - tar \ - bzip2 \ - lz4 \ - python3 \ - python3-pip \ - python3-psycopg2 \ - git \ - patchutils \ - binutils \ - make \ - cmake \ - gcc \ - clang \ - pam-devel \ - wget \ - mlocate \ - git-clang-format \ - openssl-devel \ - ccache \ - redhat-rpm-config \ - krb5-devel \ - busybox \ - jq \ - rsync \ - dumb-init \ - libicu \ - pgbackrest-${PGBACKREST_VERSION} \ - cronie \ - libcurl-devel \ - && ${PACKAGER} -y clean all; - -# install etcdctl -RUN curl -L https://github.com/coreos/etcd/releases/download/v${ETCD_VERSION}/etcd-v${ETCD_VERSION}-linux-${ARCH}.tar.gz | tar xz -C /bin --strip=1 --wildcards --no-anchored --no-same-owner etcdctl etcd; - -ENV PATHBACKUP = $PATH - -RUN wget https://smarden.org/runit/runit-2.1.2.tar.gz -P /package/ -COPY cron_unprivileged.c /package/ - -RUN pip3 install 'PyYAML<6.0' setuptools pystache loader kazoo meld3 boto python-etcd psutil requests cdiff ydiff==1.4.2 --upgrade \ - && if [[ $PATRONI_VERSION == "multisite-"* ]]; then \ - git clone -b $PATRONI_VERSION https://github.com/cybertec-postgresql/patroni; \ - pip3 install ./patroni[kubernetes,etcd,etcd3]; \ - else \ - pip3 install patroni[kubernetes$EXTRAS]==$PATRONI_VERSION --upgrade; \ - fi \ - && mkdir /usr/lib/postgresql \ - # Install pam_oauth2.so - && git clone -b $PAM_OAUTH2 --recurse-submodules https://github.com/zalando-pg/pam-oauth2.git && make -C pam-oauth2 install \ - && git clone -b $PG_PERMISSIONS https://github.com/cybertec-postgresql/pg_permissions.git \ - && git clone https://github.com/dimitri/pgextwlist.git \ - && git clone https://github.com/crunchydata/pgnodemx \ -\ - && ${PACKAGER} -y install --nodocs --noplugins --setopt=install_weak_deps=0 postgresql${PGVERSION} libevent-devel brotli-devel libbrotli \ - && ${PACKAGER} -y clean all \ -\ - # forbid creation of a main cluster when package is installed - #&& sed -ri 's/#(create_main_cluster) .*$/\1 = false/' /etc/postgresql-common/createcluster.conf \ -\ -# Install PostgreSQL - && for version in $PG_SUPPORTED_VERSIONS; do \ - ${PACKAGER} -y update && \ - ${PACKAGER} -y install postgresql${version}-pltcl \ - pgaudit*${version} \ - credcheck_*${version} \ - # Install PostgreSQL binaries, contrib, plproxy and multiple pl's - && ${PACKAGER} -y install -y postgresql${version}-contrib \ - postgresql${version}-plpython3 postgresql${version}-devel \ - pg_cron_${version} pgvector_${version} set_user_${version} \ - # Modify for using origial-spilo scripts - && ln -s /usr/pgsql-${version} /usr/lib/postgresql/${version} \ - && export PATH=$PATHBACKUP:/usr/pgsql-${version}/bin \ - # Install TimescaleDB - && ${PACKAGER} -y install timescaledb_${version} \ - && cd / \ - && for n in pg_permissions $EXTRA_EXTENSIONS; do \ - make -C $n USE_PGXS=1 clean install-strip; \ - done \ - && cd /pgextwlist && make clean && make && make install \ - && cd /pgnodemx && make USE_PGXS=1 clean && make USE_PGXS=1 && make USE_PGXS=1 install; \ + openssh-clients \ + openssh-server \ + bzip2 \ + lz4 \ + zstd \ + libicu \ + dumb-init \ + jq \ + pgbackrest-${PGBACKREST_VERSION} \ + && ${PACKAGER} -y clean all ; + +# Install postgres-server +RUN ${PACKAGER} -y update \ + && for version in $PG_SUPPORTED_VERSIONS; do \ + ${PACKAGER} -y install --nodocs postgresql${version}-server; \ done \ - && ${PACKAGER} -y install --nodocs --noplugins --setopt=install_weak_deps=0 glibc-static \ - && ${PACKAGER} -y clean all; - RUN gcc -s -shared -fPIC -o /usr/local/lib/cron_unprivileged.so /package/cron_unprivileged.c - - RUN cd /package && tar -xvzf runit-2.1.2.tar.gz && rm runit-2.1.2.tar.gz \ - && cd admin/runit-2.1.2 && package/install \ - && ln -s /usr/local/bin/runsvdir /usr/bin/runsvdir \ - && rm -rf /pg_permissions /pgextwlist /pg_stat_kcache /pgnodemx /timescaledb /pam-oauth2 \ - && rm /etc/pgbackrest.conf && rm -rf /var/spool/pgbackrest \ - && ${PACKAGER} -y remove $(rpm -qa "*devel*") python3-pip python3-wheel python3-dev python3-setuptools git patchutils flatpak glibc-static gcc glibc-devel \ - && ${PACKAGER} -y autoremove \ - && ${PACKAGER} -y clean dbcache \ - && ${PACKAGER} -y clean all; + && ${PACKAGER} -y clean all; + +# Remove default pgbackrest-config +RUN rm /etc/pgbackrest.conf +RUN rm -rf /var/spool/pgbackrest + +# Add kubectl +RUN curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/${ARCH}/kubectl" && chmod +x kubectl + +RUN mkdir -p /tmp/pgsql && cp -r /usr/pgsql* /tmp/pgsql +RUN mkdir -p /tmp/pg && cp -r /usr/bin/pg* /tmp/pg +RUN mkdir -p /tmp/lz4 && cp -r /usr/bin/lz4* /tmp/lz4 +RUN mkdir -p /tmp/zstd && cp -r /usr/bin/zstd* /tmp/zstd + + +FROM ${CONTAINERIMAGE} as micro + +ARG PGVERSION + +COPY --from=builder /usr/bin/dumb-init /usr/bin/dumb-init +COPY --from=builder /etc/passwd /etc/passwd +COPY --from=builder /etc/group /etc/group +COPY --from=builder /usr/lib64 /usr/lib64 +# SSH-client +COPY --from=builder /etc/ssh /etc/ssh +COPY --from=builder /usr/bin/ssh /usr/bin/ssh +COPY --from=builder /usr/libexec/openssh /usr/libexec/openssh +# pgBackRest +COPY --from=builder /usr/bin/pgbackrest /usr/bin/pgbackrest +COPY --from=builder /usr/share/licenses/pgbackrest/LICENSE /usr/share/licenses/pgbackrest/LICENSE +COPY --from=builder /var/lib/pgbackrest /var/lib/pgbackrest +COPY --from=builder /var/log/pgbackrest /var/log/pgbackrest +# Postgres +COPY --from=builder /tmp/pgsql/ /usr/ +COPY --from=builder /var/lib/pgsql /var/lib/pgsql +COPY --from=builder /tmp/pg /usr/bin/ + +COPY --from=builder ./kubectl /usr/local/bin/ +# lz4 +COPY --from=builder /tmp/lz4 /usr/bin/ +# zstd +COPY --from=builder /tmp/zstd /usr/bin/ +# Others +COPY --from=builder /usr/bin/sed /usr/bin/sed +COPY --from=builder /usr/bin/jq /usr/bin/jq +COPY --from=builder /usr/bin/watch /usr/bin/watch +COPY --from=builder /usr/share/locale /usr/share/locale +COPY --from=builder /usr/lib /usr/lib +COPY --from=builder /usr/lib64 /usr/lib64 +# CA +COPY --from=builder /usr/bin/ca-legacy /usr/bin/ca-legacy +COPY --from=builder /usr/bin/update-ca-trust /usr/bin/update-ca-trust +# grep +COPY --from=builder /etc/profile.d /etc/profile.d +COPY --from=builder /usr/bin/grep /usr/bin/grep +COPY --from=builder /usr/libexec /usr/libexec +# COPY --from=builder /usr/bin/update-ca-trust /usr/bin/update-ca-trust +# COPY --from=builder /usr/bin/update-ca-trust /usr/bin/update-ca-trust + +# p11-kit +COPY --from=builder /etc/pkcs11 /etc/pkcs11 +COPY --from=builder /usr/libexec/p11-kit /usr/libexec/p11-kit +COPY --from=builder /usr/share/bash-completion/completions /usr/share/bash-completion/completions +COPY --from=builder /usr/share/p11-kit /usr/share/p11-kit +COPY --from=builder /usr/share/polkit-1 /usr/share/polkit-1 + +COPY --from=builder /usr/bin/p11-kit /usr/bin/p11-kit +COPY --from=builder /etc/pki /etc/pki +COPY --from=builder /usr/share/pki /usr/share/pki +COPY --from=builder /etc/ssl /etc/ssl +COPY --from=builder /etc/pkcs11 /etc/pkcs11 + +# p11-kit-trust +COPY --from=builder /usr/bin/trust /usr/bin/ + +# libraries +COPY --from=builder /usr/bin/nss_wrapper.pl /usr/bin/nss_wrapper.pl +# COPY --from=builder /usr/lib64/libnss_wrapper.so /usr/lib64/libnss_wrapper.so +COPY --from=builder /usr/share/man/man1 /usr/share/man/man1 +COPY --from=builder /usr/bin/envsubst /usr/bin/envsubst + +RUN /usr/bin/update-ca-trust extract + +# add postgres user and group +#RUN groupadd postgres -g 26 && useradd postgres -u 26 -g 26 + +# Prepare all needed stuff +Run mkdir -p /opt/pgbackrest /backrestrepo /home/postgres /home/postgres/pgdata/pgbackrest/log + +# add pgbackrest-restore files +ADD scripts/pgbackrest/ /opt/pgbackrest/bin/ + +# add pgbackrest-common files +ADD /scripts/nss_wrapper /scripts/nss_wrapper FROM scratch +COPY --from=micro / / ARG PGVERSION -COPY --from=builder / / - -EXPOSE 5432 8008 8080 -ENV LC_ALL=en_US.utf-8 \ - PATH=$PATH:/usr/pgsql-$PGVERSION/bin \ - PGHOME=/home/postgres \ - RW_DIR=/run \ - TIMESCALEDB=$TIMESCALEDB \ - DEMO=$DEMO - -ENV LOG_ENV_DIR=$RW_DIR/etc/log.d/env \ - PGROOT=$PGHOME/pgdata/pgroot - -ENV PGDATA=$PGROOT/data \ - PGLOG=$PGROOT/pg_log - -WORKDIR $PGHOME - -COPY motd /etc/ -#COPY runit /etc/service/ - -COPY runit /etc/runit/runsvdir/default/ -COPY pgq_ticker.ini $PGHOME/ -RUN rm -rf /etc/service && mkdir /home/postgres/pgdata && chown -R postgres:postgres /home/postgres/pgdata && chmod -R g=u /home/postgres/pgdata \ - && sed -i "s|/var/lib/pgsql.*|$PGHOME:/bin/bash|" /etc/passwd \ - && chown -R postgres:postgres $PGHOME $PGHOME/pgdata $RW_DIR \ - && rm -fr /var/spool/cron /var/tmp \ - && mkdir -p /var/spool \ - && ln -s $RW_DIR/cron /var/spool/cron \ - && ln -s $RW_DIR/tmp /var/tmp \ - && for d in /etc/runit/runsvdir/default/*; do \ - chmod 755 $d/* \ - && ln -s /run/supervise/$(basename $d) $d/supervise; \ - done \ - && chmod +r /etc/motd \ - && ln -snf $RW_DIR/service /etc/service \ - #&& ln -s $RW_DIR/pam.d-postgresql /etc/pam.d/postgresql \ - && ln -s $RW_DIR/postgres.yml $PGHOME/postgres.yml \ - && ln -s $RW_DIR/.bash_history /root/.bash_history \ - && ln -s $RW_DIR/postgresql/.bash_history $PGHOME/.bash_history \ - && ln -s $RW_DIR/postgresql/.psql_history $PGHOME/.psql_history \ - && ln -s $RW_DIR/etc $PGHOME/etc \ - && for d in $PGHOME /root; do \ - d=$d/.config/patroni \ - && mkdir -p $d \ - && ln -s $PGHOME/postgres.yml $d/patronictl.yaml; \ - done \ - && sed -i 's/set compatible/set nocompatible/' /etc/vimrc \ - && echo "PATH=\"$PATH\"" > /etc/environment \ - && for e in TERM=linux LC_ALL=C.UTF-8 LANG=C.UTF-8 EDITOR=editor; \ - do echo "export $e" >> /etc/bash.bashrc; \ - done \ - && ln -s /etc/skel/.bashrc $PGHOME/.bashrc \ - && echo "source /etc/motd" >> /home/postgres/.bashrc \ - # Allow users in the root group to access the following files and dirs - && if [ "$COMPRESS" != "true" ]; then \ - chmod 664 /etc/passwd \ - && chmod o+r /etc/shadow \ - && chgrp -R 0 $PGHOME $RW_DIR \ - && chmod -R g=u $PGHOME $RW_DIR \ - && usermod -a -G root postgres; \ - fi - - -COPY scripts bootstrap major_upgrade /scripts/ -COPY launcher/postgres/launch.sh / +# set user and group ownership +RUN chown -R postgres:postgres /opt/pgbackrest \ + /backrestrepo /home/postgres/pgdata/pgbackrest /home/postgres/pgdata + +RUN mkdir -p /etc/pgbackrest \ + && chown -R postgres:postgres /etc/pgbackrest + +RUN chmod -R g=u /etc/pgbackrest \ + && rm -f /run/nologin + +RUN mkdir /.ssh && chown postgres:postgres /.ssh && chmod o+rwx /.ssh + +# set user and group ownership +RUN chown -R postgres:postgres /opt/pgbackrest \ + /backrestrepo /home/postgres/pgdata + +#ENV PATH=$PATH:/usr/pgsql-$PGVERSION/bin +COPY launcher/pgbackrest/launch.sh / + +VOLUME ["sshd", "/home/postgres/pgdata", "/backrestrepo"] ENTRYPOINT ["/scripts/nss_wrapper/nss_wrapper.sh"] USER postgres -CMD ["/bin/sh", "/launch.sh", "init"] +CMD ["dumb-init", "/launch.sh", "init"] From 2721fed7d94c353846afb7290d5ea2740e1ff591 Mon Sep 17 00:00:00 2001 From: matthias Date: Thu, 12 Jun 2025 14:32:18 +0200 Subject: [PATCH 3/7] update public beta --- docker/pg-public-beta/Dockerfile | 13 +------------ 1 file changed, 1 insertion(+), 12 deletions(-) diff --git a/docker/pg-public-beta/Dockerfile b/docker/pg-public-beta/Dockerfile index 1865539..b9621b7 100644 --- a/docker/pg-public-beta/Dockerfile +++ b/docker/pg-public-beta/Dockerfile @@ -93,23 +93,12 @@ RUN pip3 install 'PyYAML<6.0' setuptools pystache loader kazoo meld3 boto python && for version in $PG_SUPPORTED_VERSIONS; do \ ${PACKAGER} -y update && \ ${PACKAGER} -y install postgresql${version}-pltcl \ - pgaudit*${version} \ - credcheck_*${version} \ # Install PostgreSQL binaries, contrib, plproxy and multiple pl's && ${PACKAGER} -y install -y postgresql${version}-contrib \ - postgresql${version}-plpython3 postgresql${version}-devel \ - pg_cron_${version} pgvector_${version} set_user_${version} \ + postgresql${version}-devel \ # Modify for using origial-spilo scripts && ln -s /usr/pgsql-${version} /usr/lib/postgresql/${version} \ && export PATH=$PATHBACKUP:/usr/pgsql-${version}/bin \ - # Install TimescaleDB - && ${PACKAGER} -y install timescaledb_${version} \ - && cd / \ - && for n in pg_permissions $EXTRA_EXTENSIONS; do \ - make -C $n USE_PGXS=1 clean install-strip; \ - done \ - && cd /pgextwlist && make clean && make && make install \ - && cd /pgnodemx && make USE_PGXS=1 clean && make USE_PGXS=1 && make USE_PGXS=1 install; \ done \ && ${PACKAGER} -y install --nodocs --noplugins --setopt=install_weak_deps=0 glibc-static \ && ${PACKAGER} -y clean all; From a68f7488647a48115d4cac3c6f9087e2a4abc98a Mon Sep 17 00:00:00 2001 From: matthias Date: Thu, 12 Jun 2025 14:51:00 +0200 Subject: [PATCH 4/7] update public beta --- Makefile | 4 ++-- docker/pg-public-beta/Dockerfile | 4 ++-- docker/pgbackrest-public-beta/Dockerfile | 3 +-- 3 files changed, 5 insertions(+), 6 deletions(-) diff --git a/Makefile b/Makefile index 7feeec1..0a05a6a 100644 --- a/Makefile +++ b/Makefile @@ -20,8 +20,8 @@ IMAGE_TAG ?= $(BASEOS)-$(PGVERSION_FULL)-$(BUILD) POSTGIS_IMAGE_TAG ?= $(BASEOS)-$(PGVERSION_FULL)-$(POSTGIS_VERSION)-$(BUILD) # Public-Beta -PUBLICBETA ?= 2 -BETAVERSION ?= 17 +PUBLICBETA ?= 1 +BETAVERSION ?= 18 # Settings for the Build-Process BUILDWITH ?= docker diff --git a/docker/pg-public-beta/Dockerfile b/docker/pg-public-beta/Dockerfile index b9621b7..a346df1 100644 --- a/docker/pg-public-beta/Dockerfile +++ b/docker/pg-public-beta/Dockerfile @@ -18,7 +18,7 @@ ARG ARCH # Enable Beta-Repo RUN ${PACKAGER} config-manager --set-enabled pgdg${PGVERSION}-updates-testing \ - && ${PACKAGER} config-manager --set-enabled pgdg${PGVERSION}-source-updates-testing; + && ${PACKAGER} config-manager --set-enabled pgdg${PGVERSION}-updates-testing-source; # Spilo-specific ENV PAM_OAUTH2=v1.0.1 \ @@ -98,7 +98,7 @@ RUN pip3 install 'PyYAML<6.0' setuptools pystache loader kazoo meld3 boto python postgresql${version}-devel \ # Modify for using origial-spilo scripts && ln -s /usr/pgsql-${version} /usr/lib/postgresql/${version} \ - && export PATH=$PATHBACKUP:/usr/pgsql-${version}/bin \ + && export PATH=$PATHBACKUP:/usr/pgsql-${version}/bin; \ done \ && ${PACKAGER} -y install --nodocs --noplugins --setopt=install_weak_deps=0 glibc-static \ && ${PACKAGER} -y clean all; diff --git a/docker/pgbackrest-public-beta/Dockerfile b/docker/pgbackrest-public-beta/Dockerfile index ab58019..bfc813f 100644 --- a/docker/pgbackrest-public-beta/Dockerfile +++ b/docker/pgbackrest-public-beta/Dockerfile @@ -15,8 +15,7 @@ ARG ARCH # Enable Beta-Repo RUN ${PACKAGER} config-manager --set-enabled pgdg${PGVERSION}-updates-testing \ - && ${PACKAGER} config-manager --set-enabled pgdg${PGVERSION}-source-updates-testing \ - && ${PACKAGER} -y update; + && ${PACKAGER} config-manager --set-enabled pgdg${PGVERSION}-updates-testing-source; RUN ${PACKAGER} -y install --nodocs \ --setopt=skip_missing_names_on_install=False \ From bd601150f9f5c5b6043f5041aa04afe271f871db Mon Sep 17 00:00:00 2001 From: matthias Date: Fri, 13 Jun 2025 15:27:45 +0200 Subject: [PATCH 5/7] cleanup --- docker/base/Dockerfile | 6 +----- docker/exporter/Dockerfile | 2 +- docker/pgbackrest/Dockerfile | 2 +- 3 files changed, 3 insertions(+), 7 deletions(-) diff --git a/docker/base/Dockerfile b/docker/base/Dockerfile index 0b7a795..911b913 100644 --- a/docker/base/Dockerfile +++ b/docker/base/Dockerfile @@ -29,8 +29,4 @@ RUN ${PACKAGER} -y install --nodocs --noplugins --setopt=install_weak_deps=0 \ RUN ${PACKAGER} -y config-manager --set-enabled crb #Add PostgreSQL-Repo to Base RUN ${PACKAGER} --nodocs --noplugins --setopt=install_weak_deps=0 install -y https://download.postgresql.org/pub/repos/yum/reporpms/EL-9-$(uname -i)/pgdg-redhat-repo-latest.noarch.rpm && ${PACKAGER} -y update && ${PACKAGER} -y clean all -RUN ${PACKAGER} -qy module disable postgresql - - - - +RUN ${PACKAGER} -qy module disable postgresql \ No newline at end of file diff --git a/docker/exporter/Dockerfile b/docker/exporter/Dockerfile index b643192..2b122b0 100644 --- a/docker/exporter/Dockerfile +++ b/docker/exporter/Dockerfile @@ -18,7 +18,7 @@ RUN ${PACKAGER} -y install --nodocs \ RUN wget https://go.dev/dl/go1.24.4.linux-amd64.tar.gz && tar -xzf go1.24.4.linux-amd64.tar.gz && mv go /usr/local ENV PATH=$PATH:/usr/local/go/bin -RUN git clone https://github.com/cybertec-postgresql/postgres_exporter.git && cd postgres_exporter && make build; +RUN git clone https://github.com/prometheus-community/postgres_exporter.git && cd postgres_exporter && make build; FROM ${CONTAINERIMAGE} COPY --from=builder /usr/bin/dumb-init /usr/bin/dumb-init diff --git a/docker/pgbackrest/Dockerfile b/docker/pgbackrest/Dockerfile index 17d5c8d..37ea857 100644 --- a/docker/pgbackrest/Dockerfile +++ b/docker/pgbackrest/Dockerfile @@ -24,7 +24,7 @@ RUN ${PACKAGER} -y install --nodocs \ dumb-init \ jq \ pgbackrest-${PGBACKREST_VERSION} \ - && ${PACKAGER} -y clean all ; + && ${PACKAGER} -y clean all; # Install postgres-server RUN ${PACKAGER} -y update \ From f21048b5ade47767ee54584ba1aeb5c92f4e8724 Mon Sep 17 00:00:00 2001 From: matthias Date: Fri, 22 Aug 2025 13:00:55 +0200 Subject: [PATCH 6/7] update packages --- Makefile | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/Makefile b/Makefile index 0a05a6a..54572a0 100644 --- a/Makefile +++ b/Makefile @@ -6,12 +6,12 @@ CONTAINERIMAGE ?= rockylinux/rockylinux:9-ubi-micro IMAGE_REPOSITORY ?= docker.io IMAGE_PATH ?= cybertec-pg-container PGVERSION ?= 17 -PGVERSION_FULL ?= 17.5 +PGVERSION_FULL ?= 17.6 OLD_PG_VERSIONS ?= 13 14 15 16 PATRONI_VERSION ?= multisite-4.0.5.1 -PGBACKREST_VERSION ?= 2.55.1 +PGBACKREST_VERSION ?= 2.56.0 POSTGIS_VERSION ?= 35 -ETCD_VERSION ?= 3.6.1 +ETCD_VERSION ?= 3.6.4 PGBOUNCER_VERSION ?= 1.24 PACKAGER ?= dnf BUILD ?= 1 @@ -20,7 +20,7 @@ IMAGE_TAG ?= $(BASEOS)-$(PGVERSION_FULL)-$(BUILD) POSTGIS_IMAGE_TAG ?= $(BASEOS)-$(PGVERSION_FULL)-$(POSTGIS_VERSION)-$(BUILD) # Public-Beta -PUBLICBETA ?= 1 +PUBLICBETA ?= 3 BETAVERSION ?= 18 # Settings for the Build-Process From 97d73a8f18bef97cbac598cceae70d450131d0b8 Mon Sep 17 00:00:00 2001 From: matthias Date: Fri, 22 Aug 2025 13:03:58 +0200 Subject: [PATCH 7/7] update base-dockerfile for rocky10 --- docker/base/Dockerfile | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/docker/base/Dockerfile b/docker/base/Dockerfile index 911b913..8ffcbfb 100644 --- a/docker/base/Dockerfile +++ b/docker/base/Dockerfile @@ -1,6 +1,7 @@ ARG BASE_IMAGE ARG IMAGE_REPOSITORY ARG PATH +ARG BASEOS FROM $BASE_IMAGE ARG PACKAGER @@ -9,7 +10,6 @@ MAINTAINER CYBERTEC PostgreSQL International GmbH LABEL vendor="CYBERTEC PostgreSQL International GmbH" url="https://www.cybertec-postgresql.com" LABEL maintainer="Matthias Groemmer " -RUN ${PACKAGER} -y install --nodocs https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm vim && ${PACKAGER} -y upgrade RUN ${PACKAGER} -y install --nodocs --noplugins --setopt=install_weak_deps=0 \ bind-utils \ @@ -23,10 +23,15 @@ RUN ${PACKAGER} -y install --nodocs --noplugins --setopt=install_weak_deps=0 \ glibc-langpack-en \ openssh-clients \ openssh-server \ + dnf-plugin-config-manager \ && ${PACKAGER} -y clean all ; #Enable CRB-Repo (Powertools) RUN ${PACKAGER} -y config-manager --set-enabled crb +#Add Epel + RUN ${PACKAGER} -y install --nodocs https://dl.fedoraproject.org/pub/epel/epel-release-latest-$(rpm -E %{rhel}).noarch.rpm vim && ${PACKAGER} -y upgrade #Add PostgreSQL-Repo to Base -RUN ${PACKAGER} --nodocs --noplugins --setopt=install_weak_deps=0 install -y https://download.postgresql.org/pub/repos/yum/reporpms/EL-9-$(uname -i)/pgdg-redhat-repo-latest.noarch.rpm && ${PACKAGER} -y update && ${PACKAGER} -y clean all -RUN ${PACKAGER} -qy module disable postgresql \ No newline at end of file +RUN ${PACKAGER} --nodocs --noplugins --setopt=install_weak_deps=0 install -y https://download.postgresql.org/pub/repos/yum/reporpms/EL-$(rpm -E %{rhel})-$(uname -m)/pgdg-redhat-repo-latest.noarch.rpm && ${PACKAGER} -y update && ${PACKAGER} -y clean all +RUN if [ "$BASEOS" = "rocky9" ]; then \ + ${PACKAGER} -qy module disable postgresql; \ + fi