Alex Denes
bfae593b4d
- Patch out hba changing at start for postgres - Add redis - Use host networking for development purposes - Fix logging for rspamd and dovecot - Make sasl socket inet - Use WORKDIR for nsd - Remove postgres pass entries
70 lines
2.8 KiB
Diff
70 lines
2.8 KiB
Diff
@@ -98,59 +98,6 @@
|
|
fi
|
|
}
|
|
|
|
-# print large warning if POSTGRES_PASSWORD is long
|
|
-# error if both POSTGRES_PASSWORD is empty and POSTGRES_HOST_AUTH_METHOD is not 'trust'
|
|
-# print large warning if POSTGRES_HOST_AUTH_METHOD is set to 'trust'
|
|
-# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ]
|
|
-docker_verify_minimum_env() {
|
|
- # check password first so we can output the warning before postgres
|
|
- # messes it up
|
|
- if [ "${#POSTGRES_PASSWORD}" -ge 100 ]; then
|
|
- cat >&2 <<-'EOWARN'
|
|
-
|
|
- WARNING: The supplied POSTGRES_PASSWORD is 100+ characters.
|
|
-
|
|
- This will not work if used via PGPASSWORD with "psql".
|
|
-
|
|
- https://www.postgresql.org/message-id/flat/E1Rqxp2-0004Qt-PL%40wrigleys.postgresql.org (BUG #6412)
|
|
- https://github.com/docker-library/postgres/issues/507
|
|
-
|
|
- EOWARN
|
|
- fi
|
|
- if [ -z "$POSTGRES_PASSWORD" ] && [ 'trust' != "$POSTGRES_HOST_AUTH_METHOD" ]; then
|
|
- # The - option suppresses leading tabs but *not* spaces. :)
|
|
- cat >&2 <<-'EOE'
|
|
- Error: Database is uninitialized and superuser password is not specified.
|
|
- You must specify POSTGRES_PASSWORD to a non-empty value for the
|
|
- superuser. For example, "-e POSTGRES_PASSWORD=password" on "docker run".
|
|
-
|
|
- You may also use "POSTGRES_HOST_AUTH_METHOD=trust" to allow all
|
|
- connections without a password. This is *not* recommended.
|
|
-
|
|
- See PostgreSQL documentation about "trust":
|
|
- https://www.postgresql.org/docs/current/auth-trust.html
|
|
- EOE
|
|
- exit 1
|
|
- fi
|
|
- if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then
|
|
- cat >&2 <<-'EOWARN'
|
|
- ********************************************************************************
|
|
- WARNING: POSTGRES_HOST_AUTH_METHOD has been set to "trust". This will allow
|
|
- anyone with access to the Postgres port to access your database without
|
|
- a password, even if POSTGRES_PASSWORD is set. See PostgreSQL
|
|
- documentation about "trust":
|
|
- https://www.postgresql.org/docs/current/auth-trust.html
|
|
- In Docker's default configuration, this is effectively any other
|
|
- container on the same system.
|
|
-
|
|
- It is not recommended to use POSTGRES_HOST_AUTH_METHOD=trust. Replace
|
|
- it with "-e POSTGRES_PASSWORD=password" instead to set a password in
|
|
- "docker run".
|
|
- ********************************************************************************
|
|
- EOWARN
|
|
- fi
|
|
-}
|
|
-
|
|
# usage: docker_process_init_files [file [file [...]]]
|
|
# ie: docker_process_init_files /always-initdb.d/*
|
|
# process initializer files, based on file extensions and permissions
|
|
@@ -310,8 +257,6 @@
|
|
|
|
# only run initialization on an empty data directory
|
|
if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
|
|
- docker_verify_minimum_env
|
|
-
|
|
# check dir permissions to reduce likelihood of half-initialized database
|
|
ls /docker-entrypoint-initdb.d/ > /dev/null
|
|
|