diff --git a/01-basic.sh b/01-basic.sh index 1cf5408..ca48f2d 100755 --- a/01-basic.sh +++ b/01-basic.sh @@ -123,36 +123,6 @@ chown -R www-data:www-data /srv/portal # Restart systemctl restart nginx - -##### -# PostgreSQL + PostGIS -##### - -# Install packages -apt-get -y --no-install-recommends install postgresql-9.6 postgresql-9.6-postgis postgresql-contrib-9.6 - -# Install Czech search data -wget http://postgres.cz/data/czech.tar.gz -O /tmp/czech.tar.gz -tar xzf /tmp/czech.tar.gz -C /usr/share/postgresql/9.6/tsearch_data --strip-components 1 -chown root:root /usr/share/postgresql/9.6/tsearch_data/czech.* -rm -f /tmp/czech.tar.gz - -# Configure -cp ${SOURCE_DIR}/etc/postgresql/9.6/main/postgresql.conf /etc/postgresql/9.6/main/postgresql.conf -cp ${SOURCE_DIR}/etc/postgresql/9.6/main/pg_hba.conf /etc/postgresql/9.6/main/pg_hba.conf - -# Enable query logging. Only if the DEBUG environment variable is set -if [ ${DEBUG:-0} -eq 1 ]; then - sed -i 's/#log_destination/log_destination/' /etc/postgresql/9.6/main/postgresql.conf - sed -i 's/#logging_collector/logging_collector/' /etc/postgresql/9.6/main/postgresql.conf - sed -i 's/#log_directory/log_directory/' /etc/postgresql/9.6/main/postgresql.conf - sed -i 's/#log_statement/log_statement/' /etc/postgresql/9.6/main/postgresql.conf -fi - -# Restart -systemctl restart postgresql - - ##### # MariaDB ##### diff --git a/basic/etc/postgresql/9.6/main/pg_hba.conf b/basic/etc/postgresql/9.6/main/pg_hba.conf deleted file mode 100644 index e3ca582..0000000 --- a/basic/etc/postgresql/9.6/main/pg_hba.conf +++ /dev/null @@ -1,4 +0,0 @@ -local all postgres peer -local all all md5 -host all all 127.0.0.1/32 md5 -host all all ::1/128 md5 diff --git a/postgres.sh b/postgres.sh new file mode 100644 index 0000000..593ed74 --- /dev/null +++ b/postgres.sh @@ -0,0 +1,28 @@ +#!/bin/bash + +SOURCE_DIR=$(realpath $(dirname "${0}"))/postgres + +# Build Docker container +docker build -t postgres ${SOURCE_DIR} + +# Create Postgres instance +mkdir /srv/postgres +chown -R 5432:5432 /srv/postgres +chmod 700 /srv/postgres +docker run --rm --name postgres -v /srv/postgres:/var/lib/postgresql postgres initdb -D /var/lib/postgresql + +# Configure Postgres +cp ${SOURCE_DIR}/srv/postgres/postgresql.conf /srv/postgres/postgresql.conf +cp ${SOURCE_DIR}/srv/postgres/pg_hba.conf /srv/postgres/pg_hba.conf + +# Enable query logging. Only if the DEBUG environment variable is set +if [ ${DEBUG:-0} -eq 1 ]; then + sed -i 's/^#log_destination/log_destination/' /srv/postgres/postgresql.conf + sed -i 's/^#log_statement/log_statement/' /srv/postgres/postgresql.conf +fi + +# Configure Postgres service +cp ${SOURCE_DIR}/lib/systemd/system/postgres.service /lib/systemd/system/postgres.service +systemctl daemon-reload +systemctl enable postgres +systemctl start postgres diff --git a/postgres/Dockerfile b/postgres/Dockerfile new file mode 100644 index 0000000..f320ad0 --- /dev/null +++ b/postgres/Dockerfile @@ -0,0 +1,15 @@ +FROM alpine:3.7 +MAINTAINER Disassembler + +RUN sed -i 's/postgres:x:70:70/postgres:x:5432:5432/' /etc/passwd \ + && sed -i 's/postgres:x:70/postgres:x:5432/' /etc/group \ + && echo 'http://repository.fit.cvut.cz/mirrors/alpine/edge/testing' >>/etc/apk/repositories \ + && apk --no-cache add postgresql postgresql-contrib postgis \ + && mkdir /run/postgresql \ + && chown postgres:postgres /run/postgresql + +VOLUME ["/var/lib/postgresql"] +EXPOSE 5432 + +USER postgres +CMD ["postgres", "-D", "/var/lib/postgresql"] diff --git a/postgres/srv/postgres/pg_hba.conf b/postgres/srv/postgres/pg_hba.conf new file mode 100644 index 0000000..ab93832 --- /dev/null +++ b/postgres/srv/postgres/pg_hba.conf @@ -0,0 +1,3 @@ +local all postgres peer +local all all md5 +host all all 0.0.0.0/0 md5 diff --git a/basic/etc/postgresql/9.6/main/postgresql.conf b/postgres/srv/postgres/postgresql.conf similarity index 88% rename from basic/etc/postgresql/9.6/main/postgresql.conf rename to postgres/srv/postgres/postgresql.conf index 23ddd77..bec8b6b 100644 --- a/basic/etc/postgresql/9.6/main/postgresql.conf +++ b/postgres/srv/postgres/postgresql.conf @@ -16,9 +16,9 @@ # # This file is read on server startup and when the server receives a SIGHUP # signal. If you edit the file on a running system, you have to SIGHUP the -# server for the changes to take effect, or use "pg_ctl reload". Some -# parameters, which are marked below, require a server shutdown and restart to -# take effect. +# server for the changes to take effect, run "pg_ctl reload", or execute +# "SELECT pg_reload_conf()". Some parameters, which are marked below, +# require a server shutdown and restart to take effect. # # Any parameter can also be given as a command-line option to the server, e.g., # "postgres -c log_connections=on". Some parameters can be changed at run time @@ -38,15 +38,15 @@ # The default values of these variables are driven from the -D command-line # option or PGDATA environment variable, represented here as ConfigDir. -data_directory = '/var/lib/postgresql/9.6/main' # use data in another directory +#data_directory = 'ConfigDir' # use data in another directory # (change requires restart) -hba_file = '/etc/postgresql/9.6/main/pg_hba.conf' # host-based authentication file +#hba_file = 'ConfigDir/pg_hba.conf' # host-based authentication file # (change requires restart) -ident_file = '/etc/postgresql/9.6/main/pg_ident.conf' # ident configuration file +#ident_file = 'ConfigDir/pg_ident.conf' # ident configuration file # (change requires restart) # If external_pid_file is not explicitly set, no extra PID file is written. -external_pid_file = '/var/run/postgresql/9.6-main.pid' # write an extra PID file +#external_pid_file = '' # write an extra PID file # (change requires restart) @@ -56,14 +56,14 @@ external_pid_file = '/var/run/postgresql/9.6-main.pid' # write an extra PID fi # - Connection Settings - -#listen_addresses = 'localhost' # what IP address(es) to listen on; +listen_addresses = '*' # what IP address(es) to listen on; # comma-separated list of addresses; # defaults to 'localhost'; use '*' for all # (change requires restart) -port = 5432 # (change requires restart) +#port = 5432 # (change requires restart) max_connections = 100 # (change requires restart) #superuser_reserved_connections = 3 # (change requires restart) -unix_socket_directories = '/var/run/postgresql' # comma-separated list of directories +unix_socket_directories = '/run/postgresql,/tmp' # comma-separated list of directories # (change requires restart) #unix_socket_group = '' # (change requires restart) #unix_socket_permissions = 0777 # begin with 0 to use octal notation @@ -76,16 +76,16 @@ unix_socket_directories = '/var/run/postgresql' # comma-separated list of direct # - Security and Authentication - #authentication_timeout = 1min # 1s-600s -ssl = false # (change requires restart) +#ssl = off #ssl_ciphers = 'HIGH:MEDIUM:+3DES:!aNULL' # allowed SSL ciphers - # (change requires restart) -#ssl_prefer_server_ciphers = on # (change requires restart) -#ssl_ecdh_curve = 'prime256v1' # (change requires restart) -ssl_cert_file = '/etc/ssl/certs/ssl-cert-snakeoil.pem' # (change requires restart) -ssl_key_file = '/etc/ssl/private/ssl-cert-snakeoil.key' # (change requires restart) -#ssl_ca_file = '' # (change requires restart) -#ssl_crl_file = '' # (change requires restart) -#password_encryption = on +#ssl_prefer_server_ciphers = on +#ssl_ecdh_curve = 'prime256v1' +#ssl_dh_params_file = '' +#ssl_cert_file = 'server.crt' +#ssl_key_file = 'server.key' +#ssl_ca_file = '' +#ssl_crl_file = '' +#password_encryption = md5 # md5 or scram-sha-256 #db_user_namespace = off #row_security = on @@ -131,6 +131,7 @@ dynamic_shared_memory_type = posix # the default is the first option # windows # mmap # use none to disable dynamic shared memory + # (change requires restart) # - Disk - @@ -162,7 +163,9 @@ dynamic_shared_memory_type = posix # the default is the first option #effective_io_concurrency = 1 # 1-1000; 0 disables prefetching #max_worker_processes = 8 # (change requires restart) -#max_parallel_workers_per_gather = 0 # taken from max_worker_processes +#max_parallel_workers_per_gather = 2 # taken from max_parallel_workers +#max_parallel_workers = 8 # maximum number of max_worker_processes that + # can be used in parallel queries #old_snapshot_threshold = -1 # 1min-60d; -1 disables; 0 is immediate # (change requires restart) #backend_flush_after = 0 # measured in pages, 0 disables @@ -174,7 +177,7 @@ dynamic_shared_memory_type = posix # the default is the first option # - Settings - -#wal_level = minimal # minimal, replica, or logical +#wal_level = replica # minimal, replica, or logical # (change requires restart) #fsync = on # flush data to disk for crash safety # (turning this off can cause @@ -229,12 +232,12 @@ dynamic_shared_memory_type = posix # the default is the first option # Set these on the master and on any standby that will send replication data. -#max_wal_senders = 0 # max number of walsender processes +#max_wal_senders = 10 # max number of walsender processes # (change requires restart) #wal_keep_segments = 0 # in logfile segments, 16MB each; 0 disables #wal_sender_timeout = 60s # in milliseconds; 0 disables -#max_replication_slots = 0 # max number of replication slots +#max_replication_slots = 10 # max number of replication slots # (change requires restart) #track_commit_timestamp = off # collect timestamp of transaction commit # (change requires restart) @@ -244,7 +247,8 @@ dynamic_shared_memory_type = posix # the default is the first option # These settings are ignored on a standby server. #synchronous_standby_names = '' # standby servers that provide sync rep - # number of sync standbys and comma-separated list of application_name + # method to choose sync standbys, number of sync standbys, + # and comma-separated list of application_name # from standby(s); '*' = all #vacuum_defer_cleanup_age = 0 # number of xacts by which cleanup is delayed @@ -252,7 +256,7 @@ dynamic_shared_memory_type = posix # the default is the first option # These settings are ignored on a master server. -#hot_standby = off # "on" allows queries during recovery +#hot_standby = on # "off" disallows queries during recovery # (change requires restart) #max_standby_archive_delay = 30s # max delay before canceling queries # when reading WAL from archive; @@ -270,6 +274,14 @@ dynamic_shared_memory_type = posix # the default is the first option #wal_retrieve_retry_interval = 5s # time to wait before retrying to # retrieve WAL after a failed attempt +# - Subscribers - + +# These settings are ignored on a publisher. + +#max_logical_replication_workers = 4 # taken from max_worker_processes + # (change requires restart) +#max_sync_workers_per_subscription = 2 # taken from max_logical_replication_workers + #------------------------------------------------------------------------------ # QUERY TUNING @@ -298,8 +310,9 @@ dynamic_shared_memory_type = posix # the default is the first option #cpu_operator_cost = 0.0025 # same scale as above #parallel_tuple_cost = 0.1 # same scale as above #parallel_setup_cost = 1000.0 # same scale as above -#min_parallel_relation_size = 8MB -effective_cache_size = 1GB +#min_parallel_table_scan_size = 8MB +#min_parallel_index_scan_size = 512kB +#effective_cache_size = 4GB # - Genetic Query Optimizer - @@ -334,13 +347,13 @@ effective_cache_size = 1GB # requires logging_collector to be on. # This is used when logging to stderr: -#logging_collector = on # Enable capturing of stderr and csvlog +#logging_collector = off # Enable capturing of stderr and csvlog # into log files. Required to be on for # csvlogs. # (change requires restart) # These are only used if logging_collector is on: -#log_directory = '/var/log/postgresql' # directory where log files are written, +#log_directory = 'log' # directory where log files are written, # can be absolute or relative to PGDATA #log_filename = 'postgresql-%Y-%m-%d_%H%M%S.log' # log file name pattern, # can include strftime() escapes @@ -367,6 +380,7 @@ effective_cache_size = 1GB #syslog_split_messages = on # This is only relevant when logging to eventlog (win32): +# (change requires restart) #event_source = 'PostgreSQL' # - When to Log - @@ -455,12 +469,12 @@ log_line_prefix = '%m [%p] %q%u@%d ' # special values: #log_temp_files = -1 # log temporary files equal or larger # than the specified size in kilobytes; # -1 disables, 0 logs all temp files -log_timezone = 'localtime' +log_timezone = 'Europe/Prague' # - Process Title - -cluster_name = '9.6/main' # added to process titles if nonempty +#cluster_name = '' # added to process titles if nonempty # (change requires restart) #update_process_title = on @@ -476,7 +490,7 @@ cluster_name = '9.6/main' # added to process titles if nonempty #track_io_timing = off #track_functions = none # none, pl, all #track_activity_query_size = 1024 # (change requires restart) -stats_temp_directory = '/var/run/postgresql/9.6-main.pg_stat_tmp' +#stats_temp_directory = 'pg_stat_tmp' # - Statistics Monitoring - @@ -536,7 +550,7 @@ stats_temp_directory = '/var/run/postgresql/9.6-main.pg_stat_tmp' #session_replication_role = 'origin' #statement_timeout = 0 # in milliseconds, 0 is disabled #lock_timeout = 0 # in milliseconds, 0 is disabled -#idle_in_transaction_session_timeout = 0 # in milliseconds, 0 is disabled +#idle_in_transaction_session_timeout = 0 # in milliseconds, 0 is disabled #vacuum_freeze_min_age = 50000000 #vacuum_freeze_table_age = 150000000 #vacuum_multixact_freeze_min_age = 5000000 @@ -551,7 +565,7 @@ stats_temp_directory = '/var/run/postgresql/9.6-main.pg_stat_tmp' datestyle = 'iso, mdy' #intervalstyle = 'postgres' -timezone = 'localtime' +timezone = 'Europe/Prague' #timezone_abbreviations = 'Default' # Select the set of available time zone # abbreviations. Currently, there are # Default @@ -564,11 +578,11 @@ timezone = 'localtime' # encoding # These settings are initialized by initdb, but they can be changed. -lc_messages = 'en_US.UTF-8' # locale for system error message +lc_messages = 'C' # locale for system error message # strings -lc_monetary = 'en_US.UTF-8' # locale for monetary formatting -lc_numeric = 'en_US.UTF-8' # locale for number formatting -lc_time = 'en_US.UTF-8' # locale for time formatting +lc_monetary = 'C' # locale for monetary formatting +lc_numeric = 'C' # locale for number formatting +lc_time = 'C' # locale for time formatting # default configuration for text search default_text_search_config = 'pg_catalog.english' @@ -589,6 +603,10 @@ default_text_search_config = 'pg_catalog.english' # (change requires restart) #max_pred_locks_per_transaction = 64 # min 10 # (change requires restart) +#max_pred_locks_per_relation = -2 # negative values mean + # (max_pred_locks_per_transaction + # / -max_pred_locks_per_relation) - 1 +#max_pred_locks_per_page = 2 # min 0 #------------------------------------------------------------------------------ @@ -604,7 +622,6 @@ default_text_search_config = 'pg_catalog.english' #lo_compat_privileges = off #operator_precedence_warning = off #quote_all_identifiers = off -#sql_inheritance = on #standard_conforming_strings = on #synchronize_seqscans = on