sclorg · Nov 29, 2017
diff --git a/‎examples/extending-image/init/init-backup-user.sh
-4 b/‎examples/extending-image/init/init-backup-user.sh
-4
diff --git a/‎examples/extending-image/postgresql-config/logging.conf ‎examples/extending-image/postgresql-config/s2i-extending.conf b/‎examples/extending-image/postgresql-config/logging.conf ‎examples/extending-image/postgresql-config/s2i-extending.conf
diff --git a/‎examples/extending-image/pre-init/check-backup-user.sh
-3 b/‎examples/extending-image/pre-init/check-backup-user.sh
-3
diff --git a/‎examples/extending-image/start-hook/set_passwords.sh
+4 b/‎examples/extending-image/start-hook/set_passwords.sh
+4
diff --git a/‎latest/Dockerfile
+2-1 b/‎latest/Dockerfile
+2-1
diff --git a/‎latest/Dockerfile.rhel7
+2-1 b/‎latest/Dockerfile.rhel7
+2-1
diff --git a/‎latest/root/usr/bin/run-postgresql
+2-4 b/‎latest/root/usr/bin/run-postgresql
+2-4
diff --git a/‎latest/root/usr/share/container-scripts/postgresql/README.md
+7-14 b/‎latest/root/usr/share/container-scripts/postgresql/README.md
+7-14
diff --git a/‎latest/root/usr/share/container-scripts/postgresql/common.sh
-15 b/‎latest/root/usr/share/container-scripts/postgresql/common.sh
-15
diff --git a/‎latest/root/usr/share/container-scripts/postgresql/pre-init/set-config.sh ‎latest/root/usr/share/container-scripts/postgresql/init-hook/set-config.sh b/‎latest/root/usr/share/container-scripts/postgresql/pre-init/set-config.sh ‎latest/root/usr/share/container-scripts/postgresql/init-hook/set-config.sh
diff --git a/‎latest/root/usr/share/container-scripts/postgresql/start-hook/set_passwords.sh
+14 b/‎latest/root/usr/share/container-scripts/postgresql/start-hook/set_passwords.sh
+14
@@ -0,0 +1,4 @@
+#!/bin/bash
+
+# postgresql image encrypts user passwords at service start
+# the functionality can be disabled by providing this file (start-hook/set_passwords.sh) in s2i build
@@ -69,7 +69,8 @@ ENV BASH_ENV=${CONTAINER_SCRIPTS_PATH}/scl_enable \
 
 VOLUME ["/var/lib/pgsql/data"]
 
-RUN chown -R 26:26 ${APP_DATA}
+# {APP_DATA} needs to be accessed by postgres user while s2i assembling
+RUN chown -R 26:0 ${APP_DATA}
 USER 26
 
 ENTRYPOINT ["container-entrypoint"]
 
@@ -72,7 +72,8 @@ ENV BASH_ENV=${CONTAINER_SCRIPTS_PATH}/scl_enable \
 
 VOLUME ["/var/lib/pgsql/data"]
 
-RUN chown -R 26:26 ${APP_DATA}
+# {APP_DATA} needs to be accessed by postgres user while s2i assembling
+RUN chown -R 26:0 ${APP_DATA}
 USER 26
 
 ENTRYPOINT ["container-entrypoint"]
 
@@ -22,16 +22,14 @@ else
   try_pgupgrade
 fi
 
-process_extending_files ${APP_DATA}/src/pre-init ${CONTAINER_SCRIPTS_PATH}/pre-init
-
 pg_ctl -w start -o "-h ''"
 if $PG_INITIALIZED ; then
+    process_extending_files ${APP_DATA}/src/init-hook ${CONTAINER_SCRIPTS_PATH}/init-hook
     migrate_db
     create_users
 fi
-set_passwords
 
-process_extending_files ${APP_DATA}/src/init ${CONTAINER_SCRIPTS_PATH}/init
+process_extending_files ${APP_DATA}/src/start-hook ${CONTAINER_SCRIPTS_PATH}/start-hook
 
 pg_ctl stop
 
 
@@ -254,32 +254,25 @@ following directories:
 
 ##### `postgresql-config/`
 
-contained files will be included at the end of image postgresql.conf file
+contained files will be included at the end of image postgresql.conf file during database initialization
 
-##### `pre-init/`
 
-contained shell scripts (`*.sh`) are sourced before `service` is started
+##### `init-hook/`
 
-##### `init/`
+contained shell scripts (`*.sh`) are sourced once, when database is initialized
 
-contained shell scripts (`*.sh`) are sourced after `service` is
-started
+##### `start-hook/`
+
+contained shell scripts (`*.sh`) are sourced before every start
 
 ----------------------------------------------
 
 During `s2i build` all provided files are copied into `/opt/app-root/src`
-directory in the new image. If some configuration files are present in
-destination directory, files with the same name are overwritten. Also only one
+directory in the new image. Only one
 file with the same name can be used for customization and user provided files
 are preferred over default files in `/usr/share/container-scripts/`-
 so it is possible to overwrite them.
 
-Same configuration directory structure can be used to customize the image
-every time the image is started using `docker run`. The directory have to be
-mounted into `/opt/app-root/src/` in the image (`-v
-./image-configuration/:/opt/app-root/src/`). This overwrites customization
-built into the image.
-
 
 Troubleshooting
 ---------------
 
@@ -190,21 +190,6 @@ function create_users() {
   fi
 }
 
-function set_passwords() {
-  if [[ ",$postinitdb_actions," = *,simple_db,* ]]; then
-    psql --command "ALTER USER \"${POSTGRESQL_USER}\" WITH ENCRYPTED PASSWORD '${POSTGRESQL_PASSWORD}';"
-  fi
-
-  if [ -v POSTGRESQL_MASTER_USER ]; then
-    psql --command "ALTER USER \"${POSTGRESQL_MASTER_USER}\" WITH REPLICATION;"
-    psql --command "ALTER USER \"${POSTGRESQL_MASTER_USER}\" WITH ENCRYPTED PASSWORD '${POSTGRESQL_MASTER_PASSWORD}';"
-  fi
-
-  if [ -v POSTGRESQL_ADMIN_PASSWORD ]; then
-    psql --command "ALTER USER \"postgres\" WITH ENCRYPTED PASSWORD '${POSTGRESQL_ADMIN_PASSWORD}';"
-  fi
-}
-
 migrate_db ()
 {
     test "$postinitdb_actions" = ",migration" || return 0
 
@@ -0,0 +1,14 @@
+#!/bin/bash
+
+if [[ ",$postinitdb_actions," = *,simple_db,* ]]; then
+psql --command "ALTER USER \"${POSTGRESQL_USER}\" WITH ENCRYPTED PASSWORD '${POSTGRESQL_PASSWORD}';"
+fi
+
+if [ -v POSTGRESQL_MASTER_USER ]; then
+psql --command "ALTER USER \"${POSTGRESQL_MASTER_USER}\" WITH REPLICATION;"
+psql --command "ALTER USER \"${POSTGRESQL_MASTER_USER}\" WITH ENCRYPTED PASSWORD '${POSTGRESQL_MASTER_PASSWORD}';"
+fi
+
+if [ -v POSTGRESQL_ADMIN_PASSWORD ]; then
+psql --command "ALTER USER \"postgres\" WITH ENCRYPTED PASSWORD '${POSTGRESQL_ADMIN_PASSWORD}';"
+fi