add option to deactivate cron installation, run bash script through s…

…hellcheck

Dockerfile

@@ -75,16 +75,17 @@ ARG IMAGE_VERSION
 ARG POSTGRES_MAJOR_VERSION=15
 ARG POSTGIS_MAJOR_VERSION=3
 ARG POSTGIS_MINOR_RELEASE=4
-ARG TIMESCALE_VERSION=2-2.9.1
+# https://packagecloud.io/timescale/timescaledb
+ARG TIMESCALE_VERSION=2-2.11.2
 ARG BUILD_TIMESCALE=false
 
 
 
 RUN set -eux \
     && export DEBIAN_FRONTEND=noninteractive \
     && apt-get update \
-    && sh -c "echo \"deb http://apt.postgresql.org/pub/repos/apt/ ${IMAGE_VERSION}-pgdg main\" > /etc/apt/sources.list.d/pgdg.list" \
-    && wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc -O- | apt-key add - \
+    && wget -O- https://www.postgresql.org/media/keys/ACCC4CF8.asc | gpg --dearmor |  sh -c 'cat > /usr/share/keyrings/postgresql.gpg' > /dev/null \
+    && echo deb [arch=amd64,arm64,ppc64el signed-by=/usr/share/keyrings/postgresql.gpg] https://apt.postgresql.org/pub/repos/apt/ ${IMAGE_VERSION}-pgdg main | tee /etc/apt/sources.list.d/pgdg.list 2>/dev/null \
     && apt-get -y --purge autoremove \
     && apt-get clean \
     && rm -rf /var/lib/apt/lists/* \

docker-compose.yml

@@ -20,6 +20,7 @@ services:
       # Add extensions you need to be enabled by default in the DB. Default are the five specified below
       - POSTGRES_MULTIPLE_EXTENSIONS=postgis,hstore,postgis_topology,postgis_raster,pgrouting
       - RUN_AS_ROOT=true
+      - ACTIVATE_CRON=False
     ports:
       - "25432:5432"
     restart: on-failure

scripts/docker-entrypoint.sh

@@ -29,7 +29,7 @@ if [[ ${RUN_AS_ROOT} =~ [Ff][Aa][Ll][Ss][Ee] ]];then
 
   # Add group
   if [ ! $(getent group "${DB_GROUP_NAME}") ]; then
-    groupadd -r "${DB_GROUP_NAME}" -g ${GROUP_ID}
+    groupadd -r "${DB_GROUP_NAME}" -g "${GROUP_ID}"
   fi
 
   # Add user to system
@@ -40,7 +40,7 @@ if [[ ${RUN_AS_ROOT} =~ [Ff][Aa][Ll][Ss][Ee] ]];then
   fi
 
   if [[ "${REPLICATION}" =~ [Tt][Rr][Uu][Ee] ]] ; then
-    echo "/home/"${USER_NAME}"/.pgpass" > /tmp/pg_subs.txt
+    echo "/home/${USER_NAME}/.pgpass" > /tmp/pg_subs.txt
     envsubst < /tmp/pg_subs.txt > /tmp/pass_command.txt
     PGPASSFILE=$(cat /tmp/pass_command.txt)
     rm /tmp/pg_subs.txt /tmp/pass_command.txt
@@ -70,12 +70,12 @@ if [[ -z "$REPLICATE_FROM" ]]; then
 else
     # This means this is a slave/replication instance.
     echo -e "[Entrypoint] Setup replicant database \033[0m"
-    create_dir ${WAL_ARCHIVE}
+    create_dir "${WAL_ARCHIVE}"
     if [[ ${RUN_AS_ROOT} =~ [Ff][Aa][Ll][Ss][Ee] ]];then
       non_root_permission "${USER_NAME}" "${DB_GROUP_NAME}"
     else
-      chown -R postgres:postgres ${DATADIR} ${WAL_ARCHIVE}
-      chmod -R 750 ${DATADIR} ${WAL_ARCHIVE}
+      chown -R postgres:postgres "${DATADIR}" "${WAL_ARCHIVE}"
+      chmod -R 750 "${DATADIR}" "${WAL_ARCHIVE}"
     fi
     source /scripts/setup-replication.sh
 fi
@@ -92,7 +92,7 @@ if [[ $# -eq 0 ]];then
   else
     echo -e "[Entrypoint] \e[1;31m Postgres initialisation process completed .... restarting in foreground with gosu \033[0m"
     non_root_permission "${USER_NAME}" "${DB_GROUP_NAME}"
-    exec gosu $USER_NAME bash -c "$SETVARS $POSTGRES -D $DATADIR -c config_file=$CONF"
+    exec gosu "${USER_NAME}" bash -c "$SETVARS $POSTGRES -D $DATADIR -c config_file=$CONF"
 
   fi
 
@@ -105,13 +105,13 @@ if [[ "${1:0:1}" = '-' ]]; then
     if [[ ${RUN_AS_ROOT} =~ [Tt][Rr][Uu][Ee] ]];then
       set -- postgres "$@"
     else
-      set -- gosu $USER_NAME "$@"
+      set -- gosu "${USER_NAME}" "$@"
     fi
 fi
 
-echo "The actual command running is "$@""
+
 if [[ ${RUN_AS_ROOT} =~ [Tt][Rr][Uu][Ee] ]];then
   exec su - "$@"
 else
-  exec gosu $USER_NAME - "$@"
+  exec gosu "${USER_NAME}" - "$@"
 fi

scripts/env-data.sh

@@ -72,18 +72,19 @@ DATA_PATH=$1
 
 if [[ ! -d ${DATA_PATH} ]];
 then
-    echo "Creating" ${DATA_PATH}  "directory"
-    mkdir -p ${DATA_PATH}
+    echo "Creating" "${DATA_PATH}"  "directory"
+    mkdir -p "${DATA_PATH}"
 fi
 }
 
 function generate_random_string() {
   STRING_LENGTH=$1
   random_pass_string=$(cat /dev/urandom | tr -dc '[:alnum:]' | head -c "${STRING_LENGTH}")
   if [[ ! -f /scripts/.pass_${STRING_LENGTH}.txt ]]; then
-    echo ${random_pass_string} > /scripts/.pass_${STRING_LENGTH}.txt
+    echo "${random_pass_string}" > /scripts/.pass_"${STRING_LENGTH}".txt
   fi
-  export RAND=$(cat /scripts/.pass_${STRING_LENGTH}.txt)
+  RAND=$(cat /scripts/.pass_"${STRING_LENGTH}".txt)
+  export RAND
 }
 
 # Make sure we have a user set up
@@ -328,11 +329,21 @@ if [ -z "$EXTRA_CONF" ]; then
     EXTRA_CONF=""
 fi
 
+if [ -z "$ACTIVATE_CRON" ]; then
+    ACTIVATE_CRON=TRUE
+fi
+
 if [ -z "${SHARED_PRELOAD_LIBRARIES}" ]; then
     if [[ $(dpkg -l | grep "timescaledb") > /dev/null ]];then
-        SHARED_PRELOAD_LIBRARIES='pg_cron,timescaledb'
+        if [[ ${ACTIVATE_CRON} =~ [Tt][Rr][Uu][Ee] ]];then
+          SHARED_PRELOAD_LIBRARIES='pg_cron,timescaledb'
+        else
+          SHARED_PRELOAD_LIBRARIES='timescaledb'
+        fi
     else
-        SHARED_PRELOAD_LIBRARIES='pg_cron'
+        if [[ ${ACTIVATE_CRON} =~ [Tt][Rr][Uu][Ee] ]];then
+          SHARED_PRELOAD_LIBRARIES='pg_cron'
+        fi
     fi
 fi
 
@@ -381,8 +392,8 @@ if [ -n "${POSTGRES_INITDB_ARGS}" ]; then
   INITDB_EXTRA_ARGS=${POSTGRES_INITDB_ARGS}
 fi
 
-list=(`echo ${POSTGRES_DBNAME} | tr ',' ' '`)
-arr=(${list})
+list=$(echo "${POSTGRES_DBNAME}" | tr ',' ' ')
+arr=("${list}")
 SINGLE_DB=${arr[0]}
 
 if [ -z "${TIMEZONE}" ]; then
@@ -391,12 +402,12 @@ fi
 
 # usable function definitions
 function kill_postgres {
-  PID=`cat ${PG_PID}`
-  kill -TERM ${PID}
+  PID=$(cat "${PG_PID}")
+  kill -TERM "${PID}"
 
   # Wait for background postgres main process to exit
   # wait until PID file gets deleted
-  while ls -A ${PG_PID} 2> /dev/null; do
+  while ls -A "${PG_PID}" 2> /dev/null; do
     sleep 1
   done
 
@@ -434,21 +445,21 @@ function entry_point_script {
           case "$f" in
                 *.sql)    echo "$0: running $f";
                   if [[ "${ALL_DATABASES}" =~ [Ff][Aa][Ll][Ss][Ee] ]]; then
-                      psql ${SINGLE_DB} -U ${POSTGRES_USER} -p 5432 -h localhost  -f ${f} || true
+                      psql "${SINGLE_DB}" -U ${POSTGRES_USER} -p 5432 -h localhost  -f "${f}" || true
                   else
-                      for db in $(echo ${POSTGRES_DBNAME} | tr ',' ' '); do
-                        psql ${db} -U ${POSTGRES_USER} -p 5432 -h localhost  -f ${f} || true
+                      for db in $(echo "${POSTGRES_DBNAME}" | tr ',' ' '); do
+                        psql "${db}" -U ${POSTGRES_USER} -p 5432 -h localhost  -f "${f}" || true
                       done
                   fi;;
                 *.sql.gz) echo "$0: running $f";
                   if [[ "${ALL_DATABASES}" =~ [Ff][Aa][Ll][Ss][Ee] ]]; then
-                      gunzip < "$f" | psql ${SINGLE_DB} -U ${POSTGRES_USER} -p 5432 -h localhost || true
+                      gunzip < "$f" | psql "${SINGLE_DB}" -U ${POSTGRES_USER} -p 5432 -h localhost || true
                   else
-                      for db in $(echo ${POSTGRES_DBNAME} | tr ',' ' '); do
-                        gunzip < "$f" | psql ${db} -U ${POSTGRES_USER} -p 5432 -h localhost || true
+                      for db in $(echo "${POSTGRES_DBNAME}" | tr ',' ' '); do
+                        gunzip < "$f" | psql "${db}" -U ${POSTGRES_USER} -p 5432 -h localhost || true
                       done
                   fi;;
-                *.sh)     echo "$0: running $f"; . $f || true;;
+                *.sh)     echo "$0: running $f"; . "$f" || true;;
                 *)        echo "$0: ignoring $f" ;;
             esac
             echo
@@ -472,8 +483,8 @@ function configure_replication_permissions {
       non_root_permission "${USER_NAME}" "${DB_GROUP_NAME}"
 
     else
-      chown -R postgres:postgres ${DATADIR} ${WAL_ARCHIVE}
-      chmod -R 750 ${DATADIR} ${WAL_ARCHIVE}
+      chown -R postgres:postgres "${DATADIR}" ${WAL_ARCHIVE}
+      chmod -R 750 "${DATADIR}" ${WAL_ARCHIVE}
       echo -e "[Entrypoint] \e[1;31m Setup data permissions for replication as root user \033[0m"
       chown -R postgres:postgres $(getent passwd postgres | cut -d: -f6)
       su - postgres -c "echo \"${REPLICATE_FROM}:${REPLICATE_PORT}:*:${REPLICATION_USER}:${REPLICATION_PASS}\" > ~/.pgpass"
@@ -486,9 +497,9 @@ function streaming_replication {
     do
       echo -e "[Entrypoint] \e[1;31m Waiting for master to connect... \033[0m"
       sleep 1s
-      if [[ "$(ls -A ${DATADIR})" ]]; then
+      if [[ "$(ls -A "${DATADIR}")" ]]; then
         echo -e "[Entrypoint] \e[1;31m Need empty folder. Cleaning directory... \033[0m"
-        rm -rf ${DATADIR}/*
+        rm -rf "${DATADIR:?}/"*
       fi
     done
 
@@ -518,20 +529,21 @@ function over_write_conf() {
 
 function extension_install() {
   DATABASE=$1
+  DB_EXTENSION=$2
   IFS=':'
-  read -a strarr <<< "$ext"
+  read -a strarr <<< "${DB_EXTENSION}"
   EXTENSION_NAME=${strarr[0]}
   EXTENSION_VERSION=${strarr[1]}
   if [[ -z ${EXTENSION_VERSION} ]];then
     if [[ ${EXTENSION_NAME} != 'pg_cron' ]]; then
       echo -e "\e[32m [Entrypoint] Enabling extension \e[1;31m ${EXTENSION_NAME} \e[32m in the database : \e[1;31m ${DATABASE} \033[0m"
-      psql ${DATABASE} -U ${POSTGRES_USER} -p 5432 -h localhost -c "CREATE EXTENSION IF NOT EXISTS \"${EXTENSION_NAME}\" cascade;"
+      psql "${DATABASE}" -U ${POSTGRES_USER} -p 5432 -h localhost -c "CREATE EXTENSION IF NOT EXISTS \"${EXTENSION_NAME}\" cascade;"
     fi
   else
     if [[ ${EXTENSION_NAME} != 'pg_cron' ]]; then
       pattern="${EXTENSION_NAME}--"
       last_numbers=()
-      for file in "$EXTDIR"/${pattern}*; do
+      for file in "$EXTDIR"/"${pattern}"*; do
         filename=$(basename "$file" .sql)
         if [[ "$filename" == *"--"* ]]; then
           last_number=$(echo "$filename" | awk -F '--' '{print $NF}')
@@ -542,7 +554,7 @@ function extension_install() {
       done
       if [[ " ${last_numbers[@]} " =~ " $EXTENSION_VERSION " ]]; then
         echo -e "\e[32m [Entrypoint] Installing extension \e[1;31m ${EXTENSION_NAME}  \e[32m with version \e[1;31m ${EXTENSION_VERSION} \e[32m in the database : \e[1;31m ${DATABASE} \033[0m"
-        psql ${DATABASE} -U ${POSTGRES_USER} -p 5432 -h localhost -c "CREATE EXTENSION IF NOT EXISTS \"${EXTENSION_NAME}\" WITH VERSION '${EXTENSION_VERSION}' cascade;"
+        psql "${DATABASE}" -U ${POSTGRES_USER} -p 5432 -h localhost -c "CREATE EXTENSION IF NOT EXISTS \"${EXTENSION_NAME}\" WITH VERSION '${EXTENSION_VERSION}' cascade;"
       else
         echo -e "\e[32m [Entrypoint] Extension \e[1;31m ${EXTENSION_NAME}  \e[32m with version \e[1;31m ${EXTENSION_VERSION} \e[32m is not available for install, available versions to install are \e[1;31m  "${last_numbers[@]}" \033[0m"
       fi
@@ -554,11 +566,11 @@ function extension_install() {
 
 function directory_checker() {
   DATA_PATH=$1
-  if [ -d $DATA_PATH ];then
-    DB_USER_PERM=$(stat -c '%U' ${DATA_PATH})
-    DB_GRP_PERM=$(stat -c '%G' ${DATA_PATH})
+  if [ -d "$DATA_PATH" ];then
+    DB_USER_PERM=$(stat -c '%U' "${DATA_PATH}")
+    DB_GRP_PERM=$(stat -c '%G' "${DATA_PATH}")
     if [[ ${DB_USER_PERM} != "${USER}" ]] &&  [[ ${DB_GRP_PERM} != "${GROUP}"  ]];then
-      chown -R ${USER}:${GROUP} ${DATA_PATH}
+      chown -R "${USER}":"${GROUP}" "${DATA_PATH}"
     fi
   fi
 
@@ -574,9 +586,9 @@ function non_root_permission() {
   done
   services=("/usr/lib/postgresql/" "/etc/" "/var/run/!(secrets)" "/var/lib/" "/usr/bin" "/tmp" "/scripts")
   for paths in "${services[@]}"; do
-    directory_checker $paths
+    directory_checker "${paths}"
   done
-  chmod -R 750 ${DATADIR} ${WAL_ARCHIVE}
+  chmod -R 750 "${DATADIR}" ${WAL_ARCHIVE}
 
 }
 

scripts/setup-conf.sh

@@ -2,9 +2,9 @@
 
 source /scripts/env-data.sh
 
-create_dir ${EXTRA_CONF_DIR}
-create_dir ${CONF_LOCKFILE_DIR}
-create_dir ${SCRIPTS_LOCKFILE_DIR}
+create_dir "${EXTRA_CONF_DIR}"
+create_dir "${CONF_LOCKFILE_DIR}"
+create_dir "${SCRIPTS_LOCKFILE_DIR}"
 
 SETUP_LOCKFILE="${CONF_LOCKFILE_DIR}/.postgresql.conf.lock"
 
@@ -13,14 +13,14 @@ if [ -f "${SETUP_LOCKFILE}" ]; then
 fi
 
 # Refresh configuration in case environment settings changed.
-cat $CONF.template > $CONF
+cat "${CONF}".template > "${CONF}"
 
 # Reflect DATA DIR location
 # Delete any data_dir declarations
-sed -i '/data_directory/d' $CONF
+sed -i '/data_directory/d' "${CONF}"
 
 # Create a config to optimise postgis
-cat > ${ROOT_CONF}/postgis.conf <<EOF
+cat > "${ROOT_CONF}"/postgis.conf <<EOF
 data_directory = '${DATADIR}'
 port = 5432
 superuser_reserved_connections= 10
@@ -40,12 +40,12 @@ timezone='${TIMEZONE}'
 cron.use_background_workers = on
 EOF
 
-echo "include 'postgis.conf'" >> $CONF
+echo "include 'postgis.conf'" >> "${CONF}"
 
 # Create a config for logical replication
 if [[  "${REPLICATION}" =~ [Tt][Rr][Uu][Ee] && "$WAL_LEVEL" == 'logical' ]]; then
 
-cat > ${ROOT_CONF}/logical_replication.conf <<EOF
+cat > "${ROOT_CONF}"/logical_replication.conf <<EOF
 wal_level = ${WAL_LEVEL}
 max_wal_senders = ${PG_MAX_WAL_SENDERS}
 wal_keep_size = ${PG_WAL_KEEP_SIZE}
@@ -54,13 +54,13 @@ max_wal_size = ${WAL_SIZE}
 max_logical_replication_workers = ${MAX_LOGICAL_REPLICATION_WORKERS}
 max_sync_workers_per_subscription = ${MAX_SYNC_WORKERS_PER_SUBSCRIPTION}
 EOF
-echo "include 'logical_replication.conf'" >> $CONF
+echo "include 'logical_replication.conf'" >> "${CONF}"
 fi
 
 # Create a config for streaming replication
 if [[ "${REPLICATION}" =~ [Tt][Rr][Uu][Ee] &&  "$WAL_LEVEL" == 'replica' ]]; then
   postgres_ssl_setup
-cat > ${ROOT_CONF}/streaming_replication.conf <<EOF
+cat > "${ROOT_CONF}"/streaming_replication.conf <<EOF
 wal_level = ${WAL_LEVEL}
 max_wal_senders = ${PG_MAX_WAL_SENDERS}
 wal_keep_size = ${PG_WAL_KEEP_SIZE}
@@ -74,25 +74,25 @@ recovery_target_action=${TARGET_ACTION}
 promote_trigger_file = '${PROMOTE_FILE}'
 EOF
 if [[ ${ARCHIVE_MODE} =~ [Oo][Nn] ]];then
-cat >> ${ROOT_CONF}/streaming_replication.conf <<EOF
+cat >> "${ROOT_CONF}"/streaming_replication.conf <<EOF
 archive_mode = ${ARCHIVE_MODE}
 archive_command = '${ARCHIVE_COMMAND}'
 archive_cleanup_command = '${ARCHIVE_CLEANUP_COMMAND}'
 EOF
 fi
-echo "include 'streaming_replication.conf'" >> $CONF
+echo "include 'streaming_replication.conf'" >> "${CONF}"
 fi
 
 if [[ ! -f ${ROOT_CONF}/extra.conf ]]; then
     # If it doesn't exists, copy from ${EXTRA_CONF_DIR} directory if exists
     if [[ -f ${EXTRA_CONF_DIR}/extra.conf ]]; then
-      cp -f ${EXTRA_CONF_DIR}/extra.conf ${ROOT_CONF}/extra.conf
-      echo "include 'extra.conf'" >> $CONF
+      cp -f "${EXTRA_CONF_DIR}"/extra.conf "${ROOT_CONF}"/extra.conf
+      echo "include 'extra.conf'" >> "${CONF}"
     else
       # default value
       if [[  -n "$EXTRA_CONF" ]]; then
-          echo -e $EXTRA_CONF >> ${ROOT_CONF}/extra.conf
-          echo "include 'extra.conf'" >> $CONF
+          echo -e "${EXTRA_CONF}" >> "${ROOT_CONF}"/extra.conf
+          echo "include 'extra.conf'" >> "${CONF}"
       fi
     fi
 
@@ -108,10 +108,10 @@ if [[ $(dpkg -l | grep "timescaledb") > /dev/null ]] && [[ ${ACCEPT_TIMESCALE_TU
   over_write_conf
   echo -e "\e[1;31m Time scale config tuning values below"
   # TODO Add logic to find defaults memory, CPUS as these can vary from defaults on host machine and in docker container
-  timescaledb-tune  -yes -quiet "${TIMESCALE_TUNING_PARAMS}"  --dry-run >"${ROOT_CONF}"/${TIMESCALE_TUNING_CONFIG}
+  timescaledb-tune  -yes -quiet "${TIMESCALE_TUNING_PARAMS}"  --dry-run >"${ROOT_CONF}"/"${TIMESCALE_TUNING_CONFIG}"
   if [[ -f "${ROOT_CONF}"/${TIMESCALE_TUNING_CONFIG} ]]; then
-    mv "${ROOT_CONF}"/postgresql_orig.conf $CONF
-    echo "include '${TIMESCALE_TUNING_CONFIG}'" >> $CONF
+    mv "${ROOT_CONF}"/postgresql_orig.conf "${CONF}"
+    echo "include '${TIMESCALE_TUNING_CONFIG}'" >> "${CONF}"
   fi
   echo -e "\033[0m Time scale config tuning values set in ${ROOT_CONF}/${TIMESCALE_TUNING_CONFIG}"
 fi
@@ -123,4 +123,4 @@ echo "kernel.shmmax=543252480" >> /etc/sysctl.conf
 echo "kernel.shmall=2097152" >> /etc/sysctl.conf
 
 # Put lock file to make sure conf was not reinitialized
-touch ${SETUP_LOCKFILE}
+touch "${SETUP_LOCKFILE}"