diff options
Diffstat (limited to 'build/postgrest')
| -rw-r--r-- | build/postgrest/Dockerfile | 27 | ||||
| -rwxr-xr-x | build/postgrest/entrypoint.sh | 19 |
2 files changed, 34 insertions, 12 deletions
diff --git a/build/postgrest/Dockerfile b/build/postgrest/Dockerfile index d7720aa..bf1a573 100644 --- a/build/postgrest/Dockerfile +++ b/build/postgrest/Dockerfile @@ -1,9 +1,30 @@ FROM alpine:3.19 + +# install packages +RUN apk add --no-cache tini shadow +RUN rm -fr /var/cache/apk/* + +# setup main user +RUN adduser -D postgrest +RUN groupmod --gid 1000 postgrest +RUN usermod --uid 1000 postgrest + +# install postgrest COPY ./postgrest.tar.xz /tmp/postgrest.tar.xz -RUN tar xJf /tmp/postgrest.tar.xz -C /tmp -RUN cp /tmp/postgrest /usr/local/bin/postgrest +RUN tar xJf /tmp/postgrest.tar.xz -C /usr/local/bin RUN rm /tmp/postgrest.tar.xz + +# copy scripts COPY ./entrypoint.sh /usr/local/bin/entrypoint.sh -CMD ["/usr/local/bin/entrypoint.sh"] +# remove build packages +RUN apk del shadow + +# make the dirs +RUN mkdir -p /etc/postgrest.d && \ + chown postgrest:postgrest /etc/postgrest.d +# do the +USER postgrest +ENTRYPOINT ["/sbin/tini", "--"] +CMD ["/usr/local/bin/entrypoint.sh"] diff --git a/build/postgrest/entrypoint.sh b/build/postgrest/entrypoint.sh index d375769..71b433d 100755 --- a/build/postgrest/entrypoint.sh +++ b/build/postgrest/entrypoint.sh @@ -1,6 +1,5 @@ #!/bin/sh -mkdir /etc/postgrest.d config=/etc/postgrest.d/postgrest.conf PGRST_DB_URI="postgres://authenticator:postgrest@db:5432/$POSTGRES_DB" @@ -9,12 +8,14 @@ PGRST_SCHEMA="api" rm -fr "$config" touch "$config" -printf 'db-uri = "%s"\n' "$PGRST_DB_URI" >> $config -printf 'db-anon-role = "%s"\n' "$PGRST_ROLE" >> $config -printf 'db-schemas = "%s"\n' "$PGRST_SCHEMA" >> $config -printf 'jwt-secret = "%s"\n' "$JWT_SECRET" >> $config -printf 'jwt-secret-is-base64 = false\n' >> $config -printf 'server-host = "*"\n' >> $config -printf 'server-port = 3000\n' >> $config +{ + printf 'db-uri = "%s"\n' "$PGRST_DB_URI"; + printf 'db-anon-role = "%s"\n' "$PGRST_ROLE"; + printf 'db-schemas = "%s"\n' "$PGRST_SCHEMA"; + printf 'jwt-secret = "%s"\n' "$JWT_SECRET"; + printf 'jwt-secret-is-base64 = false\n'; + printf 'server-host = "*"\n'; + printf 'server-port = 3000\n'; +} >> $config -exec /usr/local/bin/postgrest $config +exec /usr/local/bin/postgrest "$config" |