Commit 9cf9983c authored by Emanuele Aina's avatar Emanuele Aina

docker-compose: Move PGDATA to a subdir to make permissions work out-of-the-box

We currently bind mount `/var/lib/postgresql/data` to a local folder
which is assumed to exist with the right permissions, owned by the user
under which the `postgres` container is run (uid 1000 or the one
configured with the `RUN_USER` environment variable).

If that's not the case (on a fresh checkout, for instance), you'll
be left staring at the following error, after the container failed
to start:

    fixing permissions on existing directory /var/lib/postgresql/data ... initdb: could not change permissions of directory "/var/lib/postgresql/data": Operation not permitted

Having things not work out of the box with weird errors is annoying and
can easily lead to a non-trivial amount of wasted time (hello!).

This is because Docker creates the mount point directories as owned by
root, so when the Postgres' `initdb` runs as the `postgres` user it
fails to change the ownership of the directory.

Shipping the empty directory in the repository would work, but git does
not really understand empty directories.

Sadly, even only putting a `.gitignore` there would make `initdb` complain:

    initdb: directory "/var/lib/postgresql/data" exists but is not empty
    It contains a dot-prefixed/invisible file, perhaps due to it being a mount point.
    Using a mount point directly as the data directory is not recommended.
    Create a subdirectory under the mount point.

A solution avoiding the above issues is to ship some files to
ensure the mount point directory is created with the user permissions
(assuming the user doing the checkout is uid 1000 or `RUN_USER` is set
to the right uid) and then set `PGDATA` to point to a subdirectory of
the user-writable volume mount point, making `initdb` happy.
Signed-off-by: Emanuele Aina's avatarEmanuele Aina <emanuele.aina@collabora.com>
parent f0d770da
Pipeline #3009 passed with stage
in 1 minute and 22 seconds
/database/
Postgres data mountpoint
========================
This folder is here to make the `docker-compose.yaml` recipe in the project
root work out-of-the-box in most cases.
The issue that this folder addresses is that the mount point directory for the
data volume used by the `postgres` container needs to exist with the right
permissions before the container is instantiated, otherwise you'll be left
staring at the following error, after the container failed to start:
fixing permissions on existing directory /var/lib/postgresql/data ...
initdb: could not change permissions of directory "/var/lib/postgresql/data": Operation not permitted
This is because Docker creates the mount point directories as owned by
root, so when the Postgres' `initdb` runs as the `postgres` user it
fails to change the ownership of the directory.
A solution avoiding the above issue on a fresh git checkout is to ensure that
the folder is created with the right permissions by sticking a file (this
README) in it (assuming the user doing the checkout is uid 1000 or `RUN_USER`
is set to the right uid).
Note that `initdb` doesn't like having spurious files around, so the actual
`PGDATA` environment variable is set to point to a subdirectory of
this user-writable volume mount point.
......@@ -23,5 +23,6 @@ services:
environment:
- POSTGRES_USER=test_results
- POSTGRES_PASSWORD=aTh1sEP4s
- PGDATA=/var/lib/postgresql/data/apertis-qa-report
volumes:
- ./database/postgresql/data:/var/lib/postgresql/data
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment