Mercurial > gemma

view schema/Dockerfile @ 180:0423eab4ad45

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Improve RLS policies for template data The removed POLICY manage_templates missed a WITH CHECK (true), because the USING clause is applied to new rows, too, if no WITH CHECK is provided, thus implying a dead-lock situation with the FK constraint on user_templates (the POLICY requiring a row in user_templates while INSERTing such row requires a row in templates). New POLICY on user_templates prevents waterway_admin from relating templates to users from other countries and allows to write other policies more compact.
author Tom Gottfried <tom@intevation.de>
date Tue, 17 Jul 2018 19:08:18 +0200
parents 0c0826063561
children a9d9c2b1d08c
line wrap: on
line source

FROM centos:7
LABEL authors="tom.gottfried@intevation.de"

# Add the PostgreSQL PGP key to verify the official yum repository packages
RUN rpm --import https://yum.postgresql.org/RPM-GPG-KEY-PGDG-10 &&\
    # Add PostgreSQL's repository. It contains the most recent release
    # of PostgreSQL, 10:
    yum -q -y install https://download.postgresql.org/pub/repos/yum/10/redhat/rhel-7-x86_64/pgdg-centos10-10-2.noarch.rpm &&\
    # Install PostgreSQL 10 and PostGIS
    yum -q -y install postgresql10-server &&\
    yum -q -y install epel-release &&\
    yum -q -y install postgis24_10 pgtap10
USER postgres
ENV PGBIN /usr/pgsql-10/bin/

# initdb PostgreSQL 10:
ENV PGDATA /var/lib/pgsql/10/data
ENV PGCONF /var/lib/pgsql/10/data/postgresql.conf
RUN $PGBIN/initdb -E UTF8 2>&1 < /dev/null &&\
    # Adjust PostgreSQL configuration so that remote connections to the
    # database are possible.
    echo "host all  all    0.0.0.0/0  md5" >> /var/lib/pgsql/10/data/pg_hba.conf &&\
    echo "listen_addresses='*'" >> $PGCONF
# Expose the PostgreSQL port
EXPOSE 5432

# Create GEMMA role and database
WORKDIR /opt/gemma
COPY *.sql *.sh ./
COPY demo-data ./demo-data/
RUN $PGBIN/pg_ctl start -wo "--config_file=$PGCONF" && \
    psql -f roles.sql && \
    createdb gemma && \
    psql -f gemma.sql -d gemma && \
    psql -f auth.sql -d gemma && \
    psql -f demo-data/roles.sql -f demo-data/users.sql -d gemma && \
    psql -f demo-data/responsibility_areas.sql -d gemma && \
    $PGBIN/pg_ctl stop -m smart

# Set the default command to run when starting the container
CMD ["/usr/pgsql-10/bin/postgres", "-D", "/var/lib/pgsql/10/data"]