From 5be735f3f9ab1b27353a476870e59839aa16d6ca Mon Sep 17 00:00:00 2001
From: Ruairidh MacLeod <ruairidh@rkm.dev>
Date: Mon, 9 Dec 2024 13:51:15 +0000
Subject: [PATCH] add postgres example

---
 rocker/postgres/Dockerfile                    | 13 ++++++++
 rocker/postgres/README.md                     | 33 +++++++++++++++++++
 .../10_setup_test_database.sh                 | 10 ++++++
 3 files changed, 56 insertions(+)
 create mode 100644 rocker/postgres/Dockerfile
 create mode 100644 rocker/postgres/README.md
 create mode 100644 rocker/postgres/docker-entrypoint-initdb.d/10_setup_test_database.sh

diff --git a/rocker/postgres/Dockerfile b/rocker/postgres/Dockerfile
new file mode 100644
index 0000000..72f3ff2
--- /dev/null
+++ b/rocker/postgres/Dockerfile
@@ -0,0 +1,13 @@
+FROM postgres:12.20-bullseye@sha256:e1c0ba2f2a0bb8d1976c904d55ff7c817fcd5e922a938a05bb1698a6688028dd
+
+USER root
+
+ENV POSTGRES_USER=postgres
+ENV POSTGRES_PASSWORD=postgres
+ENV POSTGRES_DB=postgres
+
+ENV CONTAINER_USER=myuser
+ENV CONTAINER_USER_PASSWORD=mypassword
+ENV CONTAINER_USER_DB=mydb
+
+COPY --chown=postgres:postgres docker-entrypoint-initdb.d /docker-entrypoint-initdb.d
diff --git a/rocker/postgres/README.md b/rocker/postgres/README.md
new file mode 100644
index 0000000..3341ef0
--- /dev/null
+++ b/rocker/postgres/README.md
@@ -0,0 +1,33 @@
+# TRE PostgreSQL example
+
+## Running
+
+This example shows how to set up basic postgres parameters, create/execute custom scripts to initialise a new database and run postgres.
+
+Create a directory to store the database files:
+
+```console
+mkdir /safe_data/<proj-id>/postgres
+sudo chown 10001:10001 /safe_data/<proj-id>/postgres
+```
+
+Create an options file, `opts.txt`:
+
+```console
+-v /safe_data/<proj-id>/postgres:/var/lib/postgresql/data
+-p 5432:5432
+```
+
+Run with `ces-run`:
+
+```console
+ces-run --opt-file opts.txt ghcr.io/...
+```
+
+## Notes
+
+From the [docker-postgres](https://github.com/docker-library/docs/blob/master/postgres/README.md) documentation (`Arbitrary --user Notes` section), the user running postgres has to:
+1. Be the owner of `/var/lib/postgresql/data`
+2. Exist in `/etc/passwd`
+
+To persist the database using the postgres image, a host directory or volume needs a bind-mount into `/var/lib/postgres/data` in the container. For this to work, the host directory that we use for the bind mount has to be empty on the first run and owned by the user that initialises the database, hence the `chown 10001:10001` command in the example above.
diff --git a/rocker/postgres/docker-entrypoint-initdb.d/10_setup_test_database.sh b/rocker/postgres/docker-entrypoint-initdb.d/10_setup_test_database.sh
new file mode 100644
index 0000000..d8d4219
--- /dev/null
+++ b/rocker/postgres/docker-entrypoint-initdb.d/10_setup_test_database.sh
@@ -0,0 +1,10 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" <<-EOSQL
+    CREATE ROLE "$CONTAINER_USER" NOSUPERUSER CREATEDB CREATEROLE LOGIN PASSWORD '$CONTAINER_USER_PASSWORD';
+    CREATE DATABASE "$CONTAINER_USER_DB" OWNER "$CONTAINER_USER" ENCODING 'utf-8';
+EOSQL
+
+# can import a database from backup here using pg_restore
+# or copy .sql file in docker-entrypoint-initdb for execution on startup