maxime.killinger/postgres-ts-vectors
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(docker): resolve permission denied error for PG18+ volume mounts
All checks were successful
🚀 Docker Build and Push / build-and-push (15) (push) Successful in 4m44s
Details
🚀 Docker Build and Push / build-and-push (16) (push) Successful in 4m48s
Details
🚀 Docker Build and Push / build-and-push (17) (push) Successful in 4m47s
Details
🚀 Docker Build and Push / build-and-push (18) (push) Successful in 4m36s
Details

Browse Source 
PostgreSQL 18+ Docker images changed the data directory structure to use
versioned subdirectories (e.g., /var/lib/postgresql/18/main) instead of
the traditional /var/lib/postgresql/data path.

Changes:
- Dockerfile: Add mkdir and chown to ensure /var/lib/postgresql has
  correct permissions for the postgres user before volume mount
- README.md: Update Quick Start with volume mount example
- README.md: Add 'Data Persistence' section explaining PG18+ requirements

This fixes the 'mkdir: cannot create directory: Permission denied' error
that occurred when mounting volumes at /var/lib/postgresql.

See: https://github.com/docker-library/postgres/pull/1259
This commit is contained in:
Maxime Killinger
2025-12-25 16:46:34 +01:00
parent df585b765a
commit f0d5f4870e
4 changed files with 33 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
.gitea/workflows/docker-build.yml
View File

@@ -13,20 +13,20 @@ jobs:
pg_version: [15, 16, 17, 18] pg_version: [15, 16, 17, 18]
steps: steps:
- name: 📥 Checkout code - name: 📥 Checkout code
uses: actions/checkout@v4 uses: https://github.com/actions/checkout@v4
- name: 🛠️ Set up Docker Buildx - name: 🛠️ Set up Docker Buildx
uses: docker/setup-buildx-action@v3 uses: https://github.com/docker/setup-buildx-action@v3
- name: 🔐 Login to Gitea Registry - name: 🔐 Login to Gitea Registry
uses: docker/login-action@v3 uses: https://github.com/docker/login-action@v3
with: with:
registry: gitea.killinger.fr registry: gitea.killinger.fr
username: maxime.killinger username: maxime.killinger
password: ${{ secrets.DOCKER_TOKEN }} password: ${{ secrets.DOCKER_TOKEN }}
- name: 📦 Build Docker image - name: 📦 Build Docker image
uses: docker/build-push-action@v5 uses: https://github.com/docker/build-push-action@v5
with: with:
context: . context: .
load: true load: true
@@ -74,7 +74,7 @@ jobs:
run: docker rm -f test-pg${{ matrix.pg_version }} || true run: docker rm -f test-pg${{ matrix.pg_version }} || true
- name: 🚀 Push Docker image - name: 🚀 Push Docker image
uses: docker/build-push-action@v5 uses: https://github.com/docker/build-push-action@v5
with: with:
context: . context: .
push: true push: true
@@ -85,7 +85,7 @@ jobs:
- name: 🏷️ Tag latest (PG18 only) - name: 🏷️ Tag latest (PG18 only)
if: matrix.pg_version == 18 if: matrix.pg_version == 18
uses: docker/build-push-action@v5 uses: https://github.com/docker/build-push-action@v5
with: with:
context: . context: .
push: true push: true

9
Dockerfile
View File

@@ -46,11 +46,14 @@ COPY --from=builder /tmp/timescaledb/usr/share/postgresql/ /usr/share/postgresql
COPY init-extensions.sh /docker-entrypoint-initdb.d/ COPY init-extensions.sh /docker-entrypoint-initdb.d/
RUN chmod +x /docker-entrypoint-initdb.d/init-extensions.sh RUN chmod +x /docker-entrypoint-initdb.d/init-extensions.sh
# Add entrypoint wrapper to fix volume permissions at runtime
COPY docker-entrypoint-wrapper.sh /usr/local/bin/
RUN chmod +x /usr/local/bin/docker-entrypoint-wrapper.sh
# Healthcheck # Healthcheck
HEALTHCHECK --interval=30s --timeout=5s --start-period=60s --retries=3 \ HEALTHCHECK --interval=30s --timeout=5s --start-period=60s --retries=3 \
CMD pg_isready -U postgres || exit 1 CMD pg_isready -U postgres || exit 1
USER postgres # Run as root initially, wrapper will fix permissions then switch to postgres
ENTRYPOINT ["docker-entrypoint-wrapper.sh"]
# Preload required libraries
CMD ["postgres", "-c", "shared_preload_libraries=timescaledb,vchord"] CMD ["postgres", "-c", "shared_preload_libraries=timescaledb,vchord"]

7
README.md
View File

@@ -23,12 +23,19 @@ Docker image combining **PostgreSQL** with three powerful extensions:
docker run -d \ docker run -d \
--name my-postgres \ --name my-postgres \
-e POSTGRES_PASSWORD=mysecretpassword \ -e POSTGRES_PASSWORD=mysecretpassword \
-v postgres_data:/var/lib/postgresql \
-p 5432:5432 \ -p 5432:5432 \
gitea.killinger.fr/maxime.killinger/postgres-ts-vectors:latest gitea.killinger.fr/maxime.killinger/postgres-ts-vectors:latest
``` ```
All extensions are **automatically created** on first startup. All extensions are **automatically created** on first startup.
## Data Persistence
> [!IMPORTANT]
> Starting with PostgreSQL 18, mount volumes at `/var/lib/postgresql` (not `/var/lib/postgresql/data`).
> Data will be stored in a versioned subdirectory (e.g., `/var/lib/postgresql/18/main`), which facilitates future upgrades with `pg_upgrade`.
## Environment Variables ## Environment Variables
| Variable | Description | Default | | Variable | Description | Default |

14
docker-entrypoint-wrapper.sh Normal file
View File

@@ -0,0 +1,14 @@
#!/bin/bash
set -e
# Fix permissions for mounted volumes (PG18+ requirement)
# This runs as root before switching to postgres user
if [ "$(id -u)" = '0' ]; then
# Ensure data directory exists with correct permissions
mkdir -p /var/lib/postgresql
chown -R postgres:postgres /var/lib/postgresql
chmod 700 /var/lib/postgresql
fi
# Execute the original entrypoint
exec docker-entrypoint.sh "$@"