public_git
/
bitnami-containers
mirror of https://github.com/bitnami/containers.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Remove debian-10 directory 

Signed-off-by: Carlos Rodriguez Hernandez <carlosrh@vmware.com>
This commit is contained in:
Carlos Rodriguez Hernandez 2022-06-22 10:53:08 +00:00 committed by Bitnami Containers
parent 353f6d44f3
commit a2dbc5ba4a
25 changed files with 0 additions and 3513 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
bitnami/pgpool/4/debian-10/Dockerfile
View File

@ -1,30 +0,0 @@
FROM docker.io/bitnami/minideb:buster
LABEL maintainer "Bitnami <containers@bitnami.com>"
ENV HOME="/" \
OS_ARCH="amd64" \
OS_FLAVOUR="debian-10" \
OS_NAME="linux"
COPY prebuildfs /
# Install required system packages and dependencies
RUN install_packages acl ca-certificates curl gzip ldap-utils libaudit1 libbsd0 libc6 libcap-ng0 libedit2 libffi6 libgcc1 libgmp10 libgnutls30 libhogweed4 libicu63 libidn2-0 libldap-2.4-2 libldap-common liblzma5 libnettle6 libnss-ldapd libp11-kit0 libpam-ldapd libpam0g libsasl2-2 libssl1.1 libstdc++6 libtasn1-6 libtinfo6 libunistring2 libuuid1 libxml2 libxslt1.1 nslcd procps tar zlib1g
RUN . /opt/bitnami/scripts/libcomponent.sh && component_unpack "postgresql-client" "10.21.0-0" --checksum d5820263d74b7847f65a05b513f1e1ab196128cd9e3dff1b90a2063276667982
RUN . /opt/bitnami/scripts/libcomponent.sh && component_unpack "wait-for-port" "1.0.3-0" --checksum 0603c8eaf6d24e76563431e36e512da06bfebb3a06ede31b3e84d9879213c162
RUN . /opt/bitnami/scripts/libcomponent.sh && component_unpack "pgpool" "4.3.2-0" --checksum 1ff92d881cb02f544a8b1e8616c811cbf8b6b35df2ab1af68b84d3f4133941f5
RUN . /opt/bitnami/scripts/libcomponent.sh && component_unpack "gosu" "1.14.0-7" --checksum d6280b6f647a62bf6edc74dc8e526bfff63ddd8067dcb8540843f47203d9ccf1
RUN apt-get update && apt-get upgrade -y && \
rm -r /var/lib/apt/lists /var/cache/apt/archives
RUN chmod g+rwX /opt/bitnami
COPY rootfs /
RUN /opt/bitnami/scripts/pgpool/postunpack.sh
ENV APP_VERSION="4.3.2" \
BITNAMI_APP_NAME="pgpool" \
PATH="/opt/bitnami/postgresql/bin:/opt/bitnami/common/bin:/opt/bitnami/pgpool/bin:$PATH"
EXPOSE 5432
USER 1001
ENTRYPOINT [ "/opt/bitnami/scripts/pgpool/entrypoint.sh" ]
CMD [ "/opt/bitnami/scripts/pgpool/run.sh" ]

60
bitnami/pgpool/4/debian-10/docker-compose.yml
View File

@ -1,60 +0,0 @@
version: '2.1'
services:
pg-0:
image: docker.io/bitnami/postgresql-repmgr:14
ports:
- 5432
volumes:
- pg_0_data:/bitnami/postgresql
environment:
- POSTGRESQL_POSTGRES_PASSWORD=adminpassword
- POSTGRESQL_USERNAME=customuser
- POSTGRESQL_PASSWORD=custompassword
- POSTGRESQL_DATABASE=customdatabase
- POSTGRESQL_NUM_SYNCHRONOUS_REPLICAS=1
- REPMGR_PASSWORD=repmgrpassword
- REPMGR_PRIMARY_HOST=pg-0
- REPMGR_PARTNER_NODES=pg-1,pg-0
- REPMGR_NODE_NAME=pg-0
- REPMGR_NODE_NETWORK_NAME=pg-0
pg-1:
image: docker.io/bitnami/postgresql-repmgr:14
ports:
- 5432
volumes:
- pg_1_data:/bitnami/postgresql
environment:
- POSTGRESQL_POSTGRES_PASSWORD=adminpassword
- POSTGRESQL_USERNAME=customuser
- POSTGRESQL_PASSWORD=custompassword
- POSTGRESQL_DATABASE=customdatabase
- POSTGRESQL_NUM_SYNCHRONOUS_REPLICAS=1
- REPMGR_PASSWORD=repmgrpassword
- REPMGR_PRIMARY_HOST=pg-0
- REPMGR_PARTNER_NODES=pg-0,pg-1
- REPMGR_NODE_NAME=pg-1
- REPMGR_NODE_NETWORK_NAME=pg-1
pgpool:
image: docker.io/bitnami/pgpool:4
ports:
- 5432:5432
environment:
- PGPOOL_BACKEND_NODES=0:pg-0:5432,1:pg-1:5432
- PGPOOL_SR_CHECK_USER=customuser
- PGPOOL_SR_CHECK_PASSWORD=custompassword
- PGPOOL_ENABLE_LDAP=no
- PGPOOL_POSTGRES_USERNAME=postgres
- PGPOOL_POSTGRES_PASSWORD=adminpassword
- PGPOOL_ADMIN_USERNAME=admin
- PGPOOL_ADMIN_PASSWORD=adminpassword
- PGPOOL_ENABLE_LOAD_BALANCING=yes
healthcheck:
test: ["CMD", "/opt/bitnami/scripts/pgpool/healthcheck.sh"]
interval: 10s
timeout: 5s
retries: 5
volumes:
pg_0_data:
driver: local
pg_1_data:
driver: local

30
bitnami/pgpool/4/debian-10/prebuildfs/opt/bitnami/.bitnami_components.json
View File

@ -1,30 +0,0 @@
{
"gosu": {
"arch": "amd64",
"digest": "d6280b6f647a62bf6edc74dc8e526bfff63ddd8067dcb8540843f47203d9ccf1",
"distro": "debian-10",
"type": "NAMI",
"version": "1.14.0-7"
},
"pgpool": {
"arch": "amd64",
"digest": "1ff92d881cb02f544a8b1e8616c811cbf8b6b35df2ab1af68b84d3f4133941f5",
"distro": "debian-10",
"type": "NAMI",
"version": "4.3.2-0"
},
"postgresql-client": {
"arch": "amd64",
"digest": "d5820263d74b7847f65a05b513f1e1ab196128cd9e3dff1b90a2063276667982",
"distro": "debian-10",
"type": "NAMI",
"version": "10.21.0-0"
},
"wait-for-port": {
"arch": "amd64",
"digest": "0603c8eaf6d24e76563431e36e512da06bfebb3a06ede31b3e84d9879213c162",
"distro": "debian-10",
"type": "NAMI",
"version": "1.0.3-0"
}
}

3
bitnami/pgpool/4/debian-10/prebuildfs/opt/bitnami/licenses/licenses.txt
View File

@ -1,3 +0,0 @@
Bitnami containers ship with software bundles. You can find the licenses under:
/opt/bitnami/nami/COPYING
/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt

51
bitnami/pgpool/4/debian-10/prebuildfs/opt/bitnami/scripts/libbitnami.sh
View File

@ -1,51 +0,0 @@
#!/bin/bash
#
# Bitnami custom library
# shellcheck disable=SC1091
# Load Generic Libraries
. /opt/bitnami/scripts/liblog.sh
# Constants
BOLD='\033[1m'
# Functions
########################
# Print the welcome page
# Globals:
# DISABLE_WELCOME_MESSAGE
# BITNAMI_APP_NAME
# Arguments:
# None
# Returns:
# None
#########################
print_welcome_page() {
if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then
if [[ -n "$BITNAMI_APP_NAME" ]]; then
print_image_welcome_page
fi
fi
}
########################
# Print the welcome page for a Bitnami Docker image
# Globals:
# BITNAMI_APP_NAME
# Arguments:
# None
# Returns:
# None
#########################
print_image_welcome_page() {
local github_url="https://github.com/bitnami/bitnami-docker-${BITNAMI_APP_NAME}"
log ""
log "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}"
log "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}"
log "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}"
log ""
}

65
bitnami/pgpool/4/debian-10/prebuildfs/opt/bitnami/scripts/libcomponent.sh
View File

@ -1,65 +0,0 @@
#!/bin/bash
#
# Library for managing Bitnami components
# Constants
CACHE_ROOT="/tmp/bitnami/pkg/cache"
DOWNLOAD_URL="https://downloads.bitnami.com/files/stacksmith"
# Functions
########################
# Download and unpack a Bitnami package
# Globals:
# OS_NAME
# OS_ARCH
# OS_FLAVOUR
# Arguments:
# $1 - component's name
# $2 - component's version
# Returns:
# None
#########################
component_unpack() {
local name="${1:?name is required}"
local version="${2:?version is required}"
local base_name="${name}-${version}-${OS_NAME}-${OS_ARCH}-${OS_FLAVOUR}"
local package_sha256=""
local directory="/opt/bitnami"
# Validate arguments
shift 2
while [ "$#" -gt 0 ]; do
case "$1" in
-c|--checksum)
shift
package_sha256="${1:?missing package checksum}"
;;
*)
echo "Invalid command line flag $1" >&2
return 1
;;
esac
shift
done
echo "Downloading $base_name package"
if [ -f "${CACHE_ROOT}/${base_name}.tar.gz" ]; then
echo "${CACHE_ROOT}/${base_name}.tar.gz already exists, skipping download."
cp "${CACHE_ROOT}/${base_name}.tar.gz" .
rm "${CACHE_ROOT}/${base_name}.tar.gz"
if [ -f "${CACHE_ROOT}/${base_name}.tar.gz.sha256" ]; then
echo "Using the local sha256 from ${CACHE_ROOT}/${base_name}.tar.gz.sha256"
package_sha256="$(< "${CACHE_ROOT}/${base_name}.tar.gz.sha256")"
rm "${CACHE_ROOT}/${base_name}.tar.gz.sha256"
fi
else
curl --remote-name --silent --show-error --fail "${DOWNLOAD_URL}/${base_name}.tar.gz"
fi
if [ -n "$package_sha256" ]; then
echo "Verifying package integrity"
echo "$package_sha256 ${base_name}.tar.gz" | sha256sum --check - || exit "$?"
fi
tar --directory "${directory}" --extract --gunzip --file "${base_name}.tar.gz" --no-same-owner --strip-components=2
rm "${base_name}.tar.gz"
}

139
bitnami/pgpool/4/debian-10/prebuildfs/opt/bitnami/scripts/libfile.sh
View File

@ -1,139 +0,0 @@
#!/bin/bash
#
# Library for managing files
# shellcheck disable=SC1091
# Load Generic Libraries
. /opt/bitnami/scripts/libos.sh
# Functions
########################
# Replace a regex-matching string in a file
# Arguments:
# $1 - filename
# $2 - match regex
# $3 - substitute regex
# $4 - use POSIX regex. Default: true
# Returns:
# None
#########################
replace_in_file() {
local filename="${1:?filename is required}"
local match_regex="${2:?match regex is required}"
local substitute_regex="${3:?substitute regex is required}"
local posix_regex=${4:-true}
local result
# We should avoid using 'sed in-place' substitutions
# 1) They are not compatible with files mounted from ConfigMap(s)
# 2) We found incompatibility issues with Debian10 and "in-place" substitutions
local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues
if [[ $posix_regex = true ]]; then
result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")"
else
result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")"
fi
echo "$result" > "$filename"
}
########################
# Replace a regex-matching multiline string in a file
# Arguments:
# $1 - filename
# $2 - match regex
# $3 - substitute regex
# Returns:
# None
#########################
replace_in_file_multiline() {
local filename="${1:?filename is required}"
local match_regex="${2:?match regex is required}"
local substitute_regex="${3:?substitute regex is required}"
local result
local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues
result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")"
echo "$result" > "$filename"
}
########################
# Remove a line in a file based on a regex
# Arguments:
# $1 - filename
# $2 - match regex
# $3 - use POSIX regex. Default: true
# Returns:
# None
#########################
remove_in_file() {
local filename="${1:?filename is required}"
local match_regex="${2:?match regex is required}"
local posix_regex=${3:-true}
local result
# We should avoid using 'sed in-place' substitutions
# 1) They are not compatible with files mounted from ConfigMap(s)
# 2) We found incompatibility issues with Debian10 and "in-place" substitutions
if [[ $posix_regex = true ]]; then
result="$(sed -E "/$match_regex/d" "$filename")"
else
result="$(sed "/$match_regex/d" "$filename")"
fi
echo "$result" > "$filename"
}
########################
# Appends text after the last line matching a pattern
# Arguments:
# $1 - file
# $2 - match regex
# $3 - contents to add
# Returns:
# None
#########################
append_file_after_last_match() {
local file="${1:?missing file}"
local match_regex="${2:?missing pattern}"
local value="${3:?missing value}"
# We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again
result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)"
echo "$result" > "$file"
}
########################
# Wait until certain entry is present in a log file
# Arguments:
# $1 - entry to look for
# $2 - log file
# $3 - max retries. Default: 12
# $4 - sleep between retries (in seconds). Default: 5
# Returns:
# Boolean
#########################
wait_for_log_entry() {
local -r entry="${1:-missing entry}"
local -r log_file="${2:-missing log file}"
local -r retries="${3:-12}"
local -r interval_time="${4:-5}"
local attempt=0
check_log_file_for_entry() {
if ! grep -qE "$entry" "$log_file"; then
debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})"
return 1
fi
}
debug "Checking that ${log_file} log file contains entry \"${entry}\""
if retry_while check_log_file_for_entry "$retries" "$interval_time"; then
debug "Found entry \"${entry}\" in ${log_file}"
true
else
error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries"
debug_execute cat "$log_file"
return 1
fi
}

190
bitnami/pgpool/4/debian-10/prebuildfs/opt/bitnami/scripts/libfs.sh
View File

@ -1,190 +0,0 @@
#!/bin/bash
#
# Library for file system actions
# shellcheck disable=SC1091
# Load Generic Libraries
. /opt/bitnami/scripts/liblog.sh
# Functions
########################
# Ensure a file/directory is owned (user and group) but the given user
# Arguments:
# $1 - filepath
# $2 - owner
# Returns:
# None
#########################
owned_by() {
local path="${1:?path is missing}"
local owner="${2:?owner is missing}"
local group="${3:-}"
if [[ -n $group ]]; then
chown "$owner":"$group" "$path"
else
chown "$owner":"$owner" "$path"
fi
}
########################
# Ensure a directory exists and, optionally, is owned by the given user
# Arguments:
# $1 - directory
# $2 - owner
# Returns:
# None
#########################
ensure_dir_exists() {
local dir="${1:?directory is missing}"
local owner_user="${2:-}"
local owner_group="${3:-}"
mkdir -p "${dir}"
if [[ -n $owner_user ]]; then
owned_by "$dir" "$owner_user" "$owner_group"
fi
}
########################
# Checks whether a directory is empty or not
# arguments:
# $1 - directory
# returns:
# boolean
#########################
is_dir_empty() {
local -r path="${1:?missing directory}"
# Calculate real path in order to avoid issues with symlinks
local -r dir="$(realpath "$path")"
if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then
true
else
false
fi
}
########################
# Checks whether a mounted directory is empty or not
# arguments:
# $1 - directory
# returns:
# boolean
#########################
is_mounted_dir_empty() {
local dir="${1:?missing directory}"
if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then
true
else
false
fi
}
########################
# Checks whether a file can be written to or not
# arguments:
# $1 - file
# returns:
# boolean
#########################
is_file_writable() {
local file="${1:?missing file}"
local dir
dir="$(dirname "$file")"
if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then
true
else
false
fi
}
########################
# Relativize a path
# arguments:
# $1 - path
# $2 - base
# returns:
# None
#########################
relativize() {
local -r path="${1:?missing path}"
local -r base="${2:?missing base}"
pushd "$base" >/dev/null || exit
realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||'
popd >/dev/null || exit
}
########################
# Configure permisions and ownership recursively
# Globals:
# None
# Arguments:
# $1 - paths (as a string).
# Flags:
# -f|--file-mode - mode for directories.
# -d|--dir-mode - mode for files.
# -u|--user - user
# -g|--group - group
# Returns:
# None
#########################
configure_permissions_ownership() {
local -r paths="${1:?paths is missing}"
local dir_mode=""
local file_mode=""
local user=""
local group=""
# Validate arguments
shift 1
while [ "$#" -gt 0 ]; do
case "$1" in
-f | --file-mode)
shift
file_mode="${1:?missing mode for files}"
;;
-d | --dir-mode)
shift
dir_mode="${1:?missing mode for directories}"
;;
-u | --user)
shift
user="${1:?missing user}"
;;
-g | --group)
shift
group="${1:?missing group}"
;;
*)
echo "Invalid command line flag $1" >&2
return 1
;;
esac
shift
done
read -r -a filepaths <<<"$paths"
for p in "${filepaths[@]}"; do
if [[ -e "$p" ]]; then
if [[ -n $dir_mode ]]; then
find -L "$p" -type d -exec chmod "$dir_mode" {} \;
fi
if [[ -n $file_mode ]]; then
find -L "$p" -type f -exec chmod "$file_mode" {} \;
fi
if [[ -n $user ]] && [[ -n $group ]]; then
chown -LR "$user":"$group" "$p"
elif [[ -n $user ]] && [[ -z $group ]]; then
chown -LR "$user" "$p"
elif [[ -z $user ]] && [[ -n $group ]]; then
chgrp -LR "$group" "$p"
fi
else
stderr_print "$p does not exist"
fi
done
}

16
bitnami/pgpool/4/debian-10/prebuildfs/opt/bitnami/scripts/libhook.sh
View File

@ -1,16 +0,0 @@
#!/bin/bash
#
# Library to use for scripts expected to be used as Kubernetes lifecycle hooks
# shellcheck disable=SC1091
# Load generic libraries
. /opt/bitnami/scripts/liblog.sh
. /opt/bitnami/scripts/libos.sh
# Override functions that log to stdout/stderr of the current process, so they print to process 1
for function_to_override in stderr_print debug_execute; do
# Output is sent to output of process 1 and thus end up in the container log
# The hook output in general isn't saved
eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2"
done

112
bitnami/pgpool/4/debian-10/prebuildfs/opt/bitnami/scripts/liblog.sh
View File

@ -1,112 +0,0 @@
#!/bin/bash
#
# Library for logging functions
# Constants
RESET='\033[0m'
RED='\033[38;5;1m'
GREEN='\033[38;5;2m'
YELLOW='\033[38;5;3m'
MAGENTA='\033[38;5;5m'
CYAN='\033[38;5;6m'
# Functions
########################
# Print to STDERR
# Arguments:
# Message to print
# Returns:
# None
#########################
stderr_print() {
# 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it
local bool="${BITNAMI_QUIET:-false}"
# comparison is performed without regard to the case of alphabetic characters
shopt -s nocasematch
if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then
printf "%b\\n" "${*}" >&2
fi
}
########################
# Log message
# Arguments:
# Message to log
# Returns:
# None
#########################
log() {
stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}"
}
########################
# Log an 'info' message
# Arguments:
# Message to log
# Returns:
# None
#########################
info() {
log "${GREEN}INFO ${RESET} ==> ${*}"
}
########################
# Log message
# Arguments:
# Message to log
# Returns:
# None
#########################
warn() {
log "${YELLOW}WARN ${RESET} ==> ${*}"
}
########################
# Log an 'error' message
# Arguments:
# Message to log
# Returns:
# None
#########################
error() {
log "${RED}ERROR${RESET} ==> ${*}"
}
########################
# Log a 'debug' message
# Globals:
# BITNAMI_DEBUG
# Arguments:
# None
# Returns:
# None
#########################
debug() {
# 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it
local bool="${BITNAMI_DEBUG:-false}"
# comparison is performed without regard to the case of alphabetic characters
shopt -s nocasematch
if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then
log "${MAGENTA}DEBUG${RESET} ==> ${*}"
fi
}
########################
# Indent a string
# Arguments:
# $1 - string
# $2 - number of indentation characters (default: 4)
# $3 - indentation character (default: " ")
# Returns:
# None
#########################
indent() {
local string="${1:-}"
local num="${2:?missing num}"
local char="${3:-" "}"
# Build the indentation unit string
local indent_unit=""
for ((i = 0; i < num; i++)); do
indent_unit="${indent_unit}${char}"
done
# shellcheck disable=SC2001
# Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions
echo "$string" | sed "s/^/${indent_unit}/"
}

163
bitnami/pgpool/4/debian-10/prebuildfs/opt/bitnami/scripts/libnet.sh
View File

@ -1,163 +0,0 @@
#!/bin/bash
#
# Library for network functions
# shellcheck disable=SC1091
# Load Generic Libraries
. /opt/bitnami/scripts/liblog.sh
# Functions
########################
# Resolve IP address for a host/domain (i.e. DNS lookup)
# Arguments:
# $1 - Hostname to resolve
# $2 - IP address version (v4, v6), leave empty for resolving to any version
# Returns:
# IP
#########################
dns_lookup() {
local host="${1:?host is missing}"
local ip_version="${2:-}"
getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1
}
#########################
# Wait for a hostname and return the IP
# Arguments:
# $1 - hostname
# $2 - number of retries
# $3 - seconds to wait between retries
# Returns:
# - IP address that corresponds to the hostname
#########################
wait_for_dns_lookup() {
local hostname="${1:?hostname is missing}"
local retries="${2:-5}"
local seconds="${3:-1}"
check_host() {
if [[ $(dns_lookup "$hostname") == "" ]]; then
false
else
true
fi
}
# Wait for the host to be ready
retry_while "check_host ${hostname}" "$retries" "$seconds"
dns_lookup "$hostname"
}
########################
# Get machine's IP
# Arguments:
# None
# Returns:
# Machine IP
#########################
get_machine_ip() {
local -a ip_addresses
local hostname
hostname="$(hostname)"
read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)"
if [[ "${#ip_addresses[@]}" -gt 1 ]]; then
warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}"
elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then
error "Could not find any IP address associated to hostname ${hostname}"
exit 1
fi
echo "${ip_addresses[0]}"
}
########################
# Check if the provided argument is a resolved hostname
# Arguments:
# $1 - Value to check
# Returns:
# Boolean
#########################
is_hostname_resolved() {
local -r host="${1:?missing value}"
if [[ -n "$(dns_lookup "$host")" ]]; then
true
else
false
fi
}
########################
# Parse URL
# Globals:
# None
# Arguments:
# $1 - uri - String
# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String
# Returns:
# String
parse_uri() {
local uri="${1:?uri is missing}"
local component="${2:?component is missing}"
# Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with
# additional sub-expressions to split authority into userinfo, host and port
# Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969)
local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?'
# || | ||| | | | | | | | | |
# |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment
# 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #...
# | 4 authority
# 3 //...
local index=0
case "$component" in
scheme)
index=2
;;
authority)
index=4
;;
userinfo)
index=6
;;
host)
index=7
;;
port)
index=9
;;
path)
index=10
;;
query)
index=13
;;
fragment)
index=14
;;
*)
stderr_print "unrecognized component $component"
return 1
;;
esac
[[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}"
}
########################
# Wait for a HTTP connection to succeed
# Globals:
# *
# Arguments:
# $1 - URL to wait for
# $2 - Maximum amount of retries (optional)
# $3 - Time between retries (optional)
# Returns:
# true if the HTTP connection succeeded, false otherwise
#########################
wait_for_http_connection() {
local url="${1:?missing url}"
local retries="${2:-}"
local sleep_time="${3:-}"
if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then
error "Could not connect to ${url}"
return 1
fi
}

466
bitnami/pgpool/4/debian-10/prebuildfs/opt/bitnami/scripts/libos.sh
View File

@ -1,466 +0,0 @@
#!/bin/bash
#
# Library for operating system actions
# shellcheck disable=SC1091
# Load Generic Libraries
. /opt/bitnami/scripts/liblog.sh
. /opt/bitnami/scripts/libfs.sh
. /opt/bitnami/scripts/libvalidations.sh
# Functions
########################
# Check if an user exists in the system
# Arguments:
# $1 - user
# Returns:
# Boolean
#########################
user_exists() {
local user="${1:?user is missing}"
id "$user" >/dev/null 2>&1
}
########################
# Check if a group exists in the system
# Arguments:
# $1 - group
# Returns:
# Boolean
#########################
group_exists() {
local group="${1:?group is missing}"
getent group "$group" >/dev/null 2>&1
}
########################
# Create a group in the system if it does not exist already
# Arguments:
# $1 - group
# Flags:
# -i|--gid - the ID for the new group
# -s|--system - Whether to create new user as system user (uid <= 999)
# Returns:
# None
#########################
ensure_group_exists() {
local group="${1:?group is missing}"
local gid=""
local is_system_user=false
# Validate arguments
shift 1
while [ "$#" -gt 0 ]; do
case "$1" in
-i | --gid)
shift
gid="${1:?missing gid}"
;;
-s | --system)
is_system_user=true
;;
*)
echo "Invalid command line flag $1" >&2
return 1
;;
esac
shift
done
if ! group_exists "$group"; then
local -a args=("$group")
if [[ -n "$gid" ]]; then
if group_exists "$gid"; then
error "The GID $gid is already in use." >&2
return 1
fi
args+=("--gid" "$gid")
fi
$is_system_user && args+=("--system")
groupadd "${args[@]}" >/dev/null 2>&1
fi
}
########################
# Create an user in the system if it does not exist already
# Arguments:
# $1 - user
# Flags:
# -i|--uid - the ID for the new user
# -g|--group - the group the new user should belong to
# -a|--append-groups - comma-separated list of supplemental groups to append to the new user
# -h|--home - the home directory for the new user
# -s|--system - whether to create new user as system user (uid <= 999)
# Returns:
# None
#########################
ensure_user_exists() {
local user="${1:?user is missing}"
local uid=""
local group=""
local append_groups=""
local home=""
local is_system_user=false
# Validate arguments
shift 1
while [ "$#" -gt 0 ]; do
case "$1" in
-i | --uid)
shift
uid="${1:?missing uid}"
;;
-g | --group)
shift
group="${1:?missing group}"
;;
-a | --append-groups)
shift
append_groups="${1:?missing append_groups}"
;;
-h | --home)
shift
home="${1:?missing home directory}"
;;
-s | --system)
is_system_user=true
;;
*)
echo "Invalid command line flag $1" >&2
return 1
;;
esac
shift
done
if ! user_exists "$user"; then
local -a user_args=("-N" "$user")
if [[ -n "$uid" ]]; then
if user_exists "$uid"; then
error "The UID $uid is already in use."
return 1
fi
user_args+=("--uid" "$uid")
else
$is_system_user && user_args+=("--system")
fi
useradd "${user_args[@]}" >/dev/null 2>&1
fi
if [[ -n "$group" ]]; then
local -a group_args=("$group")
$is_system_user && group_args+=("--system")
ensure_group_exists "${group_args[@]}"
usermod -g "$group" "$user" >/dev/null 2>&1
fi
if [[ -n "$append_groups" ]]; then
local -a groups
read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")"
for group in "${groups[@]}"; do
ensure_group_exists "$group"
usermod -aG "$group" "$user" >/dev/null 2>&1
done
fi
if [[ -n "$home" ]]; then
mkdir -p "$home"
usermod -d "$home" "$user" >/dev/null 2>&1
configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group"
fi
}
########################
# Check if the script is currently running as root
# Arguments:
# $1 - user
# $2 - group
# Returns:
# Boolean
#########################
am_i_root() {
if [[ "$(id -u)" = "0" ]]; then
true
else
false
fi
}
########################
# Print OS metadata
# Arguments:
# $1 - Flag name
# Flags:
# --id - Distro ID
# --version - Distro version
# --branch - Distro branch
# --codename - Distro codename
# Returns:
# String
#########################
get_os_metadata() {
local -r flag_name="${1:?missing flag}"
# Helper function
get_os_release_metadata() {
local -r env_name="${1:?missing environment variable name}"
(
. /etc/os-release
echo "${!env_name}"
)
}
case "$flag_name" in
--id)
get_os_release_metadata ID
;;
--version)
get_os_release_metadata VERSION_ID
;;
--branch)
get_os_release_metadata VERSION_ID | sed 's/\..*//'
;;
--codename)
get_os_release_metadata VERSION_CODENAME
;;
*)
error "Unknown flag ${flag_name}"
return 1
;;
esac
}
########################
# Get total memory available
# Arguments:
# None
# Returns:
# Memory in bytes
#########################
get_total_memory() {
echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024))
}
########################
# Get machine size depending on specified memory
# Globals:
# None
# Arguments:
# None
# Flags:
# --memory - memory size (optional)
# Returns:
# Detected instance size
#########################
get_machine_size() {
local memory=""
# Validate arguments
while [[ "$#" -gt 0 ]]; do
case "$1" in
--memory)
shift
memory="${1:?missing memory}"
;;
*)
echo "Invalid command line flag $1" >&2
return 1
;;
esac
shift
done
if [[ -z "$memory" ]]; then
debug "Memory was not specified, detecting available memory automatically"
memory="$(get_total_memory)"
fi
sanitized_memory=$(convert_to_mb "$memory")
if [[ "$sanitized_memory" -gt 26000 ]]; then
echo 2xlarge
elif [[ "$sanitized_memory" -gt 13000 ]]; then
echo xlarge
elif [[ "$sanitized_memory" -gt 6000 ]]; then
echo large
elif [[ "$sanitized_memory" -gt 3000 ]]; then
echo medium
elif [[ "$sanitized_memory" -gt 1500 ]]; then
echo small
else
echo micro
fi
}
########################
# Get machine size depending on specified memory
# Globals:
# None
# Arguments:
# $1 - memory size (optional)
# Returns:
# Detected instance size
#########################
get_supported_machine_sizes() {
echo micro small medium large xlarge 2xlarge
}
########################
# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048)
# Globals:
# None
# Arguments:
# $1 - memory size
# Returns:
# Result of the conversion
#########################
convert_to_mb() {
local amount="${1:-}"
if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then
size="${BASH_REMATCH[1]}"
unit="${BASH_REMATCH[2]}"
if [[ "$unit" = "g" || "$unit" = "G" ]]; then
amount="$((size * 1024))"
else
amount="$size"
fi
fi
echo "$amount"
}
#########################
# Redirects output to /dev/null if debug mode is disabled
# Globals:
# BITNAMI_DEBUG
# Arguments:
# $@ - Command to execute
# Returns:
# None
#########################
debug_execute() {
if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then
"$@"
else
"$@" >/dev/null 2>&1
fi
}
########################
# Retries a command a given number of times
# Arguments:
# $1 - cmd (as a string)
# $2 - max retries. Default: 12
# $3 - sleep between retries (in seconds). Default: 5
# Returns:
# Boolean
#########################
retry_while() {
local cmd="${1:?cmd is missing}"
local retries="${2:-12}"
local sleep_time="${3:-5}"
local return_value=1
read -r -a command <<<"$cmd"
for ((i = 1; i <= retries; i += 1)); do
"${command[@]}" && return_value=0 && break
sleep "$sleep_time"
done
return $return_value
}
########################
# Generate a random string
# Arguments:
# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii
# -c|--count - Number of characters, defaults to 32
# Arguments:
# None
# Returns:
# None
# Returns:
# String
#########################
generate_random_string() {
local type="ascii"
local count="32"
local filter
local result
# Validate arguments
while [[ "$#" -gt 0 ]]; do
case "$1" in
-t | --type)
shift
type="$1"
;;
-c | --count)
shift
count="$1"
;;
*)
echo "Invalid command line flag $1" >&2
return 1
;;
esac
shift
done
# Validate type
case "$type" in
ascii)
filter="[:print:]"
;;
alphanumeric)
filter="a-zA-Z0-9"
;;
numeric)
filter="0-9"
;;
*)
echo "Invalid type ${type}" >&2
return 1
;;
esac
# Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size
# Note there is a very small chance of strings starting with EOL character
# Therefore, the higher amount of lines read, this will happen less frequently
result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")"
echo "$result"
}
########################
# Create md5 hash from a string
# Arguments:
# $1 - string
# Returns:
# md5 hash - string
#########################
generate_md5_hash() {
local -r str="${1:?missing input string}"
echo -n "$str" | md5sum | awk '{print $1}'
}
########################
# Create sha1 hash from a string
# Arguments:
# $1 - string
# $2 - algorithm - 1 (default), 224, 256, 384, 512
# Returns:
# sha1 hash - string
#########################
generate_sha_hash() {
local -r str="${1:?missing input string}"
local -r algorithm="${2:-1}"
echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}'
}
########################
# Converts a string to its hexadecimal representation
# Arguments:
# $1 - string
# Returns:
# hexadecimal representation of the string
#########################
convert_to_hex() {
local -r str=${1:?missing input string}
local -i iterator
local char
for ((iterator = 0; iterator < ${#str}; iterator++)); do
char=${str:iterator:1}
printf '%x' "'${char}"
done
}

122
bitnami/pgpool/4/debian-10/prebuildfs/opt/bitnami/scripts/libpersistence.sh
View File

@ -1,122 +0,0 @@
#!/bin/bash
#
# Bitnami persistence library
# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic
# shellcheck disable=SC1091
# Load Generic Libraries
. /opt/bitnami/scripts/libfs.sh
. /opt/bitnami/scripts/libos.sh
. /opt/bitnami/scripts/liblog.sh
. /opt/bitnami/scripts/libversion.sh
# Functions
########################
# Persist an application directory
# Globals:
# BITNAMI_ROOT_DIR
# BITNAMI_VOLUME_DIR
# Arguments:
# $1 - App folder name
# $2 - List of app files to persist
# Returns:
# true if all steps succeeded, false otherwise
#########################
persist_app() {
local -r app="${1:?missing app}"
local -a files_to_restore
read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")"
local -r install_dir="${BITNAMI_ROOT_DIR}/${app}"
local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}"
# Persist the individual files
if [[ "${#files_to_persist[@]}" -le 0 ]]; then
warn "No files are configured to be persisted"
return
fi
pushd "$install_dir" >/dev/null || exit
local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder
local -r tmp_file="/tmp/perms.acl"
for file_to_persist in "${files_to_persist[@]}"; do
if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then
error "Cannot persist '${file_to_persist}' because it does not exist"
return 1
fi
file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")"
file_to_persist_destination="${persist_dir}/${file_to_persist_relative}"
file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")"
# Get original permissions for existing files, which will be applied later
# Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume
getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file"
# Copy directories to the volume
ensure_dir_exists "$file_to_persist_destination_folder"
cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder"
# Restore permissions
pushd "$persist_dir" >/dev/null || exit
if am_i_root; then
setfacl --restore="$tmp_file"
else
# When running as non-root, don't change ownership
setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file")
fi
popd >/dev/null || exit
done
popd >/dev/null || exit
rm -f "$tmp_file"
# Install the persisted files into the installation directory, via symlinks
restore_persisted_app "$@"
}
########################
# Restore a persisted application directory
# Globals:
# BITNAMI_ROOT_DIR
# BITNAMI_VOLUME_DIR
# FORCE_MAJOR_UPGRADE
# Arguments:
# $1 - App folder name
# $2 - List of app files to restore
# Returns:
# true if all steps succeeded, false otherwise
#########################
restore_persisted_app() {
local -r app="${1:?missing app}"
local -a files_to_restore
read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")"
local -r install_dir="${BITNAMI_ROOT_DIR}/${app}"
local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}"
# Restore the individual persisted files
if [[ "${#files_to_restore[@]}" -le 0 ]]; then
warn "No persisted files are configured to be restored"
return
fi
local file_to_restore_relative file_to_restore_origin file_to_restore_destination
for file_to_restore in "${files_to_restore[@]}"; do
file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")"
# We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed
file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")"
file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")"
rm -rf "$file_to_restore_origin"
ln -sfn "$file_to_restore_destination" "$file_to_restore_origin"
done
}
########################
# Check if an application directory was already persisted
# Globals:
# BITNAMI_VOLUME_DIR
# Arguments:
# $1 - App folder name
# Returns:
# true if all steps succeeded, false otherwise
#########################
is_app_initialized() {
local -r app="${1:?missing app}"
local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}"
if ! is_mounted_dir_empty "$persist_dir"; then
true
else
false
fi
}

273
bitnami/pgpool/4/debian-10/prebuildfs/opt/bitnami/scripts/libservice.sh
View File

@ -1,273 +0,0 @@
#!/bin/bash
#
# Library for managing services
# shellcheck disable=SC1091
# Load Generic Libraries
. /opt/bitnami/scripts/libvalidations.sh
. /opt/bitnami/scripts/liblog.sh
# Functions
########################
# Read the provided pid file and returns a PID
# Arguments:
# $1 - Pid file
# Returns:
# PID
#########################
get_pid_from_file() {
local pid_file="${1:?pid file is missing}"
if [[ -f "$pid_file" ]]; then
if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then
echo "$(< "$pid_file")"
fi
fi
}
########################
# Check if a provided PID corresponds to a running service
# Arguments:
# $1 - PID
# Returns:
# Boolean
#########################
is_service_running() {
local pid="${1:?pid is missing}"
kill -0 "$pid" 2>/dev/null
}
########################
# Stop a service by sending a termination signal to its pid
# Arguments:
# $1 - Pid file
# $2 - Signal number (optional)
# Returns:
# None
#########################
stop_service_using_pid() {
local pid_file="${1:?pid file is missing}"
local signal="${2:-}"
local pid
pid="$(get_pid_from_file "$pid_file")"
[[ -z "$pid" ]] || ! is_service_running "$pid" && return
if [[ -n "$signal" ]]; then
kill "-${signal}" "$pid"
else
kill "$pid"
fi
local counter=10
while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do
sleep 1
counter=$((counter - 1))
done
}
########################
# Start cron daemon
# Arguments:
# None
# Returns:
# true if started correctly, false otherwise
#########################
cron_start() {
if [[ -x "/usr/sbin/cron" ]]; then
/usr/sbin/cron
elif [[ -x "/usr/sbin/crond" ]]; then
/usr/sbin/crond
else
false
fi
}
########################
# Generate a cron configuration file for a given service
# Arguments:
# $1 - Service name
# $2 - Command
# Flags:
# --run-as - User to run as (default: root)
# --schedule - Cron schedule configuration (default: * * * * *)
# Returns:
# None
#########################
generate_cron_conf() {
local service_name="${1:?service name is missing}"
local cmd="${2:?command is missing}"
local run_as="root"
local schedule="* * * * *"
local clean="true"
local clean="true"
# Parse optional CLI flags
shift 2
while [[ "$#" -gt 0 ]]; do
case "$1" in
--run-as)
shift
run_as="$1"
;;
--schedule)
shift
schedule="$1"
;;
--no-clean)
clean="false"
;;
*)
echo "Invalid command line flag ${1}" >&2
return 1
;;
esac
shift
done
mkdir -p /etc/cron.d
if "$clean"; then
echo "${schedule} ${run_as} ${cmd}" > /etc/cron.d/"$service_name"
else
echo "${schedule} ${run_as} ${cmd}" >> /etc/cron.d/"$service_name"
fi
}
########################
# Remove a cron configuration file for a given service
# Arguments:
# $1 - Service name
# Returns:
# None
#########################
remove_cron_conf() {
local service_name="${1:?service name is missing}"
local cron_conf_dir="/etc/monit/conf.d"
rm -f "${cron_conf_dir}/${service_name}"
}
########################
# Generate a monit configuration file for a given service
# Arguments:
# $1 - Service name
# $2 - Pid file
# $3 - Start command
# $4 - Stop command
# Flags:
# --disable - Whether to disable the monit configuration
# Returns:
# None
#########################
generate_monit_conf() {
local service_name="${1:?service name is missing}"
local pid_file="${2:?pid file is missing}"
local start_command="${3:?start command is missing}"
local stop_command="${4:?stop command is missing}"
local monit_conf_dir="/etc/monit/conf.d"
local disabled="no"
# Parse optional CLI flags
shift 4
while [[ "$#" -gt 0 ]]; do
case "$1" in
--disable)
disabled="yes"
;;
*)
echo "Invalid command line flag ${1}" >&2
return 1
;;
esac
shift
done
is_boolean_yes "$disabled" && conf_suffix=".disabled"
mkdir -p "$monit_conf_dir"
cat >"${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <<EOF
check process ${service_name}
with pidfile "${pid_file}"
start program = "${start_command}" with timeout 90 seconds
stop program = "${stop_command}" with timeout 90 seconds
EOF
}
########################
# Remove a monit configuration file for a given service
# Arguments:
# $1 - Service name
# Returns:
# None
#########################
remove_monit_conf() {
local service_name="${1:?service name is missing}"
local monit_conf_dir="/etc/monit/conf.d"
rm -f "${monit_conf_dir}/${service_name}.conf"
}
########################
# Generate a logrotate configuration file
# Arguments:
# $1 - Service name
# $2 - Log files pattern
# Flags:
# --period - Period
# --rotations - Number of rotations to store
# --extra - Extra options (Optional)
# Returns:
# None
#########################
generate_logrotate_conf() {
local service_name="${1:?service name is missing}"
local log_path="${2:?log path is missing}"
local period="weekly"
local rotations="150"
local extra=""
local logrotate_conf_dir="/etc/logrotate.d"
local var_name
# Parse optional CLI flags
shift 2
while [[ "$#" -gt 0 ]]; do
case "$1" in
--period|--rotations|--extra)
var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")"
shift
declare "$var_name"="${1:?"$var_name" is missing}"
;;
*)
echo "Invalid command line flag ${1}" >&2
return 1
;;
esac
shift
done
mkdir -p "$logrotate_conf_dir"
cat <<EOF | sed '/^\s*$/d' >"${logrotate_conf_dir}/${service_name}"
${log_path} {
${period}
rotate ${rotations}
dateext
compress
copytruncate
missingok
$(indent "$extra" 2)
}
EOF
}
########################
# Remove a logrotate configuration file
# Arguments:
# $1 - Service name
# Returns:
# None
#########################
remove_logrotate_conf() {
local service_name="${1:?service name is missing}"
local logrotate_conf_dir="/etc/logrotate.d"
rm -f "${logrotate_conf_dir}/${service_name}"
}

264
bitnami/pgpool/4/debian-10/prebuildfs/opt/bitnami/scripts/libvalidations.sh
View File

@ -1,264 +0,0 @@
#!/bin/bash
#
# Validation functions library
# shellcheck disable=SC1091
# Load Generic Libraries
. /opt/bitnami/scripts/liblog.sh
# Functions
########################
# Check if the provided argument is an integer
# Arguments:
# $1 - Value to check
# Returns:
# Boolean
#########################
is_int() {
local -r int="${1:?missing value}"
if [[ "$int" =~ ^-?[0-9]+ ]]; then
true
else
false
fi
}
########################
# Check if the provided argument is a positive integer
# Arguments:
# $1 - Value to check
# Returns:
# Boolean
#########################
is_positive_int() {
local -r int="${1:?missing value}"
if is_int "$int" && (( "${int}" >= 0 )); then
true
else
false
fi
}
########################
# Check if the provided argument is a boolean or is the string 'yes/true'
# Arguments:
# $1 - Value to check
# Returns:
# Boolean
#########################
is_boolean_yes() {
local -r bool="${1:-}"
# comparison is performed without regard to the case of alphabetic characters
shopt -s nocasematch
if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then
true
else
false
fi
}
########################
# Check if the provided argument is a boolean yes/no value
# Arguments:
# $1 - Value to check
# Returns:
# Boolean
#########################
is_yes_no_value() {
local -r bool="${1:-}"
if [[ "$bool" =~ ^(yes|no)$ ]]; then
true
else
false
fi
}
########################
# Check if the provided argument is a boolean true/false value
# Arguments:
# $1 - Value to check
# Returns:
# Boolean
#########################
is_true_false_value() {
local -r bool="${1:-}"
if [[ "$bool" =~ ^(true|false)$ ]]; then
true
else
false
fi
}
########################
# Check if the provided argument is a boolean 1/0 value
# Arguments:
# $1 - Value to check
# Returns:
# Boolean
#########################
is_1_0_value() {
local -r bool="${1:-}"
if [[ "$bool" =~ ^[10]$ ]]; then
true
else
false
fi
}
########################
# Check if the provided argument is an empty string or not defined
# Arguments:
# $1 - Value to check
# Returns:
# Boolean
#########################
is_empty_value() {
local -r val="${1:-}"
if [[ -z "$val" ]]; then
true
else
false
fi
}
########################
# Validate if the provided argument is a valid port
# Arguments:
# $1 - Port to validate
# Returns:
# Boolean and error message
#########################
validate_port() {
local value
local unprivileged=0
# Parse flags
while [[ "$#" -gt 0 ]]; do
case "$1" in
-unprivileged)
unprivileged=1
;;
--)
shift
break
;;
-*)
stderr_print "unrecognized flag $1"
return 1
;;
*)
break
;;
esac
shift
done
if [[ "$#" -gt 1 ]]; then
echo "too many arguments provided"
return 2
elif [[ "$#" -eq 0 ]]; then
stderr_print "missing port argument"
return 1
else
value=$1
fi
if [[ -z "$value" ]]; then
echo "the value is empty"
return 1
else
if ! is_int "$value"; then
echo "value is not an integer"
return 2
elif [[ "$value" -lt 0 ]]; then
echo "negative value provided"
return 2
elif [[ "$value" -gt 65535 ]]; then
echo "requested port is greater than 65535"
return 2
elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then
echo "privileged port requested"
return 3
fi
fi
}
########################
# Validate if the provided argument is a valid IPv4 address
# Arguments:
# $1 - IP to validate
# Returns:
# Boolean
#########################
validate_ipv4() {
local ip="${1:?ip is missing}"
local stat=1
if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then
read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")"
[[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \
&& ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]]
stat=$?
fi
return $stat
}
########################
# Validate a string format
# Arguments:
# $1 - String to validate
# Returns:
# Boolean
#########################
validate_string() {
local string
local min_length=-1
local max_length=-1
# Parse flags
while [ "$#" -gt 0 ]; do
case "$1" in
-min-length)
shift
min_length=${1:-}
;;
-max-length)
shift
max_length=${1:-}
;;
--)
shift
break
;;
-*)
stderr_print "unrecognized flag $1"
return 1
;;
*)
break
;;
esac
shift
done
if [ "$#" -gt 1 ]; then
stderr_print "too many arguments provided"
return 2
elif [ "$#" -eq 0 ]; then
stderr_print "missing string"
return 1
else
string=$1
fi
if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then
echo "string length is less than $min_length"
return 1
fi
if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then
echo "string length is great than $max_length"
return 1
fi
}

49
bitnami/pgpool/4/debian-10/prebuildfs/opt/bitnami/scripts/libversion.sh
View File

@ -1,49 +0,0 @@
#!/bin/bash
#
# Library for managing versions strings
# shellcheck disable=SC1091
# Load Generic Libraries
. /opt/bitnami/scripts/liblog.sh
# Functions
########################
# Gets semantic version
# Arguments:
# $1 - version: string to extract major.minor.patch
# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch
# Returns:
# array with the major, minor and release
#########################
get_sematic_version () {
local version="${1:?version is required}"
local section="${2:?section is required}"
local -a version_sections
#Regex to parse versions: x.y.z
local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?'
if [[ "$version" =~ $regex ]]; then
local i=1
local j=1
local n=${#BASH_REMATCH[*]}
while [[ $i -lt $n ]]; do
if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then
version_sections[$j]=${BASH_REMATCH[$i]}
((j++))
fi
((i++))
done
local number_regex='^[0-9]+$'
if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then
echo "${version_sections[$section]}"
return
else
stderr_print "Section allowed values are: 1, 2, and 3"
return 1
fi
fi
}

458
bitnami/pgpool/4/debian-10/prebuildfs/opt/bitnami/scripts/libwebserver.sh
View File

@ -1,458 +0,0 @@
#!/bin/bash
#
# Bitnami web server handler library
# shellcheck disable=SC1090,SC1091
# Load generic libraries
. /opt/bitnami/scripts/liblog.sh
########################
# Execute a command (or list of commands) with the web server environment and library loaded
# Globals:
# *
# Arguments:
# None
# Returns:
# None
#########################
web_server_execute() {
local -r web_server="${1:?missing web server}"
shift
# Run program in sub-shell to avoid web server environment getting loaded when not necessary
(
. "/opt/bitnami/scripts/lib${web_server}.sh"
. "/opt/bitnami/scripts/${web_server}-env.sh"
"$@"
)
}
########################
# Prints the list of enabled web servers
# Globals:
# None
# Arguments:
# None
# Returns:
# None
#########################
web_server_list() {
local -r -a supported_web_servers=(apache nginx)
local -a existing_web_servers=()
for web_server in "${supported_web_servers[@]}"; do
[[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server")
done
echo "${existing_web_servers[@]:-}"
}
########################
# Prints the currently-enabled web server type (only one, in order of preference)
# Globals:
# None
# Arguments:
# None
# Returns:
# None
#########################
web_server_type() {
local -a web_servers
read -r -a web_servers <<< "$(web_server_list)"
echo "${web_servers[0]:-}"
}
########################
# Validate that a supported web server is configured
# Globals:
# None
# Arguments:
# None
# Returns:
# None
#########################
web_server_validate() {
local error_code=0
local supported_web_servers=("apache" "nginx")
# Auxiliary functions
print_validation_error() {
error "$1"
error_code=1
}
if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then
print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}"
elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then
print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable."
fi
return "$error_code"
}
########################
# Check whether the web server is running
# Globals:
# *
# Arguments:
# None
# Returns:
# true if the web server is running, false otherwise
#########################
is_web_server_running() {
"is_$(web_server_type)_running"
}
########################
# Start web server
# Globals:
# *
# Arguments:
# None
# Returns:
# None
#########################
web_server_start() {
info "Starting $(web_server_type) in background"
"${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh"
}
########################
# Stop web server
# Globals:
# *
# Arguments:
# None
# Returns:
# None
#########################
web_server_stop() {
info "Stopping $(web_server_type)"
"${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh"
}
########################
# Restart web server
# Globals:
# *
# Arguments:
# None
# Returns:
# None
#########################
web_server_restart() {
info "Restarting $(web_server_type)"
"${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh"
}
########################
# Reload web server
# Globals:
# *
# Arguments:
# None
# Returns:
# None
#########################
web_server_reload() {
"${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh"
}
########################
# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block)
# It serves as a wrapper for the specific web server function
# Globals:
# *
# Arguments:
# $1 - App name
# Flags:
# --type - Application type, which has an effect on which configuration template to use
# --hosts - Host listen addresses
# --server-name - Server name
# --server-aliases - Server aliases
# --allow-remote-connections - Whether to allow remote connections or to require local connections
# --disable - Whether to render server configurations with a .disabled prefix
# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix
# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix
# --http-port - HTTP port number
# --https-port - HTTPS port number
# --document-root - Path to document root directory
# Apache-specific flags:
# --apache-additional-configuration - Additional vhost configuration (no default)
# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default)
# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default)
# --apache-before-vhost-configuration - Configuration to add before the <VirtualHost> directive (no default)
# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined)
# --apache-extra-directory-configuration - Extra configuration for the document root directory
# --apache-proxy-address - Address where to proxy requests
# --apache-proxy-configuration - Extra configuration for the proxy
# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost
# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost
# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined)
# NGINX-specific flags:
# --nginx-additional-configuration - Additional server block configuration (no default)
# --nginx-external-configuration - Configuration external to server block (no default)
# Returns:
# true if the configuration was enabled, false otherwise
########################
ensure_web_server_app_configuration_exists() {
local app="${1:?missing app}"
shift
local -a apache_args nginx_args web_servers args_var
apache_args=("$app")
nginx_args=("$app")
# Validate arguments
while [[ "$#" -gt 0 ]]; do
case "$1" in
# Common flags
--disable \
| --disable-http \
| --disable-https \
)
apache_args+=("$1")
nginx_args+=("$1")
;;
--hosts \
| --server-name \
| --server-aliases \
| --type \
| --allow-remote-connections \
| --http-port \
| --https-port \
| --document-root \
)
apache_args+=("$1" "${2:?missing value}")
nginx_args+=("$1" "${2:?missing value}")
shift
;;
# Specific Apache flags
--apache-additional-configuration \
| --apache-additional-http-configuration \
| --apache-additional-https-configuration \
| --apache-before-vhost-configuration \
| --apache-allow-override \
| --apache-extra-directory-configuration \
| --apache-proxy-address \
| --apache-proxy-configuration \
| --apache-proxy-http-configuration \
| --apache-proxy-https-configuration \
| --apache-move-htaccess \
)
apache_args+=("${1//apache-/}" "${2:?missing value}")
shift
;;
# Specific NGINX flags
--nginx-additional-configuration \
| --nginx-external-configuration)
nginx_args+=("${1//nginx-/}" "${2:?missing value}")
shift
;;
*)
echo "Invalid command line flag $1" >&2
return 1
;;
esac
shift
done
read -r -a web_servers <<< "$(web_server_list)"
for web_server in "${web_servers[@]}"; do
args_var="${web_server}_args[@]"
web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}"
done
}
########################
# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block)
# It serves as a wrapper for the specific web server function
# Globals:
# *
# Arguments:
# $1 - App name
# Returns:
# true if the configuration was disabled, false otherwise
########################
ensure_web_server_app_configuration_not_exists() {
local app="${1:?missing app}"
local -a web_servers
read -r -a web_servers <<< "$(web_server_list)"
for web_server in "${web_servers[@]}"; do
web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app"
done
}
########################
# Ensure the web server loads the configuration for an application in a URL prefix
# It serves as a wrapper for the specific web server function
# Globals:
# *
# Arguments:
# $1 - App name
# Flags:
# --allow-remote-connections - Whether to allow remote connections or to require local connections
# --document-root - Path to document root directory
# --prefix - URL prefix from where it will be accessible (i.e. /myapp)
# --type - Application type, which has an effect on what configuration template will be used
# Apache-specific flags:
# --apache-additional-configuration - Additional vhost configuration (no default)
# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no')
# --apache-extra-directory-configuration - Extra configuration for the document root directory
# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup
# NGINX-specific flags:
# --nginx-additional-configuration - Additional server block configuration (no default)
# Returns:
# true if the configuration was enabled, false otherwise
########################
ensure_web_server_prefix_configuration_exists() {
local app="${1:?missing app}"
shift
local -a apache_args nginx_args web_servers args_var
apache_args=("$app")
nginx_args=("$app")
# Validate arguments
while [[ "$#" -gt 0 ]]; do
case "$1" in
# Common flags
--allow-remote-connections \
| --document-root \
| --prefix \
| --type \
)
apache_args+=("$1" "${2:?missing value}")
nginx_args+=("$1" "${2:?missing value}")
shift
;;
# Specific Apache flags
--apache-additional-configuration \
| --apache-allow-override \
| --apache-extra-directory-configuration \
| --apache-move-htaccess \
)
apache_args+=("${1//apache-/}" "$2")
shift
;;
# Specific NGINX flags
--nginx-additional-configuration)
nginx_args+=("${1//nginx-/}" "$2")
shift
;;
*)
echo "Invalid command line flag $1" >&2
return 1
;;
esac
shift
done
read -r -a web_servers <<< "$(web_server_list)"
for web_server in "${web_servers[@]}"; do
args_var="${web_server}_args[@]"
web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}"
done
}
########################
# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports)
# It serves as a wrapper for the specific web server function
# Globals:
# *
# Arguments:
# $1 - App name
# Flags:
# --hosts - Host listen addresses
# --server-name - Server name
# --server-aliases - Server aliases
# --enable-http - Enable HTTP app configuration (if not enabled already)
# --enable-https - Enable HTTPS app configuration (if not enabled already)
# --disable-http - Disable HTTP app configuration (if not disabled already)
# --disable-https - Disable HTTPS app configuration (if not disabled already)
# --http-port - HTTP port number
# --https-port - HTTPS port number
# Returns:
# true if the configuration was updated, false otherwise
########################
web_server_update_app_configuration() {
local app="${1:?missing app}"
shift
local -a args web_servers
args=("$app")
# Validate arguments
while [[ "$#" -gt 0 ]]; do
case "$1" in
# Common flags
--enable-http \
| --enable-https \
| --disable-http \
| --disable-https \
)
args+=("$1")
;;
--hosts \
| --server-name \
| --server-aliases \
| --http-port \
| --https-port \
)
args+=("$1" "${2:?missing value}")
shift
;;
*)
echo "Invalid command line flag $1" >&2
return 1
;;
esac
shift
done
read -r -a web_servers <<< "$(web_server_list)"
for web_server in "${web_servers[@]}"; do
web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}"
done
}
########################
# Enable loading page, which shows users that the initialization process is not yet completed
# Globals:
# *
# Arguments:
# None
# Returns:
# None
#########################
web_server_enable_loading_page() {
ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \
--apache-additional-configuration "
# Show a HTTP 503 Service Unavailable page by default
RedirectMatch 503 ^/$
# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes
ErrorDocument 404 /index.html
ErrorDocument 503 /index.html" \
--nginx-additional-configuration "
# Show a HTTP 503 Service Unavailable page by default
location / {
return 503;
}
# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes
error_page 404 @installing;
error_page 503 @installing;
location @installing {
rewrite ^(.*)$ /index.html break;
}"
web_server_reload
}
########################
# Enable loading page, which shows users that the initialization process is not yet completed
# Globals:
# *
# Arguments:
# None
# Returns:
# None
#########################
web_server_disable_install_page() {
ensure_web_server_app_configuration_not_exists "__loading"
web_server_reload
}

24
bitnami/pgpool/4/debian-10/prebuildfs/usr/sbin/install_packages
View File

@ -1,24 +0,0 @@
#!/bin/sh
set -e
set -u
export DEBIAN_FRONTEND=noninteractive
n=0
max=2
until [ $n -gt $max ]; do
set +e
(
apt-get update -qq &&
apt-get install -y --no-install-recommends "$@"
)
CODE=$?
set -e
if [ $CODE -eq 0 ]; then
break
fi
if [ $n -eq $max ]; then
exit $CODE
fi
echo "apt failed, retrying"
n=$(($n + 1))
done
rm -r /var/lib/apt/lists /var/cache/apt/archives

218
bitnami/pgpool/4/debian-10/rootfs/opt/bitnami/scripts/libldapclient.sh
View File

@ -1,218 +0,0 @@
#!/bin/bash
#
# Bitnami LDAP library
# shellcheck disable=SC1090,SC1091
# Load libraries
. /opt/bitnami/scripts/libfs.sh
. /opt/bitnami/scripts/liblog.sh
. /opt/bitnami/scripts/libos.sh
########################
# Loads global variables used on LDAP configuration.
# Globals:
# LDAP_*
# Arguments:
# None
# Returns:
# Series of exports to be used as 'eval' arguments
#########################
ldap_env() {
cat <<"EOF"
export LDAP_NSLCD_USER="nslcd"
export LDAP_URI="${LDAP_URI:-}"
export LDAP_BASE="${LDAP_BASE:-}"
export LDAP_BIND_DN="${LDAP_BIND_DN:-}"
export LDAP_BIND_PASSWORD="${LDAP_BIND_PASSWORD:-}"
export LDAP_BASE_LOOKUP="${LDAP_BASE_LOOKUP:-}"
export LDAP_NSS_INITGROUPS_IGNOREUSERS="${LDAP_NSS_INITGROUPS_IGNOREUSERS:-root,nslcd}"
export LDAP_SCOPE="${LDAP_SCOPE:-}"
export LDAP_TLS_REQCERT="${LDAP_TLS_REQCERT:-}"
export LDAP_SEARCH_FILTER="${LDAP_SEARCH_FILTER:-}"
export LDAP_SEARCH_MAP="${LDAP_SEARCH_MAP:-}"
EOF
if [[ "$OS_FLAVOUR" =~ ^debian-.*$ ]]; then
cat <<"EOF"
export LDAP_NSLCD_GROUP="nslcd"
EOF
elif [[ "$OS_FLAVOUR" =~ ^(centos|photon)-.*$ ]]; then
cat <<"EOF"
export LDAP_NSLCD_GROUP="ldap"
EOF
fi
}
########################
# Return LDAP config file path depending on distro
# Globals:
# OS_FLAVOUR
# Arguments:
# None
# Returns:
# (String) LDAP config file path
#########################
ldap_openldap_config_path() {
local openldap_config
case "$OS_FLAVOUR" in
debian-*|ubuntu-*) openldap_config=/etc/ldap/ldap.conf ;;
centos-*|photon-*) openldap_config=/etc/openldap/ldap.conf ;;
*) error "Unsupported OS flavor ${OS_FLAVOUR}" && exit 1 ;;
esac
echo "$openldap_config"
}
########################
# Configure LDAP permissions (to be used at postunpack leve).
# Globals:
# LDAP_*
# Arguments:
# None
# Returns:
# None
#########################
ldap_configure_permissions() {
ensure_dir_exists "/var/run/nslcd" && configure_permissions_ownership "/var/run/nslcd" -u "root" -g "root" -d "775"
configure_permissions_ownership "/etc/nslcd.conf" -u "root" -g "root" -f "660"
configure_permissions_ownership "$(ldap_openldap_config_path)" -u "root" -g "root" -f "660"
}
########################
# Create nslcd.conf file
# Globals:
# LDAP_*
# Arguments:
# None
# Returns:
# None
#########################
ldap_create_nslcd_config() {
if am_i_root; then
chown "root:${LDAP_NSLCD_GROUP}" "/etc/nslcd.conf"
chown -R "${LDAP_NSLCD_USER}:${LDAP_NSLCD_GROUP}" "/var/run/nslcd"
cat > "/etc/nslcd.conf" <<EOF
# The user and group nslcd should run as
uid $LDAP_NSLCD_USER
gid $LDAP_NSLCD_GROUP
EOF
else
cat > "/etc/nslcd.conf" <<EOF
# Comment out uid,gid to avoid attempting change user/group to run as
# uid
# gid
EOF
fi
cat >> "/etc/nslcd.conf" <<EOF
nss_initgroups_ignoreusers $LDAP_NSS_INITGROUPS_IGNOREUSERS
# The location at which the LDAP server(s) should be reachable.
uri $LDAP_URI
# The search base that will be used for all queries
base $LDAP_BASE
# The DN to bind with for normal lookups
binddn $LDAP_BIND_DN
bindpw $LDAP_BIND_PASSWORD
EOF
if [[ -n "${LDAP_BASE_LOOKUP}" ]]; then
cat >>"/etc/nslcd.conf"<<EOF
base passwd $LDAP_BASE_LOOKUP
EOF
fi
if [[ -n "${LDAP_SCOPE}" ]]; then
cat >>"/etc/nslcd.conf"<<EOF
# The search scope
scope $LDAP_SCOPE
EOF
fi
if [[ -n "${LDAP_SEARCH_FILTER}" ]]; then
cat >>"/etc/nslcd.conf"<<EOF
# LDAP search filter to use for posix users
filter passwd (objectClass=$LDAP_SEARCH_FILTER)
EOF
fi
if [[ -n "${LDAP_SEARCH_MAP}" ]]; then
cat >>"/etc/nslcd.conf"<<EOF
# Used for lookup of custom attributes
map passwd uid $LDAP_SEARCH_MAP
EOF
fi
if [[ -n "${LDAP_TLS_REQCERT}" ]]; then
cat >>"/etc/nslcd.conf"<<EOF
# TLS options
tls_reqcert $LDAP_TLS_REQCERT
EOF
fi
if am_i_root; then
chmod "600" "/etc/nslcd.conf"
fi
}
########################
# Create ldap.conf file
# Globals:
# LDAP_*
# Arguments:
# None
# Returns:
# None
#########################
ldap_create_openldap_config() {
cat >>"$(ldap_openldap_config_path)"<<EOF
BASE $LDAP_BASE
URI $LDAP_URI
TLS_CACERTDIR /etc/openldap/certs
# Turning this off breaks GSSAPI used with krb5 when rdns = false
SASL_NOCANON on
EOF
}
########################
# Create PAM configuration file
# Globals:
# LDAP_*
# Arguments:
# filename - PAM configuration file name
# Returns:
# None
#########################
ldap_create_pam_config() {
local filename="${1:?ip is missing}"
cat > "/etc/pam.d/${filename}" << EOF
auth required pam_ldap.so try_first_pass debug
account required pam_ldap.so debug
EOF
}
########################
# Initialize LDAP services
# Globals:
# LDAP_*
# Arguments:
# None
# Returns:
# None
#########################
ldap_initialize() {
if [[ -n "${LDAP_URI}" && "${LDAP_BASE}" && "${LDAP_BIND_DN}" && "${LDAP_BIND_PASSWORD}" ]]; then
info "Configuring LDAP connection"
ldap_create_nslcd_config
ldap_create_openldap_config
else
info "Missing LDAP settings. Skipping LDAP initialization"
fi
}
########################
# Start nslcd in background
# Arguments:
# None
# Returns:
# None
#########################
ldap_start_nslcd_bg() {
info "Starting nslcd in background"
nslcd
}

643
bitnami/pgpool/4/debian-10/rootfs/opt/bitnami/scripts/libpgpool.sh
View File

@ -1,643 +0,0 @@
#!/bin/bash
#
# Bitnami Pgpool library
# shellcheck disable=SC1090,SC1091
# Load Generic Libraries
. /opt/bitnami/scripts/libfile.sh
. /opt/bitnami/scripts/libfs.sh
. /opt/bitnami/scripts/liblog.sh
. /opt/bitnami/scripts/libnet.sh
. /opt/bitnami/scripts/libos.sh
. /opt/bitnami/scripts/libservice.sh
. /opt/bitnami/scripts/libvalidations.sh
########################
# Loads global variables used on pgpool configuration.
# Globals:
# PGPOOL_*
# Arguments:
# None
# Returns:
# Series of exports to be used as 'eval' arguments
#########################
pgpool_env() {
cat <<"EOF"
# Format log messages
MODULE=pgpool
# Paths
export PGPOOL_BASE_DIR="/opt/bitnami/pgpool"
export PGPOOL_DATA_DIR="${PGPOOL_BASE_DIR}/data"
export PGPOOL_CONF_DIR="${PGPOOL_BASE_DIR}/conf"
export PGPOOL_ETC_DIR="${PGPOOL_BASE_DIR}/etc"
export PGPOOL_LOG_DIR="${PGPOOL_BASE_DIR}/logs"
export PGPOOL_TMP_DIR="${PGPOOL_BASE_DIR}/tmp"
export PGPOOL_BIN_DIR="${PGPOOL_BASE_DIR}/bin"
export PGPOOL_INITSCRIPTS_DIR=/docker-entrypoint-initdb.d
export PGPOOL_CONF_FILE="${PGPOOL_CONF_DIR}/pgpool.conf"
export PGPOOL_PCP_CONF_FILE="${PGPOOL_ETC_DIR}/pcp.conf"
export PGPOOL_PGHBA_FILE="${PGPOOL_CONF_DIR}/pool_hba.conf"
export PGPOOL_PID_FILE="${PGPOOL_TMP_DIR}/pgpool.pid"
export PGPOOL_LOG_FILE="${PGPOOL_LOG_DIR}/pgpool.log"
export PGPOOLKEYFILE="${PGPOOL_CONF_DIR}/.pgpoolkey"
export PGPOOL_ENABLE_POOL_HBA="${PGPOOL_ENABLE_POOL_HBA:-yes}"
export PGPOOL_ENABLE_POOL_PASSWD="${PGPOOL_ENABLE_POOL_PASSWD:-yes}"
export PGPOOL_USER_CONF_FILE="${PGPOOL_USER_CONF_FILE:-}"
export PGPOOL_USER_HBA_FILE="${PGPOOL_USER_HBA_FILE:-}"
export PGPOOL_PASSWD_FILE="${PGPOOL_PASSWD_FILE:-pool_passwd}"
export PATH="${PGPOOL_BIN_DIR}:$PATH"
# Users
export PGPOOL_DAEMON_USER="pgpool"
export PGPOOL_DAEMON_GROUP="pgpool"
# Settings
export PGPOOL_PORT_NUMBER="${PGPOOL_PORT_NUMBER:-5432}"
export PGPOOL_BACKEND_NODES="${PGPOOL_BACKEND_NODES:-}"
export PGPOOL_SR_CHECK_USER="${PGPOOL_SR_CHECK_USER:-}"
export PGPOOL_SR_CHECK_PERIOD="${PGPOOL_SR_CHECK_PERIOD:-30}"
export PGPOOL_SR_CHECK_DATABASE="${PGPOOL_SR_CHECK_DATABASE:-postgres}"
export PGPOOL_POSTGRES_USERNAME="${PGPOOL_POSTGRES_USERNAME:-postgres}"
export PGPOOL_ADMIN_USERNAME="${PGPOOL_ADMIN_USERNAME:-}"
export PGPOOL_ENABLE_LDAP="${PGPOOL_ENABLE_LDAP:-no}"
export PGPOOL_TIMEOUT="360"
export PGPOOL_ENABLE_LOG_CONNECTIONS="${PGPOOL_ENABLE_LOG_CONNECTIONS:-no}"
export PGPOOL_ENABLE_LOG_HOSTNAME="${PGPOOL_ENABLE_LOG_HOSTNAME:-no}"
export PGPOOL_ENABLE_LOG_PER_NODE_STATEMENT="${PGPOOL_ENABLE_LOG_PER_NODE_STATEMENT:-no}"
export PGPOOL_ENABLE_LOAD_BALANCING="${PGPOOL_ENABLE_LOAD_BALANCING:-yes}"
export PGPOOL_ENABLE_STATEMENT_LOAD_BALANCING="${PGPOOL_ENABLE_STATEMENT_LOAD_BALANCING:-no}"
export PGPOOL_DISABLE_LOAD_BALANCE_ON_WRITE="${PGPOOL_DISABLE_LOAD_BALANCE_ON_WRITE:-transaction}"
export PGPOOL_MAX_POOL="${PGPOOL_MAX_POOL:-15}"
export PGPOOL_HEALTH_CHECK_USER="${PGPOOL_HEALTH_CHECK_USER:-$PGPOOL_SR_CHECK_USER}"
export PGPOOL_HEALTH_CHECK_PERIOD="${PGPOOL_HEALTH_CHECK_PERIOD:-30}"
export PGPOOL_HEALTH_CHECK_TIMEOUT="${PGPOOL_HEALTH_CHECK_TIMEOUT:-10}"
export PGPOOL_HEALTH_CHECK_MAX_RETRIES="${PGPOOL_HEALTH_CHECK_MAX_RETRIES:-5}"
export PGPOOL_HEALTH_CHECK_RETRY_DELAY="${PGPOOL_HEALTH_CHECK_RETRY_DELAY:-5}"
export PGPOOL_POSTGRES_CUSTOM_USERS="${PGPOOL_POSTGRES_CUSTOM_USERS:-}"
export PGPOOL_POSTGRES_CUSTOM_PASSWORDS="${PGPOOL_POSTGRES_CUSTOM_PASSWORDS:-}"
export PGPOOL_AUTO_FAILBACK="${PGPOOL_AUTO_FAILBACK:-no}"
export PGPOOL_BACKEND_APPLICATION_NAMES="${PGPOOL_BACKEND_APPLICATION_NAMES:-}"
export PGPOOL_AUTHENTICATION_METHOD="${PGPOOL_AUTHENTICATION_METHOD:-scram-sha-256}"
export PGPOOL_AES_KEY="${PGPOOL_AES_KEY:-$(head -c 20 /dev/urandom | base64)}"
# SSL
export PGPOOL_ENABLE_TLS="${PGPOOL_ENABLE_TLS:-no}"
export PGPOOL_TLS_CERT_FILE="${PGPOOL_TLS_CERT_FILE:-}"
export PGPOOL_TLS_KEY_FILE="${PGPOOL_TLS_KEY_FILE:-}"
export PGPOOL_TLS_CA_FILE="${PGPOOL_TLS_CA_FILE:-}"
export PGPOOL_TLS_PREFER_SERVER_CIPHERS="${PGPOOL_TLS_PREFER_SERVER_CIPHERS:-yes}"
EOF
if [[ -f "${PGPOOL_ADMIN_PASSWORD_FILE:-}" ]]; then
cat <<"EOF"
export PGPOOL_ADMIN_PASSWORD="$(< "${PGPOOL_ADMIN_PASSWORD_FILE}")"
EOF
else
cat <<"EOF"
export PGPOOL_ADMIN_PASSWORD="${PGPOOL_ADMIN_PASSWORD:-}"
EOF
fi
if [[ -f "${PGPOOL_POSTGRES_PASSWORD_FILE:-}" ]]; then
cat <<"EOF"
export PGPOOL_POSTGRES_PASSWORD="$(< "${PGPOOL_POSTGRES_PASSWORD_FILE}")"
EOF
else
cat <<"EOF"
export PGPOOL_POSTGRES_PASSWORD="${PGPOOL_POSTGRES_PASSWORD:-}"
EOF
fi
if [[ -f "${PGPOOL_SR_CHECK_PASSWORD_FILE:-}" ]]; then
cat <<"EOF"
export PGPOOL_SR_CHECK_PASSWORD="$(< "${PGPOOL_SR_CHECK_PASSWORD_FILE}")"
EOF
else
cat <<"EOF"
export PGPOOL_SR_CHECK_PASSWORD="${PGPOOL_SR_CHECK_PASSWORD:-}"
EOF
fi
if [[ -f "${PGPOOL_HEALTH_CHECK_PASSWORD_FILE:-}" ]]; then
cat <<"EOF"
export PGPOOL_HEALTH_CHECK_PASSWORD="$(< "${PGPOOL_HEALTH_CHECK_PASSWORD_FILE}")"
EOF
else
cat <<"EOF"
export PGPOOL_HEALTH_CHECK_PASSWORD="${PGPOOL_HEALTH_CHECK_PASSWORD:-$PGPOOL_SR_CHECK_PASSWORD}"
EOF
fi
}
########################
# Validate settings in PGPOOL_* env. variables
# Globals:
# PGPOOL_*
# Arguments:
# None
# Returns:
# None
#########################
pgpool_validate() {
info "Validating settings in PGPOOL_* env vars..."
local error_code=0
# Auxiliary functions
print_validation_error() {
error "$1"
error_code=1
}
if [[ -z "$PGPOOL_ADMIN_USERNAME" ]] || [[ -z "$PGPOOL_ADMIN_PASSWORD" ]]; then
print_validation_error "The Pgpool administrator user's credentials are mandatory. Set the environment variables PGPOOL_ADMIN_USERNAME and PGPOOL_ADMIN_PASSWORD with the Pgpool administrator user's credentials."
fi
if [[ "$PGPOOL_SR_CHECK_PERIOD" -gt 0 ]] && { [[ -z "$PGPOOL_SR_CHECK_USER" ]] || [[ -z "$PGPOOL_SR_CHECK_PASSWORD" ]]; }; then
print_validation_error "The PostrgreSQL replication credentials are mandatory. Set the environment variables PGPOOL_SR_CHECK_USER and PGPOOL_SR_CHECK_PASSWORD with the PostrgreSQL replication credentials."
fi
if [[ -z "$PGPOOL_HEALTH_CHECK_USER" ]] || [[ -z "$PGPOOL_HEALTH_CHECK_PASSWORD" ]]; then
print_validation_error "The PostrgreSQL health check credentials are mandatory. Set the environment variables PGPOOL_HEALTH_CHECK_USER and PGPOOL_HEALTH_CHECK_PASSWORD with the PostrgreSQL health check credentials."
fi
if is_boolean_yes "$PGPOOL_ENABLE_LDAP" && { [[ -z "${LDAP_URI}" ]] || [[ -z "${LDAP_BASE}" ]] || [[ -z "${LDAP_BIND_DN}" ]] || [[ -z "${LDAP_BIND_PASSWORD}" ]]; }; then
print_validation_error "The LDAP configuration is required when LDAP authentication is enabled. Set the environment variables LDAP_URI, LDAP_BASE, LDAP_BIND_DN and LDAP_BIND_PASSWORD with the LDAP configuration."
fi
if is_boolean_yes "$PGPOOL_ENABLE_LDAP" && (! is_boolean_yes "$PGPOOL_ENABLE_POOL_HBA" || ! is_boolean_yes "$PGPOOL_ENABLE_POOL_PASSWD"); then
print_validation_error "pool_hba.conf authentication and pool password should be enabled for LDAP to work. Keep the PGPOOL_ENABLE_POOL_HBA and PGPOOL_ENABLE_POOL_PASSWD environment variables set to 'yes'."
fi
if is_boolean_yes "$PGPOOL_ENABLE_POOL_PASSWD" && { [[ -z "$PGPOOL_POSTGRES_USERNAME" ]] || [[ -z "$PGPOOL_POSTGRES_PASSWORD" ]]; }; then
print_validation_error "The administrator's database credentials are required. Set the environment variables PGPOOL_POSTGRES_USERNAME and PGPOOL_POSTGRES_PASSWORD with the administrator's database credentials."
fi
if [[ -z "$PGPOOL_BACKEND_NODES" ]]; then
print_validation_error "The list of backend nodes cannot be empty. Set the environment variable PGPOOL_BACKEND_NODES with a comma separated list of backend nodes."
else
read -r -a nodes <<<"$(tr ',;' ' ' <<<"${PGPOOL_BACKEND_NODES}")"
for node in "${nodes[@]}"; do
read -r -a fields <<<"$(tr ':' ' ' <<<"${node}")"
if [[ -z "${fields[0]:-}" ]]; then
print_validation_error "Error checking entry '$node', the field 'backend number' must be set!"
fi
if [[ -z "${fields[1]:-}" ]]; then
print_validation_error "Error checking entry '$node', the field 'host' must be set!"
fi
done
fi
if is_boolean_yes "$PGPOOL_AUTO_FAILBACK"; then
if [[ -z "$PGPOOL_BACKEND_APPLICATION_NAMES" ]]; then
print_validation_error "The list of backend application names cannot be empty. Set the environment variable PGPOOL_BACKEND_APPLICATION_NAMES with a comma separated list of backend nodes."
fi
read -r -a app_name_list <<<"$(tr ',;' ' ' <<<"${PGPOOL_BACKEND_APPLICATION_NAMES}")"
read -r -a nodes_list <<<"$(tr ',;' ' ' <<<"${PGPOOL_BACKEND_NODES}")"
if [[ ${#app_name_list[@]} -ne ${#nodes_list[@]} ]]; then
print_validation_error "PGPOOL_BACKEND_APPLICATION_NAMES and PGPOOL_BACKEND_NODES lists should have the same length"
fi
fi
if [[ -n "$PGPOOL_USER_CONF_FILE" && ! -e "$PGPOOL_USER_CONF_FILE" ]]; then
print_validation_error "The provided PGPOOL_USER_CONF_FILE: ${PGPOOL_USER_CONF_FILE} must exist."
fi
if [[ -n "$PGPOOL_USER_HBA_FILE" && ! -e "$PGPOOL_USER_HBA_FILE" ]]; then
print_validation_error "The provided PGPOOL_USER_HBA_FILE: ${PGPOOL_USER_HBA_FILE} must exist."
fi
local yes_no_values=("PGPOOL_ENABLE_POOL_HBA" "PGPOOL_ENABLE_POOL_PASSWD" "PGPOOL_ENABLE_LOAD_BALANCING" "PGPOOL_ENABLE_STATEMENT_LOAD_BALANCING" "PGPOOL_ENABLE_LOG_CONNECTIONS" "PGPOOL_ENABLE_LOG_HOSTNAME" "PGPOOL_ENABLE_LOG_PER_NODE_STATEMENT" "PGPOOL_AUTO_FAILBACK")
for yn in "${yes_no_values[@]}"; do
if ! is_yes_no_value "${!yn}"; then
print_validation_error "The values allowed for $yn are: yes or no"
fi
done
local positive_values=("PGPOOL_NUM_INIT_CHILDREN" "PGPOOL_MAX_POOL" "PGPOOL_CHILD_MAX_CONNECTIONS" "PGPOOL_CHILD_LIFE_TIME" "PGPOOL_CONNECTION_LIFE_TIME" "PGPOOL_CLIENT_IDLE_LIMIT" "PGPOOL_HEALTH_CHECK_PERIOD" "PGPOOL_HEALTH_CHECK_TIMEOUT" "PGPOOL_HEALTH_CHECK_MAX_RETRIES" "PGPOOL_HEALTH_CHECK_RETRY_DELAY" "PGPOOL_RESERVED_CONNECTIONS")
for p in "${positive_values[@]}"; do
if [[ -n "${!p:-}" ]]; then
if ! is_positive_int "${!p}"; then
print_validation_error "The values allowed for $p: integer greater than 0"
fi
fi
done
if ! [[ "$PGPOOL_DISABLE_LOAD_BALANCE_ON_WRITE" =~ ^(off|transaction|trans_transaction|always)$ ]]; then
print_validation_error "The values allowed for PGPOOL_DISABLE_LOAD_BALANCE_ON_WRITE: off,transaction,trans_transaction,always"
fi
if ! is_yes_no_value "$PGPOOL_ENABLE_TLS"; then
print_validation_error "The values allowed for PGPOOL_ENABLE_TLS are: yes or no"
elif is_boolean_yes "$PGPOOL_ENABLE_TLS"; then
# TLS Checks
if [[ -z "$PGPOOL_TLS_CERT_FILE" ]]; then
print_validation_error "You must provide a X.509 certificate in order to use TLS"
elif [[ ! -f "$PGPOOL_TLS_CERT_FILE" ]]; then
print_validation_error "The X.509 certificate file in the specified path ${PGPOOL_TLS_CERT_FILE} does not exist"
fi
if [[ -z "$PGPOOL_TLS_KEY_FILE" ]]; then
print_validation_error "You must provide a private key in order to use TLS"
elif [[ ! -f "$PGPOOL_TLS_KEY_FILE" ]]; then
print_validation_error "The private key file in the specified path ${PGPOOL_TLS_KEY_FILE} does not exist"
fi
if [[ -z "$PGPOOL_TLS_CA_FILE" ]]; then
warn "A CA X.509 certificate was not provided. Client verification will not be performed in TLS connections"
elif [[ ! -f "$PGPOOL_TLS_CA_FILE" ]]; then
print_validation_error "The CA X.509 certificate file in the specified path ${PGPOOL_TLS_CA_FILE} does not exist"
fi
if ! is_yes_no_value "$PGPOOL_TLS_PREFER_SERVER_CIPHERS"; then
print_validation_error "The values allowed for PGPOOL_TLS_PREFER_SERVER_CIPHERS are: yes or no"
fi
fi
# Check for Authentication method
if ! [[ "$PGPOOL_AUTHENTICATION_METHOD" =~ ^(md5|scram-sha-256)$ ]]; then
print_validation_error "The values allowed for PGPOOL_AUTHENTICATION_METHOD: md5,scram-sha-256"
fi
# check for required environment variables for scram-sha-256 based authentication
if [[ "$PGPOOL_AUTHENTICATION_METHOD" = "scram-sha-256" ]]; then
# If scram-sha-256 is enabled, pg_pool_password cannot be disabled
if ! is_boolean_yes "$PGPOOL_ENABLE_POOL_PASSWD"; then
print_validation_error "PGPOOL_ENABLE_POOL_PASSWD cannot be disabled when PGPOOL_AUTHENTICATION_METHOD=scram-sha-256"
fi
fi
# Custom users validations
read -r -a custom_users_list <<<"$(tr ',;' ' ' <<<"${PGPOOL_POSTGRES_CUSTOM_USERS}")"
read -r -a custom_passwords_list <<<"$(tr ',;' ' ' <<<"${PGPOOL_POSTGRES_CUSTOM_PASSWORDS}")"
if [[ ${#custom_users_list[@]} -ne ${#custom_passwords_list[@]} ]]; then
print_validation_error "PGPOOL_POSTGRES_CUSTOM_USERS and PGPOOL_POSTGRES_CUSTOM_PASSWORDS lists should have the same length"
fi
[[ "$error_code" -eq 0 ]] || exit "$error_code"
}
pgpool_attach_node() {
local -r node_id=${1:?node id is missing}
info "Attaching backend node..."
PCPPASSFILE=$(mktemp /tmp/pcppass-XXXXX)
export PCPPASSFILE
echo "localhost:9898:${PGPOOL_ADMIN_USERNAME}:${PGPOOL_ADMIN_PASSWORD}" >"${PCPPASSFILE}"
pcp_attach_node -h localhost -U "${PGPOOL_ADMIN_USERNAME}" -p 9898 -n "${node_id}" -w
rm -rf "${PCPPASSFILE}"
}
########################
# Check pgpool health and attached offline backends when they are online
# Globals:
# PGPOOL_*
# Arguments:
# None
# Returns:
# 0 when healthy
# 1 when unhealthy
#########################
pgpool_healthcheck() {
info "Checking pgpool health..."
local backends
backends="$(PGCONNECT_TIMEOUT=15 PGPASSWORD="$PGPOOL_POSTGRES_PASSWORD" psql -U "$PGPOOL_POSTGRES_USERNAME" \
-d postgres -h "$PGPOOL_TMP_DIR" -p "$PGPOOL_PORT_NUMBER" -tA -c "SHOW pool_nodes;")"
if [[ "$backends" ]]; then
# look up backends that are marked offline
for node in $(echo "${backends}" | grep "down" | tr -d ' '); do
IFS="|" read -ra node_info <<< "$node"
local -r node_id="${node_info[0]}"
local -r node_host="${node_info[1]}"
if [[ $(PGCONNECT_TIMEOUT=3 PGPASSWORD="${PGPOOL_POSTGRES_PASSWORD}" psql -U "${PGPOOL_POSTGRES_USERNAME}" \
-d postgres -h "${node_host}" -p "${PGPOOL_PORT_NUMBER}" -tA -c "SELECT 1" || true) == 1 ]]; then
# attach backend if it has come back online
pgpool_attach_node "${node_id}"
fi
done
else
return 1
fi
}
########################
# Create basic pg_hba.conf file
# Globals:
# PGPOOL_*
# Arguments:
# None
# Returns:
# None
#########################
pgpool_create_pghba() {
local all_authentication="$PGPOOL_AUTHENTICATION_METHOD"
local postgres_authentication="$all_authentication"
is_boolean_yes "$PGPOOL_ENABLE_LDAP" && all_authentication="pam pamservice=pgpool"
local postgres_auth_line=""
local sr_check_auth_line=""
info "Generating pg_hba.conf file..."
if is_boolean_yes "$PGPOOL_ENABLE_POOL_PASSWD"; then
postgres_auth_line="host all ${PGPOOL_POSTGRES_USERNAME} all ${postgres_authentication}"
fi
if [[ -n "$PGPOOL_SR_CHECK_USER" ]]; then
sr_check_auth_line="host all ${PGPOOL_SR_CHECK_USER} all trust"
fi
cat >>"$PGPOOL_PGHBA_FILE" <<EOF
local all all trust
EOF
if ! is_empty_value "$PGPOOL_TLS_CA_FILE"; then
cat >>"$PGPOOL_PGHBA_FILE" <<EOF
hostssl all all 0.0.0.0/0 cert
hostssl all all ::/0 cert
EOF
fi
cat >>"$PGPOOL_PGHBA_FILE" <<EOF
${sr_check_auth_line}
${postgres_auth_line}
host all wide all trust
host all pop_user all trust
host all all all ${all_authentication}
EOF
}
########################
# Modify the pgpool.conf file by setting a property
# Globals:
# PGPOOL_*
# Arguments:
# $1 - property
# $2 - value
# $3 - Path to configuration file (default: $PGPOOL_CONF_FILE)
# Returns:
# None
#########################
pgpool_set_property() {
local -r property="${1:?missing property}"
local -r value="${2:-}"
local -r conf_file="${3:-$PGPOOL_CONF_FILE}"
replace_in_file "$conf_file" "^#*\s*${property}\s*=.*" "${property} = '${value}'" false
}
########################
# Add a backend configuration to pgpool.conf file
# Globals:
# PGPOOL_*
# Arguments:
# None
# Returns:
# None
#########################
pgpool_create_backend_config() {
local -r node=${1:?node is missing}
local -r application="${2:-}"
# default values
read -r -a fields <<<"$(tr ':' ' ' <<<"${node}")"
local -r num="${fields[0]:?field num is needed}"
local -r host="${fields[1]:?field host is needed}"
local -r port="${fields[2]:-5432}"
local -r weight="${fields[3]:-1}"
local -r dir="${fields[4]:-$PGPOOL_DATA_DIR}"
local -r flag="${fields[5]:-ALLOW_TO_FAILOVER}"
debug "Adding '$host' information to the configuration..."
cat >>"$PGPOOL_CONF_FILE" <<EOF
backend_hostname$num = '$host'
backend_port$num = $port
backend_weight$num = $weight
backend_data_directory$num = '$dir'
backend_flag$num = '$flag'
EOF
if [[ -n "$application" ]]; then
cat >>"$PGPOOL_CONF_FILE" <<EOF
backend_application_name$num = '$application'
EOF
fi
}
########################
# Create basic pgpool.conf file using the example provided in the etc/ folder
# Globals:
# PGPOOL_*
# Arguments:
# None
# Returns:
# None
#########################
pgpool_create_config() {
local pool_passwd=""
local i=0
if is_boolean_yes "$PGPOOL_ENABLE_POOL_PASSWD"; then
pool_passwd="$PGPOOL_PASSWD_FILE"
else
# Specifying '' (empty) disables the use of password file.
# ref: https://www.pgpool.net/docs/latest/en/html/runtime-config-connection.html#GUC-POOL-PASSWD
pool_passwd=""
fi
info "Generating pgpool.conf file..."
# Configuring Pgpool-II to use the streaming replication mode since it's the recommended way
# ref: http://www.pgpool.net/docs/latest/en/html/configuring-pgpool.html
cp "${PGPOOL_BASE_DIR}/etc/pgpool.conf.sample" "$PGPOOL_CONF_FILE"
# Connection settings
# ref: http://www.pgpool.net/docs/latest/en/html/runtime-config-connection.html#RUNTIME-CONFIG-CONNECTION-SETTINGS
pgpool_set_property "listen_addresses" "*"
pgpool_set_property "port" "$PGPOOL_PORT_NUMBER"
pgpool_set_property "socket_dir" "$PGPOOL_TMP_DIR"
pgpool_set_property "pcp_socket_dir" "$PGPOOL_TMP_DIR"
# Connection Pooling settings
# http://www.pgpool.net/docs/latest/en/html/runtime-config-connection-pooling.html
[[ -n "${PGPOOL_NUM_INIT_CHILDREN:-}" ]] && pgpool_set_property "num_init_children" "$PGPOOL_NUM_INIT_CHILDREN"
[[ -n "${PGPOOL_RESERVED_CONNECTIONS:-}" ]] && pgpool_set_property "reserved_connections" "$PGPOOL_RESERVED_CONNECTIONS"
pgpool_set_property "max_pool" "$PGPOOL_MAX_POOL"
[[ -n "${PGPOOL_CHILD_MAX_CONNECTIONS:-}" ]] && pgpool_set_property "child_max_connections" "$PGPOOL_CHILD_MAX_CONNECTIONS"
[[ -n "${PGPOOL_CHILD_LIFE_TIME:-}" ]] && pgpool_set_property "child_life_time" "$PGPOOL_CHILD_LIFE_TIME"
[[ -n "${PGPOOL_CONNECTION_LIFE_TIME:-}" ]] && pgpool_set_property "connection_life_time" "$PGPOOL_CONNECTION_LIFE_TIME"
[[ -n "${PGPOOL_CLIENT_IDLE_LIMIT-}" ]] && pgpool_set_property "client_idle_limit" "$PGPOOL_CLIENT_IDLE_LIMIT"
# Logging settings
# https://www.pgpool.net/docs/latest/en/html/runtime-config-logging.html
pgpool_set_property "log_connections" "$(is_boolean_yes "$PGPOOL_ENABLE_LOG_CONNECTIONS" && echo "on" || echo "off")"
pgpool_set_property "log_hostname" "$(is_boolean_yes "$PGPOOL_ENABLE_LOG_HOSTNAME" && echo "on" || echo "off")"
pgpool_set_property "log_per_node_statement" "$(is_boolean_yes "$PGPOOL_ENABLE_LOG_PER_NODE_STATEMENT" && echo "on" || echo "off")"
[[ -n "${PGPOOL_LOG_LINE_PREFIX:-}" ]] && pgpool_set_property "log_line_prefix" "$PGPOOL_LOG_LINE_PREFIX"
[[ -n "${PGPOOL_CLIENT_MIN_MESSAGES:-}" ]] && pgpool_set_property "client_min_messages" "$PGPOOL_CLIENT_MIN_MESSAGES"
# Authentication settings
# ref: http://www.pgpool.net/docs/latest/en/html/runtime-config-connection.html#RUNTIME-CONFIG-AUTHENTICATION-SETTINGS
pgpool_set_property "enable_pool_hba" "$(is_boolean_yes "$PGPOOL_ENABLE_POOL_HBA" && echo "on" || echo "off")"
# allow_clear_text_frontend_auth only works when enable_pool_hba is not enabled
# ref: https://www.pgpool.net/docs/latest/en/html/runtime-config-connection.html#GUC-ALLOW-CLEAR-TEXT-FRONTEND-AUTH
pgpool_set_property "allow_clear_text_frontend_auth" "$(is_boolean_yes "$PGPOOL_ENABLE_POOL_HBA" && echo "off" || echo "on")"
pgpool_set_property "pool_passwd" "$pool_passwd"
pgpool_set_property "authentication_timeout" "30"
# File Locations settings
pgpool_set_property "pid_file_name" "$PGPOOL_PID_FILE"
pgpool_set_property "logdir" "$PGPOOL_LOG_DIR"
# Load Balancing settings
# https://www.pgpool.net/docs/latest/en/html/runtime-config-load-balancing.html
pgpool_set_property "load_balance_mode" "$(is_boolean_yes "$PGPOOL_ENABLE_LOAD_BALANCING" && echo "on" || echo "off")"
pgpool_set_property "black_function_list" "nextval,setval"
pgpool_set_property "statement_level_load_balance" "$(is_boolean_yes "$PGPOOL_ENABLE_STATEMENT_LOAD_BALANCING" && echo "on" || echo "off")"
# Streaming Replication Check settings
# https://www.pgpool.net/docs/latest/en/html/runtime-streaming-replication-check.html
pgpool_set_property "sr_check_user" "$PGPOOL_SR_CHECK_USER"
pgpool_set_property "sr_check_password" "$PGPOOL_SR_CHECK_PASSWORD"
pgpool_set_property "sr_check_period" "$PGPOOL_SR_CHECK_PERIOD"
pgpool_set_property "sr_check_database" "$PGPOOL_SR_CHECK_DATABASE"
# Healthcheck per node settings
# https://www.pgpool.net/docs/latest/en/html/runtime-config-health-check.html
pgpool_set_property "health_check_period" "$PGPOOL_HEALTH_CHECK_PERIOD"
pgpool_set_property "health_check_timeout" "$PGPOOL_HEALTH_CHECK_TIMEOUT"
pgpool_set_property "health_check_user" "$PGPOOL_HEALTH_CHECK_USER"
pgpool_set_property "health_check_password" "$PGPOOL_HEALTH_CHECK_PASSWORD"
pgpool_set_property "health_check_max_retries" "$PGPOOL_HEALTH_CHECK_MAX_RETRIES"
pgpool_set_property "health_check_retry_delay" "$PGPOOL_HEALTH_CHECK_RETRY_DELAY"
# Failover settings
pgpool_set_property "failover_command" "echo \">>> Failover - that will initialize new primary node search!\""
pgpool_set_property "failover_on_backend_error" "off"
# Keeps searching for a primary node forever when a failover occurs
pgpool_set_property "search_primary_node_timeout" "0"
pgpool_set_property "disable_load_balance_on_write" "$PGPOOL_DISABLE_LOAD_BALANCE_ON_WRITE"
# SSL settings
# https://www.pgpool.net/docs/latest/en/html/runtime-ssl.html
if is_boolean_yes "$PGPOOL_ENABLE_TLS"; then
chmod 600 "$PGPOOL_TLS_KEY_FILE" || warn "Could not set compulsory permissions (600) on file ${PGPOOL_TLS_KEY_FILE}"
pgpool_set_property "ssl" "on"
# Server ciphers are preferred by default
! is_boolean_yes "$PGPOOL_TLS_PREFER_SERVER_CIPHERS" && pgpool_set_property "ssl_prefer_server_ciphers" "off"
[[ -n $PGPOOL_TLS_CA_FILE ]] && pgpool_set_property "ssl_ca_cert" "$PGPOOL_TLS_CA_FILE"
pgpool_set_property "ssl_cert" "$PGPOOL_TLS_CERT_FILE"
pgpool_set_property "ssl_key" "$PGPOOL_TLS_KEY_FILE"
fi
# Backend settings
read -r -a nodes <<<"$(tr ',;' ' ' <<<"${PGPOOL_BACKEND_NODES}")"
if is_boolean_yes "$PGPOOL_AUTO_FAILBACK"; then
pgpool_set_property "auto_failback" "on"
read -r -a app_name <<<"$(tr ',;' ' ' <<<"${PGPOOL_BACKEND_APPLICATION_NAMES}")"
fi
for node in "${nodes[@]}"; do
pgpool_create_backend_config "$node" "$(is_boolean_yes "$PGPOOL_AUTO_FAILBACK" && echo "${app_name[i]}")"
((i += 1))
done
if [[ -f "$PGPOOL_USER_CONF_FILE" ]]; then
info "Custom configuration '$PGPOOL_USER_CONF_FILE' detected!. Adding it to the configuration file."
cat "$PGPOOL_USER_CONF_FILE" >>"$PGPOOL_CONF_FILE"
fi
if [[ -f "$PGPOOL_USER_HBA_FILE" ]]; then
info "Custom configuration '$PGPOOL_USER_HBA_FILE' detected!. Overwriting the generated hba file."
cat "$PGPOOL_USER_HBA_FILE" >"$PGPOOL_PGHBA_FILE"
fi
}
########################
# Generates a password file for local authentication
# Globals:
# PGPOOL_*
# Arguments:
# None
# Returns:
# None
#########################
pgpool_generate_password_file() {
if is_boolean_yes "$PGPOOL_ENABLE_POOL_PASSWD"; then
info "Generating password file for local authentication..."
local -a password_encryption_cmd=("pg_md5")
if [[ "$PGPOOL_AUTHENTICATION_METHOD" = "scram-sha-256" ]]; then
if is_file_writable "$PGPOOLKEYFILE"; then
# Creating a PGPOOLKEYFILE as it is writeable
echo "$PGPOOL_AES_KEY" > "$PGPOOLKEYFILE"
# Fix permissions for PGPOOLKEYFILE
chmod 0600 "$PGPOOLKEYFILE"
fi
password_encryption_cmd=("pg_enc" "--key-file=${PGPOOLKEYFILE}")
fi
debug_execute "${password_encryption_cmd[@]}" -m --config-file="$PGPOOL_CONF_FILE" -u "$PGPOOL_POSTGRES_USERNAME" "$PGPOOL_POSTGRES_PASSWORD"
if [[ -n "${PGPOOL_POSTGRES_CUSTOM_USERS}" ]]; then
read -r -a custom_users_list <<<"$(tr ',;' ' ' <<<"${PGPOOL_POSTGRES_CUSTOM_USERS}")"
read -r -a custom_passwords_list <<<"$(tr ',;' ' ' <<<"${PGPOOL_POSTGRES_CUSTOM_PASSWORDS}")"
local index=0
for user in "${custom_users_list[@]}"; do
debug_execute "${password_encryption_cmd[@]}" -m --config-file="$PGPOOL_CONF_FILE" -u "$user" "${custom_passwords_list[$index]}"
((index += 1))
done
fi
else
info "Skip generating password file due to PGPOOL_ENABLE_POOL_PASSWD = no"
fi
}
########################
# Run custom initialization scripts
# Globals:
# PGPOOL_*
# Arguments:
# None
# Returns:
# None
#########################
pgpool_custom_init_scripts() {
if [[ -n $(find "$PGPOOL_INITSCRIPTS_DIR/" -type f -name "*.sh") ]]; then
info "Loading user's custom files from $PGPOOL_INITSCRIPTS_DIR ..."
find "$PGPOOL_INITSCRIPTS_DIR/" -type f -name "*.sh" | sort | while read -r f; do
if [[ -x "$f" ]]; then
debug "Executing $f"
"$f"
else
debug "Sourcing $f"
. "$f"
fi
done
fi
}
########################
# Generate a password file for pgpool admin user
# Globals:
# PGPOOL_*
# Arguments:
# None
# Returns:
# None
#########################
pgpool_generate_admin_password_file() {
info "Generating password file for pgpool admin user..."
local passwd
passwd=$(pg_md5 "$PGPOOL_ADMIN_PASSWORD")
cat >>"$PGPOOL_PCP_CONF_FILE" <<EOF
$PGPOOL_ADMIN_USERNAME:$passwd
EOF
}
########################
# Ensure Pgpool is initialized
# Globals:
# PGPOOL_*
# Arguments:
# None
# Returns:
# None
#########################
pgpool_initialize() {
info "Initializing Pgpool-II..."
# This fixes an issue where the trap would kill the entrypoint.sh, if a PID was left over from a previous run
# Exec replaces the process without creating a new one, and when the container is restarted it may have the same PID
rm -f "$PGPOOL_PID_FILE"
# Configuring permissions for tmp, logs and data folders
am_i_root && configure_permissions_ownership "$PGPOOL_TMP_DIR $PGPOOL_LOG_DIR" -u "$PGPOOL_DAEMON_USER" -g "$PGPOOL_DAEMON_GROUP"
am_i_root && configure_permissions_ownership "$PGPOOL_DATA_DIR" -u "$PGPOOL_DAEMON_USER" -g "$PGPOOL_DAEMON_GROUP" -d "755" -f "644"
pgpool_create_pghba
pgpool_create_config
pgpool_generate_password_file
pgpool_generate_admin_password_file
}

29
bitnami/pgpool/4/debian-10/rootfs/opt/bitnami/scripts/pgpool/entrypoint.sh
View File

@ -1,29 +0,0 @@
#!/bin/bash
#
# Bitnami Pgpool entrypoint
# shellcheck disable=SC1091
set -o errexit
set -o nounset
set -o pipefail
#set -o xtrace
# Load libraries
. /opt/bitnami/scripts/libbitnami.sh
. /opt/bitnami/scripts/liblog.sh
. /opt/bitnami/scripts/libpgpool.sh
# Load Pgpool env. variables
eval "$(pgpool_env)"
print_welcome_page
if [[ "$*" = *"/opt/bitnami/scripts/pgpool/run.sh"* ]]; then
info "** Starting Pgpool-II setup **"
/opt/bitnami/scripts/pgpool/setup.sh
info "** Pgpool-II setup finished! **"
fi
echo ""
exec "$@"

18
bitnami/pgpool/4/debian-10/rootfs/opt/bitnami/scripts/pgpool/healthcheck.sh
View File

@ -1,18 +0,0 @@
#!/bin/bash
#
# Bitnami Pgpool healthcheck
# shellcheck disable=SC1091
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purpose
# Load libraries
. /opt/bitnami/scripts/libpgpool.sh
# Load Pgpool env. variables
eval "$(pgpool_env)"
pgpool_healthcheck

27
bitnami/pgpool/4/debian-10/rootfs/opt/bitnami/scripts/pgpool/postunpack.sh
View File

@ -1,27 +0,0 @@
#!/bin/bash
#
# Bitnami Pgpool postunpack
# shellcheck disable=SC1091
# Load libraries
. /opt/bitnami/scripts/libfs.sh
. /opt/bitnami/scripts/libldapclient.sh
. /opt/bitnami/scripts/libpgpool.sh
# Load Pgpool env. variables
eval "$(pgpool_env)"
# Load LDAP environment variables
eval "$(ldap_env)"
for dir in "$PGPOOL_INITSCRIPTS_DIR" "$PGPOOL_TMP_DIR" "$PGPOOL_LOG_DIR" "$PGPOOL_CONF_DIR" "$PGPOOL_ETC_DIR" "$PGPOOL_DATA_DIR"; do
ensure_dir_exists "$dir"
chmod -R g+rwX "$dir"
done
# LDAP permissions
ldap_configure_permissions
ldap_create_pam_config "pgpool"
# Redirect all logging to stdout
ln -sf /dev/stdout "$PGPOOL_LOG_FILE"

32
bitnami/pgpool/4/debian-10/rootfs/opt/bitnami/scripts/pgpool/run.sh
View File

@ -1,32 +0,0 @@
#!/bin/bash
#
# Bitnami Pgpool run
# shellcheck disable=SC1091
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purpose
# Load libraries
. /opt/bitnami/scripts/liblog.sh
. /opt/bitnami/scripts/libldapclient.sh
. /opt/bitnami/scripts/libpgpool.sh
# Load Pgpool env. variables
eval "$(pgpool_env)"
# Load LDAP environment variables
eval "$(ldap_env)"
readonly command=$(command -v pgpool)
flags=("-n" "--config-file=${PGPOOL_CONF_FILE}" "--hba-file=${PGPOOL_PGHBA_FILE}")
[[ -z "${PGPOOL_EXTRA_FLAGS:-}" ]] || flags=("${flags[@]}" "${PGPOOL_EXTRA_FLAGS[@]}")
is_boolean_yes "$PGPOOL_ENABLE_LDAP" && ldap_start_nslcd_bg
info "** Starting Pgpool-II **"
if am_i_root; then
exec gosu "$PGPOOL_DAEMON_USER" "${command}" "${flags[@]}"
else
exec "${command}" "${flags[@]}"
fi

31
bitnami/pgpool/4/debian-10/rootfs/opt/bitnami/scripts/pgpool/setup.sh
View File

@ -1,31 +0,0 @@
#!/bin/bash
#
# Bitnami Pgpool setup
# shellcheck disable=SC1091
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purpose
# Load libraries
. /opt/bitnami/scripts/libldapclient.sh
. /opt/bitnami/scripts/libpgpool.sh
# Load Pgpool env. variables
eval "$(pgpool_env)"
# Load LDAP environment variables
eval "$(ldap_env)"
# Ensure Pgpool environment variables are valid
pgpool_validate
# Ensure 'daemon' user exists when running as 'root'
am_i_root && ensure_user_exists "$PGPOOL_DAEMON_USER" --group "$PGPOOL_DAEMON_GROUP"
am_i_root && ensure_user_exists "$LDAP_NSLCD_USER" --group "$LDAP_NSLCD_GROUP"
# Ensure Pgpool is initialized
pgpool_initialize
# Ensure LDAP is initialized
is_boolean_yes "$PGPOOL_ENABLE_LDAP" && ldap_initialize
# Allow running custom initialization scripts
pgpool_custom_init_scripts