Updates to environment variables

.env

@@ -13,13 +13,17 @@ NGINX_PORT_HOST=81
 NGINX_SSLPORT_HOST=8443
 
 # CKAN databases
-POSTGRES_USER=admindbuser
+POSTGRES_USER=postgres
 POSTGRES_PASSWORD=admindbpassword
+POSTGRES_DB=admindb
+PGDATA=/var/lib/postgresql/data/db
+POSTGRES_HOST=db
 CKAN_DB_USER=ckandbuser
 CKAN_DB_PASSWORD=ckandbpassword
+CKAN_DB=ckandb
 DATASTORE_READONLY_USER=datastore_ro
 DATASTORE_READONLY_PASSWORD=datastore
-POSTGRES_HOST=db
+DATASTORE_DB=datastore
 CKAN_SQLALCHEMY_URL=postgresql://ckandbuser:ckandbpassword@db/ckandb
 CKAN_DATASTORE_WRITE_URL=postgresql://ckandbuser:ckandbpassword@db/datastore
 CKAN_DATASTORE_READ_URL=postgresql://datastore_ro:datastore@db/datastore

docker-compose.dev.yml

@@ -55,7 +55,7 @@ services:
       - pg_data:/var/lib/postgresql/data
     restart: unless-stopped
     healthcheck:
-      test: ["CMD", "pg_isready", "-U", "admindbuser", "-d", "admindb"]
+      test: ["CMD", "pg_isready", "-U", "${POSTGRES_USER}", "-d", "${POSTGRES_DB}"]
      
   solr:
     container_name: ${SOLR_CONTAINER_NAME}

docker-compose.yml

@@ -13,8 +13,8 @@ services:
       context: nginx/
       dockerfile: Dockerfile
     networks:
-      - frontend
-      - backend
+      - webnet
+      - ckannet
     depends_on:
       ckan:
         condition: service_healthy
@@ -29,7 +29,10 @@ services:
       args:
         - TZ=${TZ}
     networks:
-      - backend
+      - ckannet
+      - dbnet
+      - solrnet
+      - redisnet
     env_file:
       - .env
     depends_on:
@@ -48,7 +51,8 @@ services:
   datapusher:
     container_name: ${DATAPUSHER_CONTAINER_NAME}
     networks:
-      - backend
+      - ckannet
+      - dbnet
     image: ckan/ckan-base-datapusher:${DATAPUSHER_VERSION}
     restart: unless-stopped
     healthcheck:
@@ -58,27 +62,29 @@ services:
     container_name: ${POSTGRESQL_CONTAINER_NAME}
     build:
       context: postgresql/
-      args:
-       - DATASTORE_READONLY_PASSWORD=${DATASTORE_READONLY_PASSWORD}
-       - POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
-       - CKAN_DB_PASSWORD=${CKAN_DB_PASSWORD}
     networks:
-      - backend
+      - dbnet
     environment:
-      - DATASTORE_READONLY_PASSWORD=${DATASTORE_READONLY_PASSWORD}
+      - POSTGRES_USER=${POSTGRES_USER}
       - POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
+      - POSTGRES_DB=${POSTGRES_DB}
+      - PGDATA=${PGDATA}
+      - CKAN_DB_USER=${CKAN_DB_USER}
       - CKAN_DB_PASSWORD=${CKAN_DB_PASSWORD}
-      - PGDATA=/var/lib/postgresql/data/db
+      - CKAN_DB=${CKAN_DB}
+      - DATASTORE_READONLY_USER=${DATASTORE_READONLY_USER} 
+      - DATASTORE_READONLY_PASSWORD=${DATASTORE_READONLY_PASSWORD}
+      - DATASTORE_DB=${DATASTORE_DB}
     volumes:
       - pg_data:/var/lib/postgresql/data
     restart: unless-stopped
     healthcheck:
-      test: ["CMD", "pg_isready", "-U", "admindbuser", "-d", "admindb"]
+      test: ["CMD", "pg_isready", "-U", "${POSTGRES_USER}", "-d", "${POSTGRES_DB}"]
      
   solr:
     container_name: ${SOLR_CONTAINER_NAME}
     networks:
-      - backend
+      - solrnet
     image: ckan/ckan-solr:${SOLR_IMAGE_VERSION}
     volumes:
       - solr_data:/var/solr
@@ -88,13 +94,16 @@ services:
 
   redis:
     container_name: ${REDIS_CONTAINER_NAME}
-    networks:
-      - backend
     image: redis:${REDIS_VERSION}
+    networks:
+      - redisnet
     restart: unless-stopped
     healthcheck:
       test: ["CMD", "redis-cli", "-e", "QUIT"]
     
 networks:
-  frontend:
-  backend:
+  webnet:
+  ckannet:
+  solrnet:
+  dbnet:
+  redisnet:

postgresql/Dockerfile

@@ -3,12 +3,5 @@ FROM postgres:12-alpine
 # Allow connections; we don't map out any ports so only linked docker containers can connect
 RUN echo "host all  all    0.0.0.0/0  md5" >> /var/lib/postgresql/data/pg_hba.conf
 
-# Customize default user/pass/db
-ENV POSTGRES_DB admindb
-ENV POSTGRES_USER admindbuser
-ARG POSTGRES_PASSWORD
-ARG CKAN_DB_PASSWORD
-ARG DATASTORE_READONLY_PASSWORD
-
 # Include extra setup scripts (eg datastore)
 ADD docker-entrypoint-initdb.d /docker-entrypoint-initdb.d

postgresql/docker-entrypoint-initdb.d/10_create_ckandb.sh

@@ -0,0 +1,7 @@
+#!/bin/bash
+set -e
+
+psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" <<-EOSQL
+    CREATE ROLE "$CKAN_DB_USER" NOSUPERUSER CREATEDB CREATEROLE LOGIN PASSWORD '$CKAN_DB_PASSWORD';
+    CREATE DATABASE "$CKAN_DB" OWNER "$CKAN_DB_USER" ENCODING 'utf-8';
+EOSQL

postgresql/docker-entrypoint-initdb.d/10_create_ckandb.sql

@@ -1,4 +0,0 @@
-\set ckan_db_password '\'' `echo $CKAN_DB_PASSWORD` '\''
-
-CREATE ROLE ckandbuser NOSUPERUSER CREATEDB CREATEROLE LOGIN PASSWORD :ckan_db_password;
-CREATE DATABASE ckandb OWNER ckandbuser ENCODING 'utf-8';

postgresql/docker-entrypoint-initdb.d/20_create_datastore.sh

@@ -0,0 +1,7 @@
+#!/bin/bash
+set -e
+
+psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" <<-EOSQL
+    CREATE ROLE "$DATASTORE_READONLY_USER" NOSUPERUSER NOCREATEDB NOCREATEROLE LOGIN PASSWORD '$DATASTORE_READONLY_PASSWORD';
+    CREATE DATABASE "$DATASTORE_DB" OWNER "$CKAN_DB_USER" ENCODING 'utf-8';
+EOSQL

postgresql/docker-entrypoint-initdb.d/20_create_datastore.sql

@@ -1,4 +0,0 @@
-\set datastore_ro_password '\'' `echo $DATASTORE_READONLY_PASSWORD` '\''
-
-CREATE ROLE datastore_ro NOSUPERUSER NOCREATEDB NOCREATEROLE LOGIN PASSWORD :datastore_ro_password;
-CREATE DATABASE datastore OWNER ckandbuser ENCODING 'utf-8';

postgresql/docker-entrypoint-initdb.d/30_setup_test_databases.sql

@@ -1,2 +1,7 @@
-CREATE DATABASE ckan_test OWNER ckandbuser ENCODING 'utf-8';
-CREATE DATABASE datastore_test OWNER ckandbuser ENCODING 'utf-8';
+#!/bin/bash
+set -e
+
+psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" <<-EOSQL
+    CREATE DATABASE ckan_test OWNER "$CKAN_DB_USER" ENCODING 'utf-8';
+    CREATE DATABASE datastore_test OWNER "$CKAN_DB_USER" ENCODING 'utf-8';
+EOSQL