cosmetic changes, improve readme, variable naming, remove redundancy

Author: singhalkarun

common/db/Dockerfile

@@ -1,10 +1,12 @@
 FROM samagragovernance/postgres:1.0.1-pg15
 
 ARG ENABLE_BARMAN
-ARG ID_RSA
-ARG ID_RSA_PUB 
+ARG DB_SSH_PRIVATE_KEY
+ARG DB_SSH_PUBLIC_KEY 
 ARG BARMAN_HOST
 
+ENV BARMAN_HOST=$BARMAN_HOST
+
 ADD config/postgresql.conf.template /etc/postgresql/postgresql.conf.template
 ADD config/pg_hba.conf.template /etc/postgresql/pg_hba.conf.template
 
@@ -29,8 +31,8 @@ RUN if [ "$ENABLE_BARMAN" = "true" ]; then \
     echo -e "PasswordAuthentication no" >> /etc/ssh/sshd_config && \
     mkdir -p /var/lib/postgresql/.ssh && \
     echo "" > /var/lib/postgresql/.ssh/known_hosts && \
-    echo "$ID_RSA" | base64 -d > /var/lib/postgresql/.ssh/id_rsa && \
-    echo "$ID_RSA_PUB" | base64 -d  > /var/lib/postgresql/.ssh/id_rsa.pub && \
+    echo "$DB_SSH_PRIVATE_KEY" | base64 -d > /var/lib/postgresql/.ssh/id_rsa && \
+    echo "$DB_SSH_PUBLIC_KEY" | base64 -d  > /var/lib/postgresql/.ssh/id_rsa.pub && \
     chmod 0600 /var/lib/postgresql/.ssh/id_rsa && \
     echo -e "Host *\n\tStrictHostKeyChecking no" > /var/lib/postgresql/.ssh/config && \
     passwd -u postgres && \

common/db/README.md

@@ -1,53 +1,17 @@
-#### How to sping up the db service along with disaster recovery setup.
+### Generating Key Pair for DB
 
-1. Create a clone of this repository
-2. Create a copy of [sample.env](./common/sample.env) file (`cp common/sample.env .env`)
-3. **Update the environment variables in the .env file as required** ( refer to below required environment variables)
-4. Create a copy of example docker-compose file (`cp docker-compose.yaml.example docker-compose.yaml`)
-5. Edit the docker-compose.yaml and uncomment the "db" service. 
-6. Create a copy of example Caddyfile (`cp Caddyfile.example Caddyfile`)
-7. Run `make install-docker` to install docker
-8. Exit out of VM and re-connect to the VM to reflect the latest user changes
-9. Run `make setup-daemon` to configure the docker daemon
-10. Run `sudo make setup-webhook` to start the webhook service (use `kill -9 $(lsof -t -i:9000)` to kill any existing service on 9000 port)
-11. Run `make deploy` to deploy all the services
+1. RUN `ssh-keygen -t rsa` to generate a key pair
+2. Set value of `cat ~/.ssh/id_rsa | base64 -w 0` in DB_SSH_PRIVATE_KEY (change the location of private key in command if needed)
+3. Set value of `cat ~/.ssh/id_rsa.pub | base64 -w 0` in DB_SSH_PUBLIC_KEY (change the location of private key in command if needed)
 
+### Steps to follow after the db container is started (only if you have enabled barman)
 
-##### REQUIRED ENVIRONMENT VARIABLES IN .env FILE
+1. Currently the ssh server doesn't start automatically, run `docker exec -it DB_CONTAINER_ID /usr/sbin/sshd` to start the ssh server inside the db container
 
-```
-DOMAIN_SCHEME=http
-DOMAIN_NAME=localdev.me
-ENABLE_BARMAN=
-BARMAN_HOST=
-ID_RSA=
-ID_RSA_PUB=
-POSTGRES_USER=
-POSTGRES_PASSWORD=
-```
-```
-1. ENABLE_BARMAN (required ) : To tell service if database needs to be configured with barman disaster recovery/
-2. BARMAN_HOST (required if ENABLE_BARMAN is set to true ) : IP of barman host where data needs to be replicated.
-3. ID_RSA (required if ENABLE_BARMAN is set to true ) : private key of postgres user which will be stored in /var/lib/postgresql/.ssh/id_rsa.
-4. ID_RSA_PUB= (required if ENABLE_BARMAN is set to true ) private key of postgres user which will be stored in /var/lib/postgresql/.ssh/id_rsa_pub.
-5. POSTGRES_USER= (required) : User for postgres database (e.g postgres)
-6. POSTGRES_PASSWORD= (required) : Password for postgres database user 
-```
+### Steps to setup Barman 
 
+1. Run `make setup-barman` to setup barman 
 
-###### NOTE: If ENABLE_BARMAN was set to true there are three additional efforts :
-a) It requires a manual start of sshd service with below command.
-> docker exec -it CONTAINER_ID /usr/sbin/sshd
+> [!NOTE]
 
-b)  Key pair needs to be generated and set the required value to .env file. Refer to below example:
-> ssh-keygen 
-
- Content of below command should go to ID_RSA
-  > cat ~/.ssh/id_rsa | base64 -w 0 
-
-Content of below command should go to ID_RSA_PUB
-  > cat ~/.ssh/id_rsa.pub | base64 -w 0 
-
-
-c) copy the public key of postgres user from container and add it in /var/lib/barman/.ssh/authorized_keys of barman server.
-> docker exec -it CONTAINER_ID cat /var/lib/postgresql/.ssh/id_rsa.pub
+> 1. We will require the public key generated here while we setup Barman

common/db/docker-compose.yaml

@@ -4,10 +4,10 @@ services:
       context: ./
       dockerfile: Dockerfile
       args:
-        ENABLE_BARMAN: ${ENABLE_BARMAN}
+        ENABLE_BARMAN: ${ENABLE_BARMAN:-false}
         BARMAN_HOST: ${BARMAN_HOST}
-        ID_RSA: ${ID_RSA}
-        ID_RSA_PUB: ${ID_RSA_PUB}
+        DB_SSH_PUBLIC_KEY: ${DB_SSH_PUBLIC_KEY}
+        DB_SSH_PRIVATE_KEY: ${DB_SSH_PRIVATE_KEY}
     restart: always
     volumes:
       - db:/var/lib/postgresql/data
@@ -21,11 +21,9 @@ services:
       timeout: 5s
       retries: 5
     environment:
-      POSTGRES_USER: ${POSTGRES_USER:?Postgres user is not set in .env}
-      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:?Postgres password is not set in .env}
-      BARMAN_HOST: ${BARMAN_HOST:?Barman host is not defined in .env}
+      POSTGRES_USER: ${POSTGRES_USER:?POSTGRES_USER is not set in .env}
+      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:?POSTGRES_PASSWORD is not set in .env}
 
 volumes:
   db:
-  ssh-vol:
 

common/sample.env

@@ -5,11 +5,12 @@ MINIO_ACCESS_KEY=
 MINIO_SECRET_KEY=
 
 
-## For db service
+# For db service
+# default value is false, set it to true to enable barman
 ENABLE_BARMAN=
 BARMAN_HOST=
-ID_RSA=
-ID_RSA_PUB=
+DB_SSH_PRIVATE_KEY=
+DB_SSH_PUBLIC_KEY=
 POSTGRES_USER=
 POSTGRES_PASSWORD=