EnigmaCurry · EnigmaCurry · Feb 28, 2023
diff --git a/postgresql/.env-dist b/postgresql/.env-dist
@@ -2,8 +2,11 @@
 ## This name is used in the server certificate as part of the sslmode=verify-full option
 POSTGRES_TRAEFIK_HOST=postgres.example.com
 
+POSTGRES_INSTANCE=
+
 ## The docker tag for the postgres image:
-POSTGRES_VERSION=14
+POSTGRES_VERSION=15
+POSTGRES_PGRATIONAL_VERSION=v0.0.2
 
 ## The postgres image creates the POSTGRES_USER as a Super User and with POSTGRES_PASSWORD.
 ## We will rename these here as POSTGRES_ADMIN_USER and POSTGRES_ADMIN_PASSWORD
@@ -13,16 +16,19 @@ POSTGRES_ADMIN_USER=root
 ## Note: This password is required to be set by the postgres image, but its not
 ## being used in any of the authentication schemes currently defined in our
 ## customized pg_hba.conf, so this password doesn't really matter.
-POSTGRES_ADMIN_PASSWORD=change_me_but_it_doesnt_really_matter
+POSTGRES_ADMIN_PASSWORD=
 
-## The name of the database to create on first startup:
+## POSTGRES_DB is the name of the database to create
+## as well as the username to connect to it:
 POSTGRES_DB=tweedle
 
 ## The external TCP port mapped on the docker host (public access!)
+## Each instance running on the same host must have a unique port.
 POSTGRES_EXTERNAL_TCP_PORT=5432
 
 ## Allowed IP address source range (CIDR with /netmask) for postgres clients to connect:
 ## eg. To allow any host to conenct (still needs valid certificate), use: 0.0.0.0/0
 ## eg. To allow only a single ip to connect (example 192.168.1.1), use: 192.168.1.1/32
 POSTGRES_ALLOWED_IP_SOURCERANGE=0.0.0.0/0
 
+
diff --git a/postgresql/Dockerfile b/postgresql/Dockerfile
@@ -1,7 +1,7 @@
-ARG POSTGRES_VERSION=14
+ARG POSTGRES_VERSION
 
 FROM postgres:${POSTGRES_VERSION}
-ARG PGRATIONAL_VERSION=v0.0.2
+ARG PGRATIONAL_VERSION
 WORKDIR /src
 RUN apt-get update && \
 

diff --git a/postgresql/Makefile b/postgresql/Makefile
@@ -1,27 +1,30 @@
 ROOT_DIR = ..
 include ${ROOT_DIR}/_scripts/Makefile.projects
+include ${ROOT_DIR}/_scripts/Makefile.instance
 
 .PHONY: config-hook
 config-hook:
-	@${BIN}/reconfigure_ask ${ENV_FILE} POSTGRES_TRAEFIK_HOST "Enter the postgres domain name" postgres.${ROOT_DOMAIN}
+	@${BIN}/reconfigure ${ENV_FILE} POSTGRES_INSTANCE=$${instance:-default}
+	@${BIN}/reconfigure_ask ${ENV_FILE} POSTGRES_TRAEFIK_HOST "Enter the postgres domain name" postgres${INSTANCE_URL_SUFFIX}.${ROOT_DOMAIN}
+	@${BIN}/reconfigure_ask ${ENV_FILE} POSTGRES_EXTERNAL_TCP_PORT "Enter the public postgres TCP port" 5432
 	@${BIN}/reconfigure_ask ${ENV_FILE} POSTGRES_DB "Enter the database name" tweedle
 	@${BIN}/reconfigure_ask ${ENV_FILE} POSTGRES_ALLOWED_IP_SOURCERANGE "Enter the allowed client IP address range (CIDR with netmask) (use 0.0.0.0/0 to allow all)"
-	@${BIN}/reconfigure ${ENV_FILE} POSTGRES_ADMIN_PASSWORD=$(shell openssl rand -hex 45)
+	@${BIN}/reconfigure_password ${ENV_FILE} POSTGRES_ADMIN_PASSWORD
 
 .PHONY: psql # Open psql shell
 psql:
-	@docker-compose --env-file ${ENV_FILE} exec --user postgres postgres /usr/bin/psql
+	@docker-compose --env-file ${ENV_FILE} --project-name="${PROJECT_NAME}" exec --user postgres postgres /usr/bin/psql
 
 .PHONY: shell # Open bash shell
 shell:
-	@docker-compose --env-file ${ENV_FILE} exec --user postgres postgres /bin/bash
+	@docker-compose --env-file ${ENV_FILE} --project-name="${PROJECT_NAME}" exec --user postgres postgres /bin/bash
 
 .PHONY: client # Get client certificate and private key files
 client:
-	@docker-compose --env-file ${ENV_FILE} exec --user postgres postgres cat /etc/postgresql/root_ca.crt > $$(${BIN}/dotenv -f ${ENV_FILE} get POSTGRES_TRAEFIK_HOST)_ca.crt && echo "Wrote ./$$(${BIN}/dotenv -f ${ENV_FILE} get POSTGRES_TRAEFIK_HOST)_ca.crt"
-	@docker-compose --env-file ${ENV_FILE} exec --user postgres postgres cat /etc/postgresql/client.crt > $$(${BIN}/dotenv -f ${ENV_FILE} get POSTGRES_TRAEFIK_HOST)_$$(${BIN}/dotenv -f ${ENV_FILE} get POSTGRES_DB).crt && echo "Wrote ./$$(${BIN}/dotenv -f ${ENV_FILE} get POSTGRES_TRAEFIK_HOST)_$$(${BIN}/dotenv -f ${ENV_FILE} get POSTGRES_DB).crt"
-	@docker-compose --env-file ${ENV_FILE} exec --user postgres postgres cat /etc/postgresql/client.key > $$(${BIN}/dotenv -f ${ENV_FILE} get POSTGRES_TRAEFIK_HOST)_$$(${BIN}/dotenv -f ${ENV_FILE} get POSTGRES_DB).key && echo "Wrote ./$$(${BIN}/dotenv -f ${ENV_FILE} get POSTGRES_TRAEFIK_HOST)_$$(${BIN}/dotenv -f ${ENV_FILE} get POSTGRES_DB).key"
-	@docker-compose --env-file ${ENV_FILE} exec --user postgres postgres cat /etc/postgresql/client.pk8.key > $$(${BIN}/dotenv -f ${ENV_FILE} get POSTGRES_TRAEFIK_HOST)_$$(${BIN}/dotenv -f ${ENV_FILE} get POSTGRES_DB).pk8.key && echo "Wrote ./$$(${BIN}/dotenv -f ${ENV_FILE} get POSTGRES_TRAEFIK_HOST)_$$(${BIN}/dotenv -f ${ENV_FILE} get POSTGRES_DB).pk8.key"
+	@docker-compose --env-file ${ENV_FILE}  --project-name="${PROJECT_NAME}" exec --user postgres postgres cat /etc/postgresql/root_ca.crt > $$(${BIN}/dotenv -f ${ENV_FILE} get POSTGRES_TRAEFIK_HOST)_ca.crt && echo "Wrote ./$$(${BIN}/dotenv -f ${ENV_FILE} get POSTGRES_TRAEFIK_HOST)_ca.crt"
+	@docker-compose --env-file ${ENV_FILE}  --project-name="${PROJECT_NAME}" exec --user postgres postgres cat /etc/postgresql/client.crt > $$(${BIN}/dotenv -f ${ENV_FILE} get POSTGRES_TRAEFIK_HOST)_$$(${BIN}/dotenv -f ${ENV_FILE} get POSTGRES_DB).crt && echo "Wrote ./$$(${BIN}/dotenv -f ${ENV_FILE} get POSTGRES_TRAEFIK_HOST)_$$(${BIN}/dotenv -f ${ENV_FILE} get POSTGRES_DB).crt"
+	@docker-compose --env-file ${ENV_FILE}  --project-name="${PROJECT_NAME}" exec --user postgres postgres cat /etc/postgresql/client.key > $$(${BIN}/dotenv -f ${ENV_FILE} get POSTGRES_TRAEFIK_HOST)_$$(${BIN}/dotenv -f ${ENV_FILE} get POSTGRES_DB).key && echo "Wrote ./$$(${BIN}/dotenv -f ${ENV_FILE} get POSTGRES_TRAEFIK_HOST)_$$(${BIN}/dotenv -f ${ENV_FILE} get POSTGRES_DB).key"
+	@docker-compose --env-file ${ENV_FILE}  --project-name="${PROJECT_NAME}" exec --user postgres postgres cat /etc/postgresql/client.pk8.key > $$(${BIN}/dotenv -f ${ENV_FILE} get POSTGRES_TRAEFIK_HOST)_$$(${BIN}/dotenv -f ${ENV_FILE} get POSTGRES_DB).pk8.key && echo "Wrote ./$$(${BIN}/dotenv -f ${ENV_FILE} get POSTGRES_TRAEFIK_HOST)_$$(${BIN}/dotenv -f ${ENV_FILE} get POSTGRES_DB).pk8.key"
 	@chmod 0600 *.crt *.key
 	@echo
 	@make --no-print-directory connection-variables
@@ -40,8 +43,8 @@ diagram:
 .PHONY: certificates # Make new certificates (overwriting the old ones)
 certificates: build
 	@${BIN}/confirm no "This will destroy the existing CA, server, and client certificates and create new ones."
-	@docker-compose --env-file=${ENV_FILE} run -e FORCE_NEW_CERTIFICATES=true config
-	@docker-compose --env-file=${ENV_FILE} restart postgres
+	@docker-compose --env-file=${ENV_FILE}  --project-name="${PROJECT_NAME}" run -e FORCE_NEW_CERTIFICATES=true config
+	@docker-compose --env-file=${ENV_FILE}  --project-name="${PROJECT_NAME}" restart postgres
 
 .PHONY: connection-string
 connection-string:
@@ -66,7 +69,7 @@ localdb: client
 
 .PHONY: chinook # Import Chinook sample database
 chinook:
-	docker-compose --env-file=${ENV_FILE} exec postgres /bin/sh -c 'createdb chinook && psql -c "create role chinook; grant chinook to $${POSTGRES_DB};" && PGUSER=$${POSTGRES_DB} pgloader https://github.com/lerocha/chinook-database/raw/master/ChinookDatabase/DataSources/Chinook_Sqlite_AutoIncrementPKs.sqlite pgsql:///chinook'
+	docker-compose --env-file=${ENV_FILE}  --project-name="${PROJECT_NAME}" exec postgres /bin/sh -c 'createdb chinook && psql -c "create role chinook; grant chinook to $${POSTGRES_DB};" && PGUSER=$${POSTGRES_DB} pgloader https://github.com/lerocha/chinook-database/raw/master/ChinookDatabase/DataSources/Chinook_Sqlite_AutoIncrementPKs.sqlite pgsql:///chinook'
 
 .PHONY: psql-alias # Get the psql alias with baked connection string
 psql-alias:

diff --git a/postgresql/docker-compose.yaml b/postgresql/docker-compose.yaml
@@ -12,6 +12,7 @@ services:
       - no-new-privileges:true
     environment:
       - POSTGRES_DB
+      - POSTGRES_INSTANCE
       - POSTGRES_USER=${POSTGRES_ADMIN_USER}
       - POSTGRES_LIMITED_USER=${POSTGRES_DB}
       - POSTGRES_TRAEFIK_HOST
@@ -27,6 +28,7 @@ services:
       context: .
       args:
         POSTGRES_VERSION: ${POSTGRES_VERSION}
+        PGRATIONAL_VERSION: ${POSTGRES_PGRATIONAL_VERSION}
     restart: unless-stopped
     security_opt:
       - no-new-privileges:true
@@ -35,6 +37,7 @@ services:
       - config:/etc/postgresql
     environment:
       - POSTGRES_DB
+      - POSTGRES_INSTANCE
       - PGDATABASE=${POSTGRES_DB}
       - POSTGRES_USER=${POSTGRES_ADMIN_USER}
       - PGUSER=${POSTGRES_ADMIN_USER}