evyos-center-server
/
postgres-service
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
postgres-service/README.md

211 lines
5.4 KiB
Markdown
Raw Blame History

# PostgreSQL Production Setup for Proxmox LXC Container
This repository contains a production-ready PostgreSQL setup using Docker Compose, designed to run on a Proxmox LXC container.
## Overview
The configuration includes:
- PostgreSQL 15 with optimized configuration
- Persistent data storage
- Security features
- Health checks
- Resource limits
- Backup and restore capabilities
## Prerequisites
- Proxmox VE with LXC container support
- Docker and Docker Compose installed on the LXC container
- Proper network configuration in Proxmox
## Configuration Details
### docker-compose.yml Explained
```yaml
services:
postgres:
image: postgres:15 # Using PostgreSQL 15
container_name: postgres
restart: always # Ensures PostgreSQL restarts automatically
environment:
# Environment variables for authentication
- POSTGRES_USER=${POSTGRES_USER:-postgres} # Default: postgres
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD:-password} # Default: password
- POSTGRES_DB=${POSTGRES_DB:-postgres} # Default: postgres
- PGDATA=/var/lib/postgresql/data/pgdata
volumes:
# Persistent data storage
- postgres_data:/var/lib/postgresql/data # Database files
- ./config/postgres.conf:/etc/postgresql/postgresql.conf # Configuration file
- ./init:/docker-entrypoint-initdb.d # Initialization scripts
ports:
- "5432:5432" # Expose PostgreSQL port
command: postgres -c config_file=/etc/postgresql/postgresql.conf
healthcheck:
# Regular health checks
test:
[
"CMD-SHELL",
"pg_isready -U ${POSTGRES_USER:-postgres} -d ${POSTGRES_DB:-postgres}",
]
interval: 10s
timeout: 5s
retries: 5
start_period: 30s
networks:
- postgres_network
ulimits:
# Increase file descriptor limits for production
nofile:
soft: 64000
hard: 64000
logging:
# Log rotation to prevent disk space issues
driver: "json-file"
options:
max-size: "200m"
max-file: "10"
volumes:
postgres_data: # Persistent volume for database files
driver: local
networks:
postgres_network:
driver: bridge
```
## Security Considerations
1. **Authentication**: PostgreSQL is configured with authentication enabled by default
2. **Environment Variables**: Sensitive information is passed via environment variables
3. **Network Isolation**: Services run on a dedicated bridge network
4. **Configuration**: Optimized PostgreSQL configuration for security and performance
## Initialization Script
The initialization scripts in the `init/` directory:
- Create default roles and permissions
- Set up sample schemas and tables
- Configure database parameters for optimal performance
## Setup and Usage
### Initial LXC Container Setup
For detailed instructions on setting up an LXC container in Proxmox specifically for this PostgreSQL service, please refer to the [Proxmox LXC Setup Guide](proxmox-lxc-setup.md).
The guide includes:
- Creating an LXC container with the right specifications
- Configuring the container for Docker
- Setting up networking
- Installing Docker and Docker Compose
- Troubleshooting common issues
### Deploy PostgreSQL Service
1. Clone this repository to your LXC container:
```bash
git clone <repository-url>
cd postgres-service
```
2. Create a `.env` file with your custom credentials:
```
POSTGRES_USER=your_postgres_username
POSTGRES_PASSWORD=your_secure_password
POSTGRES_DB=your_database_name
```
3. Make the scripts executable:
```bash
chmod +x scripts/*.sh
```
4. Start the PostgreSQL service:
```bash
docker-compose up -d
```
5. Verify the service is running:
```bash
docker-compose ps
```
6. Connect to PostgreSQL:
```
psql -h your-server-ip -p 5432 -U your_postgres_username -d your_database_name
```
## Backup and Restore
### Creating a Backup
```bash
./scripts/backup.sh
```
### Restoring from Backup
```bash
./scripts/restore.sh <backup-file>
```
## Proxmox LXC Container Configuration
For optimal performance in a Proxmox LXC container:
1. Ensure the container has sufficient resources:
- At least 2 CPU cores
- Minimum 4GB RAM
- At least 20GB storage
2. Enable necessary features in the LXC container:
```
pct set <container-id> -features nesting=1
```
3. Configure container for Docker:
```
echo 'kernel.unprivileged_userns_clone=1' > /etc/sysctl.d/unprivileged-userns-clone.conf
sysctl -p /etc/sysctl.d/unprivileged-userns-clone.conf
```
## Maintenance
- **Backups**: PostgreSQL data is stored in named volumes. Use Docker's volume backup mechanisms:
```bash
docker run --rm -v postgres_data:/data -v $(pwd):/backup alpine tar -czf /backup/postgres-data-backup.tar.gz /data
```
- **Monitoring**: The service is configured with health checks and can be integrated with monitoring tools like Prometheus and Grafana
- **Updating**: To update PostgreSQL version, change the image tag in docker-compose.yml and restart:
```bash
docker-compose down
# Edit docker-compose.yml to update image version
docker-compose up -d
```
## Troubleshooting
- **Connection Issues**: Ensure ports are not blocked by firewall
- **Performance Issues**: Check PostgreSQL logs with `docker-compose logs postgres`
- **Resource Problems**: Monitor container resource usage and adjust limits if needed
## License
This project is licensed under the MIT License - see the LICENSE file for details.
Reference in New Issue View Git Blame Copy Permalink