evyos-center-server
/
postgres-service
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
postgres-service/README.md

5.4 KiB
Raw Blame History

PostgreSQL Production Setup for Proxmox LXC Container

This repository contains a production-ready PostgreSQL setup using Docker Compose, designed to run on a Proxmox LXC container.

Overview

The configuration includes:

  • PostgreSQL 15 with optimized configuration
  • Persistent data storage
  • Security features
  • Health checks
  • Resource limits
  • Backup and restore capabilities

Prerequisites

  • Proxmox VE with LXC container support
  • Docker and Docker Compose installed on the LXC container
  • Proper network configuration in Proxmox

Configuration Details

docker-compose.yml Explained

services:
  postgres:
    image: postgres:15 # Using PostgreSQL 15
    container_name: postgres
    restart: always # Ensures PostgreSQL restarts automatically
    environment:
      # Environment variables for authentication
      - POSTGRES_USER=${POSTGRES_USER:-postgres} # Default: postgres
      - POSTGRES_PASSWORD=${POSTGRES_PASSWORD:-password} # Default: password
      - POSTGRES_DB=${POSTGRES_DB:-postgres} # Default: postgres
      - PGDATA=/var/lib/postgresql/data/pgdata
    volumes:
      # Persistent data storage
      - postgres_data:/var/lib/postgresql/data # Database files
      - ./config/postgres.conf:/etc/postgresql/postgresql.conf # Configuration file
      - ./init:/docker-entrypoint-initdb.d # Initialization scripts
    ports:
      - "5432:5432" # Expose PostgreSQL port
    command: postgres -c config_file=/etc/postgresql/postgresql.conf
    healthcheck:
      # Regular health checks
      test:
        [
          "CMD-SHELL",
          "pg_isready -U ${POSTGRES_USER:-postgres} -d ${POSTGRES_DB:-postgres}",
        ]
      interval: 10s
      timeout: 5s
      retries: 5
      start_period: 30s
    networks:
      - postgres_network
    ulimits:
      # Increase file descriptor limits for production
      nofile:
        soft: 64000
        hard: 64000
    logging:
      # Log rotation to prevent disk space issues
      driver: "json-file"
      options:
        max-size: "200m"
        max-file: "10"

volumes:
  postgres_data: # Persistent volume for database files
    driver: local

networks:
  postgres_network:
    driver: bridge

Security Considerations

  1. Authentication: PostgreSQL is configured with authentication enabled by default
  2. Environment Variables: Sensitive information is passed via environment variables
  3. Network Isolation: Services run on a dedicated bridge network
  4. Configuration: Optimized PostgreSQL configuration for security and performance

Initialization Script

The initialization scripts in the init/ directory:

  • Create default roles and permissions
  • Set up sample schemas and tables
  • Configure database parameters for optimal performance

Setup and Usage

Initial LXC Container Setup

For detailed instructions on setting up an LXC container in Proxmox specifically for this PostgreSQL service, please refer to the Proxmox LXC Setup Guide.

The guide includes:

  • Creating an LXC container with the right specifications
  • Configuring the container for Docker
  • Setting up networking
  • Installing Docker and Docker Compose
  • Troubleshooting common issues

Deploy PostgreSQL Service

  1. Clone this repository to your LXC container:
git clone <repository-url>
cd postgres-service
  1. Create a .env file with your custom credentials:
POSTGRES_USER=your_postgres_username
POSTGRES_PASSWORD=your_secure_password
POSTGRES_DB=your_database_name
  1. Make the scripts executable:
chmod +x scripts/*.sh
  1. Start the PostgreSQL service:
docker-compose up -d
  1. Verify the service is running:
docker-compose ps
  1. Connect to PostgreSQL:
psql -h your-server-ip -p 5432 -U your_postgres_username -d your_database_name

Backup and Restore

Creating a Backup

./scripts/backup.sh

Restoring from Backup

./scripts/restore.sh <backup-file>

Proxmox LXC Container Configuration

For optimal performance in a Proxmox LXC container:

  1. Ensure the container has sufficient resources:

    • At least 2 CPU cores
    • Minimum 4GB RAM
    • At least 20GB storage

  2. Enable necessary features in the LXC container:

    pct set <container-id> -features nesting=1

  3. Configure container for Docker:

    echo 'kernel.unprivileged_userns_clone=1' > /etc/sysctl.d/unprivileged-userns-clone.conf
sysctl -p /etc/sysctl.d/unprivileged-userns-clone.conf

Maintenance

  • Backups: PostgreSQL data is stored in named volumes. Use Docker's volume backup mechanisms:

    docker run --rm -v postgres_data:/data -v $(pwd):/backup alpine tar -czf /backup/postgres-data-backup.tar.gz /data

  • Monitoring: The service is configured with health checks and can be integrated with monitoring tools like Prometheus and Grafana

  • Updating: To update PostgreSQL version, change the image tag in docker-compose.yml and restart:

    docker-compose down
# Edit docker-compose.yml to update image version
docker-compose up -d

Troubleshooting

  • Connection Issues: Ensure ports are not blocked by firewall
  • Performance Issues: Check PostgreSQL logs with docker-compose logs postgres
  • Resource Problems: Monitor container resource usage and adjust limits if needed

License

This project is licensed under the MIT License - see the LICENSE file for details.