evyos-center-server
/
postgres-service
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
postgres-service/README.md

4.7 KiB
Raw Blame History

PostgreSQL Production Setup for Proxmox LXC Container

This repository contains a production-ready PostgreSQL setup using Docker Compose, designed to run on a Proxmox LXC container.

Overview

The configuration includes:

  • PostgreSQL 15 with optimized configuration
  • Persistent data storage
  • Security features
  • Health checks
  • Resource limits
  • Backup and restore capabilities

Prerequisites

  • Proxmox VE with LXC container support
  • Docker and Docker Compose installed on the LXC container
  • Proper network configuration in Proxmox

Configuration Details

docker-compose.yml Explained

services:
  postgres:
    image: postgres:15 # Using PostgreSQL 15
    container_name: postgres
    restart: always # Ensures PostgreSQL restarts automatically
    environment:
      # Environment variables for authentication
      - POSTGRES_USER=${POSTGRES_USER:-postgres} # Default: postgres
      - POSTGRES_PASSWORD=${POSTGRES_PASSWORD:-password} # Default: password
      - POSTGRES_DB=${POSTGRES_DB:-postgres} # Default: postgres
      - PGDATA=/var/lib/postgresql/data/pgdata
    volumes:
      # Persistent data storage
      - postgres_data:/var/lib/postgresql/data # Database files
      - ./config/postgres.conf:/etc/postgresql/postgresql.conf # Configuration file
      - ./init:/docker-entrypoint-initdb.d # Initialization scripts
    ports:
      - "5432:5432" # Expose PostgreSQL port
    command: postgres -c config_file=/etc/postgresql/postgresql.conf
    healthcheck:
      # Regular health checks
      test:
        [
          "CMD-SHELL",
          "pg_isready -U ${POSTGRES_USER:-postgres} -d ${POSTGRES_DB:-postgres}",
        ]
      interval: 10s
      timeout: 5s
      retries: 5
      start_period: 30s
    networks:
      - postgres_network
    ulimits:
      # Increase file descriptor limits for production
      nofile:
        soft: 64000
        hard: 64000
    logging:
      # Log rotation to prevent disk space issues
      driver: "json-file"
      options:
        max-size: "200m"
        max-file: "10"

volumes:
  postgres_data: # Persistent volume for database files
    driver: local

networks:
  postgres_network:
    driver: bridge

Security Considerations

  1. Authentication: PostgreSQL is configured with authentication enabled by default
  2. Environment Variables: Sensitive information is passed via environment variables
  3. Network Isolation: Services run on a dedicated bridge network
  4. Configuration: Optimized PostgreSQL configuration for security and performance

Initialization Script

The initialization scripts in the init/ directory:

  • Create default roles and permissions
  • Set up sample schemas and tables
  • Configure database parameters for optimal performance

Usage

  1. Create a .env file with your custom credentials:
POSTGRES_USER=your_postgres_username
POSTGRES_PASSWORD=your_secure_password
POSTGRES_DB=your_database_name
  1. Start the services:
docker-compose up -d
  1. Connect to PostgreSQL:
psql -h your-server-ip -p 5432 -U your_postgres_username -d your_database_name

Backup and Restore

Creating a Backup

./scripts/backup.sh

Restoring from Backup

./scripts/restore.sh <backup-file>

Proxmox LXC Container Configuration

For optimal performance in a Proxmox LXC container:

  1. Ensure the container has sufficient resources:

    • At least 2 CPU cores
    • Minimum 4GB RAM
    • At least 20GB storage

  2. Enable necessary features in the LXC container:

    pct set <container-id> -features nesting=1

  3. Configure container for Docker:

    echo 'kernel.unprivileged_userns_clone=1' > /etc/sysctl.d/unprivileged-userns-clone.conf
sysctl -p /etc/sysctl.d/unprivileged-userns-clone.conf

Maintenance

  • Backups: PostgreSQL data is stored in named volumes. Use Docker's volume backup mechanisms:

    docker run --rm -v postgres_data:/data -v $(pwd):/backup alpine tar -czf /backup/postgres-data-backup.tar.gz /data

  • Monitoring: The service is configured with health checks and can be integrated with monitoring tools like Prometheus and Grafana

  • Updating: To update PostgreSQL version, change the image tag in docker-compose.yml and restart:

    docker-compose down
# Edit docker-compose.yml to update image version
docker-compose up -d

Troubleshooting

  • Connection Issues: Ensure ports are not blocked by firewall
  • Performance Issues: Check PostgreSQL logs with docker-compose logs postgres
  • Resource Problems: Monitor container resource usage and adjust limits if needed

License

This project is licensed under the MIT License - see the LICENSE file for details.