Docker Postgres SSL Failure

[cranst0n]

This is likely only an issue for my dev setup but I mentioned the issue in chat and wanted to follow up here in the event anyone else runs into this.

Running ./bin/local up yields this error in the docker logs:

postgres_1  | waiting for server to start....2021-09-14 15:06:37.333 UTC [47] FATAL:  private key file "/var/lib/postgresql/server.key" must be owned by the database user or root
postgres_1  | 2021-09-14 15:06:37.333 UTC [47] LOG:  database system is shut down
postgres_1  |  stopped waiting
postgres_1  | pg_ctl: could not start server

To get around this I modified the docker-compose.yml file to look like:

version: '3'
services:
  # main instance for testing
  postgres:
    image: postgres:11
    # Fails on my setup
    # command: -c ssl=on -c ssl_cert_file=/var/lib/postgresql/server.crt -c ssl_key_file=/var/lib/postgresql/server.key
    volumes:
      - ./world/world.sql:/docker-entrypoint-initdb.d/world.sql
      - ./world/server.crt:/var/lib/postgresql/server.crt
      - ./world/server.key:/var/lib/postgresql/server.key
    ports:
      - 5432:5432
    environment:
      POSTGRES_USER: jimmy
      POSTGRES_PASSWORD: banana
      POSTGRES_DB: world
    # Added to overcome server.crt permission issue
    entrypoint: >
        /bin/sh -c "chmod 0600 /var/lib/postgresql/server.key &&
        chown postgres:postgres /var/lib/postgresql/server.key &&
        docker-entrypoint.sh -c ssl=on -c ssl_cert_file=/var/lib/postgresql/server.crt -c ssl_key_file=/var/lib/postgresql/server.key"
...

This was enough to get the JVM tests to pass for me, although the JS SSL-enabled test still failed.

[tpolecat]

Thanks for the note, we'll try to work it into the contributor doc.