From acefa80ca97ca3f6a6a2543452e5edef90d3cf79 Mon Sep 17 00:00:00 2001 From: Younus Kawa Mohammed <77130132+Yuri1232@users.noreply.github.com> Date: Sat, 15 Nov 2025 21:34:54 +0100 Subject: [PATCH 1/9] Remove setcap command from Dockerfile --- Dockerfile | 1 - 1 file changed, 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index ee6db6f..0ee92d9 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,6 +1,5 @@ FROM dpage/pgadmin4:9.10 USER root -RUN setcap -r /usr/bin/python3.11 ENV PGADMIN_LISTN_ADDRESS=0.0.0.0 ENV PGADMIN_DISABLE_POSTFIX=true ENV PGADMIN_CONFIG_UPGRADE_CHECK_ENABLED=False From 920ccc5bd64a1c72135b4e652a083fe930bb336a Mon Sep 17 00:00:00 2001 From: Younus Kawa Mohammed <77130132+Yuri1232@users.noreply.github.com> Date: Sat, 15 Nov 2025 22:01:38 +0100 Subject: [PATCH 2/9] Change pgAdmin version and install libcap2-bin Downgrade pgAdmin version and add necessary packages. --- Dockerfile | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 0ee92d9..f68d4f5 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,5 +1,7 @@ -FROM dpage/pgadmin4:9.10 +FROM dpage/pgadmin4:8.6 USER root +RUN apt-get update && apt-get install -y libcap2-bin +RUN setcap -r /usr/bin/python3.11 ENV PGADMIN_LISTN_ADDRESS=0.0.0.0 ENV PGADMIN_DISABLE_POSTFIX=true ENV PGADMIN_CONFIG_UPGRADE_CHECK_ENABLED=False From c0b79fac6eae3b767cba8943efe9042e0f635170 Mon Sep 17 00:00:00 2001 From: Younus Kawa Mohammed <77130132+Yuri1232@users.noreply.github.com> Date: Sat, 15 Nov 2025 22:09:10 +0100 Subject: [PATCH 3/9] Clean up Dockerfile by removing unused commands Removed unnecessary installation of libcap2-bin and capability setting for python3.11. --- Dockerfile | 2 -- 1 file changed, 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index f68d4f5..3adcbed 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,7 +1,5 @@ FROM dpage/pgadmin4:8.6 USER root -RUN apt-get update && apt-get install -y libcap2-bin -RUN setcap -r /usr/bin/python3.11 ENV PGADMIN_LISTN_ADDRESS=0.0.0.0 ENV PGADMIN_DISABLE_POSTFIX=true ENV PGADMIN_CONFIG_UPGRADE_CHECK_ENABLED=False From 3cfde55eb8b2b9d828b79d21a28f8679351b4eae Mon Sep 17 00:00:00 2001 From: Younus Kawa Mohammed <77130132+Yuri1232@users.noreply.github.com> Date: Sat, 15 Nov 2025 22:13:19 +0100 Subject: [PATCH 4/9] Upgrade pgAdmin image to version 9.10 Updated pgAdmin image version and modified environment variables. --- Dockerfile | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index 3adcbed..5464583 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,11 +1,21 @@ -FROM dpage/pgadmin4:8.6 +# Use official pgAdmin image +FROM dpage/pgadmin4:9.10 + +# Switch to root to set environment variables USER root -ENV PGADMIN_LISTN_ADDRESS=0.0.0.0 + +# Environment variables for pgAdmin +ENV PGADMIN_LISTEN_ADDRESS=0.0.0.0 ENV PGADMIN_DISABLE_POSTFIX=true ENV PGADMIN_CONFIG_UPGRADE_CHECK_ENABLED=False ENV PGADMIN_CONFIG_ENABLE_PSQL=True +# Copy your entrypoint script COPY render-entrypoint.sh /render-entrypoint.sh + +# Make the script executable (this is allowed) RUN chmod +x /render-entrypoint.sh +# Use the custom entrypoint ENTRYPOINT ["/render-entrypoint.sh"] + From 216e378e3f91851bf0f664e72ed412201853b408 Mon Sep 17 00:00:00 2001 From: Younus Kawa Mohammed <77130132+Yuri1232@users.noreply.github.com> Date: Sat, 15 Nov 2025 22:14:51 +0100 Subject: [PATCH 5/9] Update render-entrypoint.sh for pgAdmin setup Refactor storage path creation and file copying for pgAdmin. --- render-entrypoint.sh | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/render-entrypoint.sh b/render-entrypoint.sh index 8bb3117..6389e61 100644 --- a/render-entrypoint.sh +++ b/render-entrypoint.sh @@ -1,16 +1,16 @@ #!/bin/sh +set -e -chown pgadmin:root /var/lib/pgadmin +# Set storage path for the default user email +storage_path="/var/lib/pgadmin/storage/$(echo $PGADMIN_DEFAULT_EMAIL | sed 's/@/_/g')" -# pgadmin will setup initial servers based on the default email of the user -# the path has the @ symbol replaced with an underscore -storage_path=/var/lib/pgadmin/storage/$(echo $PGADMIN_DEFAULT_EMAIL | sed 's/@/_/g') -sudo -u pgadmin mkdir -p -m 00775 $storage_path +# Create storage path (use mkdir without sudo, container allows this path) +mkdir -p -m 00775 "$storage_path" -# render secret files are owned by root so we need to copy them over with the -# appropriate user / group / permissions for pgadmin to read the initial servers file -install -o pgadmin -g root -m 00755 /etc/secrets/servers.json /var/lib/pgadmin/storage/ -# postgres requires the pgpassfile to have specific permissions for security purposes -install -o pgadmin -g root -m 0600 /etc/secrets/pgpassfile $storage_path +# Copy secret files (ensure pgadmin owns them) +cp /etc/secrets/servers.json "$storage_path/" +cp /etc/secrets/pgpassfile "$storage_path/" +chmod 0600 "$storage_path/pgpassfile" -sudo -Eu pgadmin /entrypoint.sh +# Start pgAdmin as the default user in the container +exec /usr/pgadmin4/pgAdmin4.py From a56d49aee1bdd1317c920cdc3bdb140890a0dac1 Mon Sep 17 00:00:00 2001 From: Younus Kawa Mohammed <77130132+Yuri1232@users.noreply.github.com> Date: Sat, 15 Nov 2025 22:17:56 +0100 Subject: [PATCH 6/9] Update comments in Dockerfile for clarity --- Dockerfile | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/Dockerfile b/Dockerfile index 5464583..229a3f7 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,19 +1,17 @@ -# Use official pgAdmin image +# Use the official pgAdmin 9.10 image FROM dpage/pgadmin4:9.10 -# Switch to root to set environment variables +# Run as root to allow any setup changes USER root -# Environment variables for pgAdmin +# Environment variables ENV PGADMIN_LISTEN_ADDRESS=0.0.0.0 ENV PGADMIN_DISABLE_POSTFIX=true ENV PGADMIN_CONFIG_UPGRADE_CHECK_ENABLED=False ENV PGADMIN_CONFIG_ENABLE_PSQL=True -# Copy your entrypoint script +# Copy custom entrypoint COPY render-entrypoint.sh /render-entrypoint.sh - -# Make the script executable (this is allowed) RUN chmod +x /render-entrypoint.sh # Use the custom entrypoint From dad71485e57c0623883f518db0e5d523b7a60761 Mon Sep 17 00:00:00 2001 From: Younus Kawa Mohammed <77130132+Yuri1232@users.noreply.github.com> Date: Sat, 15 Nov 2025 22:18:45 +0100 Subject: [PATCH 7/9] Change script to use bash and adjust entrypoint Updated the script to use bash and modified the entrypoint call. --- render-entrypoint.sh | 19 ++++++------------- 1 file changed, 6 insertions(+), 13 deletions(-) diff --git a/render-entrypoint.sh b/render-entrypoint.sh index 6389e61..5619e1d 100644 --- a/render-entrypoint.sh +++ b/render-entrypoint.sh @@ -1,16 +1,9 @@ -#!/bin/sh +#!/bin/bash set -e -# Set storage path for the default user email -storage_path="/var/lib/pgadmin/storage/$(echo $PGADMIN_DEFAULT_EMAIL | sed 's/@/_/g')" +# Optional: fix ownership/permissions if needed +# Example: if you mount a volume for data +# chown -R pgadmin:pgadmin /var/lib/pgadmin -# Create storage path (use mkdir without sudo, container allows this path) -mkdir -p -m 00775 "$storage_path" - -# Copy secret files (ensure pgadmin owns them) -cp /etc/secrets/servers.json "$storage_path/" -cp /etc/secrets/pgpassfile "$storage_path/" -chmod 0600 "$storage_path/pgpassfile" - -# Start pgAdmin as the default user in the container -exec /usr/pgadmin4/pgAdmin4.py +# Call the base image entrypoint to start pgAdmin +exec /entrypoint.sh "$@" From 51fa4e6aa1d25ad415264119aa6bd4a77be36ff6 Mon Sep 17 00:00:00 2001 From: Younus Kawa Mohammed <77130132+Yuri1232@users.noreply.github.com> Date: Sat, 15 Nov 2025 22:24:06 +0100 Subject: [PATCH 8/9] Change pgAdmin image from 9.10 to 8.5 Updated pgAdmin image version and modified environment variables. --- Dockerfile | 13 +++---------- 1 file changed, 3 insertions(+), 10 deletions(-) diff --git a/Dockerfile b/Dockerfile index 229a3f7..ac39cd1 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,19 +1,12 @@ -# Use the official pgAdmin 9.10 image -FROM dpage/pgadmin4:9.10 - -# Run as root to allow any setup changes +FROM dpage/pgadmin4:8.5 USER root - -# Environment variables -ENV PGADMIN_LISTEN_ADDRESS=0.0.0.0 +RUN setcap -r /usr/bin/python3.11 +ENV PGADMIN_LISTN_ADDRESS=0.0.0.0 ENV PGADMIN_DISABLE_POSTFIX=true ENV PGADMIN_CONFIG_UPGRADE_CHECK_ENABLED=False ENV PGADMIN_CONFIG_ENABLE_PSQL=True -# Copy custom entrypoint COPY render-entrypoint.sh /render-entrypoint.sh RUN chmod +x /render-entrypoint.sh -# Use the custom entrypoint ENTRYPOINT ["/render-entrypoint.sh"] - From 921ddd8792f864cfb0cf712f5829397e9b59fe38 Mon Sep 17 00:00:00 2001 From: Younus Kawa Mohammed <77130132+Yuri1232@users.noreply.github.com> Date: Sat, 15 Nov 2025 22:24:47 +0100 Subject: [PATCH 9/9] Refactor render-entrypoint.sh for compatibility and permissions Updated the entrypoint script to use sh instead of bash and added logic for handling storage paths and permissions. --- render-entrypoint.sh | 21 ++++++++++++++------- 1 file changed, 14 insertions(+), 7 deletions(-) diff --git a/render-entrypoint.sh b/render-entrypoint.sh index 5619e1d..8bb3117 100644 --- a/render-entrypoint.sh +++ b/render-entrypoint.sh @@ -1,9 +1,16 @@ -#!/bin/bash -set -e +#!/bin/sh -# Optional: fix ownership/permissions if needed -# Example: if you mount a volume for data -# chown -R pgadmin:pgadmin /var/lib/pgadmin +chown pgadmin:root /var/lib/pgadmin -# Call the base image entrypoint to start pgAdmin -exec /entrypoint.sh "$@" +# pgadmin will setup initial servers based on the default email of the user +# the path has the @ symbol replaced with an underscore +storage_path=/var/lib/pgadmin/storage/$(echo $PGADMIN_DEFAULT_EMAIL | sed 's/@/_/g') +sudo -u pgadmin mkdir -p -m 00775 $storage_path + +# render secret files are owned by root so we need to copy them over with the +# appropriate user / group / permissions for pgadmin to read the initial servers file +install -o pgadmin -g root -m 00755 /etc/secrets/servers.json /var/lib/pgadmin/storage/ +# postgres requires the pgpassfile to have specific permissions for security purposes +install -o pgadmin -g root -m 0600 /etc/secrets/pgpassfile $storage_path + +sudo -Eu pgadmin /entrypoint.sh